使用 AWS CloudFormation 创建 DBSubnetGroup
Using AWS CloudFormation to create a DBSubnetGroup
我正在使用 ECS-CLI (0.4.5) 启动 CFN 模板,现在我正在尝试将 Aurora 集群放入 CFN 模板并通过 CFN SDK 使用变更集更新堆栈。
我不明白为什么它对我的子网不满意。子网由初始 'ecs-cli up' 调用创建。它们与堆栈的其余部分位于同一个 vpc 中,在我尝试部署变更集之前它们已经存在,并且它们位于不同的可用性区域(us-west-2b 和 us-west-2c)。
CFN 给我的唯一信息是 'some input subnets are invalid'。
CFN 失败:
子网:
我可以通过管理控制台使用完全相同的子网创建 DBSubnetGroup,没有任何问题。
对可能出现的问题有什么想法吗?这是 CloudFormation 中的错误吗?如果需要更多信息来解决这个问题,请告诉我...老实说,我很茫然
这是我的初始模板归结为(它内置于 ecs-cli 中):
"PubSubnetAz1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.0.0/24",
"AvailabilityZone": "us-west-2b"
}
},
"PubSubnetAz2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.1.0/24",
"AvailabilityZone": "us-west-2c"
}
},
"InternetGateway": {
"Type": "AWS::EC2::InternetGateway"
},
"AttachGateway": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"InternetGatewayId": {
"Ref": "InternetGateway"
}
}
},
"RouteViaIgw": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "Vpc"
}
}
},
"PublicRouteViaIgw": {
"DependsOn": "AttachGateway",
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "RouteViaIgw"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
}
}
},
"PubSubnet1RouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PubSubnetAz1"
},
"RouteTableId": {
"Ref": "RouteViaIgw"
}
}
},
"PubSubnet2RouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PubSubnetAz2"
},
"RouteTableId": {
"Ref": "RouteViaIgw"
}
}
},
然后当我去更新它时,我添加这个:
"DBSubnetGroup": {
"Type": "AWS::RDS::DBSubnetGroup",
"Properties": {
"DBSubnetGroupDescription": "Aurora Subnet Group using subnets from 2 AZs",
"SubnetIds": {
"Fn::Join": [
",", [{
"Ref": "pubSubnetAz1"
},
{
"Ref": "pubSubnetAz2"
}
]
]
}]
}
}
}
变更集应该足够简单...
"Changes": [
{
"Type": "Resource",
"ResourceChange": {
"Action": "Add",
"LogicalResourceId": "DBSubnetGroup",
"ResourceType": "AWS::RDS::DBSubnetGroup",
"Scope": [],
"Details": []
}
}
]
我正在使用 AWSTemplateFormatVersion 2010-09-09 和 JavaScript aws-sdk“^2.7.21”
问题是您将子网 ID 连接成一个字符串。相反,您应该将它们传递到一个数组中。试试这个:
"PrivateSubnetGroup": {
"Type": "AWS::RDS::DBSubnetGroup",
"Properties": {
"SubnetIds": [
{
"Ref": "PubSubnetAz1"
},
{
"Ref": "PubSubnetAz2"
}
],
"DBSubnetGroupDescription": "Aurora Subnet Group using subnets from 2 AZs"
}
}
此外,我强烈建议尝试使用 yaml 而不是 json。 Cloudformation 现在原生支持这一点,还有一些快捷函数可以使引用的使用更容易,我认为在较长的时间里 运行 你会发现它更容易读写。
这是一个示例,说明如何在 yaml 中编写等效的 json:
PrivateSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: Subnet group for Aurora Database
SubnetIds:
- !Ref PubSubnetAz1
- !Ref PubSubnetAz2
根据 AWS::RDS::DBSubnetGroup documentation, the SubnetIDs 参数接受字符串列表,而不是您在示例中提供的 CommaDelimitedList。您应该直接在 JSON 数组中传递子网,而不使用 Fn::Join:
"SubnetIds": [
{"Ref": "pubSubnetAz1"},
{"Ref": "pubSubnetAz2"}
]
