diff --git a/.aws/awsCloudFormation.yaml b/.aws/awsCloudFormation.yaml deleted file mode 100644 index e9f82d50..00000000 --- a/.aws/awsCloudFormation.yaml +++ /dev/null @@ -1,437 +0,0 @@ -Resources: - PrivateIntegrationsPeterCatVPCD20D58E8: - Type: 'AWS::EC2::VPC' - Properties: - CidrBlock: 10.0.0.0/16 - EnableDnsHostnames: true - EnableDnsSupport: true - InstanceTenancy: default - Tags: - - Key: Name - Value: PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC - PrivateIntegrationsPeterCatVPCPublicSubnet1SubnetBE0B3CBD: - Type: 'AWS::EC2::Subnet' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - AvailabilityZone: !Select - - 0 - - !GetAZs '' - CidrBlock: 10.0.0.0/18 - MapPublicIpOnLaunch: true - Tags: - - Key: 'aws-tutorial:subnet-name' - Value: Public - - Key: 'aws-tutorial:subnet-type' - Value: Public - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet1 - PrivateIntegrationsPeterCatVPCPublicSubnet1RouteTableA63763CC: - Type: 'AWS::EC2::RouteTable' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet1 - PrivateIntegrationsPeterCatVPCPublicSubnet1RouteTableAssociationFD6DF484: - Type: 'AWS::EC2::SubnetRouteTableAssociation' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet1RouteTableA63763CC - SubnetId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet1SubnetBE0B3CBD - PrivateIntegrationsPeterCatVPCPublicSubnet1DefaultRouteD59FC1D2: - Type: 'AWS::EC2::Route' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet1RouteTableA63763CC - DestinationCidrBlock: 0.0.0.0/0 - GatewayId: !Ref PrivateIntegrationsPeterCatVPCIGW3645F9D4 - DependsOn: - - PrivateIntegrationsPeterCatVPCVPCGW514A8E2A - PrivateIntegrationsPeterCatVPCPublicSubnet1EIPD3DAF766: - Type: 'AWS::EC2::EIP' - Properties: - Domain: vpc - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet1 - PrivateIntegrationsPeterCatVPCPublicSubnet1NATGatewayC5702CC8: - Type: 'AWS::EC2::NatGateway' - Properties: - SubnetId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet1SubnetBE0B3CBD - AllocationId: !GetAtt - - PrivateIntegrationsPeterCatVPCPublicSubnet1EIPD3DAF766 - - AllocationId - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet1 - PrivateIntegrationsPeterCatVPCPublicSubnet2Subnet26685AB7: - Type: 'AWS::EC2::Subnet' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - AvailabilityZone: !Select - - 1 - - !GetAZs '' - CidrBlock: 10.0.64.0/18 - MapPublicIpOnLaunch: true - Tags: - - Key: 'aws-tutorial:subnet-name' - Value: Public - - Key: 'aws-tutorial:subnet-type' - Value: Public - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet2 - PrivateIntegrationsPeterCatVPCPublicSubnet2RouteTable356B306D: - Type: 'AWS::EC2::RouteTable' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet2 - PrivateIntegrationsPeterCatVPCPublicSubnet2RouteTableAssociation1035F5D0: - Type: 'AWS::EC2::SubnetRouteTableAssociation' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet2RouteTable356B306D - SubnetId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet2Subnet26685AB7 - PrivateIntegrationsPeterCatVPCPublicSubnet2DefaultRoute4AB2237D: - Type: 'AWS::EC2::Route' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet2RouteTable356B306D - DestinationCidrBlock: 0.0.0.0/0 - GatewayId: !Ref PrivateIntegrationsPeterCatVPCIGW3645F9D4 - DependsOn: - - PrivateIntegrationsPeterCatVPCVPCGW514A8E2A - PrivateIntegrationsPeterCatVPCPublicSubnet2EIP40226FDB: - Type: 'AWS::EC2::EIP' - Properties: - Domain: vpc - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet2 - PrivateIntegrationsPeterCatVPCPublicSubnet2NATGatewayE6EAEEAB: - Type: 'AWS::EC2::NatGateway' - Properties: - SubnetId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet2Subnet26685AB7 - AllocationId: !GetAtt - - PrivateIntegrationsPeterCatVPCPublicSubnet2EIP40226FDB - - AllocationId - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PublicSubnet2 - PrivateIntegrationsPeterCatVPCPrivateSubnet1SubnetE5CDA06F: - Type: 'AWS::EC2::Subnet' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - AvailabilityZone: !Select - - 0 - - !GetAZs '' - CidrBlock: 10.0.128.0/18 - MapPublicIpOnLaunch: false - Tags: - - Key: 'aws-tutorial:subnet-name' - Value: Private - - Key: 'aws-tutorial:subnet-type' - Value: Private - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PrivateSubnet1 - PrivateIntegrationsPeterCatVPCPrivateSubnet1RouteTable2DE71EA5: - Type: 'AWS::EC2::RouteTable' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PrivateSubnet1 - PrivateIntegrationsPeterCatVPCPrivateSubnet1RouteTableAssociation0CFE385A: - Type: 'AWS::EC2::SubnetRouteTableAssociation' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet1RouteTable2DE71EA5 - SubnetId: !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet1SubnetE5CDA06F - PrivateIntegrationsPeterCatVPCPrivateSubnet1DefaultRouteAAEB83F7: - Type: 'AWS::EC2::Route' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet1RouteTable2DE71EA5 - DestinationCidrBlock: 0.0.0.0/0 - NatGatewayId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet1NATGatewayC5702CC8 - PrivateIntegrationsPeterCatVPCPrivateSubnet2SubnetA9278FA5: - Type: 'AWS::EC2::Subnet' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - AvailabilityZone: !Select - - 1 - - !GetAZs '' - CidrBlock: 10.0.192.0/18 - MapPublicIpOnLaunch: false - Tags: - - Key: 'aws-tutorial:subnet-name' - Value: Private - - Key: 'aws-tutorial:subnet-type' - Value: Private - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PrivateSubnet2 - PrivateIntegrationsPeterCatVPCPrivateSubnet2RouteTable6E1CF234: - Type: 'AWS::EC2::RouteTable' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - Tags: - - Key: Name - Value: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC/PrivateSubnet2 - PrivateIntegrationsPeterCatVPCPrivateSubnet2RouteTableAssociation7F682A6E: - Type: 'AWS::EC2::SubnetRouteTableAssociation' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet2RouteTable6E1CF234 - SubnetId: !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet2SubnetA9278FA5 - PrivateIntegrationsPeterCatVPCPrivateSubnet2DefaultRoute012406AE: - Type: 'AWS::EC2::Route' - Properties: - RouteTableId: !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet2RouteTable6E1CF234 - DestinationCidrBlock: 0.0.0.0/0 - NatGatewayId: !Ref PrivateIntegrationsPeterCatVPCPublicSubnet2NATGatewayE6EAEEAB - PrivateIntegrationsPeterCatVPCIGW3645F9D4: - Type: 'AWS::EC2::InternetGateway' - Properties: - Tags: - - Key: Name - Value: PrivateIntegrationsStack/PrivateIntegrationsPeterCatVPC - PrivateIntegrationsPeterCatVPCVPCGW514A8E2A: - Type: 'AWS::EC2::VPCGatewayAttachment' - Properties: - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - InternetGatewayId: !Ref PrivateIntegrationsPeterCatVPCIGW3645F9D4 - PrivateIntegrationsPeterCatCluster09C95435: - Type: 'AWS::ECS::Cluster' - PrivateIntegrationsPeterCatServiceLB8E9ECEA5: - Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer' - Properties: - LoadBalancerAttributes: - - Key: deletion_protection.enabled - Value: 'false' - Scheme: internal - SecurityGroups: - - !GetAtt - - PrivateIntegrationsPeterCatServiceLBSecurityGroup22BA351A - - GroupId - Subnets: - - !