使用 CloudFormation 在 EC2 上设置 IIS
Setting up IIS on EC2 with CloudFormation
我正在学习如何利用 AWS 及其资源。目前正在尝试使用 JSON 格式的 CloudFormation 在 EC2 实例上设置 IIS。我不确定我的 userData 段以及我是否可能在 IIS EC2 实例的其他段中遗漏任何内容。当我使用 cloudFormation 部署此脚本时,堆栈已成功创建,但是,测试结果实例的远程桌面以崩溃结束,这可能是什么原因?
我的代码-
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "CloudFormation template for EC2 instance with web server",
"Parameters": {
"InstanceType": {
"Description": "WebServer EC2 instance type",
"Type": "String",
"Default": "t2.micro",
"AllowedValues": ["t2.micro"],
"ConstraintDescription": "Must be a valid EC2 instance."
},
"VpcId": {
"Description": "VPC id",
"Type": "String"
},
"InstanceSubnetId": {
"Description": "Subnet id where instance would be hosted",
"Type": "String"
},
"KeyName": {
"Description": "Name of existing EC2 key-pair to enable SSH access to the instance",
"Type": "String",
"ConstraintDescription": "Must be the name of an existing EC2 keypair"
},
"SSHLocation": {
"Description": "The IP address range that can be used to SSH to EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})",
"ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings": {
"AWSInstanceType2Arch":{
"t2.micro": {
"Arch": "HVM64"
}
},
"AWSRegionArch2AMI": {
"eu-west-1": {
"HVM64": "ami-08eeb5a90cf59a66a"
},
"eu-west-2": {
"HVM64": "ami-08eeb5a90cf59a66a"
},
"eu-west-3": {
"HVM64": "ami-08eeb5a90cf59a66a"
}
}
},
"Resources": {
"WebServerSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties":{
"VpcId": {
"Ref": "VpcId"
},
"GroupDescription" : "Allow access from HTTP and SSH traffic",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": {
"Ref": "SSHLocation"
}
}
]
}
},
"WebServerEC2Instance": {
"Type": "AWS::EC2::Instance",
"Metadata": {
"AWS::CloudFormation::Init": {
"configSets": {
"All": [
"ConfigureSampleApp"
]
},
"ConfigureSampleApp": {
"packages": {
"yum": {
"httpd": []
}
},
"files": {
"/var/www/html/index.html": {
"content": {
"Fn::Join": [
"\n",
[
"<h1>Congratulations, you have successfully launched the AWS CloudFormation sample.</h1>"
]
]
},
"mode": "000644",
"owner": "root",
"group": "root"
}
},
"services": {
"sysvinit": {
"httpd": {
"enabled": "true",
"ensureRunning" : "true"
}
}
}
}
}
},
"Properties": {
"InstanceType": {
"Ref": "InstanceType"
},
"KeyName": {
"Ref": "KeyName"
},
"ImageId": {
"Fn::FindInMap": [
"AWSRegionArch2AMI",
{
"Ref": "AWS::Region"
},
{
"Fn::FindInMap": [
"AWSInstanceType2Arch",
{
"Ref": "InstanceType"
},
"Arch"
]
}
]
},
"NetworkInterfaces": [
{
"Description": "Primary network interface",
"DeviceIndex": "0",
"SubnetId": {
"Ref": "InstanceSubnetId"
},
"GroupSet": [
{
"Ref": "WebServerSecurityGroup"
}
]
}
],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash -xe\n",
"yum install -y aws-cfn-bootstrap\n",
"# Install the files and packages from the metadata\n",
"/opt/aws/bin/cfn-init -v ",
" --stack ",
{
"Ref": "AWS::StackName"
},
" --resource WebServerInstance ",
" --configsets All ",
" --region ",
{
"Ref": "AWS::Region"
},
"\n",
"# Signal the status from cfn-init\n",
"/opt/aws/bin/cfn-signal -e $? ",
" --stack ",
{
"Ref": "AWS::StackName"
},
" --resource WebServerInstance ",
" --region ",
{
"Ref": "AWS::Region"
},
"\n"
]
]
}
}
}
}
}
}
首先,SSHLocation 参数应该被丢弃,因为它在设置 linux 实例时是相关的。无论在何处引用,0.0.0.0/0 都可以作为合适的替代品。
使用 IIS 设置 Windows 实例可以使用此 UserData 配置完成,该配置使用 Powershell 而不是基于 linux 的 bash。
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"<powershell>\n",
"Add-WindowsFeature Web-WebServer -includeAllSubFeature -logpath $env:temp\Web-WebServer_feature.log \n",
"Add-WindowsFeature Web-Mgmt-Tools -includeAllSubFeature -logpath $env:temp\Web-Mgmt-Tools_feature.log \n",
"remove-website -name \"Default Web Site\" \n",
"new-website -name site -port 80 -physicalpath C:\inetpub\wwwroot -ApplicationPool \".NET v4.5\" -force \n",
"</powershell>\n",
"<script>\n",
"cfn-init.exe -v -c setup -s ",
{
"Ref": "AWS::StackId"
},
" -r WebServerLC",
" --region ",
{
"Ref": "AWS::Region"
},
"\n",
"cfn-signal.exe -e %ERRORLEVEL% \"",
"\"",
"</script>\n"
]
]
}
}
我正在学习如何利用 AWS 及其资源。目前正在尝试使用 JSON 格式的 CloudFormation 在 EC2 实例上设置 IIS。我不确定我的 userData 段以及我是否可能在 IIS EC2 实例的其他段中遗漏任何内容。当我使用 cloudFormation 部署此脚本时,堆栈已成功创建,但是,测试结果实例的远程桌面以崩溃结束,这可能是什么原因?
