我无法弄清楚如何使用CloudFormation中的ECS集群来设置OpsWorks层。由于以下错误,我的图层创建失败,但似乎没有一种明确的方法可以在模板中的堆栈中注册集群。我尝试将EcsClusterArn添加到Stack和Layer中,但这没有用。 API有一个命令,但我想将所有内容都包含在模板中。
错误:
Attributes - EcsClusterArn: XXX must be registered to the layer's stack first.
模板摘要:
"ecsCluster" : {
"Type" : "AWS::ECS::Cluster"
},
...
"opsworksStack" : {
"Type" : "AWS::OpsWorks::Stack",
"Properties" : {
"Name" : "my-stack",
"ServiceRoleArn" : {
"Fn::Join" : [ "", [ "arn:aws:iam::", {
"Ref" : "AWS::AccountId"
}, ":role/", {
"Ref" : "ServiceRole"
} ] ]
},
"DefaultInstanceProfileArn" : {
"Fn::Join" : [ "", [ "arn:aws:iam::", {
"Ref" : "AWS::AccountId"
}, ":instance-profile/", {
"Ref" : "InstanceRole"
} ] ]
},
"UseOpsworksSecurityGroups" : "false",
"ChefConfiguration" : {
"BerkshelfVersion" : "3.3.0",
"ManageBerkshelf" : "true"
},
"ConfigurationManager" : {
"Name" : "Chef",
"Version" : "11.10"
}
}
},
"opsworksLayer" : {
"Type" : "AWS::OpsWorks::Layer",
"DependsOn" : "ecsCluster",
"Properties" : {
"StackId" : {
"Ref" : "opsworksStack"
},
"Type" : "ecs-cluster",
"Name" : "my-layer",
"Shortname" : "my-layer",
"Attributes" : {
"EcsClusterArn" : {
"Fn::Join" : [ "", [ "arn:aws:ecs:", {
"Ref" : "AWS::Region"
}, ":", {
"Ref" : "AWS::AccountId"
}, ":cluster/", {
"Ref" : "ecsCluster"
} ] ]
}
},
"CustomSecurityGroupIds" : [ {
"Ref" : "ec2DefaultSecurityGroup"
} ],
"EnableAutoHealing" : "true",
"AutoAssignElasticIps" : "false",
"AutoAssignPublicIps" : "false",
"InstallUpdatesOnBoot" : "true"
}
}
谢谢,
天
最佳答案
我的印象是群集向堆栈的注册失败。要解决此问题,我实现了一个lambda函数来手动进行注册。我已经在github上发布了一个示例模板:https://github.com/arjenderijke/aws-cloud-examples/blob/master/cloudformation/opsworks/opsworks-ecs-layer.template
cloudformation模板包含带ecs层和其他最少必需资源的opsworks堆栈的完整示例。堆栈通常不会创建,因为ecs集群不会自动注册。要解决此问题,该模板实现了运行aws lambda函数的自定义资源。此函数将群集注册到堆栈。通过使用此自定义资源,该错误不再发生。
"OpsworksRegisterCluster": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Handler": "index.lambda_handler",
"Role": { "Fn::GetAtt" : ["LambdaExecutionRole", "Arn"] },
"Code": {
"ZipFile": { "Fn::Join": ["\n", [
"import boto3",
"import json",
"import cfnresponse",
"ecsclient = boto3.client('ecs')",
"opsworksclient = boto3.client('opsworks',",
" region_name='us-east-1',",
" endpoint_url='https://opsworks.us-east-1.amazonaws.com')",
"def lambda_handler(event, context):",
" try:",
" if (event['RequestType'] == 'Create'):",
" ecscluster = ecsclient.describe_clusters(clusters=[",
" event['ResourceProperties']['EcsClusterName']])",
" response = opsworksclient.register_ecs_cluster(",
" EcsClusterArn=ecscluster['clusters'][0]['clusterArn'],",
" StackId=event['ResourceProperties']['OpsworksStackId']",
" )",
" responseData = {}",
" responseData['data'] = response['EcsClusterArn']",
" cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData, \"CustomResourcePhysicalID\")",
" else:",
" responseData = {}",
" cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData, \"CustomResourcePhysicalID\")",
" except Exception as e:",
" responseData = {}",
" responseData['error'] = e.message",
" cfnresponse.send(event, context, cfnresponse.FAILED, responseData, \"CustomResourcePhysicalID\")"
]]}
},
"Runtime": "python2.7",
"Timeout": "10"
}
},
关于aws-opsworks - 如何在CloudFormation中的Opsworks Stack中注册ECS集群?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/32169604/