如何构建只有一个 EC2 实例的 CloudFormation 和 Elastic Beanstalk 解决方案?

Posted

技术标签:

【中文标题】如何构建只有一个 EC2 实例的 CloudFormation 和 Elastic Beanstalk 解决方案?【英文标题】:How to build a solution of CloudFormation and Elastic Beanstalk that has only one EC2 instance? 【发布时间】:2020-02-23 18:40:20 【问题描述】:

此直接 CloudFormation 代码 sn-p 是 https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/sample-templates-services-ap-south-1.html 中提供的示例 ElasticBeanstalk 应用程序的一部分

    "Mappings" : 
    "Region2Principal" : 
      "us-east-1"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "us-west-2"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "us-west-1"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "eu-west-1"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "eu-west-2"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "eu-west-3"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "ap-southeast-1" :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "ap-northeast-1" :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "ap-northeast-2" :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "ap-northeast-3" :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "ap-southeast-2" :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "ap-south-1"     :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "us-east-2"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "ca-central-1"   :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "sa-east-1"      :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "cn-north-1"     :  "EC2Principal" : "ec2.amazonaws.com.cn", "OpsWorksPrincipal" : "opsworks.amazonaws.com.cn" ,
      "cn-northwest-1" :  "EC2Principal" : "ec2.amazonaws.com.cn", "OpsWorksPrincipal" : "opsworks.amazonaws.com.cn" ,
      "eu-central-1"   :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" ,
      "eu-north-1"     :  "EC2Principal" : "ec2.amazonaws.com", "OpsWorksPrincipal" : "opsworks.amazonaws.com" 
    

  ,

  "Conditions" : 
    "Is-EC2-VPC"     :  "Fn::Or" : [ "Fn::Equals" : ["Ref" : "AWS::Region", "eu-central-1" ],
                                      "Fn::Equals" : ["Ref" : "AWS::Region", "cn-north-1" ]],
    "Is-EC2-Classic" :  "Fn::Not" : [ "Condition" : "Is-EC2-VPC"]
  ,

  "Resources": 
    "WebServerRole": 
      "Type": "AWS::IAM::Role",
      "Properties" : 
        "AssumeRolePolicyDocument" : 
          "Statement"  : [
            "Effect"   : "Allow",
            "Principal":  "Service": [ "Fn::FindInMap" : ["Region2Principal", "Ref" : "AWS::Region", "EC2Principal"]] ,
            "Action"   : [ "sts:AssumeRole" ]
           ]
        ,
        "Path": "/"
      
    ,

    "WebServerRolePolicy": 
      "Type": "AWS::IAM::Policy",
      "Properties": 
        "PolicyName" : "WebServerRole",
        "PolicyDocument" : 
          "Statement"  : [ 
            "Effect"    : "Allow",
            "NotAction" : "iam:*",
            "Resource"  : "*"
           ]
        ,
        "Roles": [  "Ref": "WebServerRole"  ]
      
    ,

    "WebServerInstanceProfile": 
      "Type": "AWS::IAM::InstanceProfile",
      "Properties": 
        "Path": "/",
        "Roles": [  "Ref": "WebServerRole"  ]
      
    ,

    "SampleApplication": 
      "Type": "AWS::ElasticBeanstalk::Application",
      "Properties": 
        "Description": "AWS Elastic Beanstalk Sample Application"
      
    ,

    "SampleApplicationVersion" : 
      "Type" : "AWS::ElasticBeanstalk::ApplicationVersion",
      "Properties" : 
        "Description" : "Version 1.0",
        "ApplicationName" :  "Ref" : "SampleApplication" ,
        "SourceBundle" : 
          "S3Bucket":  "Fn::Join" : ["-", ["cloudformation-examples", "Ref" : "AWS::Region" ]],
          "S3Key": "CloudFormationBeanstalkRDSExample.war"
        
      
    ,

我在 AWS 上只有免费套餐账户,所以我不想花钱来测试它的行为方式。描述说:

警告 此模板创建一个或多个 Amazon EC2 实例和一个 Amazon Relational Database Service 数据库实例。如果您从此模板创建堆栈,您需要为使用的 AWS 资源付费。

我的问题是,如果启动会创建多少个实例?我没有看到任何限制,但Mappings 部分似乎很长,我想至少不止一个。 Conditions 有两个条目,这是否也意味着两个实例?我想找到一个只运行一个实例的解决方案,只限制区域或如何将创建的 EC2 数量限制为一个就足够了吗?

