个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
25
4
我必须为自动缩放组运行 cfn-init,但它失败了:
/opt/aws/bin/cfn-init -v --stack ms-lbas-split1-EC2LauncConfigStack-1GB6170KAE3EU --resource LaunchConfig --region us-west-2
AccessDenied: Instance i-02c0239a16cd96a53 is not allowed to call DescribeStackResource for ms-lbas-split1-EC2LauncConfigStack-1GB6170KAE3EU
策略是在*上,事实上,我可以在同一实体上调用describe-stack-resource,并且它工作正常:
[root@ip-172-31-18-99 ec2-user]# aws cloudformation describe-stack-resource --stack-name ms-lbas-split1-EC2LauncConfigStack-1GB6170KAE3EU --logical-resource-id LaunchConfig --region us-west-2
{
"StackResourceDetail": {
"StackId": "arn:aws:cloudformation:us-west-2:020779576776:stack/ms-lbas-split1-EC2LauncConfigStack-1GB6170KAE3EU/cdf015d0-9d88-11ed-8084-0af2362739b7",
"ResourceStatus": "CREATE_COMPLETE",
"DriftInformation": {
"StackResourceDriftStatus": "NOT_CHECKED"
},
"ResourceType": "AWS::AutoScaling::LaunchConfiguration",
"LastUpdatedTimestamp": "2023-01-26T14:53:46.144Z",
"StackName": "ms-lbas-split1-EC2LauncConfigStack-1GB6170KAE3EU",
"PhysicalResourceId": "ms-lbas-split1-EC2LauncConfigStack-1GB6170KAE3EU-LaunchConfig-IqXSDhGUFDY1",
"Metadata": "{\"Comment\":\"Install a simple application\",\"AWS::CloudFormation::Init\":{\"config\":{\"files\":{\"/etc/cfn/cfn-hup.conf\":{\"mode\":\"000400\",\"owner\":\"root\",\"content\":\"[main]\\nstack=arn:aws:cloudformation:us-west-2:020779576776:stack/ms-lbas-split1/86b538d0-9d88-11ed-8250-0a502f832635\\nregion=us-west-2\\n\",\"group\":\"root\"},\"/etc/cfn/hooks.d/cfn-auto-reloader.conf\":{\"mode\":\"000400\",\"owner\":\"root\",\"content\":\"[cfn-auto-reloader-hook]\\ntriggers=post.update\\npath=Resources.LaunchConfig.Metadata.AWS::CloudFormation::Init\\naction=/opt/aws/bin/cfn-init -v --stack ms-lbas-split1-EC2LauncConfigStack-1GB6170KAE3EU --resource LaunchConfig --region us-west-2\\nrunas=root\\n\",\"group\":\"root\"},\"/var/www/html/index.html\":{\"mode\":\"000644\",\"owner\":\"root\",\"content\":\"<img src=\\\"\\nhttps://s3-us-west-2.amazonaws.com/cloudformation-examples-us-west-2\\n/cloudformation_graphic.png\\\" alt=\\\"AWS CloudFormation Logo\\\"/>\\n<h1>Congratulations, you have successfully launched the AWS CloudFormation sample.</h1>\",\"group\":\"root\"}},\"services\":{\"sysvinit\":{\"cfn-hup\":{\"files\":[\"/etc/cfn/cfn-hup.conf\",\"/etc/cfn/hooks.d/cfn-auto-reloader.conf\"],\"ensureRunning\":\"true\",\"enabled\":\"true\"},\"httpd\":{\"ensureRunning\":\"true\",\"enabled\":\"true\"}}},\"packages\":{\"yum\":{\"httpd\":[]}}}}}",
