在AWS中启动实例时如何检查用户数据状态

在AWS中启动实例时如何检查用户数据状态

本文介绍了在AWS中启动实例时如何检查用户数据状态的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用用户数据启动aws实例.我的用户数据是服务器安装过程,我必须检查用户数据脚本是否正确执行.是否可以检查用户数据的状态是否已完成?我需要知道状态,因为从该启动实例中我正在拍摄另一张图像.现在,我明确地使用time.sleep(90)来完成过程.

I am trying to launch aws instance with User Data. My User Data is a server installation process and i have to check whether the user data scripts are executed properly. Is there any option to check if the status of User data is completed ? I need to know the status since from that launched instance i am taking another image. As off now, i explicitly used time.sleep(90) for my process completion.

注意:我正在使用Boto库.

Note:I am using Boto library.

任何解决方案将不胜感激!

Any solution on this would be greatly appreciated!

推荐答案

UPDATE

我着手做的是在用户数据运行结束时创建一个标记文件.我让节点控制器在ec2节点上产生一个ssh会话,并在另一端作为命令运行一个简单的busy-wait循环,因此它仅在创建文件时返回.然后,我只等待wait()退出所有ssh会话,或者直到发生等待超时.

UPDATE

What I landed up doing was creating a marker file at the end of the user-data run. I had the node controller spawn one ssh session per ec2 node and run a simple busy-wait loop as a command on the other end, so it only returns when the file is created. I then just wait() for all the ssh sessions to exit or until the wait timeout occurs.

这很丑,但是行得通.非常令人沮丧的是,EC2没有提供更好的工具来从实例内部发出状态信号.

It's ugly, but it works. It's very frustrating that EC2 doesn't provide better facilities for signalling status from within instances.

一种可能的方法是让实例的用户数据脚本在实例完成时为其添加一个附加标签.您可以使用update轮询实例,也可以使用过滤器进行describe-instances过滤,该过滤器仅包含带有用于指定用户数据已更新的标签的节点.

One possible approach is to have the instance's user-data script add an additional label to the instance when it completes. You can poll the instance with update or do a describe-instances with a filter that includes only nodes with the tag you use to specify that user data has been updated.

这要求您在发送数据时在用户数据脚本中包含有限的API密钥和密码. 请勿使用您的常规api密钥和机密,使用IAM权限非常有限的密钥.此外,完成后,用户数据脚本可能会希望删除其自身.

This requires that you include a limited API key and secret in your user-data scripts when you send them. Don't use your regular api key and secret, make one with very limited IAM rights. Additionally the user-data script will probably want to delete its self when it's done.

我也考虑过为此使用简单通知服务和/或SQS,但这似乎有些过分.

I've also considered using the Simple Notification Service and/or SQS for this, but it seems like overkill.

像设置标签一样,它要求实例具有自己的EC2凭据.

Like setting tags it requires that the instance have its own EC2 credentials.

SNS是仅推送的,因此您必须具有EC2可以访问的端点.真痛苦SQS是拉式的,但没有消息路由,因此您要建立的每组节点需要一个队列.您必须将唯一的队列名称传递给实例,或者让实例使用EC2凭据从标记中查询它,然后让实例使用该特定队列.

SNS is push-only, so you have to have an endpoint reachable by EC2. That's a pain. SQS is pull, but doesn't have message routing, so you need one queue per set of nodes you're bringing up. You have to pass the unique queue name into the instance or have the instance use EC2 credentials to query it from a tag, then have the instance use that particular queue.

是的,是一种痛苦.

获取控制台输出无效,EC2在实例转换为正在运行"状态后不久停止更新.

Getting console output won't work, EC2 stops updating it shortly after the instance transitions to the 'running' state.

在实例或客户端,似乎没有任何方法可以强制进行更新.

There doesn't appear to be any way, instance- or client-side, to force an update.

cloud-init脚本完成后,可以touch普通用户可通过shell访问的标记文件.这有点烦人,因为它要求将ssh'到每个节点中,然后轮询以创建标记文件.通过使用类似以下的循环,可以减轻轮询的痛苦:

When the cloud-init script finishes it can touch a marker file somewhere shell-accessible to the normal user. This is a bit annoying, as it requires ssh'ing into every node and then polling for the creation of the marker file. The pain of polling can be somewhat reduced by use of a loop like:

while ! test -e 'cloud-init-complete'
do
    inotifywait -qq -t 2 -e create -e moved_to . ||true
done

安装inotify-tools软件包后,

.如果您不将inotify-tools刻录到AMI中,则需要用简单的sleep替换inotifywait并接受额外的延迟,或者执行以下操作:

after the installation of the inotify-tools package. If you don't burn inotify-tools into your AMIs you'll want to replace inotifywait with a simple sleep and accept the extra latency, or do:

while ! test -e 'cloud-init-complete'
do
    if test -x /usr/bin/inotifywait; then
        inotifywait -qq -t 2 -e create -e moved_to . ||true
    else
        sleep 2
    fi
done

尽管如此,这仍然需要与每个服务器建立ssh连接,这很难监视和轮询.

This still requires an ssh connection to each server, though, and that's a pain to monitor and poll.

我的理想解决方案是能够向EC2元数据服务发送附加请求,以设置特殊实例标签或自定义附加状态字段.

My dream solution is being able to send an additional request to the EC2 metadata service to set a special instance tag or custom extra status field.

这篇关于在AWS中启动实例时如何检查用户数据状态的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-25 14:47