Некоторые ресурсы не создаются облачным формированием

Я создаю шаблон cloudformation, который создает стек, слой, приложение, 2 экземпляра для слоя, балансировщик нагрузки и группу автоматического масштабирования. Вот ПОЛНЫЙ шаблон:

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "AWS CloudFormation Template : Building the opsworks stack",


  "Mappings": {

    "Region2Principal": {

      "us-east-1": {
        "EC2Principal": "ec2.amazonaws.com",
        "OpsWorksPrincipal": "opsworks.amazonaws.com"
      },
      "us-west-2": {
        "EC2Principal": "ec2.amazonaws.com",
        "OpsWorksPrincipal": "opsworks.amazonaws.com"
      },
      "us-west-1": {
        "EC2Principal": "ec2.amazonaws.com",
        "OpsWorksPrincipal": "opsworks.amazonaws.com"
      },
      "eu-west-1": {
        "EC2Principal": "ec2.amazonaws.com",
        "OpsWorksPrincipal": "opsworks.amazonaws.com"
      }
    },

    "RegionMap" : {
      "us-east-1" : { "64" : "ami-5ac2cd4d" },
      "us-west-1" : { "64" : "ami-7790c617" },
      "eu-west-1" : { "64" : "ami-b9b394ca" },
      "us-west-2" : { "64" : "ami-30e65350" }
    }

  },

  "Parameters": {

    "OpsWorksStackColor": {
      "Description": "RGB Color to use for OpsWorks Stack",
      "Type": "String",
      "Default": "rgb(38, 146, 168)"
    },

    "Region" : {
      "Type":"String",
      "Description": "Region location of the template resources",
      "Default": "eu-west-1",
      "AllowedValues" : [ "us-east-1", "us-west-1", "us-west-2", "eu-west-1" ]
    },

    "EnvironnementParam" : {
      "Type" : "String",
      "Description" : "Environnement variable for the stack benchmark layer",
      "Default" : "dev"
    },

    "SecurityGroupIds": {
      "Description": "Security groups that can be used to access the EC2 instances, do not select more than 5 SG",
      "Type": "List<AWS::EC2::SecurityGroup::Id>",
      "ConstraintDescription": "must be list of EC2 security group ids"
    },

    "VpcId": {
      "Type": "AWS::EC2::VPC::Id",
      "Description": "VPC associated with the provided subnets",
      "ConstraintDescription": "must be an existing VPC ID"
    },

    "SubnetId": {
      "Type": "String",
      "ConstraintDescription": "must be an existing subnet ID"
    },

    "InstanceType" : {
      "Type" : "String",
      "Default" : "t2.medium",
      "AllowedValues" : ["t2.micro","t2.medium", "m1.small", "m1.large","m4.large","m4.xlarge","m4.2xlarge","m4.4xlarge","m4.10xlarge","m4.16xlarge","c4.large" , "c4.xlarge" ,"c4.2xlarge" , "c4.4xlarge","c4.8xlarge" , "c3.large" , "c3.xlarge", "c3.2xlarge", "c3.4xlarge" ,"c3.8xlarge"],
      "ConstraintDescription": "must be a valid EC2 instance type"
    },

    "SSLCertificateIdForELB": {
      "Description" : "Choose the ID of an existing certificate from AWS Certificate Manager to configure the ELB Listeners. If no certificate is available, leave an empty string. The certificate will be created by CloudFormation",
      "Type" : "String"
    },
    "KeyPairName": {
      "Type": "AWS::EC2::KeyPair::KeyName",
      "ConstraintDescription": "must be the name of an existing EC2 KeyPair"
    },

    "Instance1AZ": {
      "Description": "Select the Availablity zone of the instance silo import 1, must be the same AZ as the volume of the instance, insert 0,1 or 2",
      "Type" : "String",
      "Default": "0"
    },

    "Instance2AZ": {
      "Description": "Select the Availablity zone of the instance silo import 2, must be the same AZ as the volume of the instance, insert 0,1 or 2",
      "Type" : "String",
      "Default": "0"
    }

  },

  "Conditions" : {
    "CreateCertificateSSL": { "Fn::Equals" :[ {"Ref" : "SSLCertificateIdForELB" }, ""] }
  },

