AWSTemplateFormatVersion: '2010-09-09' Description: This template deploys an EC2 instnace using the StarWind VSAN Marketplace AMI in an existing VPC. It also creates a total of 3 Elastic Network Interfaces (ENIs) and attaches them to the instance. (qs-1sgqsed26) Metadata: cfn-lint: config: ignore_checks: - W9006 AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - PrivateSubnetID - ISCSIENIPrivateIP - ISCSIENISGId - ManagementENIPrivateIP - ManagementENISGId - SyncronizationENIPrivateIP - SyncronizationENISGId - Label: default: Amazon EC2 configuration Parameters: - ParentStackName - NodeOrWitness - SWVSANEC2InstanceName - WorkloadInstanceType - SWVSANStorageVolumeSize - KeyPairName - SWVSANEC2IAMInstanceProfile - SWVSANEC2IAMInstanceUserData - SWVSANAMIOS ParameterLabels: KeyPairName: default: SSH key name PrivateSubnetID: default: Private subnet ID ISCSIENIPrivateIP: default: iSCSI private IP address ISCSIENISGId: default: iSCSI ENI Security Group ID ManagementENIPrivateIP: default: Management/Witness private IP address ManagementENISGId: default: Management ENI Security Group ID SyncronizationENIPrivateIP: default: Syncronization private IP address SyncronizationENISGId: default: Syncronization ENI Security Group ID WorkloadInstanceType: default: Workload instance type SWVSANStorageVolumeSize: default: Secondary EBS volume size SWVSANEC2InstanceName: default: StarWind VSAN instance name NodeOrWitness: default: Storage Node or Witness SWVSANEC2IAMInstanceProfile: default: IAM Instance Profile SWVSANEC2IAMInstanceUserData: default: EC2 Instance User Data Profile SWVSANAMIOS: default: Version of Windows to use for the instance ParentStackName: default: Parent CloudFormation Stack Name Parameters: KeyPairName: Description: Name of an existing EC2 key pair. The instance will launch with this key pair. Type: AWS::EC2::KeyPair::KeyName PrivateSubnetID: Description: ID of private subnet for the instance (e.g., subnet-b1f432cd). Type: AWS::EC2::Subnet::Id ISCSIENIPrivateIP: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 0.0.0.0 Description: Private IP used for iSCSI traffic ENI. Specifying 0.0.0.0 will randomly select an available IP from the subnet. Type: String ISCSIENISGId: Default: default Type: String Description: Security group for the iSCSI ENI ManagementENIPrivateIP: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 0.0.0.0 Description: Private IP used for Management/Witness traffic ENI. Specifying 0.0.0.0 will randomly select an available IP from the subnet. Type: String ManagementENISGId: Default: default Type: String Description: Security group for the management ENI SyncronizationENIPrivateIP: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 0.0.0.0 Description: Private IP used for syncronization traffic ENI. Specifying 0.0.0.0 will randomly select an available IP from the subnet. Type: String SyncronizationENISGId: Default: default Type: String Description: Security group for the synchronization ENI WorkloadInstanceType: AllowedValues: - c5.12xlarge - c5.18xlarge - c5.24xlarge - c5.2xlarge - c5.4xlarge - c5.9xlarge - c5.metal - c5d.18xlarge - c5d.2xlarge - c5d.4xlarge - c5d.9xlarge - c5n.18xlarge - c5n.2xlarge - c5n.4xlarge - c5n.9xlarge - c5n.metal - d2.2xlarge - d2.4xlarge - d2.8xlarge - f1.16xlarge - g2.2xlarge - g2.8xlarge - g3.16xlarge - g3.4xlarge - g3.8xlarge - g4dn.12xlarge - g4dn.16xlarge - g4dn.2xlarge - g4dn.4xlarge - g4dn.8xlarge - h1.16xlarge - h1.2xlarge - h1.4xlarge - h1.8xlarge - hs1.8xlarge - i2.2xlarge - i2.4xlarge - i2.8xlarge - i3.16xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.metal - i3en.12xlarge - i3en.24xlarge - i3en.2xlarge - i3en.3xlarge - i3en.6xlarge - i3en.large - i3en.metal - i3en.xlarge - m5.12xlarge - m5.16xlarge - m5.24xlarge - m5.2xlarge - m5.xlarge - m5.4xlarge - m5.8xlarge - m5.metal - m5a.12xlarge - m5a.16xlarge - m5a.24xlarge - m5a.2xlarge - m5a.4xlarge - m5a.8xlarge - m5ad.12xlarge - m5ad.24xlarge - m5ad.2xlarge - m5ad.4xlarge - m5d.12xlarge - m5d.16xlarge - m5d.24xlarge - m5d.2xlarge - m5d.4xlarge - m5d.8xlarge - m5d.metal - m5dn.12xlarge - m5dn.16xlarge - m5dn.24xlarge - m5dn.2xlarge - m5dn.4xlarge - m5dn.8xlarge - m5n.12xlarge - m5n.16xlarge - m5n.24xlarge - m5n.2xlarge - m5n.4xlarge - m5n.8xlarge - p2.16xlarge - p2.8xlarge - p3.16xlarge - p3.2xlarge - p3.8xlarge - p3dn.24xlarge - r5.12xlarge - r5.16xlarge - r5.24xlarge - r5.2xlarge - r5.4xlarge - r5.8xlarge - r5.metal - r5a.12xlarge - r5a.16xlarge - r5a.24xlarge - r5a.2xlarge - r5a.4xlarge - r5a.8xlarge - r5ad.12xlarge - r5ad.24xlarge - r5ad.2xlarge - r5ad.4xlarge - r5d.12xlarge - r5d.16xlarge - r5d.24xlarge - r5d.2xlarge - r5d.4xlarge - r5d.8xlarge - r5d.metal - r5dn.12xlarge - r5dn.16xlarge - r5dn.24xlarge - r5dn.2xlarge - r5dn.4xlarge - r5dn.8xlarge - r5n.12xlarge - r5n.16xlarge - r5n.24xlarge - r5n.2xlarge - r5n.4xlarge - r5n.8xlarge - t3.2xlarge - t3a.2xlarge - x1.16xlarge - x1.32xlarge - x1e.16xlarge - x1e.2xlarge - x1e.32xlarge - x1e.4xlarge - x1e.8xlarge - z1d.12xlarge - z1d.2xlarge - z1d.3xlarge - z1d.6xlarge - z1d.metal ConstraintDescription: Must contain valid instance type. Default: m5.xlarge Description: Type of EC2 instance for the workload instances. Type: String SWVSANAMIOS: Type: String Description: Operating system version of the StarWind instance to be created. Default: WindowsServer2019 AllowedValues: - WindowsServer2019 - WindowsServer2016 SWVSANStorageVolumeSize: Type: Number Default: 100 ConstraintDescription: Must be between 1 GB and 16,000 GB (16 TB). MinValue: 1 MaxValue: 16000 Description: Size of StarWind VSAN virtualized storage in GBs. SWVSANEC2InstanceName: Type: String Default: StarWind Node X Description: EC2 instance name NodeOrWitness: Type: String Description: Type of the StarWind instance to be created. Default: Storage Node AllowedValues: - Storage Node - Witness SWVSANEC2IAMInstanceProfile: Type: String Description: IAM Instance Profile to be used for the node/witness. SWVSANEC2IAMInstanceUserData: Type: String Default: "" Description: User Data script to be run on the EC2 instance post launch. ParentStackName: Type: String Default: "" Description: Parent Stack Name to tag the instane with. Used in Automation. Rules: KeyPairsNotEmpty: Assertions: - Assert: Fn::Not: - Fn::EachMemberEquals: - Fn::RefAll: AWS::EC2::KeyPair::KeyName - '' AssertDescription: All key pair parameters