AWS循环依赖性错误,而EC2依赖于elb

时间:2018-06-06 12:25:28

标签: amazon-web-services amazon-ec2 amazon-cloudformation elastic-load-balancer

我得到elb的循环依赖错误,而ec2 ec2依赖于elb所以在elb生成之后它可以将请求重定向到ec2但是我无法实现它。

你能帮我吗?在这里,我正在做一个带有2个子网公共和私有子网的VPC和使用私有子网的ec2,elb现在正在使用该vpc的公共子网,当请求到来时它将转到elb然后ec2

请--------> ELB --------> EC2

喜欢以下方式

但在验证我收到错误时

Circular dependency between resources: [Instance, elb]

我是云形成的新手,所以任何帮助对我都有帮助

```

 {
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "A VPC environment in two availability zones with an NAT instance.",
  "Parameters": {
    "envPrefix": {
      "Description": "Environment name prefix.",
      "Type": "String",
      "Default": "Test"
    },
     "InstanceType": {
      "Description": "Type of EC2 instance to launch",
      "Type": "String",
      "Default": "t1.micro"
    },
    "vpcCidr": {
      "Description": "VPC CIDR block.",
      "Type": "String",
      "Default": "10.4.0.0/16",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
      "ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x."
    },
    "publicSubnet1Cidr": {
      "Description": "Public subnet 1 CIDR block.",
      "Type": "String",
      "Default": "10.4.0.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
      "ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x and subnet of VPC."
    },
    "privateSubnet1Cidr": {
      "Description": "Private subnet 1 CIDR block.",
      "Type": "String",
      "Default": "10.4.1.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
      "ConstraintDescription": "Must be a valid IP CIDR range of the form x.x.x.x/x and subnet of VPC."
    },
    "subnet1AZ": {
      "Description": "Subnet 1 availability zone.",
      "Type": "AWS::EC2::AvailabilityZone::Name"
    },
    "subnet2AZ": {
      "Description": "Subnet 2 availability zone.",
      "Type": "AWS::EC2::AvailabilityZone::Name"
    },
    "natInstanceType": {
      "Description": "Amazon EC2 instance type for the NAT instance. This instance will be put on public subnet 1.",
      "Type": "String",
      "Default": "t2.small",
      "AllowedValues": [
        "t2.micro",
        "t2.small",
        "t2.medium",
        "t2.large",
        "m3.medium",
        "m3.large",
        "m3.xlarge",
        "m3.2xlarge",
        "m4.large",
        "m4.xlarge",
        "m4.2xlarge",
        "m4.4xlarge",
        "m4.10xlarge"
      ]
    },
    "natSshAccessCidr": {
      "Description": "IP CIDR from where you could SSH into NAT instance",
      "Type": "String",
      "MinLength": "9",
      "MaxLength": "18",
      "Default": "0.0.0.0/0",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
      "ConstraintDescription": "must be a valid CIDR range of the form x.x.x.x/x."
    },
    "natKeyName": {
      "Description": "Name of an existing EC2 KeyPair to enable SSH access to NAT instances.",
      "Type": "AWS::EC2::KeyPair::KeyName",
      "ConstraintDescription": "Must be the name of an existing EC2 KeyPair."
    }
  },
  "Mappings": {
    "AWSNATAMI": {
      "eu-central-1": {
        "AMI": "ami-46073a5b"
      },
      "sa-east-1": {
        "AMI": "ami-fbfa41e6"
      },
      "ap-northeast-1": {
        "AMI": "ami-03cf3903"
      },
      "eu-west-1": {
        "AMI": "ami-6975eb1e"
      },
      "us-east-1": {
        "AMI": "ami-303b1458"
      },
      "us-west-1": {
        "AMI": "ami-7da94839"
      },
      "us-west-2": {
        "AMI": "ami-69ae8259"
      },
      "ap-southeast-2": {
        "AMI": "ami-e7ee9edd"
      },
      "ap-southeast-1": {
        "AMI": "ami-b49dace6"
      }
    }
  },
  "Resources": {
    "vpc": {
      "Type": "AWS::EC2::VPC",
      "Properties": {
        "CidrBlock": {
          "Ref": "vpcCidr"
        },
        "InstanceTenancy": "default",
        "EnableDnsSupport": "true",
        "EnableDnsHostnames": "true",
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "VPC"
                ]
              ]
            }
          }
        ]
      }
    },
    "publicSubnet1": {
      "Type": "AWS::EC2::Subnet",
      "DependsOn": [
        "vpc",
        "attachGateway"
      ],
      "Properties": {
        "CidrBlock": {
          "Ref": "publicSubnet1Cidr"
        },
        "AvailabilityZone": {
          "Ref": "subnet1AZ"
        },
        "VpcId": {
          "Ref": "vpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "Subnet-Public-1"
                ]
              ]
            }
          }
        ]
      }
    },
    "privateSubnet1": {
      "Type": "AWS::EC2::Subnet",
      "DependsOn": [
        "vpc",
        "attachGateway"
      ],
      "Properties": {
        "CidrBlock": {
          "Ref": "privateSubnet1Cidr"
        },
        "AvailabilityZone": {
          "Ref": "subnet1AZ"
        },
        "VpcId": {
          "Ref": "vpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "Subnet-Private-1"
                ]
              ]
            }
          }
        ]
      }
    },
    "inetGateway": {
      "Type": "AWS::EC2::InternetGateway",
      "DependsOn": [
        "vpc"
      ],
      "Properties": {
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "InternetGateway"
                ]
