AWS cloudformation: One big template file or many small ones?

amazon-web-services boto amazon-cloudformation
14,239

Solution 1

There's no easy answer, but several important points to keep in mind:

  • when you write several small templates, write a master template which will call the small ones (nested stacks). When you want to update a small one, do the change in the file, and update the master one. Only the resources that have changed will be updated, and the result of the stack update will be atomic (all clear or rollback everything). CloudFormation will still run the nested stacks in parallel, so it's not that slower.

  • there's a limitation in CloudFormation regarding the number of resources (200 resources per stack). It's very easy to reach, if you've got SecurityGroupIngress/Egress rules for example. Not sure this limit can be updated by the support.

  • on the other hand, feeding parameters to nested stacks can result in big files with not that many information... consider this: you have to feed all the parameters to the call, inside the nested stack you have to declare all the parameters again. Two levels of nesting is a real pain, believe me!

The best solution I've found is using a CloudFormation template frontend (I use troposphere - in python), so that you really describe infrastructure as code, with all the advantages of code (loops, conditionals, external file, functions) and in the end, you've got a genuine CloudFormation template.

I've been able to write huge CloudFormation templates with this system, without any maintenance nightmare...

Solution 2

We started out with everything in one large template but eventually refactored it a bit to include a nested stack with some resources to avoid duplicating it in other templates.

One of the biggest challenges I've found is that having a monolithic stack makes it more difficult to update things piecemeal, and also makes it awkward when there are other stacks that depend on the resources in the monolith (e.g. security groups).

There was a session at re:Invent 2014 with a number of useful tips: APP304 - AWS CloudFormation Best Practices. Slides / Video

They recommend breaking stacks up based on a combination of layers or shared bits such as: identity, base network, shared services, backend services, frontend services.

While I'm loathe to deal with a lot of parameters and outputs (feeding them between stacks is annoying), it seems like a more flexible way of composing desired infrastructure.

Solution 3

I know I am late for this discussion, but I want to share cfpack.js CLI tool that allows you to create multiple small CloudFormation templates that will be combined into the big one and deployed to a CloudFormation stack.

Share:
14,239

Related videos on Youtube

TristanMatthews
Author by

TristanMatthews

Updated on September 14, 2022

Comments

  • TristanMatthews
    TristanMatthews over 1 year

    I'm about to rewrite a lot of my aws deployment code to launch everything with cloudformation controlled by boto, instead of bringing up each element on its own with boto. Does anyone know if its "best practice" to use one giant template file, which kicks everything off together, or a lot of smaller ones?

    The advantage of one giant one seems to be that AWS handles all the dependancies for you so will bring things up slightly faster. The clear disadvantage is that it seems like a nightmare to maintain.

    Has anyone tried combining their template files at run time so that they are treated as one large one, or does that get difficult to maintain?

  • openCivilisation
    openCivilisation almost 3 years
    Are stack sets an option that can also help?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Non-Windows instances with a virtualization type of 'hvm' are currently not supported for this instance type : [AWS Cloudformation]
Create Nested If else in AWS Cloud Formation Template
Dynamodb: query using more than two attributes
AWS::CloudFormation::Init how does it work?
How can I (securely) download a private S3 asset onto a new EC2 instance with cloudinit?
How to set DynamoDB Read/write capacity mode to On-demand on CloudFormation
AWS Cloudformation - How to use If Else conditions
How to add multiple security groups and group names in cloudformation using template?
Processing SQS queues with boto
AWS cloudformation error: Template validation error: Template error: resource NotificationsTopic does not support attribute type Arn in Fn::GetAtt