in cdk/jenkins/ecs.py [0:0]
def __init__(self, scope: core.Stack, id: str, vpc, service_discovery_namespace, **kwargs):
super().__init__(scope, id, **kwargs)
self.vpc = vpc
self.service_discovery_namespace = service_discovery_namespace
# Create VPC for cluster - best practice is to isolate jenkins to its own vpc
self.cluster = aws_ecs.Cluster(
self, "ECSCluster",
vpc=self.vpc,
default_cloud_map_namespace=aws_ecs.CloudMapNamespaceOptions(name=service_discovery_namespace)
)
if config['DEFAULT']['ec2_enabled'] == "yes":
self.asg = self.cluster.add_capacity(
"Ec2",
instance_type=aws_ec2.InstanceType(config['DEFAULT']['instance_type']),
key_name="jenkinsonaws",
)
self.efs_sec_grp = aws_ec2.SecurityGroup(
self, "EFSSecGrp",
vpc=self.vpc,
allow_all_outbound=True,
)
self.efs_sec_grp.add_ingress_rule(
peer=self.cluster.connections.security_groups[0],
connection=aws_ec2.Port(protocol=aws_ec2.Protocol.ALL,string_representation="ALL",from_port=2049,to_port=2049),
description="EFS"
)
self.efs_filesystem = aws_efs.CfnFileSystem(
self, "EFSBackend",
)
counter = 0
for subnet in self.vpc.private_subnets:
aws_efs.CfnMountTarget(
self, "EFS{}".format(counter),
file_system_id=self.efs_filesystem.ref,
subnet_id=subnet.subnet_id,
security_groups=[
self.efs_sec_grp.security_group_id
]
)
counter += 1
self.user_data = """