个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
27
4
AWSTemplateFormatVersion: 2010-09-09
Description: Simple 3 tier web application template
Parameters:
KeyName:
Description: The EC2 Key Pair to allow SSH access to the instance
Type: 'AWS::EC2::KeyPair::KeyName'
ConstraintDescription: must be the name of an existing EC2 KeyPair.
InstanceType:
Default: t2.micro
Type: String
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instances
Type: String
MinLength: '9'
MaxLength: '18'
Default: 0.0.0.0/0
AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})'
ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x
VpcBlock:
Type: String
Default: 192.168.0.0/16
Description: >-
The CIDR range for the VPC. This should be a valid private (RFC 1918) CIDR
range.
PublicSubnet01Block:
Type: String
Default: 192.168.0.0/18
Description: CidrBlock for public subnet 01 within the VPC
PublicSubnet02Block:
Type: String
Default: 192.168.64.0/18
Description: CidrBlock for public subnet 02 within the VPC
PrivateSubnet01Block:
Type: String
Default: 192.168.128.0/18
Description: CidrBlock for private subnet 01 within the VPC
PrivateSubnet02Block:
Type: String
Default: 192.168.192.0/18
Description: CidrBlock for private subnet 02 within the VPC
Metadata:
'AWS::CloudFormation::Interface':
ParameterGroups:
- Label:
default: Worker Network Configuration
Parameters:
- VpcBlock
- PublicSubnet01Block
- PublicSubnet02Block
- PrivateSubnet01Block
- PrivateSubnet02Block
Mappings:
AWSInstanceType2Arch:
t1.micro:
Arch: HVM64
t2.nano:
Arch: HVM64
t2.micro:
Arch: HVM64
t2.small:
Arch: HVM64
t2.medium:
Arch: HVM64
t2.large:
Arch: HVM64
m1.small:
Arch: HVM64
m1.medium:
Arch: HVM64
m1.large:
Arch: HVM64
m1.xlarge:
Arch: HVM64
m2.xlarge:
Arch: HVM64
m2.2xlarge:
Arch: HVM64
m2.4xlarge:
Arch: HVM64
m3.medium:
Arch: HVM64
m3.large:
Arch: HVM64
m3.xlarge:
Arch: HVM64
m3.2xlarge:
Arch: HVM64
m4.large:
Arch: HVM64
m4.xlarge:
Arch: HVM64
m4.2xlarge:
Arch: HVM64
m4.4xlarge:
Arch: HVM64
m4.10xlarge:
Arch: HVM64
c1.medium:
Arch: HVM64
c1.xlarge:
Arch: HVM64
c3.large:
Arch: HVM64
c3.xlarge:
Arch: HVM64
c3.2xlarge:
Arch: HVM64
c3.4xlarge:
Arch: HVM64
c3.8xlarge:
Arch: HVM64
c4.large:
Arch: HVM64
c4.xlarge:
Arch: HVM64
c4.2xlarge:
Arch: HVM64
c4.4xlarge:
Arch: HVM64
c4.8xlarge:
Arch: HVM64
g2.2xlarge:
Arch: HVMG2
g2.8xlarge:
Arch: HVMG2
r3.large:
Arch: HVM64
r3.xlarge:
Arch: HVM64
r3.2xlarge:
Arch: HVM64
r3.4xlarge:
Arch: HVM64
r3.8xlarge:
Arch: HVM64
i2.xlarge:
Arch: HVM64
i2.2xlarge:
Arch: HVM64
i2.4xlarge:
Arch: HVM64
i2.8xlarge:
Arch: HVM64
d2.xlarge:
Arch: HVM64
d2.2xlarge:
Arch: HVM64
d2.4xlarge:
Arch: HVM64
d2.8xlarge:
Arch: HVM64
hi1.4xlarge:
Arch: HVM64
hs1.8xlarge:
Arch: HVM64
cr1.8xlarge:
Arch: HVM64
cc2.8xlarge:
Arch: HVM64
AWSRegionArch2AMI:
us-east-1:
HVM64: ami-0ff8a91507f77f867
HVMG2: ami-0a584ac55a7631c0c
us-west-2:
HVM64: ami-a0cfeed8
HVMG2: ami-0e09505bc235aa82d
us-west-1:
HVM64: ami-0bdb828fd58c52235
HVMG2: ami-066ee5fd4a9ef77f1
eu-west-1:
HVM64: ami-047bb4163c506cd98