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet1SubnetE5CDA06F - - !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet2SubnetA9278FA5 - Type: application - PrivateIntegrationsPeterCatServiceLBSecurityGroup22BA351A: - Type: 'AWS::EC2::SecurityGroup' - Properties: - GroupDescription: >- - Automatically created Security Group for ELB - PrivateIntegrationsStackPrivateIntegrationsPeterCatServiceLBCB8E0368 - SecurityGroupIngress: - - CidrIp: 0.0.0.0/0 - Description: Allow from anyone on port 80 - FromPort: 80 - IpProtocol: tcp - ToPort: 80 - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - PrivateIntegrationsPeterCatServiceLBSecurityGrouptoPrivateIntegrationsStackPrivateIntegrationsPeterCatServiceSecurityGroupD7C89143805EA68A3C: - Type: 'AWS::EC2::SecurityGroupEgress' - Properties: - GroupId: !GetAtt - - PrivateIntegrationsPeterCatServiceLBSecurityGroup22BA351A - - GroupId - IpProtocol: tcp - Description: Load balancer to target - DestinationSecurityGroupId: !GetAtt - - PrivateIntegrationsPeterCatServiceSecurityGroup334FF7AF - - GroupId - FromPort: 80 - ToPort: 80 - PrivateIntegrationsPeterCatServiceLBPublicListener2554FECD: - Type: 'AWS::ElasticLoadBalancingV2::Listener' - Properties: - DefaultActions: - - TargetGroupArn: !Ref PrivateIntegrationsPeterCatServiceLBPublicListenerECSGroup0E6605DB - Type: forward - LoadBalancerArn: !Ref PrivateIntegrationsPeterCatServiceLB8E9ECEA5 - Port: 80 - Protocol: HTTP - PrivateIntegrationsPeterCatServiceLBPublicListenerECSGroup0E6605DB: - Type: 'AWS::ElasticLoadBalancingV2::TargetGroup' - Properties: - Port: 80 - Protocol: HTTP - TargetGroupAttributes: - - Key: stickiness.enabled - Value: 'false' - TargetType: ip - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - PrivateIntegrationsPeterCatServiceTaskDefTaskRole2B89439A: - Type: 'AWS::IAM::Role' - Properties: - AssumeRolePolicyDocument: - Statement: - - Action: 'sts:AssumeRole' - Effect: Allow - Principal: - Service: ecs-tasks.amazonaws.com - Version: 2012-10-17 - PrivateIntegrationsPeterCatServiceTaskDef914930A0: - Type: 'AWS::ECS::TaskDefinition' - Properties: - ContainerDefinitions: - - Essential: true - Image: '654654285942.dkr.ecr.ap-northeast-1.amazonaws.com/xuexiao:d1d5dfef1cb93227e56baad0742ee0b2ca3909f0' - LogConfiguration: - LogDriver: awslogs - Options: - awslogs-group: !Ref PrivateIntegrationsPeterCatServiceTaskDefwebLogGroupBA8BE497 - awslogs-stream-prefix: PrivateIntegrationsPeterCatService - awslogs-region: !Ref 'AWS::Region' - Command: - - "uvicorn" - - "main:app" - - "--host" - - "0.0.0.0" - - "--port" - - "80" - - "--workers" - - "6" - Name: petercat-web - EnvironmentFiles: - - Type: s3 - Value: arn:aws:s3:::xuexiao-env-variables/production.env - RuntimePlatform: - - CpuArchitecture: "X86_64" - - OperatingSystemFamily: "LINUX" - PortMappings: - - ContainerPort: 80 - Protocol: tcp - Cpu: 2048 - Memory: 8192 - ExecutionRoleArn: !GetAtt - - PrivateIntegrationsPeterCatServiceTaskDefExecutionRoleC7103AEA - - Arn - Family: >- - PrivateIntegrationsStackPrivateIntegrationsPeterCatServiceTaskDefB5E162FC - NetworkMode: awsvpc - RequiresCompatibilities: - - FARGATE - TaskRoleArn: !GetAtt - - PrivateIntegrationsPeterCatServiceTaskDefTaskRole2B89439A - - Arn - PrivateIntegrationsPeterCatServiceTaskDefwebLogGroupBA8BE497: - Type: 'AWS::Logs::LogGroup' - UpdateReplacePolicy: Retain - DeletionPolicy: Retain - PrivateIntegrationsPeterCatServiceTaskDefExecutionRoleC7103AEA: - Type: 'AWS::IAM::Role' - Properties: - AssumeRolePolicyDocument: - Statement: - - Action: 'sts:AssumeRole' - Effect: Allow - Principal: - Service: ecs-tasks.amazonaws.com - Version: 2012-10-17 - ManagedPolicyArns: - - "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy" - PrivateIntegrationsPeterCatServiceTaskDefExecutionRoleDefaultPolicy0F96072D: - Type: 'AWS::IAM::Policy' - Properties: - PolicyDocument: - Statement: - - Action: - - 'logs:CreateLogStream' - - 'logs:PutLogEvents' - Effect: Allow - Resource: !GetAtt - - PrivateIntegrationsPeterCatServiceTaskDefwebLogGroupBA8BE497 - - Arn - - Action: ecr:GetAuthorizationToken - Effect: Allow - Resource: '*' - - Sid: VisualEditor0 - Effect: Allow - Action: s3:GetObject - Resource: - - arn:aws:s3:::xuexiao-env-variables/preview.env - - arn:aws:s3:::xuexiao-env-variables/production.env - - Sid: VisualEditor1 - Effect: Allow - Action: s3:GetBucketLocation - Resource: - - arn:aws:s3:::xuexiao-env-variables - - arn:aws:s3:::xuexiao-env-variables/ - - arn:aws:s3:::xuexiao-env-variables/* - Version: 2012-10-17 - PolicyName: >- - PrivateIntegrationsPeterCatServiceTaskDefExecutionRoleDefaultPolicy0F96072D - Roles: - - !Ref PrivateIntegrationsPeterCatServiceTaskDefExecutionRoleC7103AEA - PrivateIntegrationsPeterCatService73010F72: - Type: 'AWS::ECS::Service' - Properties: - Cluster: !Ref PrivateIntegrationsPeterCatCluster09C95435 - DeploymentConfiguration: - MaximumPercent: 200 - MinimumHealthyPercent: 50 - DesiredCount: 2 - EnableECSManagedTags: false - HealthCheckGracePeriodSeconds: 60 - LaunchType: FARGATE - LoadBalancers: - - ContainerName: petercat-web - ContainerPort: 80 - TargetGroupArn: !Ref PrivateIntegrationsPeterCatServiceLBPublicListenerECSGroup0E6605DB - NetworkConfiguration: - AwsvpcConfiguration: - AssignPublicIp: DISABLED - SecurityGroups: - - !GetAtt - - PrivateIntegrationsPeterCatServiceSecurityGroup334FF7AF - - GroupId - Subnets: - - !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet1SubnetE5CDA06F - - !Ref PrivateIntegrationsPeterCatVPCPrivateSubnet2SubnetA9278FA5 - TaskDefinition: !Ref PrivateIntegrationsPeterCatServiceTaskDef914930A0 - DependsOn: - - PrivateIntegrationsPeterCatServiceLBPublicListenerECSGroup0E6605DB - - PrivateIntegrationsPeterCatServiceLBPublicListener2554FECD - PrivateIntegrationsPeterCatServiceSecurityGroup334FF7AF: - Type: 'AWS::EC2::SecurityGroup' - Properties: - GroupDescription: >- - PrivateIntegrationsStack/PrivateIntegrationsPeterCatService/Service/SecurityGroup - SecurityGroupEgress: - - CidrIp: 0.0.0.0/0 - Description: Allow all outbound traffic by default - IpProtocol: '-1' - VpcId: !Ref PrivateIntegrationsPeterCatVPCD20D58E8 - PrivateIntegrationsPeterCatServiceSecurityGroupfromPrivateIntegrationsStackPrivateIntegrationsPeterCatServiceLBSecurityGroup37A9AEF980935D99E0: - Type: 'AWS::EC2::SecurityGroupIngress' - Properties: - IpProtocol: tcp - Description: Load balancer to target - FromPort: 80 - GroupId: !GetAtt - - PrivateIntegrationsPeterCatServiceSecurityGroup334FF7AF - - GroupId - SourceSecurityGroupId: !GetAtt - - PrivateIntegrationsPeterCatServiceLBSecurityGroup22BA351A - - GroupId - ToPort: 80 -Outputs: - PrivateIntegrationsPeterCatServiceLoadBalancerDNSCBE42D83: - Value: !GetAtt - - PrivateIntegrationsPeterCatServiceLB8E9ECEA5 - - DNSName - PrivateIntegrationsPeterCatServiceServiceURLB6E59CA2: - Value: !Join - - '' - - - 'http://' - - !GetAtt - - PrivateIntegrationsPeterCatServiceLB8E9ECEA5 - - DNSName diff --git a/.aws/petercat-preview.toml b/.aws/petercat-preview.toml new file mode 100644 index 00000000..3819a5da --- /dev/null +++ b/.aws/petercat-preview.toml @@ -0,0 +1,10 @@ +version = 0.1 +[default.deploy.parameters] +stack_name = "petercat-api-preview" +resolve_s3 = true +s3_prefix = "petercat-api-preview" +region = "ap-northeast-1" +confirm_changeset = true +capabilities = "CAPABILITY_IAM" +disable_rollback = true +image_repositories = ["FastAPIFunction=654654285942.dkr.ecr.ap-northeast-1.amazonaws.com/samapp7427b055/fastapifunctionead79d0drepo"] diff --git a/.aws/petercat-prod.toml b/.aws/petercat-prod.toml new file mode 100644 index 00000000..2c1d5d45 --- /dev/null +++ b/.aws/petercat-prod.toml @@ -0,0 +1,10 @@ +version = 0.1 +[default.deploy.parameters] +stack_name = "sam-app" +resolve_s3 = true +s3_prefix = "sam-app" +region = "ap-northeast-1" +confirm_changeset = true +capabilities = "CAPABILITY_IAM" +disable_rollback = true +image_repositories = ["FastAPIFunction=654654285942.dkr.ecr.ap-northeast-1.amazonaws.com/samapp7427b055/fastapifunctionead79d0drepo"] diff --git a/.aws/task_definition.json b/.aws/task_definition.json deleted file mode 100644 index e7d15805..00000000 --- a/.aws/task_definition.json +++ /dev/null @@ -1,97 +0,0 @@ -{ - "taskDefinitionArn": "arn:aws:ecs:ap-northeast-1:654654285942:task-definition/xuexiao:160", - "containerDefinitions": [ - { - "name": "petercat-web", - "image": "654654285942.dkr.ecr.ap-northeast-1.amazonaws.com/xuexiao:latest", - "cpu": "1024", - "memory": "2048", - "portMappings": [ - { - "name": "petercat-web-80-tcp", - "containerPort": 80, - "hostPort": 80, - "protocol": "tcp", - "appProtocol": "http" - } - ], - "essential": true, - "command": [ - "uvicorn", - "main:app", - "--host", - "0.0.0.0", - "--port", "80", - "--workers", "6" - ], - "environment": [], - "environmentFiles": [ - { - "value": "arn:aws:s3:::xuexiao-env-variables/production.env", - "type": "s3" - } - ], - "mountPoints": [], - "volumesFrom": [], - "logConfiguration": { - "logDriver": "awslogs", - "options": { - "awslogs-group": "petercard-stack-PrivateIntegrationsPeterCatServiceTaskDefwebLogGroupBA8BE497-t1F9XFy4XzUd", - "awslogs-region": "ap-northeast-1", - "awslogs-stream-prefix": "PrivateIntegrationsPeterCatService" - } - } - } - ], - "family": "PrivateIntegrationsStackPrivateIntegrationsPeterCatServiceTaskDefB5E162FC", - "taskRoleArn": "arn:aws:iam::654654285942:role/petercard-stack-PrivateIntegrationsPeterCatServiceT-7bsoTa4SHTMZ", - "executionRoleArn": "arn:aws:iam::654654285942:role/petercard-stack-PrivateIntegrationsPeterCatServiceT-ZaeKjgXbLQf9", - "networkMode": "awsvpc", - "revision": 160, - "volumes": [], - "status": "ACTIVE", - "requiresAttributes": [ - { - "name": "com.amazonaws.ecs.capability.logging-driver.awslogs" - }, - { - "name": "ecs.capability.execution-role-awslogs" - }, - { - "name": "com.amazonaws.ecs.capability.ecr-auth" - }, - { - "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19" - }, - { - "name": "ecs.capability.env-files.s3" - }, - { - "name": "com.amazonaws.ecs.capability.task-iam-role" - }, - { - "name": "ecs.capability.execution-role-ecr-pull" - }, - { - "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18" - }, - { - "name": "ecs.capability.task-eni" - }, - { - "name": "com.amazonaws.ecs.capability.docker-remote-api.1.29" - } - ], - "placementConstraints": [], - "compatibilities": ["EC2", "FARGATE"], - "requiresCompatibilities": ["FARGATE"], - "cpu": "1024", - "memory": "2048", - "runtimePlatform": { - "cpuArchitecture": "X86_64", - "operatingSystemFamily": "LINUX" - }, - "registeredAt": "2023-07-27T13:27:07.192Z", - "registeredBy": "arn:aws:iam::654654285942:root", - "tags": [] - } \ No newline at end of file diff --git a/.aws/task_definition_preview.json b/.aws/task_definition_preview.json deleted file mode 100644 index 931cadb2..00000000 --- a/.aws/task_definition_preview.json +++ /dev/null @@ -1,99 +0,0 @@ -{ - "taskDefinitionArn": "arn:aws:ecs:ap-northeast-1:654654285942:task-definition/xuexiao-preview:4", - "containerDefinitions": [ - { - "name": "xuexiao", - "image": "654654285942.dkr.ecr.ap-northeast-1.amazonaws.com/xuexiao:latest", - "cpu": "2048", - "memory": "8192", - "portMappings": [ - { - "name": "xuexiao-80-tcp", - "containerPort": 80, - "hostPort": 80, - "protocol": "tcp", - "appProtocol": "http" - } - ], - "command": [ - "uvicorn", - "main:app", - "--host", - "0.0.0.0", - "--port", "80", - "--workers", "6" - ], - "essential": true, - "environment": [], - "environmentFiles": [ - { - "value": "arn:aws:s3:::xuexiao-env-variables/preview.env", - "type": "s3" - } - ], - "mountPoints": [], - "volumesFrom": [], - "ulimits": [], - "logConfiguration": { - "logDriver": "awslogs", - "options": { - "awslogs-create-group": "true", - "awslogs-group": "/ecs/xuexiao-preview", - "awslogs-region": "ap-northeast-1", - "awslogs-stream-prefix": "ecs" - } - } - } - ], - "family": "xuexiao-preview", - "taskRoleArn": "arn:aws:iam::654654285942:role/ecsTaskExecutionRole", - "executionRoleArn": "arn:aws:iam::654654285942:role/ecsTaskExecutionRole", - "networkMode": "awsvpc", - "revision": 4, - "volumes": [], - "status": "ACTIVE", - "requiresAttributes": [ - { - "name": "com.amazonaws.ecs.capability.logging-driver.awslogs" - }, - { - "name": "ecs.capability.execution-role-awslogs" - }, - { - "name": "com.amazonaws.ecs.capability.ecr-auth" - }, - { - "name": "com.amazonaws.ecs.capability.docker-remote-api.1.19" - }, - { - "name": "ecs.capability.env-files.s3" - }, - { - "name": "com.amazonaws.ecs.capability.task-iam-role" - }, - { - "name": "ecs.capability.execution-role-ecr-pull" - }, - { - "name": "com.amazonaws.ecs.capability.docker-remote-api.1.18" - }, - { - "name": "ecs.capability.task-eni" - }, - { - "name": "com.amazonaws.ecs.capability.docker-remote-api.1.29" - } - ], - "placementConstraints": [], - "compatibilities": ["EC2", "FARGATE"], - "requiresCompatibilities": ["FARGATE"], - "cpu": "2048", - "memory": "8192", - "runtimePlatform": { - "cpuArchitecture": "X86_64", - "operatingSystemFamily": "LINUX" - }, - "registeredAt": "2023-06-29T07:33:39.537Z", - "registeredBy": "arn:aws:iam::654654285942:root", - "tags": [] - } \ No newline at end of file diff --git a/.github/workflows/aws-preview.yml b/.github/workflows/aws-preview.yml new file mode 100644 index 00000000..ff8fbf19 --- /dev/null +++ b/.github/workflows/aws-preview.yml @@ -0,0 +1,42 @@ +name: Deploy Backend to Preview ECS + +on: + push: + branches: ["main"] + paths: + - "server/**" + pull_request: + branches: [ "main" ] + +env: + AWS_REGION: ap-northeast-1 + ECR_REPOSITORY: petercat-lambda + ECR_REGISTRY: 654654285942.dkr.ecr.ap-northeast-1.amazonaws.com + +permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + +jobs: + deploy: + runs-on: ubuntu-latest + environment: production + strategy: + fail-fast: true + + steps: + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::654654285942:role/Github-OIDC + audience: sts.amazonaws.com + aws-region: ${{ env.AWS_REGION }} + + # Build inside Docker containers + - run: sam build --use-container --config-file .aws/petercat-preview.toml + + # Prevent prompts and failure when the stack is unchanged + - run: sam deploy --no-confirm-changeset --no-fail-on-empty-changeset --config-file .aws/petercat-preview.toml diff --git a/.github/workflows/aws-prod.yml b/.github/workflows/aws-prod.yml index 683c6a96..3f755e8c 100644 --- a/.github/workflows/aws-prod.yml +++ b/.github/workflows/aws-prod.yml @@ -6,83 +6,19 @@ on: env: AWS_REGION: ap-northeast-1 - ECR_REPOSITORY: xuexiao + ECR_REPOSITORY: petercat-lambda ECR_REGISTRY: 654654285942.dkr.ecr.ap-northeast-1.amazonaws.com - ECS_CLUSTER: ${{ secrets.ECS_CLUSTER }} - ECS_SERVICE: ${{ secrets.ECS_SERVICE }} permissions: id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout jobs: - build_and_push: - name: Build and Push Docker Image - runs-on: ubuntu-latest - environment: production - - steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::654654285942:role/Github-OIDC - audience: sts.amazonaws.com - aws-region: ${{ env.AWS_REGION }} - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1 - - - name: Login to GitHub Container Registry - uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to Docker Hub - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3 - - - name: Create Docker Cacha Storage Backend - run: | - docker buildx create --use --driver=docker-container - - name: See the file in the runner - run: | - ls -la - - name: Build, tag, and push image to Amazon ECR - id: build-image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5 - env: - ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} - IMAGE_TAG: ${{ github.sha }} - with: - context: ./server/ - push: true - platforms: linux/amd64,linux/arm64 - tags: ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }}, ${{ env.ECR_REGISTRY }}/${{ env.ECR_REPOSITORY }}:latest - cache-from: type=gha - cache-to: type=gha,mode=max - deploy: - needs: build_and_push runs-on: ubuntu-latest environment: production strategy: - fail-fast: false - matrix: - include: - - name: "xuexiao" - task_definition: ".aws/task_definition.json" - container: "petercat-web" + fail-fast: true steps: - name: Checkout @@ -95,18 +31,8 @@ jobs: audience: sts.amazonaws.com aws-region: ${{ env.AWS_REGION }} - - name: Fill in the new image ID in the Amazon ECS task definition for ${{ matrix.name }} - id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@4225e0b507142a2e432b018bc3ccb728559b437a # v1 - with: - task-definition: ${{ matrix.task_definition }} - container-name: ${{ matrix.container }} - image: ${{env.ECR_REGISTRY}}/${{ env.ECR_REPOSITORY }}:${{ github.sha }} + # Build inside Docker containers + - run: sam build --use-container --config-file .aws/petercat-prod.toml - - name: Deploy Amazon ECS task definition for ${{ matrix.name }} - uses: aws-actions/amazon-ecs-deploy-task-definition@df9643053eda01f169e64a0e60233aacca83799a # v1 - with: - task-definition: ${{ steps.task-def.outputs.task-definition }} - service: ${{ env.ECS_SERVICE }} - cluster: ${{ env.ECS_CLUSTER }} - wait-for-service-stability: true \ No newline at end of file + # Prevent prompts and failure when the stack is