有很多选项可以做到这一点,我不知道哪个是最好的。我一开始尝试做的如下:
ServiceInstance:
Type: "AWS::EC2::Instance"
Properties:
ImageId: !Ref AmiId, !Ref LatestOnescoutAmi ]
InstanceType: !Ref InstanceType
SubnetId: !ImportValue vpc-stack-PublicASubnet
SecurityGroupIds:
- !Ref ServiceSecurityGroup
KeyName: !Ref KeyName
UserData:
'Fn::Base64': !Sub |
#cloud-config
write_files:
- path: /etc/sysconfig/cloudformation
permissions: 0644
owner: root
content: |
STACK_NAME=${AWS::StackName}
AWS_REGION=${AWS::Region}
- path: /etc/datadog-agent/conf.d/mysql.d/conf.yaml
permissions: 0644
owner: dd-agent
content: |
init_config:
instances:
- server: some-db-host
user: some-admin
pass: some-password
port: 3306
tags:
- dbinstanceidentifier:someide
runcmd:
## enable datadog agent
- systemctl start datadog-agent
- systemctl start application.service
但是后来我的/etc/datadog-agent/conf.d/mysql.d/conf.yaml长大了,我大约有13个块,因此将它们硬编码到模板中是不好的。最好保持模板通用,并将配置文件作为参数传递。
但是,根据此answer here,不可能将文件或文件内容传递给云形成。
上述方法是我能想到的其他两个选项中最简单的方法。
创建一个自动缩放并启动组,该组可以接受文件路径,但是它比我需要的更为复杂:
LaunchConfig:
Type: AWS::AutoScaling::LaunchConfiguration
Metadata:
AWS::CloudFormation::Init:
configSets:
service_configuration:
- datadog_setup
datadog_setup:
files:
/etc/datadog-agent/conf.d/mysql.d/conf.yaml:
content: "@file://./config/conf-${Env}.yaml"
mode: "000644"
owner: "root"
group: "root"
commands:
start_datadog:
command: service datadog-agent start
有人知道如何以简单,通用和安全的方式执行此操作吗? 给出的例子将不胜感激。 预先感谢。
答案 0 :(得分:1)
我以另一种方式设法做到这一点,我创建了S3存储桶,然后为ec2实例创建了一个角色,该角色可以访问此s3存储桶并可以下载文件,然后在我的runcmd部分中,下载了此文件。
<div id="block1" class="block">
This is block 1
</div>
<div id="block2" class="block">
This is block 2
</div>
<div id="block3" class="block">
This is block 3
</div>
<button type="button" onclick="removeBlock();">
Remove block 2
</button>