AWSTemplateFormatVersion: '2010-09-09' Description: (SO8006) - Deploy Apache RocketMQ cluster on AWS. (qs-1rhfjtin3) Metadata: QuickStartDocumentation: Order: "2" QSLint: Exclusions: [ W9002, W9003, W9004, W9006 ] AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network Configuration Parameters: - VPC - PrimaryNodeSubnet - Secondary0NodeSubnet - Secondary1NodeSubnet - BastionSecurityGroupID - Label: default: Security Configuration Parameters: - KeyPairName - Label: default: AWS Quick Start Configuration Parameters: - QSS3BucketName - QSS3KeyPrefix - QSS3BucketRegion ParameterLabels: BastionSecurityGroupID: default: Bastion Security Group ID NameServerClusterCount: default: Apache RocketMQ NameServer Cluster Node Count BrokerClusterCount: default: Cluster Replica Set Count Iops: default: Iops KeyPairName: default: Key Pair Name NameServerInstanceType: default: Nameserver Instance Type BrokerNodeInstanceType: default: Broker Instance Type FlushDiskType: default: Apache RocketMQ flush Disk Type RocketMQVersion: !Ref 'RocketMQVersion' PrimaryNodeSubnet: default: Primary Node Subnet QSS3BucketName: default: Quick Start S3 Bucket Name QSS3KeyPrefix: default: Quick Start S3 Key Prefix QSS3BucketRegion: default: Quick Start S3 bucket region Secondary0NodeSubnet: default: Secondary0 Node Subnet Secondary1NodeSubnet: default: Secondary1 Node Subnet VPC: default: VPC VolumeSize: default: Volume Size VolumeType: default: Volume Type Parameters: BastionSecurityGroupID: Description: ID of the Bastion Security Group (e.g., sg-7f16e910) Type: AWS::EC2::SecurityGroup::Id NameServerClusterCount: Default: '2' Type: String Description: Number of Apache RocketMQ NameServer nodes. Choose between 1-3 AllowedValues: - '1' - '2' - '3' BrokerClusterCount: Description: Number of Replica Set Members. Choose 1 or 3 Type: String Default: '3' AllowedValues: - '1' - '3' FlushDiskType: Default: ASYNC_FLUSH Type: String Description: Apache RocketMQ flush Disk Type [ASYNC_FLUSH,SYNC_FLUSH] AllowedValues: - ASYNC_FLUSH - SYNC_FLUSH RocketMQVersion: Default: 4.7.1 Type: String Description: RocketMQ version AllowedValues: - 4.7.1 - 4.8.0 - 4.9.2 QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ Default: aws-quickstart Type: String ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Description: S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ Default: quickstart-rocketmq/ Type: String ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Description: >- S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). It cannot start or end with a hyphen (-). QSS3BucketRegion: Default: us-east-1 Description: The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value. Type: String KeyPairName: Type: AWS::EC2::KeyPair::KeyName Default: home Description: Name of an existing EC2 KeyPair. RocketMQ instances will launch with this KeyPair. VolumeSize: Type: String Description: EBS Volume Size (data) to be attached to node in GBs Default: '100' VolumeType: Type: String Description: EBS Volume Type (data) to be attached to node in GBs [io1,gp2,gp3] Default: gp3 AllowedValues: - gp2 - gp3 - io1 Iops: Type: String Description: Iops of EBS volume when io1 type is chosen. Otherwise ignored Default: '100' NameServerInstanceType: Description: Amazon EC2 instance type for the RocketMQ Nameserver. Type: String Default: m5.large AllowedValues: - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - m5.12xlarge - m5.24xlarge - r5.large - r5.xlarge - r5.2xlarge - r5.4xlarge - r5.8xlarge - r5.12xlarge - r5.16xlarge - r5.24xlarge - c5.large - c5.xlarge - c5.2xlarge - c5.4xlarge - c5.9xlarge - c5.18xlarge - r4.large - r4.xlarge - r4.2xlarge - r4.4xlarge - r4.8xlarge - r4.16xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge BrokerNodeInstanceType: Description: Amazon EC2 instance type for the RocketMQ nodes. Type: String Default: m5.xlarge AllowedValues: - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - m5.12xlarge - m5.24xlarge - r5.large - r5.xlarge - r5.2xlarge - r5.4xlarge - r5.8xlarge - r5.12xlarge - r5.16xlarge - r5.24xlarge - c5.large - c5.xlarge - c5.2xlarge - c5.4xlarge - c5.9xlarge - c5.18xlarge - r4.large - r4.xlarge - r4.2xlarge - r4.4xlarge - r4.8xlarge - r4.16xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge VPC: Type: AWS::EC2::VPC::Id Description: VPC-ID of your existing Virtual Private Cloud (VPC) where you want to depoy RocketMQ cluster. PrimaryNodeSubnet: Type: AWS::EC2::Subnet::Id Description: Subnet-ID the existing subnet in your VPC where you want to deploy Primary node(s). Secondary0NodeSubnet: Type: AWS::EC2::Subnet::Id Description: Subnet-ID the existing subnet in your VPC where you want to deploy Secondary node(s). Secondary1NodeSubnet: Type: AWS::EC2::Subnet::Id Description: Subnet-ID the existing subnet in your VPC where you want to deploy Secondary node(s). Conditions: Launch1NameServer: !Equals - 1 - 1 Launch2NameServer: !Not - !Equals - 1 - !Ref 'NameServerClusterCount' Launch3NameServer: !And - !Not - !Equals - 1 - !Ref 'NameServerClusterCount' - !Not - !Equals - 2 - !Ref 'NameServerClusterCount' CreateThreeReplicaSet: !Equals - !Ref 'BrokerClusterCount' - '3' UsingDefaultBucket: !Equals - !Ref 'QSS3BucketName' - aws-quickstart Mappings: AWSAMIRegionMap: AMI: AMZNLINUX: amzn2-ami-hvm-2.0.20201218.1-x86_64-gp2 ap-northeast-1: AMZNLINUX: ami-09d28faae2e9e7138 ap-northeast-2: AMZNLINUX: ami-006e2f9fa7597680a ap-south-1: AMZNLINUX: ami-0eeb03e72075b9bcc ap-southeast-1: AMZNLINUX: ami-0d06583a13678c938 ap-southeast-2: AMZNLINUX: ami-075a72b1992cb0687 ca-central-1: AMZNLINUX: ami-0df612970f825f04c eu-central-1: AMZNLINUX: ami-02f9ea74050d6f812 eu-west-1: AMZNLINUX: ami-096f43ef67d75e998 eu-west-2: AMZNLINUX: ami-0ffd774e02309201f sa-east-1: AMZNLINUX: ami-0a0bc0fa94d632c94 us-east-1: AMZNLINUX: ami-0be2609ba883822ec us-east-2: AMZNLINUX: ami-09246ddb00c7c4fef us-west-1: AMZNLINUX: ami-066c82dabe6dd7f73 us-west-2: AMZNLINUX: ami-09c5e030f74651050 cn-north-1: AMZNLINUX: ami-0e73c8a64c3afcefa cn-northwest-1: AMZNLINUX: ami-0c6205ef045ce3916 Resources: RocketMQServerAccessSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref 'VPC' GroupDescription: Instances with access to RocketMQ servers RocketMQNameServerSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref 'VPC' GroupDescription: RocketMQ server management and access ports SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 SourceSecurityGroupId: !Ref 'BastionSecurityGroupID' - IpProtocol: tcp FromPort: 9876 ToPort: 9876 CidrIp: '0.0.0.0/0' - IpProtocol: tcp FromPort: 8080 ToPort: 8080 CidrIp: '0.0.0.0/0' RocketMQBrokerServerSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref 'VPC' GroupDescription: RocketMQ server management and access ports SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 SourceSecurityGroupId: !Ref 'BastionSecurityGroupID' - IpProtocol: tcp FromPort: 30909 ToPort: 30999 CidrIp: '0.0.0.0/0' - IpProtocol: tcp FromPort: 40911 ToPort: 40999 CidrIp: '0.0.0.0/0' RocketMQNodeIAMRole: Type: AWS::IAM::Role Metadata: cfn-lint: config: ignore_checks: - EIAMPolicyWildcardResource ignore_reasons: EIAMPolicyWildcardResource: EC2 ec2:Describe* API actions do not support resource-level permission Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: - !Sub 'ec2.