HVMG2: ami-0a7c483d527806435
eu-west-2:
HVM64: ami-f976839e
HVMG2: NOT_SUPPORTED
eu-west-3:
HVM64: ami-0ebc281c20e89ba4b
HVMG2: NOT_SUPPORTED
eu-central-1:
HVM64: ami-0233214e13e500f77
HVMG2: ami-06223d46a6d0661c7
ap-northeast-1:
HVM64: ami-06cd52961ce9f0d85
HVMG2: ami-053cdd503598e4a9d
ap-northeast-2:
HVM64: ami-0a10b2721688ce9d2
HVMG2: NOT_SUPPORTED
ap-northeast-3:
HVM64: ami-0d98120a9fb693f07
HVMG2: NOT_SUPPORTED
ap-southeast-1:
HVM64: ami-08569b978cc4dfa10
HVMG2: ami-0be9df32ae9f92309
ap-southeast-2:
HVM64: ami-09b42976632b27e9b
HVMG2: ami-0a9ce9fecc3d1daf8
ap-south-1:
HVM64: ami-0912f71e06545ad88
HVMG2: ami-097b15e89dbdcfcf4
us-east-2:
HVM64: ami-0b59bfac6be064b78
HVMG2: NOT_SUPPORTED
ca-central-1:
HVM64: ami-0b18956f
HVMG2: NOT_SUPPORTED
sa-east-1:
HVM64: ami-07b14488da8ea02a0
HVMG2: NOT_SUPPORTED
cn-north-1:
HVM64: ami-0a4eaf6c4454eda75
HVMG2: NOT_SUPPORTED
cn-northwest-1:
HVM64: ami-6b6a7d09
HVMG2: NOT_SUPPORTED
Resources:
VPC:
Type: 'AWS::EC2::VPC'
Properties:
CidrBlock: !Ref VpcBlock
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: !Sub '${AWS::StackName}-VPC'
InternetGateway:
Type: 'AWS::EC2::InternetGateway'
VPCGatewayAttachment:
Type: 'AWS::EC2::VPCGatewayAttachment'
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicRouteTable:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: Public Subnets
- Key: Network
Value: Public
PrivateRouteTable01:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: Private Subnet AZ1
- Key: Network
Value: Private01
PrivateRouteTable02:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: Private Subnet AZ2
- Key: Network
Value: Private02
PublicRoute:
DependsOn: VPCGatewayAttachment
Type: 'AWS::EC2::Route'
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PrivateRoute01:
DependsOn:
- VPCGatewayAttachment
- NatGateway01
Type: 'AWS::EC2::Route'
Properties:
RouteTableId: !Ref PrivateRouteTable01
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway01
PrivateRoute02:
DependsOn:
- VPCGatewayAttachment
- NatGateway02
Type: 'AWS::EC2::Route'
Properties:
RouteTableId: !Ref PrivateRouteTable02
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway02
NatGateway01:
DependsOn:
- NatGatewayEIP1
- PublicSubnet01
- VPCGatewayAttachment
Type: 'AWS::EC2::NatGateway'
Properties:
AllocationId: !GetAtt NatGatewayEIP1.AllocationId
SubnetId: !Ref PublicSubnet01
Tags:
- Key: Name
Value: !Sub '${AWS::StackName}-NatGatewayAZ1'
NatGateway02:
DependsOn:
- NatGatewayEIP2
- PublicSubnet02
- VPCGatewayAttachment
Type: 'AWS::EC2::NatGateway'
Properties:
AllocationId: !GetAtt NatGatewayEIP2.AllocationId
SubnetId: !Ref PublicSubnet02
Tags:
- Key: Name
Value: !Sub '${AWS::StackName}-NatGatewayAZ2'
NatGatewayEIP1:
DependsOn:
- VPCGatewayAttachment
Type: 'AWS::EC2::EIP'
Properties:
Domain: vpc
NatGatewayEIP2:
DependsOn:
- VPCGatewayAttachment
Type: 'AWS::EC2::EIP'
Properties:
Domain: vpc
PublicSubnet01:
Type: 'AWS::EC2::Subnet'
Metadata:
Comment: Subnet 01
Properties:
MapPublicIpOnLaunch: true
AvailabilityZone:
