amazon-web-services - “部署失败的。Status=Failed",尝试通过 CloudFormation 进行部署时
问题描述
我正在尝试通过 CodeDeploy 部署应用程序,但随着进展,堆栈最终出现错误“部署 d-ICC6WMBE2 失败。状态=失败”
没有理由提及。如何调试相同。提前致谢。PFb 模板,我用于部署:
Parameters:
SSHKey:
Type: AWS::EC2::KeyPair::KeyName
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
CodedeployInstanceType:
Description: "EC2 instance type for CodeDeploy Web Servers"
Type: String
Default: "t2.micro"
ConstraintDescription: "must be a valid EC2 instance type."
PublicSubnet1:
Description: "The first public subnet where the Jenkins EC2 instance, ELB and CodeDeploy Web Servers will be launched"
Type: AWS::EC2::Subnet::Id
ConstraintDescription: "Must be a valid Public VPC Subnet."
PublicSubnet2:
Description: "The second public subnet where the ELB and CodeDeploy Web Servers will be launched"
Type: AWS::EC2::Subnet::Id
ConstraintDescription: "Must be a valid Public VPC Subnet."
InstanceCount :
Description : "Number of CodeDeploy Web Server EC2 instances"
Type : Number
Default : 3
ConstraintDescription : "Must be a number between 2 and 4."
MinValue : "2"
MaxValue : "4"
VpcId:
Description: "The VPC Id where the EC2 instances will be launched."
Type: AWS::EC2::VPC::Id
ConstraintDescription: "must be the name of an existing VPC."
Mappings:
AWSRegionArch2AMI:
ap-northeast-1 :
AMI : "ami-08847abae18baa040"
ap-northeast-2 :
AMI : "ami-012566705322e9a8e"
ap-south-1 :
AMI : "ami-00b6a8a2bd28daf19"
ap-southeast-1 :
AMI : "ami-01da99628f381e50a"
ap-southeast-2 :
AMI : "ami-00e17d1165b9dd3ec"
eu-central-1 :
AMI : "ami-0f5dbc86dd9cbf7a8"
eu-west-1 :
AMI : "ami-0bdb1d6c15a40392c"
eu-west-2 :
AMI : "ami-e1768386"
eu-west-3 :
AMI : "ami-06340c8c12baa6a09"
sa-east-1 :
AMI : "ami-0ad7b0031d41ed4b9"
us-east-1 :
AMI : "ami-04681a1dbd79675a5"
us-east-2 :
AMI : "ami-0cf31d971a3ca20d6"
us-west-1 :
AMI : "ami-0782017a917e973e7"
us-west-2 :
AMI : "ami-6cd6f714"
Resources:
WSSG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: "Enable HTTP access from ELB"
VpcId:
Ref: "VpcId"
SecurityGroupIngress:
-
IpProtocol: "tcp"
FromPort: "22"
ToPort: "22"
CidrIp: "0.0.0.0/0"
-
IpProtocol: "tcp"
FromPort: "80"
ToPort: "80"
SourceSecurityGroupId:
Ref: "ELBSG"
ELB:
Type: "AWS::ElasticLoadBalancing::LoadBalancer"
Properties:
HealthCheck:
HealthyThreshold: "2"
Interval: "30"
Target: "HTTP:80/"
Timeout: "5"
UnhealthyThreshold: "5"
Listeners:
- InstancePort: "80"
LoadBalancerPort: "80"
Protocol: "HTTP"
InstanceProtocol: "HTTP"
Subnets:
-
Ref : "PublicSubnet1"
Ref : "PublicSubnet2"
SecurityGroups:
-
Ref: "ELBSG"
ELBSG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: "Enable HTTP access from anywhere"
VpcId:
Ref : "VpcId"
SecurityGroupIngress:
- IpProtocol: "tcp"
FromPort: "80"
ToPort : "80"
CidrIp: "0.0.0.0/0"
CodeDeployTrustRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2008-10-17"
Statement:
-
Sid: "1"
Effect: Allow
Principal:
Service:
- codedeploy.amazonaws.com
Action:
- sts:AssumeRole
Path: "/"
CodeDeployRolePolicies:
Type: AWS::IAM::Policy
Properties:
PolicyName: CodeDeployPolicy
PolicyDocument :
Statement:
-
Effect: Allow
Action:
- ec2:Describe*
- autoscaling:CompleteLifecycleAction
- autoscaling:DeleteLifecycleHook
- autoscaling:DescribeLifecycleHooks
- autoscaling:DescribeAutoScalingGroups
- autoscaling:PutLifecycleHook
- autoscaling:RecordLifecycleActionHeartbeat