【问题讨论】:

sample-templates 下有很多栈,你用的是哪一个? 是这个:s3-ap-south-1.amazonaws.com/cloudformation-templates-ap-south-1/… 【参考方案1】:

其实我找到了办法:

我将此解决方案作为基础解决方案:

AWSTemplateFormatVersion: '2010-09-09'
Resources:
  sampleApplication:
    Type: AWS::ElasticBeanstalk::Application
    Properties:
      Description: AWS Elastic Beanstalk Sample Application
  sampleApplicationVersion:
    Type: AWS::ElasticBeanstalk::ApplicationVersion
    Properties:
      ApplicationName:
        Ref: sampleApplication
      Description: AWS ElasticBeanstalk Sample Application Version
      SourceBundle:
        S3Bucket: !Sub "elasticbeanstalk-samples-$AWS::Region"
        S3Key: php-newsample-app.zip
  sampleConfigurationTemplate:
    Type: AWS::ElasticBeanstalk::ConfigurationTemplate
    Properties:
      ApplicationName:
        Ref: sampleApplication
      Description: AWS ElasticBeanstalk Sample Configuration Template
      OptionSettings:
      - Namespace: aws:autoscaling:asg
        OptionName: MinSize
        Value: '2'
      - Namespace: aws:autoscaling:asg
        OptionName: MaxSize
        Value: '6'
      - Namespace: aws:elasticbeanstalk:environment
        OptionName: EnvironmentType
        Value: LoadBalanced
      SolutionStackName: 64bit Amazon Linux 2018.03 v2.8.15 running PHP 7.2
  sampleEnvironment:
    Type: AWS::ElasticBeanstalk::Environment
    Properties:
      ApplicationName:
        Ref: sampleApplication
      Description: AWS ElasticBeanstalk Sample Environment
      TemplateName:
        Ref: sampleConfigurationTemplate
      VersionLabel:
        Ref: sampleApplicationVersion

(在https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-elasticbeanstalk.html中找到)

如果我将EnvironmentType 更改为SingleInstance,我会得到我想要的单实例解决方案。

(在https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html#command-options-general-elasticbeanstalkenvironment中找到)

我还没有对此进行测试,但我想我可以以同样的方式删除MinSizeMaxSize,因为这是单实例。

【讨论】:

然后,我可以根据需要更改其他值,我就完成了。谢谢大家。【参考方案2】:

我认为您使用此模板。 https://s3-ap-south-1.amazonaws.com/cloudformation-templates-ap-south-1/ElasticBeanstalk_Simple.template

在这种情况下,它会创建一个 db.t2.small 数据库。 RDS 的 Amazon 免费套餐仅是 db.t2.micro。如果您将模板编辑为免费套餐,该警告应该会消失

更多信息在这里:https://aws.amazon.com/rds/free/

【讨论】:

好吧,我想知道逻辑,什么时候有隐式负载均衡,什么时候没有,以及如何控制,如果我一开始想管理的话,根本就没有负载均衡器一个 EC2 的最小设置。所以,在我知道如果我这样做或那样会发生什么的内在逻辑之前,我不想真正启动任何东西。

以上是关于如何构建只有一个 EC2 实例的 CloudFormation 和 Elastic Beanstalk 解决方案?的主要内容,如果未能解决你的问题,请参考以下文章

EC2 实例的输出子网

如何从公司内部机器浏览器访问 AWS EC2 实例私有 IP 以访问在 EC2 上运行的应用程序

如何将面向公众的负载均衡器连接到私有 VPC 中的 EC2 实例

如何使用私有 IP 连接到 EC2 上的后端

如何设计在 AWS 上运行的服务器监控系统

如何使用 CloudFormation 将安全组添加到现有 EC2 实例