              ]
            }
          }
        ]
      }
    },
    "attachGateway": {
      "Type": "AWS::EC2::VPCGatewayAttachment",
      "DependsOn": [
        "vpc",
        "inetGateway"
      ],
      "Properties": {
        "VpcId": {
          "Ref": "vpc"
        },
        "InternetGatewayId": {
          "Ref": "inetGateway"
        }
      }
    },
    "rtbPublic": {
      "Type": "AWS::EC2::RouteTable",
      "DependsOn": [
        "vpc",
        "attachGateway"
      ],
      "Properties": {
        "VpcId": {
          "Ref": "vpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "RTB-Public"
                ]
              ]
            }
          }
        ]
      }
    },
    "routePublic": {
      "Type": "AWS::EC2::Route",
      "DependsOn": "attachGateway",
      "Properties": {
        "DestinationCidrBlock": "0.0.0.0/0",
        "RouteTableId": {
          "Ref": "rtbPublic"
        },
        "GatewayId": {
          "Ref": "inetGateway"
        }
      }
    },
    "subnetRouteTableAssociationPublic1": {
      "Type": "AWS::EC2::SubnetRouteTableAssociation",
      "DependsOn": [
        "rtbPublic",
        "publicSubnet1"
      ],
      "Properties": {
        "RouteTableId": {
          "Ref": "rtbPublic"
        },
        "SubnetId": {
          "Ref": "publicSubnet1"
        }
      }
    },
    "rtbPrivate": {
      "Type": "AWS::EC2::RouteTable",
      "DependsOn": [
        "vpc"
      ],
      "Properties": {
        "VpcId": {
          "Ref": "vpc"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "RTB-Private"
                ]
              ]
            }
          }
        ]
      }
    },
    "subnetRouteTableAssociationPrivate1": {
      "Type": "AWS::EC2::SubnetRouteTableAssociation",
      "DependsOn": [
        "rtbPublic",
        "privateSubnet1"
      ],
      "Properties": {
        "RouteTableId": {
          "Ref": "rtbPrivate"
        },
        "SubnetId": {
          "Ref": "privateSubnet1"
        }
      }
    },
    "natEc2Instance": {
      "Type": "AWS::EC2::Instance",
      "DependsOn": [
        "vpc",
        "attachGateway",
        "privateSubnet1",
        "sgNAT"
      ],
      "Properties": {
        "DisableApiTermination": "false",
        "InstanceInitiatedShutdownBehavior": "stop",
        "InstanceType": {
          "Ref": "natInstanceType"
        },
        "ImageId": {
          "Fn::FindInMap": [
            "AWSNATAMI",
            {
              "Ref": "AWS::Region"
            },
            "AMI"
          ]
        },
        "KeyName": {
          "Ref": "natKeyName"
        },
        "Monitoring": "false",
        "SourceDestCheck": "false",
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "NAT"
                ]
              ]
            }
          }
        ],
        "NetworkInterfaces": [
          {
            "DeleteOnTermination": "true",
            "Description": "Primary network interface",
            "DeviceIndex": 0,
            "SubnetId": {
              "Ref": "publicSubnet1"
            },
            "GroupSet": [
              {
                "Ref": "sgNAT"
              }
            ],
            "AssociatePublicIpAddress": "true"
          }
        ]
      }
    },
    "sgNAT": {
      "Type": "AWS::EC2::SecurityGroup",
      "DependsOn": [
        "vpc",
        "attachGateway"
      ],
      "Properties": {
        "GroupDescription": "Security group for NAT instances",
        "VpcId": {
          "Ref": "vpc"
        },
        "SecurityGroupIngress": [
          {
            "IpProtocol": "tcp",
            "FromPort": "0",
            "ToPort": "1024",
            "CidrIp": {
              "Ref": "privateSubnet1Cidr"
            }
          },
          {
            "IpProtocol": "tcp",
            "FromPort": "22",
            "ToPort": "22",
            "CidrIp": {
              "Ref": "natSshAccessCidr"
            }
          }
        ],
        "SecurityGroupEgress": [
          {
            "IpProtocol": "-1",
            "CidrIp": "0.0.0.0/0"
          }
        ],
        "Tags": [
          {
            "Key": "Name",
            "Value": {
              "Fn::Join": [
                "-",
                [
                  {
                    "Ref": "envPrefix"
                  },
                  "SG-NAT"
                ]
              ]
            }
          }
        ]
      }
    },
    "routePrivate": {
      "Type": "AWS::EC2::Route",
      "Properties": {
        "DestinationCidrBlock": "0.0.0.0/0",
        "RouteTableId": {
          "Ref": "rtbPrivate"
        },
        "InstanceId": {
          "Ref": "natEc2Instance"
        }
      }
    },


"elb" : {
   "Type": "AWS::ElasticLoadBalancing::LoadBalancer",
   "Properties": {
       "HealthCheck" : {
            "Target" : "HTTP:80/",
            "HealthyThreshold" : "3",
            "UnhealthyThreshold" : "5",
            "Interval" : "30",
            "Timeout" : "5"
        },
      "LoadBalancerName" : "elbec2",
       "Listeners" : [ {
            "LoadBalancerPort" : "80",
            "InstancePort" : "80",
            "Protocol" : "HTTP"
