AWSTemplateFormatVersion: '2010-09-09' Description: Deploy StarRocks on Amazon Web Services in a new VPC.(qs-1t73fgd1ha) Metadata: QSLint: Exclusions: [ W9002, W9003, W9004, W9006 ] LICENSE: Apache License Version 2.0 QuickStartDocumentation: EntrypointName: "Parameters for deploying StatRock into an new VPC" Order: "1" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - AvailabilityZones - NumberOfAZs - PublicSubnet1CIDR - PublicSubnet2CIDR - PrivateSubnet1ACIDR - PrivateSubnet2ACIDR - PrivateSubnet1BCIDR - PrivateSubnet2BCIDR - VPCCIDR - Label: default: Quick Start configuration Parameters: - QSS3BucketName - QSS3KeyPrefix - QSS3BucketRegion - RemoteAccessCIDR - BastionEnabled - Label: default: EC2 configuration Parameters: - KeyPairName - Label: default: Environment configuration Parameters: - SpecifiedAmiId - JDKDownLoadURL - StarRocksDownLoadURL # StarRocks Cluster configuration - Label: default: StarRocks cluster configuration Parameters: - FeNodeCount - FeNodeInstanceType - BeNodeCount - BeNodeInstanceType - RootPassword - ConfirmRootPassword # Fe configuration - Label: default: Starrocks FE node configuration Parameters: - LogDir - LogLevel - MetaDir # BE configuration - Label: default: Starrocks BE node configuration Parameters: - SysLogDir - SysLogLevel - VolumeType - VolumeSize ParameterLabels: AvailabilityZones: default: Availability Zones NumberOfAZs: default: Number of Availability Zones VPCCIDR: default: VPC CIDR PrivateSubnet1ACIDR: default: Private subnet 1A CIDR PrivateSubnet1BCIDR: default: Private subnet 1B with dedicated network ACL CIDR PrivateSubnet2ACIDR: default: Private subnet 2A CIDR PrivateSubnet2BCIDR: default: Private subnet 2B with dedicated network ACL CIDR PublicSubnet1CIDR: default: Public subnet 1 CIDR PublicSubnet2CIDR: default: Public subnet 2 CIDR KeyPairName: default: Key pair name QSS3BucketName: default: Quick Start S3 bucket name QSS3KeyPrefix: default: Quick Start S3 key prefix QSS3BucketRegion: default: Quick Start S3 bucket Region RemoteAccessCIDR: default: Allowed bastion external access CIDR BastionEnabled: default: Bastion enabled SpecifiedAmiId: default: (Optional)Specified AMI ID. JDKDownLoadURL: default: JDK 1.8 download URL StarRocksDownLoadURL: default: StarRocks download URL FeNodeCount: default: Number of StarRocks FE nodes FeNodeInstanceType: default: StarRocks FE instance type BeNodeCount: default: Number of StarRocks BE nodes BeNodeInstanceType: default: BE instance type RootPassword: default: (Required)Root Password of Starrock ConfirmRootPassword: default: (Required)Confirm Root Password # FE LogLevel: default: StarRocks FE syslog level MetaDir: default: Metadata directory LogDir: default: Log directory # BE SysLogLevel: default: StarRocks BE syslog level VolumeType: default: StarRocks BE nodes volume type VolumeSize: default: StarRocks BE nodes volume size SysLogDir: default: Default syslog directory Parameters: AvailabilityZones: Description: List of Availability Zones to use for the subnets in the VPC. Two Availability Zones are used in this deployment. Type: List KeyPairName: Type: AWS::EC2::KeyPair::KeyName Description: Name of an existing public/private key pair, which allows you to securely connect to your instance after it launches. Alternatively, if you don't specify a key pair, you can use AWS Systems Manager Session Manager to connect to the instance. SpecifiedAmiId: Description: Specified EC2 AMI ID. Type: String AllowedPattern: "(^$|^ami-[a-z0-9]+)" ConstraintDescription: SpecifiedAmiId parameter must be in the form ami-xxxx. Default: '' BastionEnabled: Type: String Default: true AllowedValues: - true - false PublicSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.128.0/20 Description: CIDR block for the public perimeter zone subnet 1, located in Availability Zone 1. Type: String PublicSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.144.0/20 Description: CIDR block for the public perimeter zone subnet 2, located in Availability Zone 2. Type: String