unchanged + - run: sam deploy --no-confirm-changeset --no-fail-on-empty-changeset --config-file .aws/petercat-prod.toml diff --git a/.gitignore b/.gitignore index e3549a1b..40e0ea72 100644 --- a/.gitignore +++ b/.gitignore @@ -37,3 +37,5 @@ yarn-error.log* next-env.d.ts .yarn +/server/.aws-sam/* +.aws-sam/* diff --git a/doc/init_aws.md b/doc/init_aws.md index 4b98fc5d..3ab857c7 100644 --- a/doc/init_aws.md +++ b/doc/init_aws.md @@ -71,6 +71,12 @@ Docker Compose's integration for ECS and ACI will be retired in November 2023. L Successfully created ecs context "botmetaecscontext" ``` +#### Test +```bash +curl -v -N --http2 --location 'https://7pgjnn7ecq7hs5jj6csocmt3rm0cyvxb.lambda-url.ap-northeast-1.on.aws/api/chat/stream' \ +--header 'Content-Type: application/json' \ +--data '{"messages":[{"role":"user","content":"彩蛋相关的issue"}],"prompt":""}' +``` #### REFERENCES https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-private-integration.html diff --git a/server/Dockerfile.aws.lambda b/server/Dockerfile.aws.lambda new file mode 100644 index 00000000..8e5f0560 --- /dev/null +++ b/server/Dockerfile.aws.lambda @@ -0,0 +1,11 @@ +FROM public.ecr.aws/docker/library/python:3.12.0-slim-bullseye + +COPY --from=public.ecr.aws/awsguru/aws-lambda-adapter:0.8.1 /lambda-adapter /opt/extensions/lambda-adapter + +# Copy function code +COPY . ${LAMBDA_TASK_ROOT} +# from your project folder. +COPY requirements.txt . +RUN pip3 install -r requirements.txt --target "${LAMBDA_TASK_ROOT}" -U --no-cache-dir + +CMD ["python", "main.py"] \ No newline at end of file diff --git a/server/main.py b/server/main.py index d1320c1d..57f9586e 100644 --- a/server/main.py +++ b/server/main.py @@ -6,6 +6,7 @@ from openai_api import dalle from langchain_api import chat from agent import stream +import uvicorn open_api_key = os.getenv("OPENAI_API_KEY") @@ -40,6 +41,9 @@ def run_langchain_chat(input_data: ChatData): @app.post("/api/chat/stream", response_class=StreamingResponse) -async def run_agent_chat(input_data: ChatData): +def run_agent_chat(input_data: ChatData): result = stream.agent_chat(input_data, open_api_key) return StreamingResponse(result, media_type="text/event-stream") + +if __name__ == "__main__": + uvicorn.run(app, host="0.0.0.0", port=int(os.environ.get("PORT", "8080"))) \ No newline at end of file diff --git a/template.yml b/template.yml new file mode 100644 index 00000000..717d7b57 --- /dev/null +++ b/template.yml @@ -0,0 +1,42 @@ +AWSTemplateFormatVersion: '2010-09-09' +Transform: AWS::Serverless-2016-10-31 +Description: > + Streaming Bedrock Response with FastAPI on AWS Lambda + +# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst +Globals: + Function: + Timeout: 300 + +Resources: + FastAPIFunction: + Type: AWS::Serverless::Function + Properties: + PackageType: Image + MemorySize: 512 + Environment: + Variables: + AWS_LWA_INVOKE_MODE: RESPONSE_STREAM + FunctionUrlConfig: + AuthType: NONE + InvokeMode: RESPONSE_STREAM + Policies: + - Statement: + - Sid: BedrockInvokePolicy + Effect: Allow + Action: + - bedrock:InvokeModelWithResponseStream + Resource: '*' + Tracing: Active + Metadata: + Dockerfile: Dockerfile.aws.lambda + DockerContext: server + DockerTag: v1 + +Outputs: + FastAPIFunctionUrl: + Description: "Function URL for FastAPI function" + Value: !GetAtt FastAPIFunctionUrl.FunctionUrl + FastAPIFunction: + Description: "FastAPI Lambda Function ARN" + Value: !GetAtt FastAPIFunction.Arn \ No newline at end of file