我的代码-
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "CloudFormation template for EC2 instance with web server",
"Parameters": {
"InstanceType": {
"Description": "WebServer EC2 instance type",
"Type": "String",
"Default": "t2.micro",
"AllowedValues": ["t2.micro"],
"ConstraintDescription": "Must be a valid EC2 instance."
},
"VpcId": {
"Description": "VPC id",
"Type": "String"
},
"InstanceSubnetId": {
"Description": "Subnet id where instance would be hosted",
"Type": "String"
},
"KeyName": {
"Description": "Name of existing EC2 key-pair to enable SSH access to the instance",
"Type": "String",
"ConstraintDescription": "Must be the name of an existing EC2 keypair"
},
"SSHLocation": {
"Description": "The IP address range that can be used to SSH to EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})",
"ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Mappings": {
"AWSInstanceType2Arch":{
"t2.micro": {
"Arch": "HVM64"
}
},
"AWSRegionArch2AMI": {
"eu-west-1": {
"HVM64": "ami-08eeb5a90cf59a66a"
},
"eu-west-2": {
"HVM64": "ami-08eeb5a90cf59a66a"
},
"eu-west-3": {
"HVM64": "ami-08eeb5a90cf59a66a"
}
}
},
"Resources": {
"WebServerSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties":{
"VpcId": {
"Ref": "VpcId"
},
"GroupDescription" : "Allow access from HTTP and SSH traffic",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"CidrIp": {
"Ref": "SSHLocation"
}
}
]
}
},
"WebServerEC2Instance": {
"Type": "AWS::EC2::Instance",
"Metadata": {
"AWS::CloudFormation::Init": {
"configSets": {
"All": [
"ConfigureSampleApp"
]
},
"ConfigureSampleApp": {
"packages": {
"yum": {
"httpd": []
}
},
"files": {
"/var/www/html/index.html": {
"content": {
"Fn::Join": [
"\n",
[
"<h1>Congratulations, you have successfully launched the AWS CloudFormation sample.</h1>"
]
]
},
"mode": "000644",
"owner": "root",
"group": "root"
}
},
"services": {
"sysvinit": {
"httpd": {
"enabled": "true",
"ensureRunning" : "true"
}
}
}
}
}
},
"Properties": {
"InstanceType": {
"Ref": "InstanceType"
},
"KeyName": {
"Ref": "KeyName"
},
"ImageId": {
"Fn::FindInMap": [
"AWSRegionArch2AMI",
{
"Ref": "AWS::Region"
},
{
"Fn::FindInMap": [
"AWSInstanceType2Arch",
{
"Ref": "InstanceType"
},
"Arch"
]
}
]
},
"NetworkInterfaces": [
{
"Description": "Primary network interface",
"DeviceIndex": "0",
"SubnetId": {
"Ref": "InstanceSubnetId"
},
"GroupSet": [
{
"Ref": "WebServerSecurityGroup"
}
]
}
],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash -xe\n",
"yum install -y aws-cfn-bootstrap\n",
"# Install the files and packages from the metadata\n",
"/opt/aws/bin/cfn-init -v ",
" --stack ",
{
"Ref": "AWS::StackName"
},
" --resource WebServerInstance ",
" --configsets All ",
" --region ",
{
"Ref": "AWS::Region"
},
"\n",
"# Signal the status from cfn-init\n",
"/opt/aws/bin/cfn-signal -e $? ",
" --stack ",
{
"Ref": "AWS::StackName"
},
" --resource WebServerInstance ",
" --region ",
{
"Ref": "AWS::Region"
},
"\n"
]
]
}
}
}
}
}
}
首先,SSHLocation 参数应该被丢弃,因为它在设置 linux 实例时是相关的。无论在何处引用,0.0.0.0/0 都可以作为合适的替代品。
使用 IIS 设置 Windows 实例可以使用此 UserData 配置完成,该配置使用 Powershell 而不是基于 linux 的 bash。
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"<powershell>\n",
"Add-WindowsFeature Web-WebServer -includeAllSubFeature -logpath $env:temp\Web-WebServer_feature.log \n",
"Add-WindowsFeature Web-Mgmt-Tools -includeAllSubFeature -logpath $env:temp\Web-Mgmt-Tools_feature.log \n",
"remove-website -name \"Default Web Site\" \n",
"new-website -name site -port 80 -physicalpath C:\inetpub\wwwroot -ApplicationPool \".NET v4.5\" -force \n",
"</powershell>\n",
"<script>\n",
"cfn-init.exe -v -c setup -s ",
{
"Ref": "AWS::StackId"
},
" -r WebServerLC",
" --region ",
{
"Ref": "AWS::Region"
},
"\n",
"cfn-signal.exe -e %ERRORLEVEL% \"",
"\"",
"</script>\n"
]
]
}
}