Cloudformation模板的执行顺序?
Cloudformation template order of execution?
我正在尝试创建一个安装 puppet 和 aws puppet 模块的 cloudformation 模板。我可以用 puppet 创建我的实例,定义安全组等,它似乎工作正常,但我也想安装 aws puppet 模块作为我的模板的一部分。
这是我的人偶实例的代码
"PuppetMasterInstance" : {
"Type" : "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"puppet3" : [],
"puppet3-server" : [],
"ruby-devel" : [],
"gcc" : [],
"make" : [],
"rubygems" : []
},
"rubygems" : {
"json" : []
}
},
"files": {
"/etc/yum.repos.d/epel.repo": {
"source": "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami",
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/autosign.conf": {
"content": "*.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/fileserver.conf": {
"content": "[modules]\n allow *.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/puppet.conf": {
"content": {
"Fn::Join": [
"",
[
"[main]\n",
" logdir=/var/log/puppet\n",
" rundir=/var/run/puppet\n",
" ssldir=$vardir/ssl\n",
" pluginsync=true\n",
"[agent]\n",
" classfile=$vardir/classes.txt\n",
" localconfig=$vardir/localconfig\n"
]
]
},
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/modules/cfn/manifests/init.pp": {
"content": "class cfn {}",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/modules/cfn/lib/facter/cfn.rb": {
"source": "https://s3.amazonaws.com/cloudformation-examples/cfn-facter-plugin.rb",
"mode": "100644",
"owner": "root",
"group": "wheel"
}
},
"services": {
"sysvinit": {
"puppetmaster": {
"enabled": "true",
"ensureRunning": "true"
}
}
}
}
}
},
"Properties": {
"InstanceType": {
"Ref": "InstanceType"
},
"SecurityGroups": [
{
"Ref": "PuppetGroup"
}
],
"ImageId": {
"Ref": "AmiID"
},
"KeyName": {
"Ref": "KeyName"
},
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash\n",
"yum update -y \n",
"/opt/aws/bin/cfn-init --region ",
{
"Ref": "AWS::Region"
},
" -s ",
{
"Ref": "AWS::StackName"
},
" -r PuppetMasterInstance ",
" --access-key ",
{
"Ref": "CFNKeys"
},
" --secret-key ",
{
"Fn::GetAtt": [
"CFNKeys",
"SecretAccessKey"
]
},
"\n",
"/opt/aws/bin/cfn-signal -e $? '",
{
"Ref": "PuppetMasterWaitHandle"
},
"'\n"
]
]
}
}
}
}
这很好用,但是我想在安装 puppet 后执行以下命令:
"gem install aws-sdk-core",
"gem install retries",
"export AWS_ACCESS_KEY_ID=my_key",
"export AWS_SECRET_ACCESS_KEY=my_secret",
"puppet module install puppetlabs-aws"
我尝试在 "files:" 之前使用 "commands:" 标签,但模板失败了。我试图将代码放在 "UserData": 中,但它又失败了。我找不到有关模板中不同部分的执行顺序的信息,我认为失败是由于执行顺序错误(命令 运行 时未安装 puppet & ruby) .