        } ],
       "Instances" : [
            { "Ref" : "Instance" }
        ],
      "Scheme" : "internal",
      "SecurityGroups" : [{"Ref": "sgNAT" }],
      "Subnets" : [ {"Ref": "publicSubnet1"}]
   }
},



    "Instance":{
      "Type": "AWS::EC2::Instance",
      "DependsOn": "elb",
      "Metadata": {
        "AWS::CloudFormation::Init": {
          "configSets": {
            "InstallAndRun": [
              "Install"
            ]
          },
          "Install": {
            "packages": {
              "yum": {
                "httpd": []
              }
            },
            "files": {
              "/var/www/html/index.html": {
                "source": "https://s3.amazonaws.com/ec2back/index.html",
                "mode": "000600",
                "owner": "apache",
                "group": "apache"
              },
              "/etc/cfn/cfn-hup.conf": {
                "content": {
                  "Fn::Join": [
                    "",
                    [
                      "[main]\n",
                      "stack=",
                      {
                        "Ref": "AWS::StackId"
                      },
                      "\n",
                      "region=",
                      {
                        "Ref": "AWS::Region"
                      },
                      "\n"
                    ]
                  ]
                },
                "mode": "000400",
                "owner": "root",
                "group": "root"
              },
              "/etc/cfn/hooks.d/cfn-auto-reloader.conf": {
                "content": {
                  "Fn::Join": [
                    "",
                    [
                      "[cfn-auto-reloader-hook]\n",
                      "triggers=post.update\n",
                      "path=Resources.Instance.Metadata.AWS::CloudFormation::Init\n",
                      "action=/opt/aws/bin/cfn-init -v ",
                      "         --stack ",
                      {
                        "Ref": "AWS::StackName"
                      },
                      "         --resource Instance ",
                      "         --configsets InstallAndRun ",
                      "         --region ",
                      {
                        "Ref": "AWS::Region"
                      },
                      "\n",
                      "runas=root\n"
                    ]
                  ]
                }
              }
            },
            "services": {
              "sysvinit": {
                "httpd": {
                  "enabled": "true",
                  "ensureRunning": "true"
                },
                "cfn-hup": {
                  "enabled": "true",
                  "ensureRunning": "true",
                  "files": [
                    "/etc/cfn/cfn-hup.conf",
                    "/etc/cfn/hooks.d/cfn-auto-reloader.conf"
                  ]
                }
              }
            }
          }
        }
      },
      "Properties": {
        "ImageId": {
          "Fn::FindInMap": [
            "AWSRegionArch2AMI",
            {
              "Ref": "AWS::Region"
            },
            {
              "Fn::FindInMap": [
                "AWSInstanceType2Arch",
                {
                  "Ref": "InstanceType"
                },
                "Arch"
              ]
            }
          ]
        },
        "InstanceType": {
          "Ref": "InstanceType"
        },
        "NetworkInterfaces": [
          {
            "DeviceIndex": "0",
            "AssociatePublicIpAddress": "true",
            "DeleteOnTermination": "true",
            "SubnetId": {
              "Ref": "privateSubnet1"
            },
            "GroupSet": [
              {
                "Ref": "sgNAT"
              }
            ]
          }
        ],
        "UserData": {
          "Fn::Base64": {
            "Fn::Join": [
              "",
              [
                "#!/bin/bash -xe\n",
                "yum update -y aws-cfn-bootstrap\n",
                "# Install the files and packages from the metadata\n",
                "/opt/aws/bin/cfn-init -v ",
                "         --stack ",
                {
                  "Ref": "AWS::StackName"
                },
                "         --resource Instance ",
                "         --configsets InstallAndRun ",
                "         --region ",
                {
                  "Ref": "AWS::Region"
                },
                "\n",
                "# Signal the status from cfn-init\n",
                "/opt/aws/bin/cfn-signal -e $? ",
                "         --stack ",
                {
                  "Ref": "AWS::StackName"
                },
                "         --resource Instance ",
                "         --region ",
                {
                  "Ref": "AWS::Region"
                },
                "\n"
              ]
            ]
          }
        }
      }
    }
  }
}
````

1 个答案:

答案 0 :(得分:0)

CloudFormation具有管理资源依赖关系的功能。请参阅DependsOn上的this CloudFormation文档,该文档描述了最佳做法并提供了更多详细信息。

在您的模板中,移除"DependsOn": "elb"行并尝试一下。