must not be empty. Mappings: AMI: Alias: WindowsServer2019: /aws/service/marketplace/prod-2kn75c3qalr2u/latest WindowsServer2016: /aws/service/marketplace/prod-u6mi75plvwbtw/latest Conditions: IsStorageNode: !Equals [!Ref NodeOrWitness, 'Storage Node'] ISCSIENIPrivateIPSpecified: !Not [!Equals [!Ref ISCSIENIPrivateIP, 0.0.0.0 ]] ISCSIENISGIdSpecified: !Not [!Equals [!Ref ISCSIENISGId, default ]] ManagementENIPrivateIPSpecified: !Not [!Equals [!Ref ManagementENIPrivateIP, 0.0.0.0 ]] ManagementENISGIdSpecified: !Not [!Equals [!Ref ManagementENISGId, default ]] SyncronizationENIPrivateIPSpecified: !Not [!Equals [!Ref SyncronizationENIPrivateIP, 0.0.0.0 ]] SyncronizationENISGIdSpecified: !Not [!Equals [!Ref SyncronizationENISGId, default ]] Resources: SWVSANEC2Instance: Type: AWS::EC2::Instance Properties: ImageId: !Sub - "resolve:ssm:${AmiAlias}" - { AmiAlias: !FindInMap [AMI, Alias, !Ref SWVSANAMIOS] } InstanceType: !Ref WorkloadInstanceType KeyName: !Ref KeyPairName IamInstanceProfile: !Ref 'SWVSANEC2IAMInstanceProfile' BlockDeviceMappings: - !If - IsStorageNode - DeviceName: /dev/sdf Ebs: VolumeSize: !Ref SWVSANStorageVolumeSize - !Ref 'AWS::NoValue' Tags: - Key: Name Value: !Ref SWVSANEC2InstanceName - Key: qs-sw-vsan:parent-stack-name Value: !Ref ParentStackName NetworkInterfaces: - NetworkInterfaceId: !Ref ManagementNetworkInterface DeviceIndex: '0' - !If - IsStorageNode - NetworkInterfaceId: !Ref IscsiNetworkInterface DeviceIndex: '1' - !Ref 'AWS::NoValue' - !If - IsStorageNode - NetworkInterfaceId: !Ref SyncNetworkInterface DeviceIndex: '2' - !Ref 'AWS::NoValue' UserData: !Ref SWVSANEC2IAMInstanceUserData ManagementNetworkInterface: Type: AWS::EC2::NetworkInterface Properties: Description: Management/Witness ENI GroupSet: - !If [ManagementENISGIdSpecified, !Ref ManagementENISGId, !Ref 'AWS::NoValue'] PrivateIpAddress: !If [ManagementENIPrivateIPSpecified, !Ref ManagementENIPrivateIP, !Ref 'AWS::NoValue'] SubnetId: !Ref PrivateSubnetID IscsiNetworkInterface: Condition: IsStorageNode Type: AWS::EC2::NetworkInterface Properties: Description: iSCSI ENI GroupSet: - !If [ISCSIENISGIdSpecified, !Ref ISCSIENISGId, !Ref 'AWS::NoValue'] PrivateIpAddress: !If [ISCSIENIPrivateIPSpecified, !Ref ISCSIENIPrivateIP, !Ref 'AWS::NoValue'] SubnetId: !Ref PrivateSubnetID SyncNetworkInterface: Condition: IsStorageNode Type: AWS::EC2::NetworkInterface Properties: Description: Syncronization ENI GroupSet: - !If [SyncronizationENISGIdSpecified, !Ref SyncronizationENISGId, !Ref 'AWS::NoValue'] PrivateIpAddress: !If [SyncronizationENIPrivateIPSpecified, !Ref SyncronizationENIPrivateIP, !Ref 'AWS::NoValue'] SubnetId: !Ref PrivateSubnetID Outputs: SWVSANEC2InstanceManagementIP: Description: Management IP Address of StarWind EC2 instance Value: !GetAtt ManagementNetworkInterface.PrimaryPrivateIpAddress SWVSANEC2InstanceIscsiIP: Condition: IsStorageNode Description: iSCSI IP Address of StarWind EC2 instance Value: !GetAtt IscsiNetworkInterface.PrimaryPrivateIpAddress SWVSANEC2InstanceSyncronizationIP: Condition: IsStorageNode Description: Syncronization IP Address of StarWind EC2 instance Value: !GetAtt SyncNetworkInterface.PrimaryPrivateIpAddress