forked from aliyun/ros-templates
-
Notifications
You must be signed in to change notification settings - Fork 0
/
multi-zone-network.yml
139 lines (139 loc) · 4.35 KB
/
multi-zone-network.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 创建双可用区VPC网络,含安全组,自动配置子网CIDR,支持自定义IP范围。
en: Create a dual-Availability Zone VPC network, inclusive of security groups, with
automatic subnet CIDR configuration and support for custom IP ranges.
Parameters:
VpcCidrBlock:
Type: String
Label:
en: VPC CIDR Block
zh-cn: 专有网络网段
Description:
en: 'The ip address range of the VPC in the CidrBlock form; <br>You can use
the following ip address ranges and their subnets: <br><font color=''green''>[10.0.0.0/8]</font><br><font
color=''green''>[172.16.0.0/12]</font><br><font color=''green''>[192.168.0.0/16]</font>'
zh-cn: VPC的ip地址段范围,<br>您可以使用以下的ip地址段或其子网:<br><font color='green'>[10.0.0.0/8]</font><br><font
color='green'>[172.16.0.0/12]</font><br><font color='green'>[192.168.0.0/16]</font>
Default: 192.168.0.0/16
VSwitch1ZoneId:
Type: String
Label:
en: VSwitch 1 ZoneId
zh-cn: 交换机1可用区ID
Description:
en: VSwitch available area id, <a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b><font color='blue'>View region and zone info</font></b></a>.
zh-cn: VSwitch可用区id,</font><a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b> 查看可用区信息</b><font color='blue'></a>。
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Default: cn-hangzhou-i
VSwitch1CidrBlock:
Type: String
Label:
en: VSwitch 1 CIDR Block
zh-cn: 交换机1子网网段
Description:
en: Must belong to the subnet segment of VPC.
zh-cn: 必须属于VPC的子网段。
Default: 192.168.1.0/24
VSwitch2ZoneId:
Type: String
Label:
en: VSwitch 2 ZoneId
zh-cn: 交换机2可用区ID
Description:
en: VSwitch available area id, VSwitch available area id, Different from the
available area of another virtual switch; <a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b><font color='blue'>View region and zone info</font></b></a>.
zh-cn: VSwitch可用区id,不同其他虚拟交换机的可用区Id;</font><a href='https://help.aliyun.com/document_detail/123712.html'
target='_blank'><b> 查看可用区信息</b><font color='blue'></a>。
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Default: cn-hangzhou-h
VSwitch2CidrBlock:
Type: String
Label:
en: VSwitch 2 CIDR Block
zh-cn: 交换机2子网网段
Description:
en: Must belong to the subnet segment of VPC.
zh-cn: 必须属于VPC的子网段。
Default: 192.168.2.0/24
Resources:
EcsVpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock:
Ref: VpcCidrBlock
VpcName:
Fn::Join:
- '-'
- - StackId
- Ref: ALIYUN::StackId
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
VpcId:
Ref: EcsVpc
SecurityGroupEgress:
- DestCidrIp: 0.0.0.0/0
IpProtocol: all
NicType: intranet
PortRange: -1/-1
Priority: 1
SecurityGroupIngress:
- IpProtocol: all
NicType: intranet
PortRange: -1/-1
Priority: 1
SourceCidrIp: 0.0.0.0/0
EcsVSwitch1:
Type: ALIYUN::ECS::VSwitch
Properties:
ZoneId:
Ref: VSwitch1ZoneId
VpcId:
Ref: EcsVpc
CidrBlock:
Ref: VSwitch1CidrBlock
VSwitchName:
Fn::Join:
- '-'
- - VSwitch1
- StackId
- Ref: ALIYUN::StackId
EcsVSwitch2:
Type: ALIYUN::ECS::VSwitch
Properties:
ZoneId:
Ref: VSwitch2ZoneId
VpcId:
Ref: EcsVpc
CidrBlock:
Ref: VSwitch2CidrBlock
VSwitchName:
Fn::Join:
- '-'
- - VSwitch1
- StackId
- Ref: ALIYUN::StackId
Outputs:
VpcId:
Description: Id of created VPC.
Value:
Fn::GetAtt:
- EcsVpc
- VpcId
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- VpcCidrBlock
- VSwitch1ZoneId
- VSwitch1CidrBlock
- VSwitch2ZoneId
- VSwitch2CidrBlock
Label:
default: VPC
TemplateTags:
- acs:example:网络:组建双可用区网络