"LogicalResourceId": "LaunchConfig"
}
仅当我使用这些嵌套的 cloudformation 模板时才会出现此问题:
主要内容:
"Resources": {
"WebServerGroup" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"VPCZoneIdentifier" : { "Ref" : "AWSsubnetid" },
"LaunchConfigurationName" : {
"Fn::GetAtt": ["EC2LauncConfigStack", "Outputs.LaunchConfig"]
},
"MinSize" : "2",
"MaxSize" : "2",
"TargetGroupARNs" : [ { "Ref" : "ALBTargetGroup" } ]
},
"CreationPolicy" : {
"ResourceSignal" : {
"Timeout" : "PT60M"
}
},
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"MinInstancesInService": "1",
"MaxBatchSize": "1",
"PauseTime" : "PT15M",
"WaitOnResourceSignals": "true"
}
}
},
"EC2LauncConfigStack": {
"Type": "AWS::CloudFormation::Stack",
"Properties": {
"TemplateURL": {
"Fn::Sub": "https://ms-tst-launcongi-12343.s3.us-west-2.amazonaws.com/ec2_EC2LauncConfigStack-v2.json"
},
"Parameters":{
"StackName": {
"Ref" : "AWS::StackName"
},
"StackId": {
"Ref" : "AWS::StackId"
},
"InstanceSecGroup" : {
"Ref" : "InstanceSecurityGroup"
}
}
}
},
"ApplicationLoadBalancer" : {
"Type" : "AWS::ElasticLoadBalancingV2::LoadBalancer",
"DependsOn":"InstanceSecurityGroupHttp",
"Properties" : {
"Subnets" : { "Ref" : "AWSsubnetid"},
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroupHttp" } ]
}
},
"ALBListener" : {
"Type" : "AWS::ElasticLoadBalancingV2::Listener",
"Properties" : {
"DefaultActions" : [{
"Type" : "forward",
"TargetGroupArn" : { "Ref" : "ALBTargetGroup" }
}],
"LoadBalancerArn" : { "Ref" : "ApplicationLoadBalancer" },
"Port" : "80",
"Protocol" : "HTTP"
}
},
"ALBTargetGroup" : {
"Type" : "AWS::ElasticLoadBalancingV2::TargetGroup",
"Properties" : {
"HealthCheckIntervalSeconds" : 30,
"HealthCheckTimeoutSeconds" : 5,
"HealthyThresholdCount" : 3,
"Port" : 80,
"Protocol" : "HTTP",
"UnhealthyThresholdCount" : 5,
"VpcId" : {"Ref" : "AWSvpcid"}
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access and HTTP access on the inbound port",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"SourceSecurityGroupId" : {"Fn::Select" : [0, {"Fn::GetAtt" : ["ApplicationLoadBalancer", "SecurityGroups"]}]}
},{
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : { "Ref" : "RemoteAccessCIDR"}
} ],
"VpcId" : { "Ref" : "AWSvpcid" }
}
},
"InstanceSecurityGroupHttp" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable HTTP access on the inbound port",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp": "0.0.0.0/0"
} ],
"VpcId" : { "Ref" : "AWSvpcid" }
}
}
},
嵌套:
[...]
"PolicyDocument": {
"Statement": [
{
"Effect": "Allow",
"Action": [
"*"
],
"Resource": "*"
},
[...]
