时间戳

首页 > 解决方案 > Nomad 自动扩缩器无法找到 EC2 实例角色

amazon-iam - Nomad 自动扩缩器无法找到 EC2 实例角色

问题描述

我遇到了来自游牧自动缩放器作业的以下错误消息的问题

  error=
  | failed to describe AWS Autoscaling Group: EC2RoleRequestError: no EC2 instance role found
  | caused by: EC2MetadataError: failed to make EC2Metadata request
  |     status code: 401, request id:
  | caused by:

遵循此处的文档:https ://www.nomadproject.io/docs/autoscaling/plugins/target/aws-asg

我的 iam 实例角色具有文档中指定的所有权限。我尝试给角色 aws 管理员访问权限,因为它抛出了 401,但是这给了我同样的错误。

这是我正在使用的 aws-asg 作业模板

  datacenters = ["dc1"]

  group "autoscaler" {
    count = 1

    network {
      port "http" {}
    }

    task "autoscaler" {
      driver = "docker"

      config {
        image   = "hashicorp/nomad-autoscaler:0.3.3"
        command = "nomad-autoscaler"

        args = [
          "agent",
          "-config",
          "${NOMAD_TASK_DIR}/config.hcl",
          "-http-bind-address",
          "0.0.0.0",
          "-http-bind-port",
          "${NOMAD_PORT_http}",
          "-policy-dir",
          "${NOMAD_TASK_DIR}/policies/",
        ]

        ports = ["http"]
      }

      template {
        data = <<EOF
nomad {
  address = "http://{{env "attr.unique.network.ip-address" }}:4646"
}

apm "prometheus" {
  driver = "prometheus"
  config = {
    address = "http://{{ range service "prometheus" }}{{ .Address }}:{{ .Port }}{{ end }}"
  }
}

target "aws-asg" {
  driver = "aws-asg"
  config = {
    aws_region = "{{ $x := env "attr.platform.aws.placement.availability-zone" }}{{ $length := len $x |subtract 1 }}{{ slice $x 0 $length}}"
  }
}

strategy "target-value" {
  driver = "target-value"
}
EOF

        destination = "${NOMAD_TASK_DIR}/config.hcl"
      }

      template {
        data = <<EOF
scaling "cluster_policy" {
  enabled = true
  min     = 1
  max     = 2

  policy {
    cooldown            = "2m"
    evaluation_interval = "1m"

    check "cpu_allocated_percentage" {
      source = "prometheus"
      query  = "sum(nomad_client_allocated_cpu*100/(nomad_client_unallocated_cpu+nomad_client_allocated_cpu))/count(nomad_client_allocated_cpu)"

      strategy "target-value" {
        target = 70
      }
    }


    check "mem_allocated_percentage" {
      source = "prometheus"
      query  = "sum(nomad_client_allocated_memory*100/(nomad_client_unallocated_memory+nomad_client_allocated_memory))/count(nomad_client_allocated_memory)"

      strategy "target-value" {
        target = 70
      }
    }


    target "aws-asg" {
      dry-run             = "false"
      aws_asg_name        = "my-asg-name"
      node_drain_deadline = "5m"
      datacenter          = "dc1"
    }
  }
}
EOF

        destination = "${NOMAD_TASK_DIR}/policies/hashistack.hcl"
      }

      resources {
        cpu    = 50
        memory = 128
      }

      service {
        name = "autoscaler"
        port = "http"

        check {
          type     = "http"
          path     = "/v1/health"
          interval = "5s"
          timeout  = "2s"
        }
      }
    }
  }
}

我的 IAM 角色附加到 ec2,我可以在盒子上执行 cli 命令。

有任何想法吗?

标签: amazon-iamnomad

解决方案

推荐阅读