AWS Cloudformation:专用网络:用户数据无效:无输出

时间:2015-12-15 05:51:57

标签: amazon-web-services amazon-cloudformation amazon-cloudwatch

您好我已经为Amazon cloudformation的Instance资源编写了以下模板。当我声明“AssociatePublicIpAddress”:“true”时,以下代码正常工作,但当我使用 False 声明相同的属性时,例如“AssociatePublicIpAddress”:“false”。用户数据无效。附上的是代码。对此的任何建议都会很好。

"InstanceABC": {
  "Type": "AWS::EC2::Instance",
  "Metadata": {
   "Comment": "Install prepration for CloudWatch Log Agent",
   "AWS::CloudFormation::Init": {
    "config": {
      "files": {
          "/var/log/abccw.conf": {
            "content": {"Fn::Join": ["",[
                        "[general]\n",
                        "state_file= /var/awslogs/agent-state\n",
                        "[/var/log/cfcw.log]\n",
                        "file = /var/log/cfcw.log\n",
                        "log_group_name = ",{"Ref": "CloudWatchLogGroupProtectV"},"\n",
                        "log_stream_name = ProtectVLog\n",
                        "datetime_format = %d/%b/%Y:%H:%M:%S"
            ]]},
            "mode": "000400",
            "owner": "root",
            "group": "root"
                  },
          "/etc/cfn/cfn-hup.conf": {
            "content": {"Fn::Join": ["",[
                        "[main]\n",
                        "stack=",{"Ref": "AWS::StackId"},"\n",
                        "region=",{"Ref": "AWS::Region"},"\n"
            ]]},
            "mode": "000400",
            "owner": "root",
            "group": "root"
          },
          "/etc/cfn/hooks.d/cfn-auto-reloader.conf": {"content": {"Fn::Join": ["",[
                                                                               "[cfn-auto-reloader-hook]\n",
                                                                               "triggers=post.update\n",
                                                                               "path=Resources.InstanceABC.Metadata.AWS::CloudFormation::Init\n",
                                                                               "action=/opt/aws/bin/cfn-init -s ",{"Ref": "AWS::StackId"}," -r InstanceABC "," --region     ",{"Ref": "AWS::Region"},"\n",
                                                                               "runas=root\n"
          ]]}}
   }}}
  },
  "Properties": {
    "ImageId": {"Ref": "someImageID"},
    "InstanceType": {"Ref": "someInstanceType"},
    "KeyName": {"Ref": "someKeyPairName"},
    "IamInstanceProfile": {"Ref": "IAMProfilesome"},
    "DisableApiTermination": "False",
    "Tags": [{"Key": "Name","Value": "ABCInstance"}],
    "NetworkInterfaces": [{"AssociatePublicIpAddress": "true","DeviceIndex": "0","DeleteOnTermination": "true","SubnetId": {"Ref": "SomeSubnet"},"GroupSet": [{"Ref": "SecurityGroupSome"}]}],
    "BlockDeviceMappings": [{"DeviceName": "/dev/xvda","Ebs": {"VolumeType": "gp2","DeleteOnTermination": "false","VolumeSize": "8"}}],
    "UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
        "#!/bin/sh \n",
        "# Get the latest CloudFormation package\n",
        "apt-get update\n",
        "apt-get -y install python-setuptools\n",
        "wget -P /root https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
        "mkdir -p /root/aws-cfn-bootstrap-latest\n",
        "tar xvfz /root/aws-cfn-bootstrap-latest.tar.gz --strip-components=1 -C /root/aws-cfn-bootstrap-latest\n",
        "easy_install /root/aws-cfn-bootstrap-latest/\n",
        "# Start cfn-init\n",
        "/usr/local/bin/cfn-init -s ",{"Ref": "AWS::StackId"}," -r InstanceABC "," --region ",{"Ref": "AWS::Region"}," || error_exit 'Failed to run cfn-init'\n",
        "# Start up the cfn-hup daemon to listen for changes to the EC2 instance metadata\n",
        "/usr/local/bin/cfn-hup || error_exit 'Failed to start cfn-hup'\n",
        "# Get the CloudWatch Logs agent\n",
        "wget https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py\n",
        "# Install the CloudWatch Logs agent\n",
        "python awslogs-agent-setup.py -n -r ",{"Ref": "AWS::Region"}," -c /var/log/abccw.conf || error_exit 'Failed to run CloudWatch Logs agent setup'\n",
        "# All done so signal success\n",
        "/usr/local/bin/cfn-signal -e $? ","         --stack ",{"Ref": "AWS::StackName"},"         --resource InstanceABC ","         --region ",{"Ref": "AWS::Region"},"\n",
        "echo \"************************************************************\" >> /var/log/cfcw.log \n",
        "echo \"Instance ABC Logs: Start\" >> /var/log/cfcw.log \n",
        "echo \"------------------------------------------------\" >> /var/log/cfcw.log \n",
        "echo \"------------------------------------------------\" >> /var/log/cfcw.log \n",
        "echo \"Instance ABC Logs: End\" >> /var/log/cfcw.log \n",
        "echo \"************************************************************\" >> /var/log/cfcw.log \n",
    ]]}}
  }
}

提前致谢

1 个答案:

答案 0 :(得分:0)

@Robbie在评论中走在正确的轨道上。

实例无法连接到公共互联网以提取您在用户数据中引用的内容。如果您需要这个并且您希望它在私有子网中工作,您需要在您的VPC中使用NAT机器来代理来自互联网的流量。