-
Notifications
You must be signed in to change notification settings - Fork 35
/
Copy pathmulti-zone-network.yml
203 lines (203 loc) · 5.33 KB
/
multi-zone-network.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 创建双可用区VPC网络,含安全组,自动配置子网CIDR,支持自定义IP范围。
en: Create a dual-Availability Zone VPC network, inclusive of security groups, with
automatic subnet CIDR configuration and support for custom IP ranges.
Parameters:
VpcCidrBlock:
Type: String
Label:
en: VPC CIDR Block
zh-cn: 专有网络网段
Description:
en: 'The ip address range of the VPC in the CidrBlock form; <br>You can use
the following ip address ranges and their subnets: <br><font color=''green''>[10.0.0.0/8]</font><br><font
color=''green''>[172.16.0.0/12]</font><br><font color=''green''>[192.168.0.0/16]</font>'
zh-cn: VPC的ip地址段范围,<br>您可以使用以下的ip地址段或其子网:<br><font color='green'>[10.0.0.0/8]</font><br><font
color='green'>[172.16.0.0/12]</font><br><font color='green'>[192.168.0.0/16]</font>
Default: 192.168.0.0/16
VSwitch1ZoneId:
Type: String
Label:
en: VSwitch 1 ZoneId
zh-cn: 交换机1可用区ID
Description:
en: VSwitch available area id, <a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b><font color='blue'>View region and zone info</font></b></a>.
zh-cn: VSwitch可用区id,</font><a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b> 查看可用区信息</b><font color='blue'></a>。
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Default: cn-hangzhou-i
VSwitch1CidrBlock:
Type: String
Label:
en: VSwitch 1 CIDR Block
zh-cn: 交换机1子网网段
Description:
en: Must belong to the subnet segment of VPC.
zh-cn: 必须属于VPC的子网段。
Default: 192.168.1.0/24
VSwitch2ZoneId:
Type: String
Label:
en: VSwitch 2 ZoneId
zh-cn: 交换机2可用区ID
Description:
en: VSwitch available area id, VSwitch available area id, Different from the
available area of another virtual switch; <a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b><font color='blue'>View region and zone info</font></b></a>.
zh-cn: VSwitch可用区id,不同其他虚拟交换机的可用区Id;</font><a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b> 查看可用区信息</b><font color='blue'></a>。
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Default: cn-hangzhou-h
VSwitch2CidrBlock:
Type: String
Label:
en: VSwitch 2 CIDR Block
zh-cn: 交换机2子网网段
Description:
en: Must belong to the subnet segment of VPC.
zh-cn: 必须属于VPC的子网段。
Default: 192.168.2.0/24
Resources:
EcsVpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock:
Ref: VpcCidrBlock
VpcName:
Fn::Join:
- '-'
- - StackId
- Ref: ALIYUN::StackId
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
VpcId:
Ref: EcsVpc
SecurityGroupEgress:
- DestCidrIp: 0.0.0.0/0
IpProtocol: all
NicType: intranet
PortRange: -1/-1
Priority: 1
SecurityGroupIngress:
- IpProtocol: all
NicType: intranet
PortRange: -1/-1
Priority: 1
SourceCidrIp: 0.0.0.0/0
EcsVSwitch1:
Type: ALIYUN::ECS::VSwitch
Properties:
ZoneId:
Ref: VSwitch1ZoneId
VpcId:
Ref: EcsVpc
CidrBlock:
Ref: VSwitch1CidrBlock
VSwitchName:
Fn::Join:
- '-'
- - VSwitch1
- StackId
- Ref: ALIYUN::StackId
EcsVSwitch2:
Type: ALIYUN::ECS::VSwitch
Properties:
ZoneId:
Ref: VSwitch2ZoneId
VpcId:
Ref: EcsVpc
CidrBlock:
Ref: VSwitch2CidrBlock
VSwitchName:
Fn::Join:
- '-'
- - VSwitch1
- StackId
- Ref: ALIYUN::StackId
Outputs:
VpcId:
Description: Id of created VPC.
Value:
Fn::GetAtt:
- EcsVpc
- VpcId
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- VpcCidrBlock
- VSwitch1ZoneId
- VSwitch1CidrBlock
- VSwitch2ZoneId
- VSwitch2CidrBlock
Label:
default: VPC
TemplateTags:
- acs:example:网络:组建双可用区网络
ALIYUN::ROS::Composer:
704d6208:
Rect:
- 702
- 515
- 40
- 100
- 1
- 0
ResT: Composer::ROSParameter::AlibabaCloud
0a6fe5f2:
Parent: 704d6208
Rect:
- 656
- 442
- 60
- 150
- 2
- 0
ResT: Composer::ROSParameter::Region
b76feaf4:
Res:
- EcsVpc
Parent: 0a6fe5f2
Rect:
- 618
- 351
- 80
- 200
- 3
- 0
4e711ee9:
Res:
- EcsVSwitch1
Parent: b76feaf4
Rect:
- 191
- 185
- 126
- 256
- 4
- 0
504d7448:
Res:
- EcsVSwitch2
Parent: b76feaf4
Rect:
- 193
- 187
- 392
- 255
- 4
- 0
89cf7507:
Res:
- EcsSecurityGroup
Parent: b76feaf4
Rect:
- 554
- 284
- 100
- 233
- 10
- 0