任何帮助将不胜感激。
我在 aws 论坛上找到了关于执行顺序的非常有用的信息 post。 AWS::CloudFormation::Init 按以下顺序执行:
包 -> 组 -> 用户 -> 源 -> 文件 -> 命令 -> 服务
来源:https://forums.aws.amazon.com/message.jspa?messageID=414670
我解决问题的方法可能远非理想,但它有效:
"PuppetMasterInstance" : {
"Type" : "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"configSets" : {
"ascending" : [ "config" , "config2" ],
"descending" : [ "config2" , "config" ]
},
"config" : {
"packages" : {
"yum" : {
"puppet3" : [],
"puppet3-server" : [],
"ruby-devel" : [],
"gcc" : [],
"make" : [],
"rubygems" : []
},
"rubygems" : {
"json" : []
}
},
"files": {
"/etc/yum.repos.d/epel.repo": {
"source": "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami",
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/autosign.conf": {
"content": "*.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/fileserver.conf": {
"content": "[modules]\n allow *.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/puppet.conf": {
"content": {
"Fn::Join": [
"",
[
"[main]\n",
" logdir=/var/log/puppet\n",
" rundir=/var/run/puppet\n",
" ssldir=$vardir/ssl\n",
" pluginsync=true\n",
"[agent]\n",
" classfile=$vardir/classes.txt\n",
" localconfig=$vardir/localconfig\n"
]
]
},
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/modules/cfn/manifests/init.pp": {
"content": "class cfn {}",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/modules/cfn/lib/facter/cfn.rb": {
"source": "https://s3.amazonaws.com/cloudformation-examples/cfn-facter-plugin.rb",
"mode": "100644",
"owner": "root",
"group": "wheel"
}
},
"services": {
"sysvinit": {
"puppetmaster": {
"enabled": "true",
"ensureRunning": "true"
}
}
}
},
"config2" : {
"commands" : {
"1" : {
"command" : "gem install aws-sdk-core"
},
"2" : {
"command" : "gem install retries"
},
"3" : {
"command" : "export _MYAWSKEY_"
},
"4" : {
"command" : "export MY_AWS_SECRET_"
},
"5" : {
"command" : "puppet module install puppetlabs-aws"
}
}
}
}
},
"Properties": {
"InstanceType": {
"Ref": "InstanceType"
},
"SecurityGroups": [
{
"Ref": "PuppetGroup"
}
],
"ImageId": {
"Ref": "AmiID"
},
"KeyName": {
"Ref": "KeyName"
},
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash\n",
"yum update -y \n",
"/opt/aws/bin/cfn-init -c ascending --region ",
{
"Ref": "AWS::Region"
},
" -s ",
{
"Ref": "AWS::StackName"
},
" -r PuppetMasterInstance ",
" --access-key ",
{
"Ref": "CFNKeys"
},
" --secret-key ",
{
"Fn::GetAtt": [
"CFNKeys",
"SecretAccessKey"
]
},
"\n",
"/opt/aws/bin/cfn-signal -e $? '",
{
"Ref": "PuppetMasterWaitHandle"
},
"'\n"
]
]
}
}
}
}
通过指定 configSets 的执行顺序,我可以 运行 安装和配置 puppet 所需的一切,然后 运行 安装插件的命令。
我正在尝试创建一个安装 puppet 和 aws puppet 模块的 cloudformation 模板。我可以用 puppet 创建我的实例,定义安全组等,它似乎工作正常,但我也想安装 aws puppet 模块作为我的模板的一部分。 这是我的人偶实例的代码
"PuppetMasterInstance" : {
"Type" : "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"puppet3" : [],
"puppet3-server" : [],
"ruby-devel" : [],
"gcc" : [],
"make" : [],
"rubygems" : []
},
"rubygems" : {
"json" : []
}
},
"files": {
"/etc/yum.repos.d/epel.repo": {
"source": "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami",
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/autosign.conf": {
"content": "*.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/fileserver.conf": {
"content": "[modules]\n allow *.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/puppet.conf": {
"content": {
"Fn::Join": [
"",
[
"[main]\n",
" logdir=/var/log/puppet\n",
" rundir=/var/run/puppet\n",
" ssldir=$vardir/ssl\n",
" pluginsync=true\n",
"[agent]\n",
" classfile=$vardir/classes.txt\n",
" localconfig=$vardir/localconfig\n"
]
]
},
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/modules/cfn/manifests/init.pp": {
"content": "class cfn {}",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/modules/cfn/lib/facter/cfn.rb": {
"source": "https://s3.amazonaws.com/cloudformation-examples/cfn-facter-plugin.rb",
"mode": "100644",
"owner": "root",
"group": "wheel"
}
},
"services": {
"sysvinit": {
"puppetmaster": {
"enabled": "true",
"ensureRunning": "true"
}
}
}
}
}
},
"Properties": {
"InstanceType": {
"Ref": "InstanceType"
},
"SecurityGroups": [
{
"Ref": "PuppetGroup"
}
],
"ImageId": {
"Ref": "AmiID"
},
"KeyName": {
"Ref": "KeyName"
},
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash\n",
"yum update -y \n",
"/opt/aws/bin/cfn-init --region ",
{
"Ref": "AWS::Region"
},
" -s ",
{
"Ref": "AWS::StackName"
},
" -r PuppetMasterInstance ",
" --access-key ",
{
"Ref": "CFNKeys"
},
" --secret-key ",
{
"Fn::GetAtt": [
"CFNKeys",
"SecretAccessKey"
]
},
"\n",
"/opt/aws/bin/cfn-signal -e $? '",
{
"Ref": "PuppetMasterWaitHandle"
},
"'\n"
]
]
}
}
}
}
这很好用,但是我想在安装 puppet 后执行以下命令:
"gem install aws-sdk-core",
"gem install retries",
"export AWS_ACCESS_KEY_ID=my_key",
"export AWS_SECRET_ACCESS_KEY=my_secret",
"puppet module install puppetlabs-aws"
我尝试在 "files:" 之前使用 "commands:" 标签,但模板失败了。我试图将代码放在 "UserData": 中,但它又失败了。我找不到有关模板中不同部分的执行顺序的信息,我认为失败是由于执行顺序错误(命令 运行 时未安装 puppet & ruby) .