- Tag:getResources
- Tag:getTags
- Tag:getTagsForResource
- Tag:getTagsForResourceList
Resource: "*"
Roles:
- Ref: "CodeDeployTrustRole"
DemoApplication:
Type: AWS::CodeDeploy::Application
DemoFleet:
Type: AWS::CodeDeploy::DeploymentGroup
Properties:
ApplicationName: !Ref DemoApplication
AutoScalingGroups:
- !Ref WSASG
Deployment:
Description: "Initial Deployment"
Revision:
RevisionType: S3
S3Location:
Bucket: Fn::Join:["",["aws-codedeploy-" !Ref["AWS::Region"]]]
BundleType: "zip"
Key: "samples/latest/SampleApp_Linux.zip"
DeploymentConfigName: "CodeDeployDefault.OneAtATime"
ServiceRoleArn:
Fn::GetAtt: ["CodeDeployTrustRole", Arn]
InstanceRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Statement:
-
Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- sts:AssumeRole
Path: "/"
CodeDeployInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Path: "/"
Roles:
-
Ref: "InstanceRole"
InstanceRolePolicies:
Type: AWS::IAM::Policy
Properties:
PolicyName: "InstanceRole"
PolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Action:
- "autoscaling:Describe"
- "cloudformation:Describe*"
- "cloudformation:GetTemplate"
- "s3:Get*"
- "s3:List*"
Resource: "*"
Roles:
- Ref: "InstanceRole"
WSASG:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
LaunchConfigurationName:
Ref: "WSLaunchConfiguration"
VPCZoneIdentifier:
- Ref : "PublicSubnet1"
Ref : "PublicSubnet2"
MinSize: '0'
MaxSize: '4'
DesiredCapacity:
Ref : "InstanceCount"
LoadBalancerNames:
- Ref : "ELB"
HealthCheckType: "ELB"
HealthCheckGracePeriod: 600
Tags:
- Key : "Name"
Value: "CodeDeployDemo"
PropagateAtLaunch: true
CreationPolicy:
ResourceSignal:
Count:
Ref: "InstanceCount"
Timeout: "PT15M"
UpdatePolicy:
AutoScalingRollingUpdate:
MinInstancesInService: '1'
MaxBatchSize: '1'
WSLaunchConfiguration:
Type: AWS::AutoScaling::LaunchConfiguration
Properties:
ImageId: !FindInMap [AWSRegionArch2AMI, !Ref "AWS::Region","AMI"]
InstanceType:
Ref: CodedeployInstanceType
SecurityGroups:
- Ref: "WSSG"
UserData:
Fn::Base64: !Sub |
#!/bin/bash -xe
sudo yum update -y
sudo yum install -y ruby
sudo yum install -y wget
sudo wget https://aws-codedeploy-${AWS::Region}.s3.${AWS::Region}.amazonaws.com/latest/install
sudo chmod +x ./install
sudo ./install auto
# Start cfn-init
/opt/aws/bin/cfn-init -s ${AWS::StackId} -r WSLaunchConfiguration --region ${AWS::Region}
# Signal the status from cfn-init
/opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource WSASG --region ${AWS::Region}
KeyName:
Ref: "SSHKey"
IamInstanceProfile:
Ref: "CodeDeployInstanceProfile"
AssociatePublicIpAddress: true
Metadata:
AWS::CloudFormation::Init:
services:
sysvinit:
codedeploy-agent:
enabled: true
ensureRunning: true
因为我是 AWS 的新手,所以在这里我几乎不需要帮助
解决方案
如果堆栈自动回滚,请在创建堆栈时禁用回滚 [1],然后在堆栈失败后,转到 CodeDeploy 控制台并在“部署”下查找部署 ID。部署详细信息将为您提供失败的原因。
[1] https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-prevent-rollback-failure/
推荐阅读
- python - 用循环填充数组中的字符串只会给我索引中的最后一个元素
- python - 以编程方式为 GCP 的 OAuth 2.0 客户端 ID 中的授权重定向 URI 添加 URI
- python-3.x - 尝试使用detectron2时出现CUDA RuntimeError
- php - 如何在 WooCommerce 的注册页面上创建密码并确认密码
- node.js - 在 nodejs express 中渲染车把视图的问题
- css - 添加两个边框以输入一个有半径的边框
- flutter - Flutter Crashlytics 移除 CustomKey
- swift - 我如何将 TableView 放在 CollectionViewCell 中?
- java - 从 PDFbox 中提取文本
- python - read_pickle 随机失败