  "Resources": {

    "OpsWorksInstanceRole": {
      "Type": "AWS::IAM::Role",
      "Properties": {
        "AssumeRolePolicyDocument": {
          "Version" : "2012-10-17",
          "Statement": [ {
            "Effect": "Allow",
            "Principal": {
              "Service" : [ {"Fn::FindInMap": [ "Region2Principal", { "Ref": "AWS::Region" },"EC2Principal" ] } ] },
            "Action"  : [ "sts:AssumeRole" ]
          }]
        },
        "Path": "/",
        "Policies":
        [{
          "PolicyName": {"Fn::Join" : ["",[{"Ref" : "AWS::StackName"},"Instance"] ] },
          "PolicyDocument": {
            "Statement": [{
              "Effect": "Allow",
              "Action": "*",
              "Resource": "*"
            }]
          }
        }]
      }
    },

    "OpsWorksServiceRole": {
      "Type": "AWS::IAM::Role",
      "Properties": {
        "AssumeRolePolicyDocument": {
          "Version" : "2012-10-17",
          "Statement": [ {
            "Effect": "Allow",
            "Principal": {
              "Service": [ { "Fn::FindInMap": [ "Region2Principal",{ "Ref": "AWS::Region" },"OpsWorksPrincipal" ] } ] },
            "Action" : [ "sts:AssumeRole" ]
          }]
        },
        "Path": "/",
        "Policies": [ {
          "PolicyName": "OpsworksService",
          "PolicyDocument": {
            "Version" : "2012-10-17",
            "Statement": [ {
              "Effect": "Allow",
              "Action": "*",
              "Resource": "*"
            }]
          }
        }]
      }
    },

    "myStack": {
      "Type": "AWS::OpsWorks::Stack",
      "Properties": {
        "AgentVersion" : "LATEST",
        "Name": { "Ref": "AWS::StackName" },
        "Attributes": { "Color": { "Ref": "OpsWorksStackColor" } },
        "ChefConfiguration": { "BerkshelfVersion" : "3.2.0", "ManageBerkshelf" : true },
        "ConfigurationManager": { "Name": "Chef", "Version": "11.10" },
        "CustomCookbooksSource": {
          "Type": "git",
          "Url": "git://github.com/amazonwebservices/opsworks-example-cookbooks.git"
        },
        "DefaultInstanceProfileArn": { "Fn::GetAtt": [ "InstanceProfile","Arn" ] },
        "DefaultOs": "Ubuntu 14.04 LTS",
        "DefaultRootDeviceType": "ebs",
        "DefaultSshKeyName": { "Ref": "KeyPairName" },
        "DefaultSubnetId" : {"Ref" : "SubnetId" },
        "ServiceRoleArn": { "Fn::GetAtt": ["OpsWorksServiceRole", "Arn"] },
        "UseCustomCookbooks": true,
        "UseOpsworksSecurityGroups" : true,
        "VpcId" : { "Ref" : "VpcId" }
      }
    },

    "InstanceProfile": {
      "Type": "AWS::IAM::InstanceProfile",
      "Properties": {
        "Path": "/",
        "Roles": [ { "Ref": "OpsWorksInstanceRole" } ]
      }
    },

    "myLayer": {
      "Type": "AWS::OpsWorks::Layer",
      "DependsOn" : "OpsWorksServiceRole",
      "Properties": {
        "AutoAssignElasticIps" : false,
        "AutoAssignPublicIps" : true,
        "CustomSecurityGroupIds" : { "Ref" : "SecurityGroupIds" },
        "EnableAutoHealing" : true,
        "InstallUpdatesOnBoot": false,
        "LifecycleEventConfiguration": {
          "ShutdownEventConfiguration": {
            "DelayUntilElbConnectionsDrained": false,
            "ExecutionTimeout": 120 }
          },
          "Name": "layer",
          "Shortname" : "layer",
          "StackId": { "Ref": "myStack" },
          "Type": "custom",
          "UseEbsOptimizedInstances": false,
          "VolumeConfigurations": [ {
            "Iops": 10000,
            "MountPoint": "/mountp",
            "NumberOfDisks": 1,
            "Size": 20,
            "VolumeType": "gp2"
          }]
      }
    },

