amazon-web-services - Cloudformation 嵌套堆栈，无需回滚根堆栈

Question

我目前有一个“master.yaml”模板，它运行“service-a.yaml”和“service-b.yaml”，然后运行“service-c.yaml”，它依赖于 service-a 和 service-b 的输出.

有没有办法将这个嵌套堆栈分成多个嵌套堆栈？这样，当“service-c”深处的某些东西失败时，它不会导致整个链的回滚？我想并行启动 A+B，然后在它们以自动方式完成时启动 C。

我可以有一个 master.yaml 来构建“service-a”和“service-b”，然后在完成后手动启动“service-c”，但我想以某种方式自动执行此操作？

Answer 1

您可以使用 Codebuild 项目和 Codepipeline(基本上执行 CI/CD)创建一个堆栈，以触发一个又一个堆栈，从而每个堆栈都会失败并分别回滚。

例如，cloudformation 模板将有一个 Codebuld 项目，如下所示

  CodeBuildProject:
    Type: AWS::CodeBuild::Project
    Properties:
      Artifacts:
        Type: CODEPIPELINE
      Environment:
        ComputeType: BUILD_GENERAL1_LARGE
        Image: aws/codebuild/python:3.6.5
        Type: LINUX_CONTAINER
        EnvironmentVariables:
        - Name: bucket
          Value: !Ref ArtifactStoreBucket
          Type: PLAINTEXT
        - Name: prefix
          Value: build
          Type: PLAINTEXT
      Name: !Ref AWS::StackName
      ServiceRole: !Ref CodeBuildRole
      Source:
        Type: CODEPIPELINE
        BuildSpec: stack/buildspec.yaml
      Tags:
      - Key: owner
        Value: !Ref StackOwner
      - Key: task
        Value: !Ref RepositoryName

在buildspec.yaml文件中，您可以按如下方式打包cloudfromation模板:

  - aws cloudformation package --template-file master.yaml
                               --s3-bucket $bucket --s3-prefix $prefix
                               --output-template-file master-template.yaml

  - aws cloudformation package --template-file service-a.yaml
                               --s3-bucket $bucket --s3-prefix $prefix
                               --output-template-file service-a-template.yaml

最后，一个将所有内容链接在一起的代码管道阶段。例如，在下面提供的代码片段中，您可以通过 codecommit 触发源代码。因此，每次推送到存储库都会自动构建您的管道。

  Pipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      ArtifactStore:
        Location: !Ref ArtifactStoreBucket
        Type: S3
      DisableInboundStageTransitions: []
      Name: !Sub "${AWS::StackName}"
      RoleArn: !GetAtt [PipelineRole, Arn]
      Stages:
      # Stage 1 - CodeUpdate Stage
      - Name: CodeUpdate
        Actions:
        - Name: SourceCodeUpdate
          ActionTypeId:
            Category: Source
            Owner: AWS
            Version: '1'
            Provider: CodeCommit
          OutputArtifacts:
          - Name: SourceCode
          Configuration:
            PollForSourceChanges: 'false'
            RepositoryName: !Ref RepositoryName
            BranchName: !Ref BranchName
          RunOrder: '1'
      # Stage 2 - Build Stage
      - Name: Build
        Actions:
        - Name: UpdateLambda
          ActionTypeId:
            Category: Build
            Owner: AWS
            Version: '1'
            Provider: CodeBuild
          InputArtifacts:
          - Name: SourceCode
          OutputArtifacts:
          - Name: BuildArtifact
          Configuration:
            ProjectName: !Ref 'CodeBuildProject'
          RunOrder: '1'
      # Stage 3 - Build master stack
      - Name: MasterSetup
        Actions:
        - Name: CreateMasterChangeset
          ActionTypeId:
            Category: Deploy
            Owner: AWS
            Version: '1'
            Provider: CloudFormation
          InputArtifacts:
          - Name: BuildArtifact
          Configuration:
            ActionMode: CHANGE_SET_REPLACE
            StackName: !Sub "${AWS::StackName}-master"
            ChangeSetName: !Sub "${AWS::StackName}-master-update"
            RoleArn: !GetAtt [CFNRole, Arn]
            TemplatePath: BuildArtifact::master-template.yaml
            Capabilities: CAPABILITY_IAM
            ParameterOverrides: !Sub
            - |
              {
                "MasterStack": "${w}",
                "StackOwner": "${x}",
                "Task": "${y}"
              }
            - {
              w: !Sub '${AWS::StackName}',
              x: !Sub '${StackOwner}',
              y: !Sub '${RepositoryName}'
            }
          RunOrder: '1'
        - Name: ExecuteMasterChangeset
          ActionTypeId:
            Category: Deploy
            Owner: AWS
            Version: '1'
            Provider: CloudFormation
          Configuration:
            ActionMode: CHANGE_SET_EXECUTE
            StackName: !Sub "${AWS::StackName}-master"
            ChangeSetName: !Sub "${AWS::StackName}-master-update"
          RunOrder: '2'
      # Stage 4 - Build service-a stack
      - Name: ServiceASetup
        Actions:
        - Name: CreateServiceAChangeset
          ActionTypeId:
            Category: Deploy
            Owner: AWS
            Version: '1'
            Provider: CloudFormation
          InputArtifacts:
          - Name: BuildArtifact
          Configuration:
            ActionMode: CHANGE_SET_REPLACE
            StackName: !Sub "${AWS::StackName}-service-a"
            ChangeSetName: !Sub "${AWS::StackName}-service-a-update"
            RoleArn: !GetAtt [CFNRole, Arn]
            TemplatePath: BuildArtifact::service-a-template.yaml
            Capabilities: CAPABILITY_IAM
            ParameterOverrides: !Sub
            - |
              {
                "MasterStack": "${w}",
                "StackOwner": "${x}",
                "Task": "${y}"
              }
            - {
              w: !Sub '${AWS::StackName}',
              x: !Sub '${StackOwner}',
              y: !Sub '${RepositoryName}'
            }
          RunOrder: '1'
        - Name: ExecuteServiceAChangeset
          ActionTypeId:
            Category: Deploy
            Owner: AWS
            Version: '1'
            Provider: CloudFormation
          Configuration:
            ActionMode: CHANGE_SET_EXECUTE
            StackName: !Sub "${AWS::StackName}-service-a"
            ChangeSetName: !Sub "${AWS::StackName}-service-a-update"
          RunOrder: '2'

如果您想让堆栈并行执行，您可以在每个阶段添加超过 1 个堆栈。

显然，您需要自己设置角色和存储桶，这应该让您了解如何开始。

如需了解更多信息，您可以阅读有关 codepipeline 的更多信息，如下所示: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-cd-pipeline.html https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html