'Fn::Select':
- '0'
- 'Fn::GetAZs':
Ref: 'AWS::Region'
CidrBlock:
Ref: PublicSubnet01Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub '${AWS::StackName}-PublicSubnet01'
- Key: kubernetes.io/role/elb
Value: 1
PublicSubnet02:
Type: 'AWS::EC2::Subnet'
Metadata:
Comment: Subnet 02
Properties:
MapPublicIpOnLaunch: true
AvailabilityZone:
'Fn::Select':
- '1'
- 'Fn::GetAZs':
Ref: 'AWS::Region'
CidrBlock:
Ref: PublicSubnet02Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub '${AWS::StackName}-PublicSubnet02'
- Key: kubernetes.io/role/elb
Value: 1
PrivateSubnet01:
Type: 'AWS::EC2::Subnet'
Metadata:
Comment: Subnet 03
Properties:
AvailabilityZone:
'Fn::Select':
- '0'
- 'Fn::GetAZs':
Ref: 'AWS::Region'
CidrBlock:
Ref: PrivateSubnet01Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub '${AWS::StackName}-PrivateSubnet01'
- Key: kubernetes.io/role/internal-elb
Value: 1
PrivateSubnet02:
Type: 'AWS::EC2::Subnet'
Metadata:
Comment: Private Subnet 02
Properties:
AvailabilityZone:
'Fn::Select':
- '1'
- 'Fn::GetAZs':
Ref: 'AWS::Region'
CidrBlock:
Ref: PrivateSubnet02Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub '${AWS::StackName}-PrivateSubnet02'
- Key: kubernetes.io/role/internal-elb
Value: 1
PublicSubnet01RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PublicSubnet01
RouteTableId: !Ref PublicRouteTable
PublicSubnet02RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PublicSubnet02
RouteTableId: !Ref PublicRouteTable
PrivateSubnet01RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PrivateSubnet01
RouteTableId: !Ref PrivateRouteTable01
PrivateSubnet02RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PrivateSubnet02
RouteTableId: !Ref PrivateRouteTable02
ControlPlaneSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Cluster communication with worker nodes
VpcId: !Ref VPC
LoadBalancer:
Type: 'AWS::ElasticLoadBalancing::LoadBalancer'
Properties:
Subnets:
- !Ref PublicSubnet01
- !Ref PublicSubnet02
CrossZone: 'true'
Listeners:
- LoadBalancerPort: '80'
InstancePort: '80'
Protocol: HTTP
HealthCheck:
Target: 'HTTP:80/'
HealthyThreshold: '3'
UnhealthyThreshold: '5'
Interval: '30'
Timeout: '5'
SecurityGroups:
- !Ref ELBWebServerSecurityGroup
ELBWebServerSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Enable HTTP access via port 80
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '80'
ToPort: '80'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/0
VpcId: !Ref VPC
AsgLaunchTemplate:
Type: 'AWS::EC2::LaunchTemplate'
Properties:
LaunchTemplateName: !Sub '${AWS::StackName}-launch-template'
LaunchTemplateData:
CreditSpecification:
CpuCredits: Unlimited
ImageId:
'Fn::FindInMap':
- AWSRegionArch2AMI
- Ref: 'AWS::Region'
- 'Fn::FindInMap':
- AWSInstanceType2Arch
- Ref: InstanceType
- Arch
InstanceType: !Ref InstanceType
KeyName: !Ref KeyName
Monitoring:
Enabled: true
SecurityGroupIds:
- !Ref ELBWebServerSecurityGroup
UserData:
'Fn::Base64': >
#!/bin/bash
yum update -y
yum install httpd -y
service httpd start