    "ELBSecurityGroup" : {
      "Type" : "AWS::EC2::SecurityGroup",
      "Properties" : {
        "GroupDescription" : "api-elb",
        "VpcId" : {"Ref" : "VpcId" },
        "SecurityGroupIngress" : [
          {
            "IpProtocol" : "tcp",
            "FromPort" : "80",
            "ToPort" : "80",
            "CidrIp" : "0.0.0.0/0"
          }],
          "SecurityGroupEgress" : [{
            "IpProtocol" : "-1",
            "FromPort" : "-1",
            "ToPort" : "-1",
            "CidrIp" : "0.0.0.0/0"
          }]
      }
    },

    "ELB": {
      "Type": "AWS::ElasticLoadBalancing::LoadBalancer",
      "Properties": {
        "ConnectionDrainingPolicy" : {
          "Enabled" : true,
          "Timeout" : 300
        },
        "ConnectionSettings" : {
          "IdleTimeout" : 60
        },
        "CrossZone" : true,
        "HealthCheck" : {
          "HealthyThreshold" : "3",
          "Interval" : "30",
          "Target" : "HTTP:80/ping",
          "Timeout" : "5",
          "UnhealthyThreshold" : "2"
        },
        "Instances" : [ {"Ref" : "Instance1" }, {"Ref" : "Instance2"}],
        "LoadBalancerName" : "api-ELB",
        "Listeners" : [
          {
            "InstancePort" : "443",
            "InstanceProtocol" : "HTTPS",
            "LoadBalancerPort" : "443",
            "Protocol" : "HTTPS"
          },
          {
            "InstancePort" : "80",
            "InstanceProtocol" : "HTTP",
            "LoadBalancerPort" : "80",
            "Protocol" : "HTTP",
            "PolicyNames" :[ "ELBSecurityPolicy-2015-05" ],
            "SSLCertificateId" : {"Fn::If": ["CreateCertificateSSL", {"Ref" : "ELBCertificate" }, { "Ref" : "SSLCertificateIdForELB" } ] }
          }
        ],
        "Scheme" : "internal",
        "SecurityGroups" : { "Ref" : "ELBSecurityGroup" },
        "Subnets" : [ {"Ref" : "SubnetId" } ]
      }
    },

    "ELBAttachment" :{
      "Type": "AWS::OpsWorks::ElasticLoadBalancerAttachment",
      "Properties": {
        "ElasticLoadBalancerName" : {"Ref" : "ELB" },
        "LayerId" : { "Ref" : "myLayer"}
      }
    },

    "LaunchConfig" : {
      "Type" : "AWS::AutoScaling::LaunchConfiguration",
      "Properties" : {
        "AssociatePublicIpAddress" : true,
        "BlockDeviceMappings" : [{
          "DeviceName" : "/dev/sdi",
          "Ebs":{
            "VolumeType" : "gp2",
            "Iops" : "10000",
            "DeleteOnTermination" : "false",
            "VolumeSize" : "20"
          }
        }],
        "EbsOptimized" : false,
        "IamInstanceProfile" : { "Fn::GetAtt" :[ "InstanceProfile", "Arn" ] },
        "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "64"]},
        "InstanceType" : {"Ref" : "InstanceType" },
        "SecurityGroups" : [{ "Ref" : "ELBSecurityGroup" }]
      }
    },

    "ASG" : {
      "Type" : "AWS::AutoScaling::AutoScalingGroup",
      "Properties" : {
        "AvailabilityZones" : { "Fn::GetAZs" : { "Ref" : "AWS::Region" } },
        "Cooldown" : "1",
        "HealthCheckGracePeriod" : 3,
        "HealthCheckType" : "ELB",
        "LaunchConfigurationName" : {"Ref" : "LaunchConfig" },
        "LoadBalancerNames" : [{ "Ref" : "ELB" }],
        "MaxSize" : "5",
        "MetricsCollection" : [ { "Granularity" : "5Minute" } ],
        "MinSize" : "2",
        "Tags" : [
          {
            "PropagateAtLaunch": true,
            "Value": {"Ref" : "EnvironnementParam" },
            "Key": "environment"
          },
          {
            "PropagateAtLaunch": true,
            "Value": {"Ref" : "myLayer" },
            "Key": "my layer"
          }],
        "VPCZoneIdentifier" : [ {"Ref" : "VpcId" } ]
      }
    },

