个人中心
gpt4 book ai didi

amazon-web-services - AWS 云形成 "API: autoscaling:CreateAutoScalingGroup "

转载 作者:行者123 更新时间:2023-12-03 07:39:32 24 4
gpt4 key购买 nike

我尝试为 EKS 集群部署节点组,但扩展组模块出现错误。

这是 yml 的一部分:

Resources:
  NodeInstanceRole:
    Type: "AWS::IAM::Role"
    Properties:
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - !FindInMap [PartitionMap, !Ref "AWS::Partition", EC2ServicePrincipal]
            Action:
              - "sts:AssumeRole"
      Policies:
          - PolicyName: !Sub "Test-permisosec2"
            PolicyDocument:
              Version: "2012-10-17"
              Statement:
                - Effect: "Allow"
                  Action:
                    - 'ec2:CreateTags'
                    - 'ec2:RunInstances'
                    - 'iam:GetRole'
                    - 'iam:PassRole'
                    - 'autoscaling:CreateAutoScalingGroup'
                  Resource:
                    - '*'
      ManagedPolicyArns:
        - !Sub "arn:${AWS::Partition}:iam::aws:policy/AmazonEKSWorkerNodePolicy"
        - !Sub "arn:${AWS::Partition}:iam::aws:policy/AmazonEKS_CNI_Policy"
        - !Sub "arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly"
        - "arn:aws:iam::aws:policy/AmazonEC2FullAccess"
        - "arn:aws:iam::aws:policy/AutoScalingFullAccess"
        - "arn:aws:iam::aws:policy/AdministratorAccess"
      Path: /

  NodeInstanceProfile:
    Type: "AWS::IAM::InstanceProfile"
    Properties:
      Path: /
      Roles:
        - !Ref NodeInstanceRole

 #####
  NodeLaunchTemplate:
    Type: "AWS::EC2::LaunchTemplate"
    Properties:
      TagSpecifications:
        - ResourceType: launch-template 
          Tags:
          - Key: ID-APP
            Value: 11
          - Key: VERTICAL
            Value: ADQ
          - Key: ENTORNO
            Value: SANDBOX_IT
      LaunchTemplateData:
        TagSpecifications:
        - ResourceType: instance
          Tags:
          - Key: ID-APP
            Value: 11
          - Key: VERTICAL
            Value: ADQ
          - Key: ENTORNO
            Value: SANDBOX_IT
        - ResourceType: network-interface
          Tags:
          - Key: ID-APP
            Value: 11
          - Key: VERTICAL
            Value: ADQ
          - Key: ENTORNO
            Value: SANDBOX_IT
        - ResourceType: volume 
          Tags:
          - Key: ID-APP
            Value: 11
          - Key: VERTICAL
            Value: ADQ
          - Key: ENTORNO
            Value: SANDBOX_IT         
        BlockDeviceMappings:
          - DeviceName: /dev/xvda
            Ebs:
              DeleteOnTermination: true
              VolumeSize: !Ref NodeVolumeSize
              VolumeType: gp2
        IamInstanceProfile:
          Arn: !GetAtt NodeInstanceProfile.Arn
        ImageId: !If
          - HasNodeImageId
          - !Ref NodeImageId
          - !Ref NodeImageIdSSMParam
        InstanceType: !Ref NodeInstanceType
        KeyName: !Ref KeyName
        SecurityGroupIds:
        - !Ref NodeSecurityGroup
        UserData: !Base64
          "Fn::Sub": |
            #!/bin/bash
            set -o xtrace
            /etc/eks/bootstrap.sh ${ClusterName} ${BootstrapArguments}
            /opt/aws/bin/cfn-signal --exit-code $? \
                     --stack  ${AWS::StackName} \
                     --resource NodeGroup  \
                     --region ${AWS::Region}
        MetadataOptions:
          HttpPutResponseHopLimit : 2
          HttpEndpoint: enabled
          HttpTokens: !If
            - IMDSv1Disabled
            - required
            - optional
##########
  NodeGroup:
    Type: "AWS::AutoScaling::AutoScalingGroup"
    Properties:
      DesiredCapacity: !Ref NodeAutoScalingGroupDesiredCapacity
      MaxSize: !Ref NodeAutoScalingGroupMaxSize
      MinSize: !Ref NodeAutoScalingGroupMinSize
      LaunchTemplate:
        LaunchTemplateId: !Ref NodeLaunchTemplate
        Version: !GetAtt NodeLaunchTemplate.LatestVersionNumber
      Tags:
        - Key: Name
          PropagateAtLaunch: true
          Value: !Sub ${ClusterName}-${NodeGroupName}-Node
        - Key: !Sub kubernetes.io/cluster/${ClusterName}
          PropagateAtLaunch: true
          Value: owned
        - Key: ID-APP
          PropagateAtLaunch: true 
          Value: 11
        - Key: ENTORNO
          PropagateAtLaunch: true 
          Value: 11
        - Key: VERTICAL
          PropagateAtLaunch: true 
          Value: ADQ
      VPCZoneIdentifier: !Ref Subnets
    UpdatePolicy:
      AutoScalingRollingUpdate:
        MaxBatchSize: 1
        MinInstancesInService: !Ref NodeAutoScalingGroupDesiredCapacity
        PauseTime: PT5M

这是错误:

Error CF

我尝试不同的权限配置,但我认为问题是其他的,因为管理员访问角色不起作用。

有人可以给我一些帮助吗?

谢谢!

最佳答案

检查 NodeImageId 参数是否是有效且现有的 AMI。提供不同地区的 AMI 是一个常见的错误。

关于amazon-web-services - AWS 云形成 "API: autoscaling:CreateAutoScalingGroup ",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/73129571/

24 4 0
文章推荐: rust - 如何创建全局的可变单例?
文章推荐: amazon-web-services - AWS::EC2::SubnetRouteTableAssociation 未出现在 CloudFormation Designer 的资源类型 Pane 中
文章推荐: amazon-web-services - 无法将服务角色策略附加到客户角色。 (服务: AmazonIdentityManagement; Status Code: 400; Error Code: PolicyNotAttachable
文章推荐: makefile - 使用 Makefile 和 JSON 自动检索 MSK 详细信息
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com