${AWS::URLSuffix}' Action: - sts:AssumeRole Path: / Policies: - PolicyName: rocketmq-quickstart-policy PolicyDocument: Statement: - Effect: Allow Action: - ec2:DescribeAccountAttributes - ec2:DescribeAddresses - ec2:DescribeAddressesAttribute - ec2:DescribeAggregateIdFormat - ec2:DescribeAvailabilityZones - ec2:DescribeBundleTasks - ec2:DescribeByoipCidrs - ec2:DescribeCapacityReservations - ec2:DescribeCarrierGateways - ec2:DescribeClassicLinkInstances - ec2:DescribeClientVpnAuthorizationRules - ec2:DescribeClientVpnConnections - ec2:DescribeClientVpnEndpoints - ec2:DescribeClientVpnRoutes - ec2:DescribeClientVpnTargetNetworks - ec2:DescribeCoipPools - ec2:DescribeConversionTasks - ec2:DescribeCustomerGateways - ec2:DescribeDhcpOptions - ec2:DescribeEgressOnlyInternetGateways - ec2:DescribeElasticGpus - ec2:DescribeExportImageTasks - ec2:DescribeExportTasks - ec2:DescribeFastSnapshotRestores - ec2:DescribeFleetHistory - ec2:DescribeFleetInstances - ec2:DescribeFleets - ec2:DescribeFlowLogs - ec2:DescribeFpgaImageAttribute - ec2:DescribeFpgaImages - ec2:DescribeHostReservationOfferings - ec2:DescribeHostReservations - ec2:DescribeHosts - ec2:DescribeIamInstanceProfileAssociations - ec2:DescribeIdFormat - ec2:DescribeIdentityIdFormat - ec2:DescribeImageAttribute - ec2:DescribeImages - ec2:DescribeImportImageTasks - ec2:DescribeImportSnapshotTasks - ec2:DescribeInstanceAttribute - ec2:DescribeInstanceCreditSpecifications - ec2:DescribeInstanceEventNotificationAttributes - ec2:DescribeInstanceStatus - ec2:DescribeInstanceTypeOfferings - ec2:DescribeInstanceTypes - ec2:DescribeInstances - ec2:DescribeInternetGateways - ec2:DescribeIpv6Pools - ec2:DescribeKeyPairs - ec2:DescribeLaunchTemplateVersions - ec2:DescribeLaunchTemplates - ec2:DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations - ec2:DescribeLocalGatewayRouteTableVpcAssociations - ec2:DescribeLocalGatewayRouteTables - ec2:DescribeLocalGatewayVirtualInterfaceGroups - ec2:DescribeLocalGatewayVirtualInterfaces - ec2:DescribeLocalGateways - ec2:DescribeManagedPrefixLists - ec2:DescribeMovingAddresses - ec2:DescribeNatGateways - ec2:DescribeNetworkAcls - ec2:DescribeNetworkInsightsAnalyses - ec2:DescribeNetworkInsightsPaths - ec2:DescribeNetworkInterfaceAttribute - ec2:DescribeNetworkInterfacePermissions - ec2:DescribeNetworkInterfaces - ec2:DescribePlacementGroups - ec2:DescribePrefixLists - ec2:DescribePrincipalIdFormat - ec2:DescribePublicIpv4Pools - ec2:DescribeRegions - ec2:DescribeReservedInstances - ec2:DescribeReservedInstancesListings - ec2:DescribeReservedInstancesModifications - ec2:DescribeReservedInstancesOfferings - ec2:DescribeRouteTables - ec2:DescribeScheduledInstanceAvailability - ec2:DescribeScheduledInstances - ec2:DescribeSecurityGroupReferences - ec2:DescribeSecurityGroups - ec2:DescribeSnapshotAttribute - ec2:DescribeSnapshots - ec2:DescribeSpotDatafeedSubscription - ec2:DescribeSpotFleetInstances - ec2:DescribeSpotFleetRequestHistory - ec2:DescribeSpotFleetRequests - ec2:DescribeSpotInstanceRequests - ec2:DescribeSpotPriceHistory - ec2:DescribeStaleSecurityGroups - ec2:DescribeSubnets - ec2:DescribeTags - ec2:DescribeTrafficMirrorFilters - ec2:DescribeTrafficMirrorSessions - ec2:DescribeTrafficMirrorTargets - ec2:DescribeTransitGatewayAttachments - ec2:DescribeTransitGatewayConnectPeers - ec2:DescribeTransitGatewayConnects - ec2:DescribeTransitGatewayMulticastDomains - ec2:DescribeTransitGatewayPeeringAttachments - ec2:DescribeTransitGatewayRouteTables - ec2:DescribeTransitGatewayVpcAttachments - ec2:DescribeTransitGateways - ec2:DescribeVolumeAttribute - ec2:DescribeVolumeStatus - ec2:DescribeVolumes - ec2:DescribeVolumesModifications - ec2:DescribeVpcAttribute - ec2:DescribeVpcClassicLink - ec2:DescribeVpcClassicLinkDnsSupport - ec2:DescribeVpcEndpointConnectionNotifications - ec2:DescribeVpcEndpointConnections - ec2:DescribeVpcEndpointServiceConfigurations - ec2:DescribeVpcEndpointServicePermissions - ec2:DescribeVpcEndpointServices - ec2:DescribeVpcEndpoints - ec2:DescribeVpcPeeringConnections - ec2:DescribeVpcs - ec2:DescribeVpnConnections - ec2:DescribeVpnGateways Resource: '*' - Effect: Allow Action: - ec2:AttachNetworkInterface - ec2:AttachVolume - ec2:CreateTags - ec2:CreateVolume - ec2:RunInstances - ec2:StartInstances - ec2:DeleteVolume - ec2:CreateSecurityGroup - ec2:CreateSnapshot Resource: '*' - Effect: Allow Action: - s3:GetObject Resource: !Sub - arn:${AWS::Partition}:s3:::${S3Bucket}/${QSS3KeyPrefix}* - S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref 'QSS3BucketName' - Effect: Allow Action: - dynamodb:BatchGetItem - dynamodb:CreateTable - dynamodb:DeleteTable - dynamodb:DescribeTable - dynamodb:GetItem - dynamodb:PutItem - dynamodb:Query - dynamodb:Scan - dynamodb:UpdateItem - dynamodb:UpdateTable Resource: - !Sub 'arn:${AWS::Partition}:dynamodb:${AWS::Region}:${AWS::AccountId}:table/*ROCKETMQ_*' RocketMQNodeIAMProfile: Type: AWS::IAM::InstanceProfile Properties: Path: / Roles: - !Ref 'RocketMQNodeIAMRole' RocketMQNameServerNode0WaitForNodeInstallWaitHandle: Type: AWS::CloudFormation::WaitConditionHandle Condition: Launch1NameServer Properties: {} RocketMQNameServerNode0: Type: AWS::CloudFormation::Stack Condition: Launch1NameServer Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/rocketmq-node-nameserver.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' NameServerClusterCount: !Ref 'NameServerClusterCount' BrokerClusterCount: !Ref 'BrokerClusterCount' RocketMQVersion: !Ref 'RocketMQVersion' Iops: !Ref 'Iops' KeyName: !Ref 'KeyPairName' BrokerNodeInstanceType: !Ref 'NameServerInstanceType' NodeSubnet: !Ref 'PrimaryNodeSubnet' RocketMQNameServerSecurityGroupID: !Ref 'RocketMQNameServerSecurityGroup' RocketMQNodeIAMProfileID: !Ref 'RocketMQNodeIAMProfile' VPC: !Ref 'VPC' VolumeSize: !Ref 'VolumeSize' VolumeType: !Ref 'VolumeType' StackName: !Ref 'AWS::StackName' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - AMZNLINUX ReplicaNodeNameTag: PrimaryRocketMQ-NameServer-Node-0 NodeReplicaSetIndex: '0' ReplicaNodeWaitForNodeInstallWaitHandle: !Ref 'RocketMQNameServerNode0WaitForNodeInstallWaitHandle' RocketMQNameServerNode0WaitForNodeInstall: Type: AWS::CloudFormation::WaitCondition Condition: Launch1NameServer DependsOn: RocketMQNameServerNode0 Properties: Handle: !Ref 'RocketMQNameServerNode0WaitForNodeInstallWaitHandle' Timeout: '3600' RocketMQNameServerNode1WaitForNodeInstallWaitHandle: Type: AWS::CloudFormation::WaitConditionHandle Properties: {} RocketMQNameServerNode1: Type: AWS::CloudFormation::Stack Condition: Launch2NameServer Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/rocketmq-node-nameserver.