"LaunchConfig" : {
"Type" : "AWS::AutoScaling::LaunchConfiguration",
"Metadata" : {
"Comment" : "Install a simple application",
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"httpd" : []
}
},
"files" : {
"/var/www/html/index.html" : {
"content" : { "Fn::Join" : ["\n", [
"<img src=\"", {"Fn::FindInMap" : ["Region2Examples", {"Ref" : "AWS::Region"}, "Examples"]}, "/cloudformation_graphic.png\" alt=\"AWS CloudFormation Logo\"/>",
"<h1>Congratulations, you have successfully launched the AWS CloudFormation sample.</h1>"
]]},
"mode" : "000644",
"owner" : "root",
"group" : "root"
},
"/etc/cfn/cfn-hup.conf" : {
"content" : { "Fn::Join" : ["", [
"[main]\n",
"stack=", { "Ref" : "StackId" }, "\n",
"region=", { "Ref" : "AWS::Region" }, "\n"
]]},
"mode" : "000400",
"owner" : "root",
"group" : "root"
},
"/etc/cfn/hooks.d/cfn-auto-reloader.conf" : {
"content": { "Fn::Join" : ["", [
"[cfn-auto-reloader-hook]\n",
"triggers=post.update\n",
"path=Resources.LaunchConfig.Metadata.AWS::CloudFormation::Init\n",
"action=/opt/aws/bin/cfn-init -v ",
" --stack ", { "Ref" : "StackName" },
" --resource LaunchConfig ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"runas=root\n"
]]},
"mode" : "000400",
"owner" : "root",
"group" : "root"
}
},
"services" : {
"sysvinit" : {
"httpd" : { "enabled" : "true", "ensureRunning" : "true" },
"cfn-hup" : { "enabled" : "true", "ensureRunning" : "true",
"files" : ["/etc/cfn/cfn-hup.conf", "/etc/cfn/hooks.d/cfn-auto-reloader.conf"]}
}
}
}
}
},
"Properties" : {
"ImageId" :{ "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "AWSInstanceType" }, "Arch" ] } ] },
"SecurityGroups" : [ { "Ref" : "InstanceSecGroup" } ],
"IamInstanceProfile": { "Ref": "HostProfile" },
"InstanceType" : { "Ref" : "AWSInstanceType" },
"KeyName" : { "Ref" : "AWSKeyPairName" },
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -xe\n",
"yum update -y aws-cfn-bootstrap\n",
"/opt/aws/bin/cfn-init -v ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource LaunchConfig ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"/opt/aws/bin/cfn-signal -e $? ",
" --stack ", { "Ref" : "StackName" },
" --resource WebServerGroup ",
" --region ", { "Ref" : "AWS::Region" }, "\n"
]]}}
}
}
},
我删掉了一些东西。当我使用单个堆栈时,完全相同的代码运行良好:
{
"Resources": {
"WebServerGroup" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"VPCZoneIdentifier" : { "Ref" : "AWSsubnetid" },
"LaunchConfigurationName" : { "Ref" : "LaunchConfig" },
"MinSize" : "2",
"MaxSize" : "2",
"TargetGroupARNs" : [ { "Ref" : "ALBTargetGroup" } ]
},
"CreationPolicy" : {
"ResourceSignal" : {
"Timeout" : "PT15M"
}
},
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"MinInstancesInService": "1",
"MaxBatchSize": "1",
"PauseTime" : "PT15M",
"WaitOnResourceSignals": "true"
}
}
},
"LaunchConfig" : {
"Type" : "AWS::AutoScaling::LaunchConfiguration",
"Metadata" : {
"Comment" : "Install a simple application",
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"httpd" : []
}
},
"files" : {
"/var/www/html/index.html" : {
"content" : { "Fn::Join" : ["\n", [
