问题描述
我正在尝试使用 AWS Cloudformation init
在某些 ec2 实例上安装 docker 和 docker-compose。
在尝试此之前,我刚刚成功使用了用户数据
我正在使用这个模板
# Use public Systems Manager Parameter
Parameters:
LatestAmiId:
Type: 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>'
Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2'
Resources:
host1:
Type: AWS::EC2::Instance
Metadata:
AWS::CloudFormation::Init:
configSets:
ec2_bootstrap:
- install_docker
# - install_compose
install_docker:
packages:
yum:
docker: []
services:
sysvinit:
docker:
enabled: "true"
ensureRunning: "true"
commands:
docker_for_ec2_user:
command: usermod -G docker ec2-user
# install_compose:
# commands:
# compose_for_ec2_user:
# command:
# - curl -L https://github.com/docker/compose/releases/download/1.20.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
# - chmod +x /usr/local/bin/docker-compose
# - ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
CreationPolicy:
ResourceSignal:
Timeout: PT5M
Properties:
InstanceType: t2.micro
KeyName: NVirginia
# Note we use the pseudo parameter AWS::Region
ImageId: !Ref LatestAmiId
AvailabilityZone: !Sub ${AWS::Region}a
Tags:
- Key: "Name"
Value: "host1"
SecurityGroupIds:
- !GetAtt SSHSecurityGroupStack.Outputs.SSHGroupId
UserData:
"Fn::Base64":
!Sub |
#!/bin/bash -xe
# Get the latest CloudFormation package
yum update -y aws-cfn-bootstrap
# Start cfn-init
/opt/aws/bin/cfn-init -s ${AWS::StackId} -r host1 --region ${AWS::Region}a || error_exit 'Failed to run cfn-init'
# Start up the cfn-hup daemon to listen for changes to the EC2 instance Metadata
/opt/aws/bin/cfn-hup || error_exit 'Failed to start cfn-hup'
# All done so signal success
/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource host1 --region ${AWS::Region}a
## change the hostname
sudo hostname host1
## restart docker
sudo service docker restart
SSHSecurityGroupStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://cloudformation-bruvio-templates.s3.amazonaws.com/ssh-security-group.yaml
TimeoutInMinutes: 5
该模板应该创建一个安全组,并打开几个端口,然后创建一个 ec2 实例并使用 init 安装 docker 和 docker-compose
我实际上是从 this post
复制了初始化部分尝试创建实例时堆栈失败,因为没有收到成功信号
不知道怎么回事?
解决方法
您的模板存在许多问题。其中一些是:
- 缺少
-configsets
- 错误的区域
${AWS::StackId}
- 未定义
hup
- 缩进问题
- 缺少
error_exit
我修复了所有这些,现在应该可以工作了:
# Use public Systems Manager Parameter
Parameters:
LatestAmiId:
Type: 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>'
Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2'
Resources:
host1:
Type: AWS::EC2::Instance
Metadata:
AWS::CloudFormation::Init:
configSets:
ec2_bootstrap:
- install_docker
# - install_compose
install_docker:
packages:
yum:
docker: []
services:
sysvinit:
docker:
enabled: "true"
ensureRunning: "true"
commands:
docker_for_ec2_user:
command: usermod -G docker ec2-user
# install_compose:
# commands:
# compose_for_ec2_user:
# command:
# - curl -L https://github.com/docker/compose/releases/download/1.20.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
# - chmod +x /usr/local/bin/docker-compose
# - ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
CreationPolicy:
ResourceSignal:
Timeout: PT5M
Properties:
InstanceType: t2.micro
KeyName: NVirginia
# Note we use the pseudo parameter AWS::Region
ImageId: !Ref LatestAmiId
AvailabilityZone: !Sub ${AWS::Region}a
Tags:
- Key: "Name"
Value: "host1"
SecurityGroupIds:
- !GetAtt SSHSecurityGroupStack.Outputs.SSHGroupId
UserData:
"Fn::Base64":
!Sub |
#!/bin/bash -xe
# Get the latest CloudFormation package
yum update -y aws-cfn-bootstrap
# Start cfn-init
/opt/aws/bin/cfn-init -s ${AWS::StackId} -r host1 --configsets ec2_bootstrap --region ${AWS::Region}
# All done so signal success
/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource host1 --region ${AWS::Region}
,
这是我使用的代码。我应用了@marcin 建议。
在这种情况下,我创建了 3 个实例(因为我想用 docker swarm 做一些测试)。唯一的问题是我也尝试安装 compose。 cloudformation 不会失败,但未安装 compose
# Use public Systems Manager Parameter
Parameters:
LatestAmiId:
Type: 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>'
Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2'
Resources:
host1:
Type: AWS::EC2::Instance
Metadata:
AWS::CloudFormation::Init:
configSets:
ec2_bootstrap:
- install_docker
- install_compose
install_docker:
packages:
yum:
docker: []
services:
sysvinit:
docker:
enabled: "true"
ensureRunning: "true"
files:
"/etc/cfn/cfn-hup.conf":
content: !Sub |
[main]
stack=${AWS::StackId}
region=${AWS::Region}
mode: "000400"
owner: "root"
group: "root"
"/etc/cfn/hooks.d/cfn-auto-reloader.conf":
content: !Sub |
[cfn-auto-reloader-hook]
triggers=post.update
path=Resources.host1.Metadata.AWS::CloudFormation::Init
action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource host1 --region ${AWS::Region}
mode: "000400"
owner: "root"
group: "root"
commands:
docker_for_ec2_user:
command: usermod -G docker ec2-user
install_compose:
commands:
compose_for_ec2_user1:
command:
curl -L https://github.com/docker/compose/releases/download/1.20.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