PrivateSubnet1ACIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.0.0/19 Description: CIDR block for private subnet 1A, located in Availability Zone 1. Type: String PrivateSubnet1BCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.192.0/21 Description: CIDR block for private subnet 1B with dedicated network ACL, located in Availability Zone 1. Type: String PrivateSubnet2ACIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.32.0/19 Description: CIDR block for private subnet 2A, located in Availability Zone 2. Type: String PrivateSubnet2BCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.200.0/21 Description: CIDR block for private subnet 2B with dedicated network ACL, located in Availability Zone 2. Type: String QSS3BucketName: AllowedPattern: '^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$' ConstraintDescription: The S3 bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-), but it cannot start or end with a hyphen. Default: aws-quickstart Description: 'Name of the S3 bucket for your copy of the deployment assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new location.' Type: String QSS3KeyPrefix: AllowedPattern: '^[0-9a-zA-Z-/]*$' ConstraintDescription: The S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). End the prefix with a forward slash. Default: quickstart-starrocks-starrocks/ Description: 'S3 key prefix that is used to simulate a folder for your copy of the deployment assets. Keep the default prefix unless you are customizing the template. Changing the prefix updates code references to point to a new location.' Type: String QSS3BucketRegion: Default: 'us-east-1' Description: 'AWS Region where the S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing the Region updates code references to point to a new location. When using your own bucket, specify the Region.' Type: String RemoteAccessCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x. Description: CIDR IP range that is permitted to access the instances. We recommend that you set this value to a trusted IP range. Type: String Default: 10.0.0.0/16 VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16–28. Default: 10.0.0.0/16 Description: CIDR block for the VPC. Type: String NumberOfAZs: Type: String AllowedValues: [ "2"] Default: "2" Description: Number of Availability Zones to use in the VPC. This must match the value entered for the AvailabilityZones parameter. JDKDownLoadURL: Description: URL to download Java Development Kit (JDK) 1.8 tar.gz file. Type: String Default: https://cdn-thirdparty.starrocks.com/java-se-8u41-ri.tar.gz StarRocksDownLoadURL: Description: URL to download the StarRocks tar.gz file. Type: String Default: https://releases.starrocks.io/starrocks/StarRocks-2.5.1.tar.gz FeNodeCount: Type: Number Default: 1 Description: Number of StarRocks FE nodes to deploy (1 or 3). AllowedValues: - 1 - 3 FeNodeInstanceType: AllowedValues: - t2.micro - t2.small - t2.medium - t2.large - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - c4.large - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - r5.large - r5.xlarge - r5.2xlarge - r5.4xlarge - r5.8xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge Default: t2.micro Description: Amazon EC2 instance type for StarRocks FE nodes. Type: String BeNodeCount: Type: Number Default: 3 Description: Number of StarRocks BE nodes to deploy (3, 4, 5, or 6). AllowedValues: - 3 - 4 - 5 - 6 BeNodeInstanceType: AllowedValues: - t2.micro - t2.small - t2.medium - t2.large - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - c4.large - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - r5.large - r5.xlarge - r5.2xlarge - r5.4xlarge - r5.8xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge Default: t2.micro Description: Amazon EC2 instance type for BE instances. Type: String RootPassword: NoEcho: true Type: String MinLength: 12 MaxLength: 32 AllowedPattern: '^[a-zA-Z0-9]*$' Description: Root Password, The minimum length that can be specified is 12, and the maximum length that can be specified is 32. The pattern