任何帮助将不胜感激。
我在 aws 论坛上找到了关于执行顺序的非常有用的信息 post。 AWS::CloudFormation::Init 按以下顺序执行:
包 -> 组 -> 用户 -> 源 -> 文件 -> 命令 -> 服务
来源:https://forums.aws.amazon.com/message.jspa?messageID=414670
我解决问题的方法可能远非理想,但它有效:
"PuppetMasterInstance" : {
"Type" : "AWS::EC2::Instance",
"Metadata" : {
"AWS::CloudFormation::Init" : {
"configSets" : {
"ascending" : [ "config" , "config2" ],
"descending" : [ "config2" , "config" ]
},
"config" : {
"packages" : {
"yum" : {
"puppet3" : [],
"puppet3-server" : [],
"ruby-devel" : [],
"gcc" : [],
"make" : [],
"rubygems" : []
},
"rubygems" : {
"json" : []
}
},
"files": {
"/etc/yum.repos.d/epel.repo": {
"source": "https://s3.amazonaws.com/cloudformation-examples/enable-epel-on-amazon-linux-ami",
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/autosign.conf": {
"content": "*.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/fileserver.conf": {
"content": "[modules]\n allow *.internal\n",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/puppet.conf": {
"content": {
"Fn::Join": [
"",
[
"[main]\n",
" logdir=/var/log/puppet\n",
" rundir=/var/run/puppet\n",
" ssldir=$vardir/ssl\n",
" pluginsync=true\n",
"[agent]\n",
" classfile=$vardir/classes.txt\n",
" localconfig=$vardir/localconfig\n"
]
]
},
"mode": "000644",
"owner": "root",
"group": "root"
},
"/etc/puppet/modules/cfn/manifests/init.pp": {
"content": "class cfn {}",
"mode": "100644",
"owner": "root",
"group": "wheel"
},
"/etc/puppet/modules/cfn/lib/facter/cfn.rb": {
"source": "https://s3.amazonaws.com/cloudformation-examples/cfn-facter-plugin.rb",
"mode": "100644",
"owner": "root",
"group": "wheel"
}
},
"services": {
"sysvinit": {
"puppetmaster": {
"enabled": "true",
"ensureRunning": "true"
}
}
}
},
"config2" : {
"commands" : {
"1" : {
"command" : "gem install aws-sdk-core"
},
"2" : {
"command" : "gem install retries"
},
"3" : {
"command" : "export _MYAWSKEY_"
},
"4" : {
"command" : "export MY_AWS_SECRET_"
},
"5" : {
"command" : "puppet module install puppetlabs-aws"
}
}
}
}
},
"Properties": {
"InstanceType": {
"Ref": "InstanceType"
},
"SecurityGroups": [
{
"Ref": "PuppetGroup"
}
],
"ImageId": {
"Ref": "AmiID"
},
"KeyName": {
"Ref": "KeyName"
},
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash\n",
"yum update -y \n",
"/opt/aws/bin/cfn-init -c ascending --region ",
{
"Ref": "AWS::Region"
},
" -s ",
{
"Ref": "AWS::StackName"
},
" -r PuppetMasterInstance ",
" --access-key ",
{
"Ref": "CFNKeys"
},
" --secret-key ",
{
"Fn::GetAtt": [
"CFNKeys",
"SecretAccessKey"
]
},
"\n",
"/opt/aws/bin/cfn-signal -e $? '",
{
"Ref": "PuppetMasterWaitHandle"
},
"'\n"
]
]
}
}
}
}
通过指定 configSets 的执行顺序,我可以 运行 安装和配置 puppet 所需的一切,然后 运行 安装插件的命令。