Я создаю шаблон cloudformation, который создает стек, слой, приложение, 2 экземпляра для слоя, балансировщик нагрузки и группу автоматического масштабирования. Вот ПОЛНЫЙ шаблон:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "AWS CloudFormation Template : Building the opsworks stack",
"Mappings": {
"Region2Principal": {
"us-east-1": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
},
"us-west-2": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
},
"us-west-1": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
},
"eu-west-1": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
}
},
"RegionMap" : {
"us-east-1" : { "64" : "ami-5ac2cd4d" },
"us-west-1" : { "64" : "ami-7790c617" },
"eu-west-1" : { "64" : "ami-b9b394ca" },
"us-west-2" : { "64" : "ami-30e65350" }
}
},
"Parameters": {
"OpsWorksStackColor": {
"Description": "RGB Color to use for OpsWorks Stack",
"Type": "String",
"Default": "rgb(38, 146, 168)"
},
"Region" : {
"Type":"String",
"Description": "Region location of the template resources",
"Default": "eu-west-1",
"AllowedValues" : [ "us-east-1", "us-west-1", "us-west-2", "eu-west-1" ]
},
"EnvironnementParam" : {
"Type" : "String",
"Description" : "Environnement variable for the stack benchmark layer",
"Default" : "dev"
},
"SecurityGroupIds": {
"Description": "Security groups that can be used to access the EC2 instances, do not select more than 5 SG",
"Type": "List<AWS::EC2::SecurityGroup::Id>",
"ConstraintDescription": "must be list of EC2 security group ids"
},
"VpcId": {
"Type": "AWS::EC2::VPC::Id",
"Description": "VPC associated with the provided subnets",
"ConstraintDescription": "must be an existing VPC ID"
},
"SubnetId": {
"Type": "String",
"ConstraintDescription": "must be an existing subnet ID"
},
"InstanceType" : {
"Type" : "String",
"Default" : "t2.medium",
"AllowedValues" : ["t2.micro","t2.medium", "m1.small", "m1.large","m4.large","m4.xlarge","m4.2xlarge","m4.4xlarge","m4.10xlarge","m4.16xlarge","c4.large" , "c4.xlarge" ,"c4.2xlarge" , "c4.4xlarge","c4.8xlarge" , "c3.large" , "c3.xlarge", "c3.2xlarge", "c3.4xlarge" ,"c3.8xlarge"],
"ConstraintDescription": "must be a valid EC2 instance type"
},
"SSLCertificateIdForELB": {
"Description" : "Choose the ID of an existing certificate from AWS Certificate Manager to configure the ELB Listeners. If no certificate is available, leave an empty string. The certificate will be created by CloudFormation",
"Type" : "String"
},
"KeyPairName": {
"Type": "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription": "must be the name of an existing EC2 KeyPair"
},
"Instance1AZ": {
"Description": "Select the Availablity zone of the instance silo import 1, must be the same AZ as the volume of the instance, insert 0,1 or 2",
"Type" : "String",
"Default": "0"
},
"Instance2AZ": {
"Description": "Select the Availablity zone of the instance silo import 2, must be the same AZ as the volume of the instance, insert 0,1 or 2",
"Type" : "String",
"Default": "0"
}
},
"Conditions" : {
"CreateCertificateSSL": { "Fn::Equals" :[ {"Ref" : "SSLCertificateIdForELB" }, ""] }
},
"Resources": {
"OpsWorksInstanceRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service" : [ {"Fn::FindInMap": [ "Region2Principal", { "Ref": "AWS::Region" },"EC2Principal" ] } ] },
"Action" : [ "sts:AssumeRole" ]
}]
},
"Path": "/",
"Policies":
[{
"PolicyName": {"Fn::Join" : ["",[{"Ref" : "AWS::StackName"},"Instance"] ] },
"PolicyDocument": {
"Statement": [{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}]
}
}]
}
},
"OpsWorksServiceRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service": [ { "Fn::FindInMap": [ "Region2Principal",{ "Ref": "AWS::Region" },"OpsWorksPrincipal" ] } ] },
"Action" : [ "sts:AssumeRole" ]
}]
},
"Path": "/",
"Policies": [ {
"PolicyName": "OpsworksService",
"PolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}]
}
}]
}
},
"myStack": {
"Type": "AWS::OpsWorks::Stack",
"Properties": {
"AgentVersion" : "LATEST",
"Name": { "Ref": "AWS::StackName" },
"Attributes": { "Color": { "Ref": "OpsWorksStackColor" } },
"ChefConfiguration": { "BerkshelfVersion" : "3.2.0", "ManageBerkshelf" : true },
"ConfigurationManager": { "Name": "Chef", "Version": "11.10" },
"CustomCookbooksSource": {
"Type": "git",
"Url": "git://github.com/amazonwebservices/opsworks-example-cookbooks.git"
},
"DefaultInstanceProfileArn": { "Fn::GetAtt": [ "InstanceProfile","Arn" ] },
"DefaultOs": "Ubuntu 14.04 LTS",
"DefaultRootDeviceType": "ebs",
"DefaultSshKeyName": { "Ref": "KeyPairName" },
"DefaultSubnetId" : {"Ref" : "SubnetId" },
"ServiceRoleArn": { "Fn::GetAtt": ["OpsWorksServiceRole", "Arn"] },
"UseCustomCookbooks": true,
"UseOpsworksSecurityGroups" : true,
"VpcId" : { "Ref" : "VpcId" }
}
},
"InstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [ { "Ref": "OpsWorksInstanceRole" } ]
}
},
"myLayer": {
"Type": "AWS::OpsWorks::Layer",
"DependsOn" : "OpsWorksServiceRole",
"Properties": {
"AutoAssignElasticIps" : false,
"AutoAssignPublicIps" : true,
"CustomSecurityGroupIds" : { "Ref" : "SecurityGroupIds" },
"EnableAutoHealing" : true,
"InstallUpdatesOnBoot": false,
"LifecycleEventConfiguration": {
"ShutdownEventConfiguration": {
"DelayUntilElbConnectionsDrained": false,
"ExecutionTimeout": 120 }
},
"Name": "layer",
"Shortname" : "layer",
"StackId": { "Ref": "myStack" },
"Type": "custom",
"UseEbsOptimizedInstances": false,
"VolumeConfigurations": [ {
"Iops": 10000,
"MountPoint": "/mountp",
"NumberOfDisks": 1,
"Size": 20,
"VolumeType": "gp2"
}]
}
},
"ELBSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "api-elb",
"VpcId" : {"Ref" : "VpcId" },
"SecurityGroupIngress" : [
{
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp" : "0.0.0.0/0"
}],
"SecurityGroupEgress" : [{
"IpProtocol" : "-1",
"FromPort" : "-1",
"ToPort" : "-1",
"CidrIp" : "0.0.0.0/0"
}]
}
},
"ELB": {
"Type": "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties": {
"ConnectionDrainingPolicy" : {
"Enabled" : true,
"Timeout" : 300
},
"ConnectionSettings" : {
"IdleTimeout" : 60
},
"CrossZone" : true,
"HealthCheck" : {
"HealthyThreshold" : "3",
"Interval" : "30",
"Target" : "HTTP:80/ping",
"Timeout" : "5",
"UnhealthyThreshold" : "2"
},
"Instances" : [ {"Ref" : "Instance1" }, {"Ref" : "Instance2"}],
"LoadBalancerName" : "api-ELB",
"Listeners" : [
{
"InstancePort" : "443",
"InstanceProtocol" : "HTTPS",
"LoadBalancerPort" : "443",