我正在使用 ECS-CLI (0.4.5) 启动 CFN 模板,现在我正在尝试将 Aurora 集群放入 CFN 模板并通过 CFN SDK 使用变更集更新堆栈。
我不明白为什么它对我的子网不满意。子网由初始 'ecs-cli up' 调用创建。它们与堆栈的其余部分位于同一个 vpc 中,在我尝试部署变更集之前它们已经存在,并且它们位于不同的可用性区域(us-west-2b 和 us-west-2c)。
CFN 给我的唯一信息是 'some input subnets are invalid'。
CFN 失败:
子网:
我可以通过管理控制台使用完全相同的子网创建 DBSubnetGroup,没有任何问题。
对可能出现的问题有什么想法吗?这是 CloudFormation 中的错误吗?如果需要更多信息来解决这个问题,请告诉我...老实说,我很茫然
这是我的初始模板归结为(它内置于 ecs-cli 中):
"PubSubnetAz1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.0.0/24",
"AvailabilityZone": "us-west-2b"
}
},
"PubSubnetAz2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "10.0.1.0/24",
"AvailabilityZone": "us-west-2c"
}
},
"InternetGateway": {
"Type": "AWS::EC2::InternetGateway"
},
"AttachGateway": {
"Type": "AWS::EC2::VPCGatewayAttachment",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"InternetGatewayId": {
"Ref": "InternetGateway"
}
}
},
"RouteViaIgw": {
"Type": "AWS::EC2::RouteTable",
"Properties": {
"VpcId": {
"Ref": "Vpc"
}
}
},
"PublicRouteViaIgw": {
"DependsOn": "AttachGateway",
"Type": "AWS::EC2::Route",
"Properties": {
"RouteTableId": {
"Ref": "RouteViaIgw"
},
"DestinationCidrBlock": "0.0.0.0/0",
"GatewayId": {
"Ref": "InternetGateway"
}
}
},
"PubSubnet1RouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PubSubnetAz1"
},
"RouteTableId": {
"Ref": "RouteViaIgw"
}
}
},
"PubSubnet2RouteTableAssociation": {
"Type": "AWS::EC2::SubnetRouteTableAssociation",
"Properties": {
"SubnetId": {
"Ref": "PubSubnetAz2"
},
"RouteTableId": {
"Ref": "RouteViaIgw"
}
}
},
然后当我去更新它时,我添加这个:
"DBSubnetGroup": {
"Type": "AWS::RDS::DBSubnetGroup",
"Properties": {
"DBSubnetGroupDescription": "Aurora Subnet Group using subnets from 2 AZs",
"SubnetIds": {
"Fn::Join": [
",", [{
"Ref": "pubSubnetAz1"
},
{
"Ref": "pubSubnetAz2"
}
]
]
}]
}
}
}
变更集应该足够简单...
"Changes": [
{
"Type": "Resource",
"ResourceChange": {
"Action": "Add",
"LogicalResourceId": "DBSubnetGroup",
"ResourceType": "AWS::RDS::DBSubnetGroup",
"Scope": [],
"Details": []
}
}
]
我正在使用 AWSTemplateFormatVersion 2010-09-09 和 JavaScript aws-sdk“^2.7.21”
问题是您将子网 ID 连接成一个字符串。相反,您应该将它们传递到一个数组中。试试这个:
"PrivateSubnetGroup": {
"Type": "AWS::RDS::DBSubnetGroup",
"Properties": {
"SubnetIds": [
{
"Ref": "PubSubnetAz1"
},
{
"Ref": "PubSubnetAz2"
}
],
"DBSubnetGroupDescription": "Aurora Subnet Group using subnets from 2 AZs"
}
}
此外,我强烈建议尝试使用 yaml 而不是 json。 Cloudformation 现在原生支持这一点,还有一些快捷函数可以使引用的使用更容易,我认为在较长的时间里 运行 你会发现它更容易读写。
这是一个示例,说明如何在 yaml 中编写等效的 json:
PrivateSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: Subnet group for Aurora Database
SubnetIds:
- !Ref PubSubnetAz1
- !Ref PubSubnetAz2
根据 AWS::RDS::DBSubnetGroup documentation, the SubnetIDs 参数接受字符串列表,而不是您在示例中提供的 CommaDelimitedList。您应该直接在 JSON 数组中传递子网,而不使用 Fn::Join:
"SubnetIds": [
{"Ref": "pubSubnetAz1"},
{"Ref": "pubSubnetAz2"}
]