allows lowercase and uppercase alphabetical characters and numerals. ConfirmRootPassword: NoEcho: true Type: String MinLength: 12 MaxLength: 32 AllowedPattern: '^[a-zA-Z0-9]*$' Description: Confirm Root Password. # Fe LogLevel: Description: Starrock FE syslog level. Type: String Default: INFO AllowedValues: - INFO - WARN - ERROR - FATAL MetaDir: Description: Absolute path to the metadata directory. Type: String Default: feDefaultMetaPath # Be SysLogLevel: Description: Starrock BE system-log level. Type: String Default: INFO AllowedValues: - INFO - WARN - ERROR - FATAL VolumeType: Type: String Description: Type of data-storage EBS volume mounted to BE node. Default: gp2 AllowedValues: - gp2 - gp3 - st1 - io1 VolumeSize: Type: String Description: Size of data-storage EBS volume mounted to BE node (in GBs). Default: 50 LogDir: Type: String Description: Default path for log files. Default: feDefaultLogPath SysLogDir: Type: String Description: Default path for syslog files. Default: beDefaultLogPath Conditions: IsBastionEnabled: !Equals [!Ref "BastionEnabled", "true"] UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] 4BeNodesCondition: !Or - !Equals [!Ref 'BeNodeCount', '4'] - !Equals [!Ref 'BeNodeCount', '5'] - !Equals [!Ref 'BeNodeCount', '6'] 5BeNodesCondition: !Or - !Equals [!Ref 'BeNodeCount', '5'] - !Equals [!Ref 'BeNodeCount', '6'] 6BeNodesCondition: !Equals [!Ref 'BeNodeCount', '6'] Rules: matchPasswords: Assertions: - Assert: Fn::Equals: - Ref: 'RootPassword' - Ref: 'ConfirmRootPassword' Resources: VPCStack: Type: AWS::CloudFormation::Stack Metadata: cfn-lint: { config: { ignore_checks: [ W9901 ] } } Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: AvailabilityZones: !Join [ ',', !Ref 'AvailabilityZones' ] NumberOfAZs: !Ref 'NumberOfAZs' PublicSubnet1CIDR: !Ref 'PublicSubnet1CIDR' PublicSubnet2CIDR: !Ref 'PublicSubnet2CIDR' PrivateSubnet1ACIDR: !Ref PrivateSubnet1ACIDR PrivateSubnet1BCIDR: !Ref PrivateSubnet1BCIDR PrivateSubnet2ACIDR: !Ref PrivateSubnet2ACIDR PrivateSubnet2BCIDR: !Ref PrivateSubnet2BCIDR VPCCIDR: !Ref 'VPCCIDR' BastionStack: Condition: IsBastionEnabled Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-linux-bastion/templates/linux-bastion.template' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: VPCID: !GetAtt VPCStack.Outputs.VPCID PublicSubnet1ID: !GetAtt VPCStack.Outputs.PublicSubnet1ID PublicSubnet2ID: !GetAtt VPCStack.Outputs.PublicSubnet2ID KeyPairName: !Ref KeyPairName QSS3BucketName: !Ref QSS3BucketName QSS3KeyPrefix: !Sub '${QSS3KeyPrefix}submodules/quickstart-linux-bastion/' QSS3BucketRegion: !Ref QSS3BucketRegion RemoteAccessCIDR: !Ref RemoteAccessCIDR SecurityGroupStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/starrocks_securitygroups.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: VPCID: !GetAtt VPCStack.Outputs.VPCID VPCCIDR: !GetAtt VPCStack.Outputs.VPCCIDR BastionSecurityGroupID: !If [ IsBastionEnabled, !GetAtt BastionStack.Outputs.BastionSecurityGroupID, ""] StarRocksClusterStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/starrocks_cluster.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: PrivateSubnetID: !GetAtt VPCStack.Outputs.PrivateSubnet1AID StarRocksServerSecurityGroup: !GetAtt SecurityGroupStack.Outputs.StarRocksServerSecurityGroup KeyPairName: !Ref KeyPairName SpecifiedAmiId: !Ref SpecifiedAmiId JDKDownLoadURL: !Ref JDKDownLoadURL StarRocksDownLoadURL: !Ref StarRocksDownLoadURL FeNodeInstanceType: !Ref FeNodeInstanceType FeNodeCount: !Ref FeNodeCount FeSysLogDir: !Ref LogDir FeSysLogLevel: !Ref LogLevel FeMetaDir: !Ref MetaDir BeNodeCount: !Ref BeNodeCount BeNodeInstanceType: !Ref BeNodeInstanceType BeSysLogDir: !Ref SysLogDir BeSysLogLevel: !Ref SysLogLevel VolumeType: !Ref VolumeType VolumeSize: !Ref VolumeSize QSS3BucketName: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] QSS3KeyPrefix: !Ref QSS3KeyPrefix RootPassword: !Ref RootPassword Outputs: Postdeployment: Description: See the deployment guide for postdeployment steps. Value: https://fwd.aws/qeAwq?