通过cloudformation创建VPC的子网问题
Subnet problem in VPC creation via cloudformation
我是网络菜鸟。我正在通过 Cloudformation 创建 VPC。在那,我必须创建 4 个子网。当我 运行 包含的模板时,我看到这个错误:
模板错误:Fn::Select 不能 select 索引 3
处不存在的值
但是,当我用 3 个子网创建它时,没问题。
我的模板示例:
Parameters:
VpcBlock:
Type: String
Default: 192.168.0.0/16
Description: The CIDR range for the VPC. This should be a valid private (RFC 1918) CIDR range.
Subnet01Block:
Type: String
Default: 192.168.0.0/14
Description: CidrBlock for subnet 01 within the VPC
Subnet02Block:
Type: String
Default: 192.168.64.0/14
Description: CidrBlock for subnet 02 within the VPC
Subnet03Block:
Type: String
Default: 192.168.128.0/14
Description: CidrBlock for subnet 03 within the VPC
Subnet04Block:
Type: String
Default: 192.168.192.0/14
Description: CidrBlock for subnet 04 within the VPC
Resources:
Subnet01:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 01
Properties:
AvailabilityZone:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet01Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet01"
Subnet02:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 02
Properties:
AvailabilityZone:
Fn::Select:
- '1'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet02Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet02"
Subnet03:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 03
Properties:
AvailabilityZone:
Fn::Select:
- '2'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet03Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet03"
Subnet04:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 04
Properties:
AvailabilityZone:
Fn::Select:
- '3'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet04Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet04"
我正在 us-west-2 区域部署此模板。
我做错了什么吗?
您的问题是 AWS 中的不同区域具有不同数量的可用区 (AZ) (docs)。
由于您位于 us-west-2 区域,您只有 3 个可用区。其他地区,如 us-east-1,有更多。可以使用以下方法找到您所在地区的可用区:
▶ aws ec2 describe-availability-zones --region us-west-2 --query 'AvailabilityZones[].ZoneName'
[
"us-west-2a",
"us-west-2b",
"us-west-2c"
]
同时,内在函数Fn::GetAZs returns 将AZs 给你作为一个数组。您引用了该数组的元素 3(即第 4 个)但它不存在,这就是您看到该错误消息的原因。
您可能需要选择移动到不同的区域、拥有不同数量的子网,或者让一个 AZ 有 2 个子网而其余的有 1 个。
如果你们中的任何人想知道为什么我的堆栈在为可用区更新正确的索引后仍然失败,请注意。
根据 Fn::GetAZs、
的文档
For the EC2-Classic platform, the Fn::GetAZs function returns all
Availability Zones for a region. For the EC2-VPC platform, the
Fn::GetAZs function returns only Availability Zones that have a
default subnet unless none of the Availability Zones has a default
subnet; in that case, all Availability Zones are returned.
如果您在特定可用区中没有默认子网,请创建一个如下所示。
─($:~/anraj)─- aws ec2 create-default-subnet --availability-zone us-west-2c
{
"Subnet": {
"AvailabilityZone": "us-west-2c",
"AvailableIpAddressCount": 4091,
"CidrBlock": "172.31.32.0/20",
"DefaultForAz": true,
"MapPublicIpOnLaunch": true,
"State": "available",
"SubnetId": "subnet-xxxxxxxxxx",
"VpcId": "vpc-xxxxxxx",
"OwnerId": "xxxxxxxxx",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": []
}
}
干杯!
我是网络菜鸟。我正在通过 Cloudformation 创建 VPC。在那,我必须创建 4 个子网。当我 运行 包含的模板时,我看到这个错误: 模板错误:Fn::Select 不能 select 索引 3
处不存在的值但是,当我用 3 个子网创建它时,没问题。
我的模板示例:
Parameters:
VpcBlock:
Type: String
Default: 192.168.0.0/16
Description: The CIDR range for the VPC. This should be a valid private (RFC 1918) CIDR range.
Subnet01Block:
Type: String
Default: 192.168.0.0/14
Description: CidrBlock for subnet 01 within the VPC
Subnet02Block:
Type: String
Default: 192.168.64.0/14
Description: CidrBlock for subnet 02 within the VPC
Subnet03Block:
Type: String
Default: 192.168.128.0/14
Description: CidrBlock for subnet 03 within the VPC
Subnet04Block:
Type: String
Default: 192.168.192.0/14
Description: CidrBlock for subnet 04 within the VPC
Resources:
Subnet01:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 01
Properties:
AvailabilityZone:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet01Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet01"
Subnet02:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 02
Properties:
AvailabilityZone:
Fn::Select:
- '1'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet02Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet02"
Subnet03:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 03
Properties:
AvailabilityZone:
Fn::Select:
- '2'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet03Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet03"
Subnet04:
Type: AWS::EC2::Subnet
Metadata:
Comment: Subnet 04
Properties:
AvailabilityZone:
Fn::Select:
- '3'
- Fn::GetAZs:
Ref: AWS::Region
CidrBlock:
Ref: Subnet04Block
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-Services-Subnet04"
我正在 us-west-2 区域部署此模板。 我做错了什么吗?
您的问题是 AWS 中的不同区域具有不同数量的可用区 (AZ) (docs)。
由于您位于 us-west-2 区域,您只有 3 个可用区。其他地区,如 us-east-1,有更多。可以使用以下方法找到您所在地区的可用区:
▶ aws ec2 describe-availability-zones --region us-west-2 --query 'AvailabilityZones[].ZoneName'
[
"us-west-2a",
"us-west-2b",
"us-west-2c"
]
同时,内在函数Fn::GetAZs returns 将AZs 给你作为一个数组。您引用了该数组的元素 3(即第 4 个)但它不存在,这就是您看到该错误消息的原因。
您可能需要选择移动到不同的区域、拥有不同数量的子网,或者让一个 AZ 有 2 个子网而其余的有 1 个。
如果你们中的任何人想知道为什么我的堆栈在为可用区更新正确的索引后仍然失败,请注意。
根据 Fn::GetAZs、
的文档For the EC2-Classic platform, the Fn::GetAZs function returns all Availability Zones for a region. For the EC2-VPC platform, the Fn::GetAZs function returns only Availability Zones that have a default subnet unless none of the Availability Zones has a default subnet; in that case, all Availability Zones are returned.
如果您在特定可用区中没有默认子网,请创建一个如下所示。
─($:~/anraj)─- aws ec2 create-default-subnet --availability-zone us-west-2c
{
"Subnet": {
"AvailabilityZone": "us-west-2c",
"AvailableIpAddressCount": 4091,
"CidrBlock": "172.31.32.0/20",
"DefaultForAz": true,
"MapPublicIpOnLaunch": true,
"State": "available",
"SubnetId": "subnet-xxxxxxxxxx",
"VpcId": "vpc-xxxxxxx",
"OwnerId": "xxxxxxxxx",
"AssignIpv6AddressOnCreation": false,
"Ipv6CidrBlockAssociationSet": [],
"Tags": []
}
}
干杯!