chkconfig httpd on
host_name=`curl -s
http://169.254.169.254/latest/meta-data/local-hostname`
echo "WELCOME TO FEBATECH WEB SERVER $host_name" >
/var/www/html/index.html
ApplicationAsg:
Type: 'AWS::AutoScaling::AutoScalingGroup'
DependsOn:
- PublicRouteTable
- PublicSubnet01RouteTableAssociation
- PublicSubnet02RouteTableAssociation
Properties:
AutoScalingGroupName: ApplicationAsg
MinSize: '1'
MaxSize: '5'
DesiredCapacity: '2'
HealthCheckGracePeriod: 300
LaunchTemplate:
LaunchTemplateId: !Ref AsgLaunchTemplate
Version: !GetAtt AsgLaunchTemplate.LatestVersionNumber
VPCZoneIdentifier:
- !Ref PublicSubnet01
- !Ref PublicSubnet02
LoadBalancerNames:
- !Ref LoadBalancer
MyNACL:
Type: 'AWS::EC2::NetworkAcl'
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: NACLforSSHTraffic
InboundRule:
Type: 'AWS::EC2::NetworkAclEntry'
Properties:
NetworkAclId:
Ref: MyNACL
RuleNumber: 100
Protocol: 6
RuleAction: allow
CidrBlock: 172.16.0.0/24
PortRange:
From: 0
To: 65535
OutboundRule:
Type: 'AWS::EC2::NetworkAclEntry'
Properties:
NetworkAclId:
Ref: MyNACL
RuleNumber: 100
Protocol: -1
Egress: true
RuleAction: allow
CidrBlock: 0.0.0.0/0
mySubnetNetworkAclAssociation:
Type: 'AWS::EC2::SubnetNetworkAclAssociation'
Properties:
SubnetId:
- !Ref PublicSubnet01
- !Ref PublicSubnet02
NetworkAclId:
Ref: MyNACL
MountTargetVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPC
MountTargetSubnetOne:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PublicSubnet01
VpcId: !Ref MountTargetVPC
AvailabilityZone: "ap-south-1a"
MountTargetSubnetTwo:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PublicSubnet02
VpcId: !Ref MountTargetVPC
AvailabilityZone: "ap-south-1b"
FileSystemResource:
Type: 'AWS::EFS::FileSystem'
Properties:
BackupPolicy:
Status: ENABLED
PerformanceMode: maxIO
Encrypted: true
LifecyclePolicies:
- TransitionToIA: AFTER_30_DAYS
FileSystemTags:
- Key: Name
Value: TestFileSystem
FileSystemPolicy:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action:
- "elasticfilesystem:ClientMount"
Principal:'arn:aws:iam::111122223333:root'
KmsKeyId: !GetAtt
- key
- Arn
key:
Type: AWS::KMS::Key
Properties:
KeyPolicy:
Version: 2012-10-17
Id: key-default-1
Statement:
- Sid: Allow administration of the key
Effect: Allow
Principal:
AWS: !Join
- ''
- - 'arn:aws:iam::'
- !Ref 'AWS::AccountId'
- ':root'
Action:
- 'kms:*'
Resource: '*'
AWS: "*"
MountTargetResource1:
Type: AWS::EFS::MountTarget
Properties:
FileSystemId: !Ref FileSystemResource
SubnetId: !Ref MountTargetSubnetOne
SecurityGroups:
- !GetAtt MountTargetVPC.DefaultSecurityGroup
MountTargetResource2:
Type: AWS::EFS::MountTarget
Properties:
FileSystemId: !Ref FileSystemResource
SubnetId: !Ref MountTargetSubnetTwo
SecurityGroups:
- !GetAtt MountTargetVPC.DefaultSecurityGroup
MountTargetResource3:
Type: AWS::EFS::MountTarget
Properties:
FileSystemId: !Ref FileSystemResource
SubnetId: !Ref MountTargetSubnetThree
SecurityGroups:
- !GetAtt MountTargetVPC.DefaultSecurityGroup
AccessPointResource:
Type: 'AWS::EFS::AccessPoint'