"<img src=\"", {"Fn::FindInMap" : ["Region2Examples", {"Ref" : "AWS::Region"}, "Examples"]}, "/cloudformation_graphic.png\" alt=\"AWS CloudFormation Logo\"/>",
"<h1>Congratulations, you have successfully launched the AWS CloudFormation sample.</h1>"
]]},
"mode" : "000644",
"owner" : "root",
"group" : "root"
},
"/etc/cfn/cfn-hup.conf" : {
"content" : { "Fn::Join" : ["", [
"[main]\n",
"stack=", { "Ref" : "AWS::StackId" }, "\n",
"region=", { "Ref" : "AWS::Region" }, "\n"
]]},
"mode" : "000400",
"owner" : "root",
"group" : "root"
},
"/etc/cfn/hooks.d/cfn-auto-reloader.conf" : {
"content": { "Fn::Join" : ["", [
"[cfn-auto-reloader-hook]\n",
"triggers=post.update\n",
"path=Resources.LaunchConfig.Metadata.AWS::CloudFormation::Init\n",
"action=/opt/aws/bin/cfn-init -v ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource LaunchConfig ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"runas=root\n"
]]},
"mode" : "000400",
"owner" : "root",
"group" : "root"
}
},
"services" : {
"sysvinit" : {
"httpd" : { "enabled" : "true", "ensureRunning" : "true" },
"cfn-hup" : { "enabled" : "true", "ensureRunning" : "true",
"files" : ["/etc/cfn/cfn-hup.conf", "/etc/cfn/hooks.d/cfn-auto-reloader.conf"]}
}
}
}
}
},
"Properties" : {
"ImageId" :{ "Fn::FindInMap" : [ "AWSRegionArch2AMI", { "Ref" : "AWS::Region" },
{ "Fn::FindInMap" : [ "AWSInstanceType2Arch", { "Ref" : "AWSInstanceType" }, "Arch" ] } ] },
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"InstanceType" : { "Ref" : "AWSInstanceType" },
"KeyName" : { "Ref" : "AWSKeyPairName" },
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -xe\n",
"yum update -y aws-cfn-bootstrap\n",
"/opt/aws/bin/cfn-init -v ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource LaunchConfig ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"/opt/aws/bin/cfn-signal -e $? ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource WebServerGroup ",
" --region ", { "Ref" : "AWS::Region" }, "\n"
]]}}
}
},
"ApplicationLoadBalancer" : {
"Type" : "AWS::ElasticLoadBalancingV2::LoadBalancer",
"Properties" : {
"Subnets" : { "Ref" : "AWSsubnetid"},
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroupHttp" } ]
}
},
"ALBListener" : {
"Type" : "AWS::ElasticLoadBalancingV2::Listener",
"Properties" : {
"DefaultActions" : [{
"Type" : "forward",
"TargetGroupArn" : { "Ref" : "ALBTargetGroup" }
}],
"LoadBalancerArn" : { "Ref" : "ApplicationLoadBalancer" },
"Port" : "80",
"Protocol" : "HTTP"
}
},
"ALBTargetGroup" : {
"Type" : "AWS::ElasticLoadBalancingV2::TargetGroup",
"Properties" : {
"HealthCheckIntervalSeconds" : 30,
"HealthCheckTimeoutSeconds" : 5,
"HealthyThresholdCount" : 3,
"Port" : 80,
"Protocol" : "HTTP",
"UnhealthyThresholdCount" : 5,
"VpcId" : {"Ref" : "AWSvpcid"}
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access and HTTP access on the inbound port",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"SourceSecurityGroupId" : {"Fn::Select" : [0, {"Fn::GetAtt" : ["ApplicationLoadBalancer", "SecurityGroups"]}]}
},{
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : { "Ref" : "RemoteAccessCIDR"}
