问题描述
我正在学习如何利用 AWS 及其资源。目前正在尝试使用 JSON 格式的 CloudFormation 在 EC2 实例上设置 IIS。我不确定我的 userData 段以及我是否可能在 IIS EC2 实例的其他段中遗漏了任何内容。当我使用 cloudFormation 部署此脚本时,成功创建了一个堆栈,但测试结果实例的远程桌面以崩溃结束,这可能是什么原因?
我的代码-
{
"AWstemplateFormatVersion": "2010-09-09","Description": "CloudFormation template for EC2 instance with web server","Parameters": {
"InstanceType": {
"Description": "WebServer EC2 instance type","Type": "String","Default": "t2.micro","AllowedValues": ["t2.micro"],"ConstraintDescription": "Must be a valid EC2 instance."
},"VpcId": {
"Description": "VPC id","Type": "String"
},"InstancesubnetId": {
"Description": "subnet id where instance would be hosted","KeyName": {
"Description": "Name of existing EC2 key-pair to enable SSH access to the instance","ConstraintDescription": "Must be the name of an existing EC2 keypair"
},"SSHLocation": {
"Description": "The IP address range that can be used to SSH to EC2 instances","MinLength": "9","MaxLength": "18","Default": "0.0.0.0/0","AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})","ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x."
}
},"Mappings": {
"AWSInstanceType2Arch":{
"t2.micro": {
"Arch": "HVM64"
}
},"AWSRegionArch2AMI": {
"eu-west-1": {
"HVM64": "ami-08eeb5a90cf59a66a"
},"eu-west-2": {
"HVM64": "ami-08eeb5a90cf59a66a"
},"eu-west-3": {
"HVM64": "ami-08eeb5a90cf59a66a"
}
}
},"Resources": {
"WebServerSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup","Properties":{
"VpcId": {
"Ref": "VpcId"
},"GroupDescription" : "Allow access from HTTP and SSH traffic","SecurityGroupIngress": [
{
"IpProtocol": "tcp","FromPort": "80","ToPort": "80","CidrIp": "0.0.0.0/0"
},{
"IpProtocol": "tcp","FromPort": "22","ToPort": "22","CidrIp": {
"Ref": "SSHLocation"
}
}
]
}
},"WebServerEC2Instance": {
"Type": "AWS::EC2::Instance","Metadata": {
"AWS::CloudFormation::Init": {
"configSets": {
"All": [
"ConfigureSampleApp"
]
},"ConfigureSampleApp": {
"packages": {
"yum": {
"httpd": []
}
},"files": {
"/var/www/html/index.html": {
"content": {
"Fn::Join": [
"\n",[
"<h1>Congratulations,you have successfully launched the AWS CloudFormation sample.</h1>"
]
]
},"mode": "000644","owner": "root","group": "root"
}
},"services": {
"sysvinit": {
"httpd": {
"enabled": "true","ensureRunning" : "true"
}
}
}
}
}
},"Properties": {
"InstanceType": {
"Ref": "InstanceType"
},"KeyName": {
"Ref": "KeyName"
},"ImageId": {
"Fn::FindInMap": [
"AWSRegionArch2AMI",{
"Ref": "AWS::Region"
},{
"Fn::FindInMap": [
"AWSInstanceType2Arch",{
"Ref": "InstanceType"
},"Arch"
]
}
]
},"NetworkInterfaces": [
{
"Description": "Primary network interface","DeviceIndex": "0","subnetId": {
"Ref": "InstancesubnetId"
},"GroupSet": [
{
"Ref": "WebServerSecurityGroup"
}
]
}
],"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",[
"#!/bin/bash -xe\n","yum install -y aws-cfn-bootstrap\n","# Install the files and packages from the Metadata\n","/opt/aws/bin/cfn-init -v "," --stack ",{
"Ref": "AWS::StackName"
}," --resource WebServerInstance "," --configsets All "," --region ",{
"Ref": "AWS::Region"
},"\n","# Signal the status from cfn-init\n","/opt/aws/bin/cfn-signal -e $? ","\n"
]
]
}
}
}
}
}
}
解决方法
首先,SSHLocation 参数应该被丢弃,因为它与设置 linux 实例时相关。无论在何处引用,0.0.0.0/0 都可以作为合适的替代。
可以使用此 UserData 配置使用 IIS 设置 Windows 实例,该配置使用 Powershell 而不是基于 linux 的 bash。
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",[
"<powershell>\n","Add-WindowsFeature Web-WebServer -includeAllSubFeature -logpath $env:temp\\Web-WebServer_feature.log \n","Add-WindowsFeature Web-Mgmt-Tools -includeAllSubFeature -logpath $env:temp\\Web-Mgmt-Tools_feature.log \n","remove-website -name \"Default Web Site\" \n","new-website -name site -port 80 -physicalpath C:\\inetpub\\wwwroot -ApplicationPool \".NET v4.5\" -force \n","</powershell>\n","<script>\n","cfn-init.exe -v -c setup -s ",{
"Ref": "AWS::StackId"
}," -r WebServerLC"," --region ",{
"Ref": "AWS::Region"
},"\n","cfn-signal.exe -e %ERRORLEVEL% \"","\"","</script>\n"
]
]
}
}