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' NameServerClusterCount: !Ref 'NameServerClusterCount' BrokerClusterCount: !Ref 'BrokerClusterCount' RocketMQVersion: !Ref 'RocketMQVersion' Iops: !Ref 'Iops' KeyName: !Ref 'KeyPairName' BrokerNodeInstanceType: !Ref 'NameServerInstanceType' NodeSubnet: !Ref 'PrimaryNodeSubnet' RocketMQNameServerSecurityGroupID: !Ref 'RocketMQNameServerSecurityGroup' RocketMQNodeIAMProfileID: !Ref 'RocketMQNodeIAMProfile' VPC: !Ref 'VPC' VolumeSize: !Ref 'VolumeSize' VolumeType: !Ref 'VolumeType' StackName: !Ref 'AWS::StackName' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - AMZNLINUX ReplicaNodeNameTag: RocketMQ-NameServer-Node-1 NodeReplicaSetIndex: '1' ReplicaNodeWaitForNodeInstallWaitHandle: !Ref 'RocketMQNameServerNode1WaitForNodeInstallWaitHandle' RocketMQNameServerNode1WaitForNodeInstall: Type: AWS::CloudFormation::WaitCondition Condition: Launch2NameServer DependsOn: RocketMQNameServerNode1 Properties: Handle: !Ref 'RocketMQNameServerNode1WaitForNodeInstallWaitHandle' Timeout: '3600' RocketMQNameServerNode2WaitForNodeInstallWaitHandle: Type: AWS::CloudFormation::WaitConditionHandle Properties: {} RocketMQNameServerNode2: Type: AWS::CloudFormation::Stack Condition: Launch3NameServer Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/rocketmq-node-broker.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' BrokerClusterCount: !Ref 'BrokerClusterCount' RocketMQVersion: !Ref 'RocketMQVersion' Iops: !Ref 'Iops' KeyName: !Ref 'KeyPairName' BrokerNodeInstanceType: !Ref 'NameServerInstanceType' NodeSubnet: !Ref 'PrimaryNodeSubnet' RocketMQNameServerSecurityGroupID: !Ref 'RocketMQNameServerSecurityGroup' RocketMQNodeIAMProfileID: !Ref 'RocketMQNodeIAMProfile' VPC: !Ref 'VPC' VolumeSize: !Ref 'VolumeSize' VolumeType: !Ref 'VolumeType' StackName: !Ref 'AWS::StackName' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - AMZNLINUX ReplicaNodeNameTag: RocketMQ-NameServer-Node-2 NodeReplicaSetIndex: '2' ReplicaNodeWaitForNodeInstallWaitHandle: !Ref 'RocketMQNameServerNode2WaitForNodeInstallWaitHandle' RocketMQNameServerNode2WaitForNodeInstall: Type: AWS::CloudFormation::WaitCondition Condition: Launch3NameServer DependsOn: RocketMQNameServerNode2 Properties: Handle: !Ref 'RocketMQNameServerNode2WaitForNodeInstallWaitHandle' Timeout: '3600' PrimaryRocketMQBrokerNode0WaitForNodeInstallWaitHandle: Type: AWS::CloudFormation::WaitConditionHandle Properties: {} PrimaryRocketMQBrokerNode0: Type: AWS::CloudFormation::Stack DependsOn: RocketMQNameServerNode0 Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/rocketmq-node-broker.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' BrokerClusterCount: !Ref 'BrokerClusterCount' FlushDiskType: !Ref 'FlushDiskType' Iops: !Ref 'Iops' KeyName: !Ref 'KeyPairName' BrokerNodeInstanceType: !Ref 'BrokerNodeInstanceType' RocketMQVersion: !Ref 'RocketMQVersion' NodeSubnet: !Ref 'PrimaryNodeSubnet' RocketMQBrokerServerSecurityGroupID: !Ref 'RocketMQBrokerServerSecurityGroup' RocketMQNodeIAMProfileID: !Ref 'RocketMQNodeIAMProfile' VPC: !Ref 'VPC' VolumeSize: !Ref 'VolumeSize' VolumeType: !Ref 'VolumeType' StackName: !Ref 'AWS::StackName' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - AMZNLINUX ReplicaNodeNameTag: PrimaryRocketMQ-Broker-Node-0 NodeReplicaSetIndex: '0' ReplicaNodeWaitForNodeInstallWaitHandle: !Ref 'PrimaryRocketMQBrokerNode0WaitForNodeInstallWaitHandle' PrimaryRocketMQBrokerNode0WaitForNodeInstall: Type: AWS::CloudFormation::WaitCondition DependsOn: PrimaryRocketMQBrokerNode0 Properties: Handle: !Ref 'PrimaryRocketMQBrokerNode0WaitForNodeInstallWaitHandle' Timeout: '3600' SecondaryRocketMQBrokerNode0WaitForNodeInstallWaitHandle: Type: AWS::CloudFormation::WaitConditionHandle Properties: {} Condition: CreateThreeReplicaSet SecondaryRocketMQBrokerNode0: Condition: CreateThreeReplicaSet Type: AWS::CloudFormation::Stack DependsOn: RocketMQNameServerNode0 Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/rocketmq-node-broker.