个人中心
gpt4 book ai didi

amazon-web-services - AWS CloudFormation 'UserData' 似乎不起作用

转载 作者:行者123 更新时间:2023-12-04 16:10:33 24 4
gpt4 key购买 nike

我正在编写一个 AWS CloudFormation 脚本来构建 EC2 实例。我想通过安装一些软件包、下载一些存储库并运行一些脚本来配置实例。亚马逊告诉我,我可以在 CloudFormation 中使用 UserData 字段执行此操作。然而,它似乎根本不起作用。

这是我目前正在处理的内容:

DWHServer:
Type: "AWS::EC2::Instance"
Properties:
  DisableApiTermination: false # no termination protection
  EbsOptimized: false # optimize for elastic block store
  IamInstanceProfile: !Ref DWHServerIAMIP
  ImageId: "ami-5189a661" # ubunty-trusty-14.04-amd64-server-20150325
  InstanceInitiatedShutdownBehavior: "terminate"
  InstanceType: "t2.medium"
  KeyName: !FindInMap [EnvMap, KeyPair, !Ref EnvType]
  Monitoring: true
  SecurityGroupIds:
    - !Ref DWHServerSG
  SourceDestCheck: true # ??
  SubnetId: "subnet-aed2ecf6" # Stage-etl-2c
  UserData: !Base64
    "Fn::Join": ["", ["#!/bin/bash -xe\n", "touch ~/confirm_work.txt\n"]]

这是最简单的例子。我只是想让它创建一个文件来证明它正在运行。但它甚至不这样做。文档说要查看名为 /var/log/cloud-init-output.log 的内容。我查看了那里,但没有看到任何有关 UserData 的信息。似乎确实存在某种网络错误,但我不确定如何解释它或如何处理它。

以下是实例上 cloud-init-output.log 文件的内容:

Cloud-init v. 0.7.5 running 'init-local' at Sat, 04 Mar 2017 02:40:07 +0000. Up 3.85 seconds.
Cloud-init v. 0.7.5 running 'init' at Sat, 04 Mar 2017 02:40:09 +0000. Up 6.01 seconds.
ci-info: +++++++++++++++++++++++++Net device info+++++++++++++++++++++++++
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: | Device |  Up  |  Address  |      Mask     |     Hw-Address    |
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: |   lo   | True | 127.0.0.1 |   255.0.0.0   |         .         |
ci-info: |  eth0  | True | 10.0.7.84 | 255.255.255.0 | 0a:3a:b0:a4:96:5d |
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: ++++++++++++++++++++++++++++++Route info++++++++++++++++++++++++++++++
ci-info: +-------+-------------+----------+---------------+-----------+-------+
ci-info: | Route | Destination | Gateway  |    Genmask    | Interface | Flags |
ci-info: +-------+-------------+----------+---------------+-----------+-------+
ci-info: |   0   |   0.0.0.0   | 10.0.7.1 |    0.0.0.0    |    eth0   |   UG  |
ci-info: |   1   |   10.0.7.0  | 0.0.0.0  | 255.255.255.0 |    eth0   |   U   |
ci-info: +-------+-------------+----------+---------------+-----------+-------+
Mar  4 02:40:11 ubuntu pollinate[723]: ERROR: Network communication failed [60]\n02:40:10.394529 * Hostname was NOT found in DNS cache
% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                             Dload  Upload   Total   Spent    Left  Speed
^M  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     002:40:10.407240 *   Trying 91.189.94.24...
02:40:10.550022 * Connected to entropy.ubuntu.com (91.189.94.24) port 443 (#0)
02:40:10.551661 * successfully set certificate verify locations:
02:40:10.551698 *   CAfile: /etc/pollinate/entropy.ubuntu.com.pem
CApath: /dev/null
02:40:10.551804 * SSLv3, TLS handshake, Client hello (1):
02:40:10.551832 } [data not shown]
02:40:10.711080 * SSLv3, TLS handshake, Server hello (2):
02:40:10.711129 { [data not shown]
02:40:10.711191 * SSLv3, TLS handshake, CERT (11):
02:40:10.711216 { [data not shown]
02:40:10.711490 * SSLv3, TLS alert, Server hello (2):
02:40:10.711520 } [data not shown]
02:40:10.711602 * SSL certificate problem: unable to get local issuer certificate
^M  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
02:40:10.711732 * Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
2017-03-04 02:40:11,144 - util.py[WARNING]: Running seed_random (<module 'cloudinit.config.cc_seed_random' from '/usr/lib/python2.7/dist-packages/cloudinit/config/cc_seed_random.pyc'>) failed
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
0c:54:09:ab:bc:b8:63:b5:6c:d2:d5:47:21:4a:38:6f root@ip-10-0-7-84
The key's randomart image is:
+--[ RSA 2048]----+
|     .oo..       |
|    o...o .      |
|     +o. . .     |
|   . .Eo  .      |
|    o. .S.       |
|   .... . .      |
|  .+.o   .       |
|  +.=            |
| ..+             |
+-----------------+
Generating public/private dsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_dsa_key.
Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub.
The key fingerprint is:
89:26:94:17:79:6d:45:15:fc:5f:37:95:31:2e:e9:f7 root@ip-10-0-7-84
The key's randomart image is:
+--[ DSA 1024]----+
|      .. . oooo+o|
|     .... o   +.o|
|    o .. .   o o.|
|   . . . .  . ..+|
|    . o S    . .=|
|     o        . o|
|                E|
|                 |
|                 |
+-----------------+
Generating public/private ecdsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_ecdsa_key.
Your public key has been saved in /etc/ssh/ssh_host_ecdsa_key.pub.
The key fingerprint is:
af:a2:c7:b3:95:5c:17:2e:ce:69:b3:f6:39:c7:67:91 root@ip-10-0-7-84
The key's randomart image is:
+--[ECDSA  256]---+
|                 |
|                 |
|            .    |
|           . .   |
|        S o o   .|
|       . * +   E |
|     .  + B  .  .|
|      =. o.o..o o|
|    .o.+....oo o |
+-----------------+
Cloud-init v. 0.7.5 running 'modules:config' at Sat, 04 Mar 2017      02:40:14 +0000. Up 11.53 seconds.
Generating locales... en_US.UTF-8... up-to-date
Generation complete.
Cloud-init v. 0.7.5 running 'modules:final' at Sat, 04 Mar 2017          02:40:17 +0000. Up 13.61 seconds.
+ touch /root/confirm_work.txt
Cloud-init v. 0.7.5 finished at Sat, 04 Mar 2017 02:40:17 +0000.     Datasource DataSourceEc2.  Up 13.83 seconds

任何提示将不胜感激。谢谢!

最佳答案

查看日志中倒数第二个条目:

+ touch /root/confirm_work.txt

该命令确实被调用。请注意,EC2 用户数据中的所有命令都将显示在该日志文件 (/var/log/cloud-init-output.log) 中,并在其前面添加一个加号(如上所示)。是否有可能触摸命令不存在?那将是令人惊讶的。但是在触摸之前添加一个“echo”命令,您应该看到输出,这将确认一切正常。也许您正在尝试访问您无权访问的目录。也许尝试触摸/tmp 中的文件来缩小范围......

关于amazon-web-services - AWS CloudFormation 'UserData' 似乎不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42639004/

24 4 0
文章推荐: sql - SQL 中跨多列的 Like 语句
文章推荐: outlook-addin - Office.js - 打开对象时自动打开加载项侧 Pane
文章推荐: java - 递归列出给定目录中的所有文件,隐藏文件夹中的文件除外
文章推荐: java - ObjectMapper 读取值
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com