"Protocol" : "HTTPS"
},
{
"InstancePort" : "80",
"InstanceProtocol" : "HTTP",
"LoadBalancerPort" : "80",
"Protocol" : "HTTP",
"PolicyNames" :[ "ELBSecurityPolicy-2015-05" ],
"SSLCertificateId" : {"Fn::If": ["CreateCertificateSSL", {"Ref" : "ELBCertificate" }, { "Ref" : "SSLCertificateIdForELB" } ] }
}
],
"Scheme" : "internal",
"SecurityGroups" : { "Ref" : "ELBSecurityGroup" },
"Subnets" : [ {"Ref" : "SubnetId" } ]
}
},
"ELBAttachment" :{
"Type": "AWS::OpsWorks::ElasticLoadBalancerAttachment",
"Properties": {
"ElasticLoadBalancerName" : {"Ref" : "ELB" },
"LayerId" : { "Ref" : "myLayer"}
}
},
"LaunchConfig" : {
"Type" : "AWS::AutoScaling::LaunchConfiguration",
"Properties" : {
"AssociatePublicIpAddress" : true,
"BlockDeviceMappings" : [{
"DeviceName" : "/dev/sdi",
"Ebs":{
"VolumeType" : "gp2",
"Iops" : "10000",
"DeleteOnTermination" : "false",
"VolumeSize" : "20"
}
}],
"EbsOptimized" : false,
"IamInstanceProfile" : { "Fn::GetAtt" :[ "InstanceProfile", "Arn" ] },
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "64"]},
"InstanceType" : {"Ref" : "InstanceType" },
"SecurityGroups" : [{ "Ref" : "ELBSecurityGroup" }]
}
},
"ASG" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"AvailabilityZones" : { "Fn::GetAZs" : { "Ref" : "AWS::Region" } },
"Cooldown" : "1",
"HealthCheckGracePeriod" : 3,
"HealthCheckType" : "ELB",
"LaunchConfigurationName" : {"Ref" : "LaunchConfig" },
"LoadBalancerNames" : [{ "Ref" : "ELB" }],
"MaxSize" : "5",
"MetricsCollection" : [ { "Granularity" : "5Minute" } ],
"MinSize" : "2",
"Tags" : [
{
"PropagateAtLaunch": true,
"Value": {"Ref" : "EnvironnementParam" },
"Key": "environment"
},
{
"PropagateAtLaunch": true,
"Value": {"Ref" : "myLayer" },
"Key": "my layer"
}],
"VPCZoneIdentifier" : [ {"Ref" : "VpcId" } ]
}
},
"ELBCertificate" :{
"Type" : "AWS::CertificateManager::Certificate",
"Condition" : "CreateCertificateSSL",
"Properties" : {
"DomainName" : "example.com",
"SubjectAlternativeNames" : [ "example.net" ]
}
},
"Instance1": {
"Type": "AWS::OpsWorks::Instance",
"Properties": {
"Hostname": "silo-import1",
"AvailabilityZone" : { "Fn::Select" : [ {"Ref" : "Instance1AZ"}, { "Fn::GetAZs" : {"Ref" : "Region"} } ] },
"RootDeviceType": "ebs",
"StackId": {"Ref": "myStack"},
"LayerIds": [{"Ref": "myLayer"}],
"InstanceType": {"Ref" : "InstanceType"}
}
},
"Instance2": {
"Type": "AWS::OpsWorks::Instance",
"Properties": {
"Hostname": "silo-import2",
"AvailabilityZone" : { "Fn::Select" : [ {"Ref" : "Instance2AZ"}, { "Fn::GetAZs" : {"Ref" : "Region"} } ] },
"RootDeviceType": "ebs",
"StackId": {"Ref": "myStack"},
"LayerIds": [{"Ref": "myLayer"}],
"InstanceType": {"Ref" : "InstanceType"}
}
},
"AdminApiApp": {
"Type": "AWS::OpsWorks::App",
"Properties": {
"AppSource" : {
"Type" : "git",
"Url" : "git://github.com:fap/adminphp.git",
"Revision" : "develop"
},
"Name" : "admin",
"Shortname" : "admin",
"StackId" : {"Ref": "myStack"},
"Type" : "php"
}
}
}
}
Моя проблема в том, что я не знаю, почему не создается ни группа автоматического масштабирования, ни эластичный балансировщик нагрузки. Когда я тестирую шаблон, создаются все ресурсы, кроме этих. Любое объяснение? Я готов попробовать все ваши предложения. Спасибо