} ],
"VpcId" : { "Ref" : "AWSvpcid" }
}
},
"InstanceSecurityGroupHttp" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable HTTP access on the inbound port",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp": "0.0.0.0/0"
} ],
"VpcId" : { "Ref" : "AWSvpcid" }
}
}
},
"Outputs" : {
"URL" : {
"Description" : "URL of the website",
"Value" : { "Fn::Join" : [ "", [ "http://", { "Fn::GetAtt" : [ "ApplicationLoadBalancer", "DNSName" ]}]]}
}
}
}
最佳答案
我也遇到了同样的问题。我不确定为什么会发生这种情况,但要解决此问题,您需要将 --role 参数传递给 cfn-init。
我还希望它使用分配给实例的 IAM 角色,但情况似乎并非如此:
在 LaunchConfiguration 的 UserData 部分中(同样适用于 LaunchTemplates)
"/opt/aws/bin/cfn-init -v ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource LaunchConfig ",
" --role YourRoleNameHere",
" --region ", { "Ref" : "AWS::Region" }, "\n",
角色必须是您分配给实例的 IAM 角色的名称。
这同样适用于 UserData 部分的 cfn-signal 部分。以及您在 Init 脚本中创建的 cfn-hup.conf 和 cfn-auto-reloader.conf 配置文件。
关于amazon-web-services - aws cfn-init 因 AccessDenied 失败,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/75248528/
25
4
0
何时使用 init、带参数的 init 或 iOS 8 (Swift) 中的便利 init, Objective-C 中的 convenience init 等价于什么? 最佳答案 你的类将有一个必需
我正在阅读这个 First Search Program - Artificial Intelligence for Robotics 算法,我正在阅读它的 Python 代码。在这里,我们创建了一个
我觉得答案很明显,但我一直无法弄清楚,这对我来说似乎是一个反复出现的问题。基本上我想做这样的事情: extension NSData { convenience init(JSONObject
cloud-init 是在首次启动时在虚拟机上执行各种配置的包。您必须使用您的配置配置一个文件,然后将其扔到您的 VM 上,然后对其进行虚拟化。 但它究竟是如何工作的呢?用户数据如何发送到 VM,cl
我目前正在与 CoreOS 打交道,到目前为止,我认为我已经掌握了总体思路和概念。我还没有得到的一件事是执行 cloud-init . 我明白 cloud-init是一个为 CoreOS 做一些配置的
部署项目后,当客户端第一次向 TestServlet 发送请求时,服务器会创建 testServlet 对象,然后调用第一个 init() 方法(init(ServletConfig config))
是否有可能在 convenience init 中以某种方式解包可选 init? convenience init(...) { self.init?(...) ?? self.init() }
使用时 write_files使用 cloud-init,是否可以附加内容?如果是这样,如何? write_files: [ { "path": "/home/user/some-file
我对 Ansible 比较陌生,我创建了一个剧本,可以在“裸”服务器上安装 Tomcat 配置。我想知道如何解决能够更新 init.d 脚本的问题,同时避免在脚本没有更改时在剧本开始时停止服务。这是基
我打算在 iOS 中使用参数调用 init 方法中的默认 init 方法。像这样: -(id)init{ self = [super init]; if (self) {
Objective C 规范(来自 Apple)第 49 页指出每个声明实例变量的类都必须提供一个 init 方法来初始化它们 我的问题 -为什么这是必要的? NSObject 不会为实例初始化 iV
所以我有一个带有指定初始化器的类,它为每个存储的属性取值。我所有存储的属性也有一个默认值,所以我假设这个类有一个默认的初始化。 在我指定的 init 中,我调用 super.init() 问题是,如果
我对此有些困惑: class Person { var name: String var age: Int init(){ name = “Tim”
我有一个带有两个初始化方法的对象。其中一个接受 NSDictionary,另一个接受一大堆 String 变量。我想调用 NSDictionary init,然后从那里将我的字典转换为字符串,然后用我
我正在尝试为我的类创建一个方便的初始化:User。我之前为另一个类(class)做过这个,并且 - 再次创建它 - 我使用了相同的代码,只是我的用户类(class)有所不同。 这是我的用户类: imp
我已经通读了以下秘诀,它展示了一种使用 Google Cloud Endpoints 后端为 AngularJS 前端提供动力的方法: https://cloud.google.com/resourc
本文整理了Java中com.netflix.zuul.init.ZuulFiltersModule.()方法的一些代码示例,展示了ZuulFiltersModule.()的具体用法。这些代码示例主要来
我想实现一个 初始化 下功能 box.once() 在 Tarantool 中只执行一次,但是,只有在 时才对我有用初始化 已成功执行。 问题 : 如何使“onceinit”记录只有在 init 成功
如果在Xcode中创建新的游戏模板项目,则默认GameViewController将使用以下初始化程序实例化游戏场景: let scene = SKScene(fileNamed: "GameScen
我有一个 MKPolyline我要实现的 subblas NSCoding , IE。 @interface RSRoutePolyline : MKPolyline I asked a quest
我是一名优秀的程序员,十分优秀!