compose_for_ec2_user2:
command:
chmod +x /usr/local/bin/docker-compose
compose_for_ec2_user3:
command:
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
CreationPolicy:
ResourceSignal:
Timeout: PT2M
Properties:
InstanceType: t2.micro
KeyName: NVirginia
# Note we use the pseudo parameter AWS::Region
ImageId: !Ref LatestAmiId
AvailabilityZone: !Sub ${AWS::Region}a
Tags:
- Key: "Name"
Value: "host1"
SecurityGroupIds:
- !GetAtt SSHSecurityGroupStack.Outputs.SSHGroupId
UserData:
"Fn::Base64":
!Sub |
#!/bin/bash -xe
# Get the latest CloudFormation package
yum update -y aws-cfn-bootstrap
# Start cfn-init
/opt/aws/bin/cfn-init -s ${AWS::StackId} -r host1 --configsets ec2_bootstrap --region ${AWS::Region}
# All done so signal success
/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource host1 --region ${AWS::Region}
# Start up the cfn-hup daemon to listen for changes to the EC2 instance metadata
/opt/aws/bin/cfn-hup
host2:
Type: AWS::EC2::Instance
Metadata:
AWS::CloudFormation::Init:
configSets:
ec2_bootstrap:
- install_docker
- install_compose
install_docker:
packages:
yum:
docker: []
services:
sysvinit:
docker:
enabled: "true"
ensureRunning: "true"
files:
"/etc/cfn/cfn-hup.conf":
content: !Sub |
[main]
stack=${AWS::StackId}
region=${AWS::Region}
mode: "000400"
owner: "root"
group: "root"
"/etc/cfn/hooks.d/cfn-auto-reloader.conf":
content: !Sub |
[cfn-auto-reloader-hook]
triggers=post.update
path=Resources.host2.Metadata.AWS::CloudFormation::Init
action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource host2 --region ${AWS::Region}
mode: "000400"
owner: "root"
group: "root"
commands:
docker_for_ec2_user:
command: usermod -G docker ec2-user
install_compose:
commands:
compose_for_ec2_user1:
command:
curl -L https://github.com/docker/compose/releases/download/1.20.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
compose_for_ec2_user2:
command:
chmod +x /usr/local/bin/docker-compose
compose_for_ec2_user3:
command:
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
CreationPolicy:
ResourceSignal:
Timeout: PT2M
Properties:
InstanceType: t2.micro
KeyName: NVirginia
# Note we use the pseudo parameter AWS::Region
ImageId: !Ref LatestAmiId
AvailabilityZone: !Sub ${AWS::Region}a
Tags:
- Key: "Name"
Value: "host2"
SecurityGroupIds:
- !GetAtt SSHSecurityGroupStack.Outputs.SSHGroupId
UserData:
"Fn::Base64":
!Sub |
#!/bin/bash -xe
# Get the latest CloudFormation package
yum update -y aws-cfn-bootstrap
# Start cfn-init
/opt/aws/bin/cfn-init -s ${AWS::StackId} -r host2 --configsets ec2_bootstrap --region ${AWS::Region}
# All done so signal success
/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource host2 --region ${AWS::Region}
# Start up the cfn-hup daemon to listen for changes to the EC2 instance metadata
/opt/aws/bin/cfn-hup
host3:
Type: AWS::EC2::Instance
Metadata:
AWS::CloudFormation::Init:
configSets:
ec2_bootstrap:
- install_docker
- install_compose
install_docker:
packages:
yum:
docker: []
services:
sysvinit:
docker:
enabled: "true"
ensureRunning: "true"
files:
"/etc/cfn/cfn-hup.conf":
content: !Sub |
[main]
stack=${AWS::StackId}
region=${AWS::Region}
mode: "000400"
owner: "root"
group: "root"
"/etc/cfn/hooks.d/cfn-auto-reloader.conf":
content: !Sub |
[cfn-auto-reloader-hook]
triggers=post.update
path=Resources.host3.Metadata.AWS::CloudFormation::Init
action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource host3 --region ${AWS::Region}
mode: "000400"
owner: "root"
group: "root"
commands:
docker_for_ec2_user:
command: usermod -G docker ec2-user
install_compose:
compose_for_ec2_user1:
command:
curl -L https://github.com/docker/compose/releases/download/1.20.0/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose
compose_for_ec2_user2:
command:
chmod +x /usr/local/bin/docker-compose
compose_for_ec2_user3:
command:
ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
CreationPolicy:
ResourceSignal:
Timeout: PT2M
Properties:
InstanceType: t2.micro
KeyName: NVirginia
# Note we use the pseudo parameter AWS::Region
ImageId: !Ref LatestAmiId
AvailabilityZone: !Sub ${AWS::Region}a
Tags:
- Key: "Name"
Value: "host3"
SecurityGroupIds:
- !GetAtt SSHSecurityGroupStack.Outputs.SSHGroupId
UserData:
"Fn::Base64":
!Sub |
#!/bin/bash -xe
# Get the latest CloudFormation package
yum update -y aws-cfn-bootstrap
# Start cfn-init
/opt/aws/bin/cfn-init -s ${AWS::StackId} -r host3 --configsets ec2_bootstrap --region ${AWS::Region}
# All done so signal success
/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackId} --resource host3 --region ${AWS::Region}
# Start up the cfn-hup daemon to listen for changes to the EC2 instance metadata
/opt/aws/bin/cfn-hup
SSHSecurityGroupStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://cloudformation-bruvio-templates.s3.amazonaws.com/ssh-security-group.yaml
TimeoutInMinutes: 5