aws(学习笔记第三课) AWS CloudFormation
aws(学习笔记第三课)
- 使用
AWS CloudFormation
学习内容:
AWS CloudFormation的模板解析- 使用
AWS CloudFormation启动ec2 server
1. AWS CloudFormation 的模版解析
CloudFormation模板结构
CloudFormation是AWS的配置管理工具,属于Infrastructure as Code, IaC。基础设施即代码(Infrastructure as Code, IaC)是一种管理和配置计算机基础设施(如服务器、网络、存储等)的方法,通过编写代码来自动化这些过程,而不是手动进行配置。IaC使得基础设施管理更为自动化、可重复、可靠和高效。
大体分为,{"AWSTemplateFormatVersion":"2010-09-09","Description":"CloudFormation template structure","Parameters":{[...]},"Resources":{[...]},"Outputs":{[...]} }- 版本 "2010-09-09"是目前的唯一合法版本
- 描述 这个模板是关于什么的
- 参数 参数使用值用来定义模板。例如,域名,客户ID和数据库密码等。
- 资源 资源是用户能描述的
AWS最小组件,例如,虚拟服务器,负载均衡器或者弹性IP地址。 - 输出 输出和参数有点像,输出从模板返回的信息。
2. CloudFormation参数类型
| 类型 | 描述 |
|---|---|
| String CommaDelimitedList | 一个字符串或有都好分割的字符串列表 |
| Number List<Number> | 一个整数或浮点数或整数列表或浮点数列表 |
| AWS::EC2::Instance::Id List<AWS::EC2::Instance::Id> | 一个EC2实例ID或列表 |
| AWS::EC2::Image::Id List<AWS::EC2::Image::Id> | 一个AMI ID或列表 |
| AWS::EC2::KeyPair::KeyName | 一个Amazon EC2密钥对名 |
| AWS::EC2::SecurityGroup::Id <List>AWS::EC2::SecurityGroup::Id | 一个安全组ID或列表 |
3. CloudFormation的具体实例
- 实例代码
{"AWSTemplateFormatVersion": "2010-09-09","Description": "AWS cloudformation practice","Parameters": {"KeyName": {"Description": "Key Pair name","Type": "AWS::EC2::KeyPair::KeyName","Default": "my-cli-key"},"VPC": {"Description": "Just select the one and only default VPC","Type": "AWS::EC2::VPC::Id"},"Subnet": {"Description": "Just select one of the available subnets","Type": "AWS::EC2::Subnet::Id"},"InstanceType": {"Description": "Select one of the possible instance types","Type": "String","Default": "t2.micro","AllowedValues": ["t2.micro", "t2.small", "t2.medium"]}},"Mappings": {"EC2RegionMap": {"ap-northeast-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-cbf90ecb"},"ap-southeast-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-68d8e93a"},"ap-southeast-2": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-fd9cecc7"},"eu-central-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-a8221fb5"},"eu-west-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-a10897d6"},"sa-east-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-b52890a8"},"us-east-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-1ecae776"},"us-west-1": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-d114f295"},"us-west-2": {"AmazonLinuxAMIHVMEBSBacked64bit": "ami-e7527ed7"}}},"Resources": {"SecurityGroup": {"Type": "AWS::EC2::SecurityGroup","Properties": {"GroupDescription": "My security group","VpcId": {"Ref": "VPC"},"SecurityGroupIngress": [{"CidrIp": "0.0.0.0/0","FromPort": 22,"IpProtocol": "tcp","ToPort": 22}]}},"Server": {"Type": "AWS::EC2::Instance","Properties": {"ImageId": {"Fn::FindInMap": ["EC2RegionMap", {"Ref": "AWS::Region"}, "AmazonLinuxAMIHVMEBSBacked64bit"]},"InstanceType": {"Ref": "InstanceType"},"KeyName": {"Ref": "KeyName"},"SecurityGroupIds": [{"Ref": "SecurityGroup"}],"SubnetId": {"Ref": "Subnet"}}}},"Outputs": {"PublicName": {"Value": {"Fn::GetAtt": ["Server", "PublicDnsName"]},"Description": "Public name (connect via SSH as user ec2-user)"}} } - 为堆栈执行创建
role- step1
- step2
- step3
权限策略选择AdministratorAccess
- step4
- step1
- 建立堆栈执行
CloudFormation- step1
- step2
- step3
- step4
- step5
最后点击提交
- step1
- 查看
CloudFormation执行结果- 执行结果如下
成功的话,会出现``CREATE_COMPLETE。
- 查看
ec2 server
- 查看
CloudFormation的Outputs
- 登录
CloudFormation创建的ec2 server
- 执行结果如下
CloudFormation执行结果清理
CloudFormation属于整体执行,执行清理,如果不想使用该stack,那么删除这个stack,这个stack创建的所有resources将全部被删除。