我一直在努力为我的EB工作者实施一项cron工作。
部署时我的EB CLI说“错误:更新环境操作已完成,但有错误。”
我的yaml似乎解析得很好,在我的EB事件列表中,我看到“从cron.yaml成功加载了1个预定任务”这一行。
version: 1
cron:
- name: "cron"
url: "/cron"
schedule: "* * * * *"
我查看eb-activity.log并且存在此问题:
Activity execution failed, because: User: arn:aws:sts::550612933446:assumed-role/WorkerTierRole_KK/i-5fe79aa0 is not authorized to perform: dynamodb:UpdateItem on resource: arn:aws:dynamodb:us-east-1:550612933446:table/awseb-e-jcrjmidtsu-stack-AWSEBWorkerCronLeaderRegistry-1GVA6A4AV0YDW - (Aws::DynamoDB::Errors::AccessDeniedException) (ElasticBeanstalk::ExternalInvocationError)
caused by: User: arn:aws:sts::550612933446:assumed-role/WorkerTierRole_KK/i-5fe79aa0 is not authorized to perform: dynamodb:UpdateItem on resource: arn:aws:dynamodb:us-east-1:550612933446:table/awseb-e-jcrjmidtsu-stack-AWSEBWorkerCronLeaderRegistry-1GVA6A4AV0YDW - (Aws::DynamoDB::Errors::AccessDeniedException) (Executor::NonZeroExitStatus)
这也是我在日志中找到的:
2015-06-04T02:17:19Z schedule-parser: Successfully loaded 1 scheduled tasks from file /opt/python/current/app/cron.yaml .
2015-06-04T02:17:19Z init: User: arn:aws:sts::550612933446:assumed-role/WorkerTierRole_KK/i-254d00f5 is not authorized to perform: dynamodb:UpdateItem on resource: arn:aws:dynamodb:us-east-1:550612933446:table/awseb-e-jcrjmidtsu-stack-AWSEBWorkerCronLeaderRegistry-1KMJ9BLOVIUSJ (Aws::DynamoDB::Errors::AccessDeniedException)
at /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sdk-core-2.0.10/lib/seahorse/client/plugins/raise_response_errors.rb:15:in `call'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sdk-core-2.0.10/lib/aws-sdk-core/plugins/dynamodb_simple_attributes.rb:112:in `call'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sdk-core-2.0.10/lib/seahorse/client/plugins/param_conversion.rb:22:in `call'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sdk-core-2.0.10/lib/aws-sdk-core/plugins/response_paging.rb:10:in `call'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sdk-core-2.0.10/lib/seahorse/client/request.rb:70:in `send_request'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sdk-core-2.0.10/lib/seahorse/client/base.rb:215:in `block (2 levels) in define_operation_methods'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/vendor/AWSMACLE/lib/leader_election/storage_manager.rb:81:in `update_registration'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/vendor/AWSMACLE/lib/leader_election/storage_manager.rb:19:in `verify_table'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/vendor/AWSMACLE/lib/leader_election/daemon.rb:37:in `initialize'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/vendor/AWSMACLE/lib/leader_election.rb:8:in `new'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/vendor/AWSMACLE/lib/leader_election.rb:8:in `create'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/lib/aws-sqsd/cron.rb:241:in `leader_election_daemon'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/lib/aws-sqsd/cron.rb:30:in `initialize'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/lib/aws-sqsd/daemon.rb:44:in `new'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/lib/aws-sqsd/daemon.rb:44:in `initialize'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/bin/aws-sqsd:34:in `new'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/bin/aws-sqsd:34:in `start'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/bin/aws-sqsd:83:in `launch'
from /opt/elasticbeanstalk/lib/ruby/lib/ruby/gems/2.1.0/gems/aws-sqsd-2.0/bin/aws-sqsd:111:in `<top (required)>'
from /opt/elasticbeanstalk/lib/ruby/bin/aws-sqsd:23:in `load'
from /opt/elasticbeanstalk/lib/ruby/bin/aws-sqsd:23:in `<main>'
我尝试重建我的环境,但这没有任何区别。
似乎这个错误不在我的手中(希望事实并非如此,而且我犯了一个简单的错误)并且是如何处理cron作业的EB问题。我没有任何动力装置:)
非常感谢您的帮助, 菲尔
答案 0 :(得分:4)
cron worker在后台使用一个小型dynamo db表,以确保自动扩展组中只有一个实例执行cron任务。因此,您需要更新角色策略以包含相关的dynamo db权限。