AWSTemplateFormatVersion: "2010-09-09" # MIT License # # Copyright (c) 2021 Qumulo, Inc. # # Permission is hereby granted, free of charge, to any person obtaining a copy # of this software and associated documentation files (the "Software"), to deal # in the Software without restriction, including without limitation the rights # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell # copies of the Software, and to permit persons to whom the Software is # furnished to do so, subject to the following conditions: # # The above copyright notice and this permission notice shall be included in all # copies or substantial portions of the Software. # # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE # SOFTWARE. Description: This template instantiates a Pulbic AWS Network Load Balancer with an EIP connected to the Qumulo Cluster Static IP addresses, insuring management reachability (qs-1s6n2i67j) Metadata: cfn-lint: config: ignore_checks: - W9001 - W9002 - W9003 - W9004 - W9006 Parameters: VPCID: Type: String PublicSubnetIDs: Type: CommaDelimitedList NodeIPs: Type: CommaDelimitedList NumNodes: Type: String EnableReplication: Type: String Conditions: Provision5: !Or [!Equals [!Ref NumNodes, "5"], Condition: Provision6] Provision6: !Or [!Equals [!Ref NumNodes, "6"], Condition: Provision7] Provision7: !Or [!Equals [!Ref NumNodes, "7"], Condition: Provision8] Provision8: !Or [!Equals [!Ref NumNodes, "8"], Condition: Provision9] Provision9: !Or [!Equals [!Ref NumNodes, "9"], Condition: Provision10] Provision10: !Or [!Equals [!Ref NumNodes, "10"], Condition: Provision11] Provision11: !Or [!Equals [!Ref NumNodes, "11"], Condition: Provision12] Provision12: !Or [!Equals [!Ref NumNodes, "12"], Condition: Provision13] Provision13: !Or [!Equals [!Ref NumNodes, "13"], Condition: Provision14] Provision14: !Or [!Equals [!Ref NumNodes, "14"], Condition: Provision15] Provision15: !Or [!Equals [!Ref NumNodes, "15"], Condition: Provision16] Provision16: !Or [!Equals [!Ref NumNodes, "16"], Condition: Provision17] Provision17: !Or [!Equals [!Ref NumNodes, "17"], Condition: Provision18] Provision18: !Or [!Equals [!Ref NumNodes, "18"], Condition: Provision19] Provision19: !Or [!Equals [!Ref NumNodes, "19"], Condition: Provision20] Provision20: !Or [!Equals [!Ref NumNodes, "20"], Condition: Provision21] Provision21: !Or [!Equals [!Ref NumNodes, "21"], Condition: Provision22] Provision22: !Or [!Equals [!Ref NumNodes, "22"], Condition: Provision23] Provision23: !Or [!Equals [!Ref NumNodes, "23"], Condition: Provision24] Provision24: !Equals [!Ref NumNodes, "24"] ProvRepl: !Not - !Equals - !Ref EnableReplication - "NO" Resources: NLB: Type: "AWS::ElasticLoadBalancingV2::LoadBalancer" Properties: Name: !Join - "" - - "qumulo-pub-" - !Select [1, !Split ["-MGMTNLBSTACK-", !Ref "AWS::StackName"]] Type: network IpAddressType: ipv4 Scheme: internet-facing Subnets: !Ref PublicSubnetIDs Tags: - Key: Name Value: !Join - "" - - Ref: "AWS::StackName" - " - Qumulo Public Management NLB" NLBTargetGroupMgmt: Type: "AWS::ElasticLoadBalancingV2::TargetGroup" Properties: Name: !Join - "" - - "qpub-443-" - !Select [1, !Split ["-MGMTNLBSTACK-", !Ref "AWS::StackName"]] TargetType: ip Protocol: TCP Port: 80 VpcId: !Ref VPCID TargetGroupAttributes: - Key: stickiness.enabled Value: "true" - Key: stickiness.type Value: source_ip Targets: - Id: !Select [0, !Ref NodeIPs] Port: 443 - Id: !Select [1, !Ref NodeIPs] Port: 443 - Id: !Select [2, !Ref NodeIPs] Port: 443 - Id: !Select [3, !Ref NodeIPs] Port: 443 - !If - Provision5 - Id: !Select [4, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision6 - Id: !Select [5, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision7 - Id: !Select [6, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision8 - Id: !Select [7, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision9 - Id: !Select [8, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision10 - Id: !Select [9, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision11 - Id: !Select [10, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision12 - Id: !Select [11, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision13 - Id: !Select [12, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision14 - Id: !Select [13, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision15 - Id: !Select [14, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision16 - Id: !Select [15, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision17 - Id: !Select [16, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision18 - Id: !Select [17, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision19 - Id: !Select [18, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision20 - Id: !Select [19, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision21 - Id: !Select [20, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision22 - Id: !Select [21, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision23 - Id: !Select [22, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue - !If - Provision24 - Id: !Select [23, !Ref NodeIPs] Port: 443 - !Ref AWS::NoValue NLBTargetGroupRepl: Type: "AWS::ElasticLoadBalancingV2::TargetGroup" Condition: ProvRepl Properties: Name: !Join - "" - - "qpub-3712-" - !Select [1, !Split ["-MGMTNLBSTACK-", !Ref "AWS::StackName"]] TargetType: ip Protocol: TCP Port: 80 VpcId: !Ref VPCID TargetGroupAttributes: - Key: stickiness.enabled Value: "true" - Key: stickiness.type Value: source_ip Targets: - Id: !Select [0, !Ref NodeIPs] Port: 3712 - Id: !Select [1, !Ref NodeIPs] Port: 3712 - Id: !Select [2, !Ref NodeIPs] Port: 3712 - Id: !Select [3, !Ref NodeIPs] Port: 3712 - !If - Provision5 - Id: !Select [4, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision6 - Id: !Select [5, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision7 - Id: !Select [6, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision8 - Id: !Select [7, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision9 - Id: !Select [8, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision10 - Id: !Select [9, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision11 - Id: !Select [10, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision12 - Id: !Select [11, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision13 - Id: !Select [12, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision14 - Id: !Select [13, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision15 - Id: !Select [14, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision16 - Id: !Select [15, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision17 - Id: !Select [16, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision18 - Id: !Select [17, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision19 - Id: !Select [18, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision20 - Id: !Select [19, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision21 - Id: !Select [20, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision22 - Id: !Select [21, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision23 - Id: !Select [22, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue - !If - Provision24 - Id: !Select [23, !Ref NodeIPs] Port: 3712 - !Ref AWS::NoValue NLBListenerHTTPS: Type: "AWS::ElasticLoadBalancingV2::Listener" Properties: DefaultActions: - Type: forward TargetGroupArn: !Ref NLBTargetGroupMgmt LoadBalancerArn: !Ref NLB Port: 443 Protocol: TCP NLBListenerRepl: Type: "AWS::ElasticLoadBalancingV2::Listener" Condition: ProvRepl Properties: DefaultActions: - Type: forward TargetGroupArn: !Ref NLBTargetGroupRepl LoadBalancerArn: !Ref NLB Port: 3712 Protocol: TCP Outputs: NLBDNS: Value: !Join - "" - - "https://" - !GetAtt NLB.DNSName