Properties:
FileSystemId: !Ref FileSystemResource
PosixUser:
Uid: "13234"
Gid: "1322"
SecondaryGids:
- "1344"
- "1452"
RootDirectory:
CreationInfo:
OwnerGid: "708798"
OwnerUid: "7987987"
Permissions: "0755"
Path: "/mnt/abc/data"
我收到的错误如下:
12/11/2020, 1:01:13 PM - Template contains errors.: Template format error: YAML not well-formed. (line 590, column 7)
12/11/2020, 1:01:10 PM - Cannot render the template because of an error.: YAMLException: can not read an implicit mapping pair; a colon is missed at line 589, column 55: ... 'arn:aws:iam::111122223333:root' ^
最佳答案
在第 590 行左右,您有:
Statement:
- Effect: "Allow"
Action:
- "elasticfilesystem:ClientMount"
Principal:'arn:aws:iam::111122223333:root'
应该是(主体:后面缺少空格):
Statement:
- Effect: "Allow"
Action:
- "elasticfilesystem:ClientMount"
Principal: 'arn:aws:iam::111122223333:root'
关于amazon-web-services - 部署 efs 模板时出现 YAMLException,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/65247860/
27
4
0
我在 *.sql 文件中得到了我的数据库转储(表、函数、触发器等)。此时我正在通过 jenkins 部署它们,通过传递执行 shell 命令: sudo -u postgres psql -d my_
我正在使用网络部署 API 来部署网络包(.zip 文件,由 MSDeploy.exe 创建)以编程方式将包发布到服务器(在发布包之前我们需要做一些其他事情这就是为什么我们不使用 MSDeploy.e
我们正在使用 Web Deploy 3 的(几乎完全未记录的)“公共(public) API”来创建我们网站的 .zip 包,然后将其同步到服务器: DeploymentBaseOptions des
将 clojure 应用程序制作成可执行文件的最简单方法是什么,例如 http://rawr.rubyforge.org/ ruby 吗? (exe 和 app 文件也是) 最佳答案 使用 leini
是否可以下载 Android 源代码并针对任何设备进行编译? 我想做的是尝试 GSM 代码部分并编译操作系统并将其部署到我的摩托罗拉手机上。 谢谢! 最佳答案 是的,但这很难,因为大多数手机不共享驱动
我正在考虑用 c/c++ 编写需要在大多数个人计算机上运行的 nbody 样式模拟。本质上是一个 O(n^2) 粒子模拟器。 因为这需要相当用户友好,所以我希望有 1 个不需要用户安装任何东西的 Wi
需要了解 kubernetes 部署中 kube_deployment_status_replicas 和 kube_deployment_spec_replicas 指标的区别 最佳答案 简而言之,
我正在尝试使用分类器部署 Maven Artifact 。由于我需要源代码和 JAR(我从 GWT 使用它),我想获得 artifact-version-classifier.jar 和 artifa
我设置部署以将我的项目代码与存储我的网站的 FTP 服务器上的项目同步。 但是,每次尝试同步时,我总是必须登录。 我什至检查了记住,但它不起作用! 我正在使用最新的 PhpStorm 2017.1.4
我在 Visual Studio 2008 中开发了一个 ASP.NET 网站。现在我想在其他机器上部署它。我怎样才能做到这一点??就像我们为 Windows 应用程序制作安装包一样,我们可以为 AS
将 QT 框架添加到我的 .app 包中 我正在关注 Qt 站点上关于部署的文档。 我创建了一个名为 HTTPClient.app 的应用程序 我在 Contents 下创建了 Framework 文
这个问题不太可能对任何 future 的访客有帮助;它只与一个小的地理区域、一个特定的时间点或一个非常狭窄的情况相关,通常不适用于互联网的全局受众。如需帮助使这个问题更广泛适用,visit the h
我正在研究改变我目前创建营销网站的策略。目前,我完全用 PHP 从头开始构建网站,使用一个简单的包含系统。所有代码(以及内容)都存储在文件(而不是数据库)中,允许我使用 Subversion 进行
我有一个长期运行的服务(在 while 1 循环中)并通过 GCloud pub/sub 处理有效负载,之后它将结果写入数据库。 该服务不需要监听任何端口。 Kind=Deployment 的声明性
似乎部署已停滞不前。我该如何进一步诊断? kubectl rollout status deployment/wordpress Waiting for rollout to finish: 2 ou
我正在Dart中使用前端的Angular和后端的Shelf构建一个客户端/服务器应用程序。当我执行pub build时,它会按预期生成Dart文件的javascript,但不会替换HTML文件中的Da
我在 Azure 部署中心的下拉列表中看不到我的所有 Github 组织存储库。 Azure 很久以前就已经被授权了,下拉列表正确地显示了所有的存储库,直到上周我在 DevOps 中玩游戏时,不得不再
我认为标题几乎说明了一切...对于 Deployd 来说是全新的,所以任何关于如何最好地实现这一点的指示都值得赞赏。 最佳答案 要获取用户创建的集合中的对象(我假设您使用的是 javascript 库
我有一个试图用于CD服务器的部署脚本,但是在编写bash脚本以完成一些所需的步骤(例如运行npm和迁移命令)时遇到了问题。 我将如何从该脚本进入容器bash,运行下面的命令,然后退出以完成对更改的提取
我想在使用 kubectl 时将参数传递给 Kubernetes 部署命令应用部署文件。 示例:在我的部署 .yaml 中,我有如下参数,我想在使用 kubectl apply - f .yaml 运
我是一名优秀的程序员,十分优秀!