我是CloudFormation脚本的新手。尝试构建一个Beanstalk环境并创建它的主要过程,只是日志流配置失败,并且启动脚本在此之后中止:
[2018-06-26T12:28:41.358Z] INFO [2990] - [Application deployment/AddonsBefore/ConfigCWLAgent/10-config.sh] : Activity execution failed, because: unable to sign request without credentials set (ElasticBeanstalk::ExternalInvocationError)
原因:在未设置凭据的情况下无法签署请求(执行程序:: NonZeroExitStatus)
脚本中唯一相关的选项是:
- Namespace: aws:elasticbeanstalk:cloudwatch:logs
OptionName: StreamLogs
Value: true
我已经从Web控制台开始创建堆栈,还没有在CloudFormation中选择任何角色,因此我猜测它在实例中使用aws-elasticbeanstalk-ec2-role。试图添加CloudWatch日志对其具有完全访问权限,但问题并未消失。当前随附的政策是:
AWSElasticBeanstalkWebTier
CloudWatchLogsFullAccess
AWSElasticBeanstalkMulticontainerDocker
AWSElasticBeanstalkWorkerTier
完整脚本:
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
ParamDatabaseSpringProfile:
Description: Select Spring database profile to connect to
Type: String
Default: db_h2
AllowedValues:
- db_h2
- db_mysql_test
- db_mysql_staging
- db_mysql_prod
ParamInstanceType:
Description: Select instance type to create
Type: String
Default: t2.micro
AllowedValues:
- t2.micro
- t2.small
- t2.medium
- t2.large
Resources:
pcaBackendApp:
Type: AWS::ElasticBeanstalk::Application
Properties:
Description: Photo Companion Backend
pcaBackendVersion100:
Type: AWS::ElasticBeanstalk::ApplicationVersion
Properties:
ApplicationName:
Ref: pcaBackendApp
Description: Photo Companion Backend Version 1.0.0
SourceBundle:
S3Bucket: pca-dev-releases
S3Key: backend-1.0.0.jar
pcaBackendConfigTemplate:
Type: AWS::ElasticBeanstalk::ConfigurationTemplate
Properties:
ApplicationName:
Ref: pcaBackendApp
Description: Photo Companion Backend Template
SolutionStackName: 64bit Amazon Linux 2018.03 v2.7.2 running Java 8
OptionSettings:
- Namespace: aws:elasticbeanstalk:application:environment
OptionName: SERVER_CONTEXT_PATH
Value: /
- Namespace: aws:elasticbeanstalk:application:environment
OptionName: SPRING_PROFILES_ACTIVE
Value: !Sub
- logging_normal, http_insecure, credentials_insecure, ${DbProfile}
- { DbProfile: !Ref ParamDatabaseSpringProfile }
- Namespace: aws:autoscaling:asg
OptionName: MinSize
Value: '1'
- Namespace: aws:autoscaling:asg
OptionName: MaxSize
Value: '2'
- Namespace: aws:autoscaling:launchconfiguration
OptionName: InstanceType
Value: !Ref ParamInstanceType
- Namespace: aws:elasticbeanstalk:environment
OptionName: EnvironmentType
Value: LoadBalanced
- Namespace: aws:elasticbeanstalk:environment
OptionName: LoadBalancerType
Value: application
- Namespace: aws:elasticbeanstalk:cloudwatch:logs
OptionName: StreamLogs
Value: false # true
- Namespace: aws:elasticbeanstalk:command
OptionName: DeploymentPolicy
Value: Rolling
- Namespace: aws:elasticbeanstalk:command
OptionName: BatchSizeType
Value: Fixed
- Namespace: aws:elasticbeanstalk:command
OptionName: BatchSize
Value: '1'
- Namespace: aws:elasticbeanstalk:environment:process:default
OptionName: HealthCheckPath
Value: /actuator/public/health
- Namespace: aws:elasticbeanstalk:environment:process:default
OptionName: Port
Value: 8080
- Namespace: aws:elbv2:listener:default
OptionName: ListenerEnabled
Value: false
- Namespace: aws:elbv2:listener:443
OptionName: ListenerEnabled
Value: true
- Namespace: aws:elbv2:listener:443
OptionName: Protocol
Value: HTTPS
- Namespace: aws:elbv2:listener:443
OptionName: SSLCertificateArns
Value: arn:aws:acm:eu-west-1:<removed>
pcaBackendEnvironment100:
Type: AWS::ElasticBeanstalk::Environment
Properties:
ApplicationName:
Ref: pcaBackendApp
Description: Photo Companion Backend Environment
TemplateName:
Ref: pcaBackendConfigTemplate
VersionLabel:
Ref: pcaBackendVersion100