aws(学习笔记第三课)
- 使用
AWS CloudFormation
学习内容:
AWS CloudFormation的模板解析- 使用
AWS CloudFormation启动ec2 server
1. AWS CloudFormation 的模版解析
-
CloudFormation模板结构
CloudFormation是AWS的配置管理工具,属于Infrastructure as Code, IaC。基础设施即代码(Infrastructure as Code, IaC)是一种管理和配置计算机基础设施(如服务器、网络、存储等)的方法,通过编写代码来自动化这些过程,而不是手动进行配置。IaC使得基础设施管理更为自动化、可重复、可靠和高效。json{ "AWSTemplateFormatVersion":"2010-09-09", "Description":"CloudFormation template structure", "Parameters":{ [...] }, "Resources":{ [...] }, "Outputs":{ [...] } }大体分为,
- 版本 "2010-09-09"是目前的唯一合法版本
- 描述 这个模板是关于什么的
- 参数 参数使用值用来定义模板。例如,域名,客户ID和数据库密码等。
- 资源 资源是用户能描述的
AWS最小组件,例如,虚拟服务器,负载均衡器或者弹性IP地址。 - 输出 输出和参数有点像,输出从模板返回的信息。
2. CloudFormation参数类型
| 类型 | 描述 |
|---|---|
| String CommaDelimitedList | 一个字符串或有都好分割的字符串列表 |
| Number List<Number> | 一个整数或浮点数或整数列表或浮点数列表 |
| AWS::EC2::Instance::Id List<AWS::EC2::Instance::Id> | 一个EC2实例ID或列表 |
| AWS::EC2::Image::Id List<AWS::EC2::Image::Id> | 一个AMI ID或列表 |
| AWS::EC2::KeyPair::KeyName | 一个Amazon EC2密钥对名 |
| AWS::EC2::SecurityGroup::Id <List>AWS::EC2::SecurityGroup::Id | 一个安全组ID或列表 |
3. CloudFormation的具体实例
-
实例代码
json{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "AWS cloudformation practice", "Parameters": { "KeyName": { "Description": "Key Pair name", "Type": "AWS::EC2::KeyPair::KeyName", "Default": "my-cli-key" }, "VPC": { "Description": "Just select the one and only default VPC", "Type": "AWS::EC2::VPC::Id" }, "Subnet": { "Description": "Just select one of the available subnets", "Type": "AWS::EC2::Subnet::Id" }, "InstanceType": { "Description": "Select one of the possible instance types", "Type": "String", "Default": "t2.micro", "AllowedValues": ["t2.micro", "t2.small", "t2.medium"] } }, "Mappings": { "EC2RegionMap": { "ap-northeast-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-cbf90ecb"}, "ap-southeast-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-68d8e93a"}, "ap-southeast-2": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-fd9cecc7"}, "eu-central-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-a8221fb5"}, "eu-west-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-a10897d6"}, "sa-east-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-b52890a8"}, "us-east-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-1ecae776"}, "us-west-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-d114f295"}, "us-west-2": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-e7527ed7"} } }, "Resources": { "SecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "My security group", "VpcId": {"Ref": "VPC"}, "SecurityGroupIngress": [{ "CidrIp": "0.0.0.0/0", "FromPort": 22, "IpProtocol": "tcp", "ToPort": 22 }] } }, "Server": { "Type": "AWS::EC2::Instance", "Properties": { "ImageId": {"Fn::FindInMap": ["EC2RegionMap", {"Ref": "AWS::Region"}, "AmazonLinuxAMIHVMEBSBacked64bit"]}, "InstanceType": {"Ref": "InstanceType"}, "KeyName": {"Ref": "KeyName"}, "SecurityGroupIds": [{"Ref": "SecurityGroup"}], "SubnetId": {"Ref": "Subnet"} } } }, "Outputs": { "PublicName": { "Value": {"Fn::GetAtt": ["Server", "PublicDnsName"]}, "Description": "Public name (connect via SSH as user ec2-user)" } } } -
为堆栈执行创建
role- step1
- step2
- step3
权限策略选择AdministratorAccess
- step4
- step1
-
建立堆栈执行
CloudFormation- step1
- step2
- step3
- step4
- step5
最后点击提交
- step1
-
查看
CloudFormation执行结果- 执行结果如下
成功的话,会出现``CREATE_COMPLETE。
- 查看
ec2 server
- 查看
CloudFormation的Outputs
- 登录
CloudFormation创建的ec2 server
- 执行结果如下
-
CloudFormation执行结果清理
CloudFormation属于整体执行,执行清理,如果不想使用该stack,那么删除这个stack,这个stack创建的所有resources将全部被删除。