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' BrokerClusterCount: !Ref 'BrokerClusterCount' FlushDiskType: !Ref 'FlushDiskType' RocketMQVersion: !Ref 'RocketMQVersion' Iops: !Ref 'Iops' KeyName: !Ref 'KeyPairName' BrokerNodeInstanceType: !Ref 'BrokerNodeInstanceType' NodeSubnet: !Ref 'Secondary0NodeSubnet' RocketMQBrokerServerSecurityGroupID: !Ref 'RocketMQBrokerServerSecurityGroup' RocketMQNodeIAMProfileID: !Ref 'RocketMQNodeIAMProfile' VPC: !Ref 'VPC' VolumeSize: !Ref 'VolumeSize' VolumeType: !Ref 'VolumeType' StackName: !Ref 'AWS::StackName' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - AMZNLINUX ReplicaNodeNameTag: Secondary-RocketMQ-Broker-Node-0 NodeReplicaSetIndex: '1' ReplicaNodeWaitForNodeInstallWaitHandle: !Ref 'SecondaryRocketMQBrokerNode0WaitForNodeInstallWaitHandle' SecondaryRocketMQBrokerNode0WaitForNodeInstall: Type: AWS::CloudFormation::WaitCondition Condition: CreateThreeReplicaSet DependsOn: SecondaryRocketMQBrokerNode0 Properties: Handle: !Ref 'SecondaryRocketMQBrokerNode0WaitForNodeInstallWaitHandle' Timeout: '3600' SecondaryRocketMQBrokerNode1WaitForNodeInstallWaitHandle: Type: AWS::CloudFormation::WaitConditionHandle Properties: {} Condition: CreateThreeReplicaSet SecondaryRocketMQBrokerNode1: Condition: CreateThreeReplicaSet Type: AWS::CloudFormation::Stack DependsOn: RocketMQNameServerNode0 Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/rocketmq-node-broker.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' BrokerClusterCount: !Ref 'BrokerClusterCount' FlushDiskType: !Ref 'FlushDiskType' RocketMQVersion: !Ref 'RocketMQVersion' Iops: !Ref 'Iops' KeyName: !Ref 'KeyPairName' BrokerNodeInstanceType: !Ref 'BrokerNodeInstanceType' NodeSubnet: !Ref 'Secondary1NodeSubnet' RocketMQBrokerServerSecurityGroupID: !Ref 'RocketMQBrokerServerSecurityGroup' RocketMQNodeIAMProfileID: !Ref 'RocketMQNodeIAMProfile' VPC: !Ref 'VPC' VolumeSize: !Ref 'VolumeSize' VolumeType: !Ref 'VolumeType' StackName: !Ref 'AWS::StackName' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - AMZNLINUX ReplicaNodeNameTag: Secondary-RocketMQ-Broker-Node-1 NodeReplicaSetIndex: '2' ReplicaNodeWaitForNodeInstallWaitHandle: !Ref 'SecondaryRocketMQBrokerNode1WaitForNodeInstallWaitHandle' SecondaryRocketMQBrokerNode1WaitForNodeInstall: Type: AWS::CloudFormation::WaitCondition Condition: CreateThreeReplicaSet DependsOn: SecondaryRocketMQBrokerNode1 Properties: Handle: !Ref 'SecondaryRocketMQBrokerNode1WaitForNodeInstallWaitHandle' Timeout: '3600' Outputs: PrimaryReplicaNodeIp: Value: !GetAtt 'PrimaryRocketMQBrokerNode0.Outputs.NodePrivateIp' Description: Private IP Address of Primary Replica Node SecondaryRocketMQBrokerNode0Ip: Value: !GetAtt 'SecondaryRocketMQBrokerNode0.Outputs.NodePrivateIp' Description: Private IP Address of Secondary Replica 0 Node Condition: CreateThreeReplicaSet SecondaryRocketMQBrokerNode1Ip: Value: !GetAtt 'SecondaryRocketMQBrokerNode1.Outputs.NodePrivateIp' Description: Private IP Address of Secondary Replica 1 Node Condition: CreateThreeReplicaSet RocketMQServerAccessSecurityGroup: Value: !Ref 'RocketMQServerAccessSecurityGroup' Description: Apache RocketMQ Access Security Group