    "ELBCertificate" :{
      "Type" : "AWS::CertificateManager::Certificate",
      "Condition" : "CreateCertificateSSL",
      "Properties" : {
        "DomainName" : "example.com",
        "SubjectAlternativeNames" : [ "example.net" ]
      }
    },

    "Instance1": {
      "Type": "AWS::OpsWorks::Instance",
      "Properties": {
        "Hostname": "silo-import1",
        "AvailabilityZone" : { "Fn::Select" : [ {"Ref" : "Instance1AZ"}, { "Fn::GetAZs" : {"Ref" : "Region"} } ] },
        "RootDeviceType": "ebs",
        "StackId": {"Ref": "myStack"},
        "LayerIds": [{"Ref": "myLayer"}],
        "InstanceType": {"Ref" : "InstanceType"}
      }
    },

    "Instance2": {
      "Type": "AWS::OpsWorks::Instance",
      "Properties": {
        "Hostname": "silo-import2",
        "AvailabilityZone" : { "Fn::Select" : [ {"Ref" : "Instance2AZ"}, { "Fn::GetAZs" : {"Ref" : "Region"} } ] },
        "RootDeviceType": "ebs",
        "StackId": {"Ref": "myStack"},
        "LayerIds": [{"Ref": "myLayer"}],
        "InstanceType": {"Ref" : "InstanceType"}
    }
  },

    "AdminApiApp": {
      "Type": "AWS::OpsWorks::App",
      "Properties": {
        "AppSource" : {
          "Type" : "git",
          "Url" : "git://github.com:fap/adminphp.git",
          "Revision" : "develop"
        },
        "Name" : "admin",
        "Shortname" : "admin",
        "StackId" : {"Ref": "myStack"},
        "Type" : "php"
      }
    }

  }

}

Моя проблема в том, что я не знаю, почему не создается ни группа автоматического масштабирования, ни эластичный балансировщик нагрузки. Когда я тестирую шаблон, создаются все ресурсы, кроме этих. Любое объяснение? Я готов попробовать все ваши предложения. Спасибо

введите здесь описание изображения


json autoscaling amazon-cloudformation load-balancing aws-opsworks
person JavaQueen    schedule 27.01.2017    source источник

Ответы (1)


arrow_upward
0
arrow_downward

На снимке экрана выше видно, что состояние вашего стека все еще CREATE_IN_PROGRESS. Один из ваших ресурсов (вероятно, ваш AWS::OpsWorks::Instance?) не был создан правильно. Для устранения неполадок вы можете попробовать войти в экземпляр, проверив журналы Chef OpsWorks. , или просматривая выходные журналы экземпляра (/var/log/cfn-init.log и /var/log/cloud-init-output.log), чтобы найти основную причину/ошибку.

В более общем плане см. статью Центра знаний AWS: Как Я устраняю неполадки в стеке AWS CloudFormation, который застрял со статусом CREATE_IN_PROGRESS или UPDATE_IN_PROGRESS?:

Краткое описание

Это состояние обычно возникает при возникновении проблем с создаваемым или обновляемым ресурсом, что в конечном итоге приводит к сбою стека. Если для стека не указан параметр тайм-аута, стеку потребуется больше времени, чтобы достичь состояния CREATE_FAILED или UPDATE_FAILED.

Разрешение

  • Если возможно, проверьте точный ресурс, создание которого CloudFormation застряло. Auto Scaling часто предоставляет четкие сообщения об ошибках для описания событий, препятствующих запуску экземпляров.
  • Убедитесь, что вы не превышаете ограничения AWS для ресурсов, которые хотите создать. Например, если в шаблоне CloudFormation указано два экземпляра EC2, но количество ваших экземпляров в настоящее время составляет 19 с верхним пределом 20, создание стека завершится ошибкой.

См. также Мониторинг выполнения раздел документации Stack Update.

person wjordan    schedule 27.01.2017