amazon-iam - Nomad 自动扩缩器无法找到 EC2 实例角色
问题描述
我遇到了来自游牧自动缩放器作业的以下错误消息的问题
error=
| failed to describe AWS Autoscaling Group: EC2RoleRequestError: no EC2 instance role found
| caused by: EC2MetadataError: failed to make EC2Metadata request
| status code: 401, request id:
| caused by:
遵循此处的文档:https ://www.nomadproject.io/docs/autoscaling/plugins/target/aws-asg
我的 iam 实例角色具有文档中指定的所有权限。我尝试给角色 aws 管理员访问权限,因为它抛出了 401,但是这给了我同样的错误。
这是我正在使用的 aws-asg 作业模板
datacenters = ["dc1"]
group "autoscaler" {
count = 1
network {
port "http" {}
}
task "autoscaler" {
driver = "docker"
config {
image = "hashicorp/nomad-autoscaler:0.3.3"
command = "nomad-autoscaler"
args = [
"agent",
"-config",
"${NOMAD_TASK_DIR}/config.hcl",
"-http-bind-address",
"0.0.0.0",
"-http-bind-port",
"${NOMAD_PORT_http}",
"-policy-dir",
"${NOMAD_TASK_DIR}/policies/",
]
ports = ["http"]
}
template {
data = <<EOF
nomad {
address = "http://{{env "attr.unique.network.ip-address" }}:4646"
}
apm "prometheus" {
driver = "prometheus"
config = {
address = "http://{{ range service "prometheus" }}{{ .Address }}:{{ .Port }}{{ end }}"
}
}
target "aws-asg" {
driver = "aws-asg"
config = {
aws_region = "{{ $x := env "attr.platform.aws.placement.availability-zone" }}{{ $length := len $x |subtract 1 }}{{ slice $x 0 $length}}"
}
}
strategy "target-value" {
driver = "target-value"
}
EOF
destination = "${NOMAD_TASK_DIR}/config.hcl"
}
template {
data = <<EOF
scaling "cluster_policy" {
enabled = true
min = 1
max = 2
policy {
cooldown = "2m"
evaluation_interval = "1m"
check "cpu_allocated_percentage" {
source = "prometheus"
query = "sum(nomad_client_allocated_cpu*100/(nomad_client_unallocated_cpu+nomad_client_allocated_cpu))/count(nomad_client_allocated_cpu)"
strategy "target-value" {
target = 70
}
}
check "mem_allocated_percentage" {
source = "prometheus"
query = "sum(nomad_client_allocated_memory*100/(nomad_client_unallocated_memory+nomad_client_allocated_memory))/count(nomad_client_allocated_memory)"
strategy "target-value" {
target = 70
}
}
target "aws-asg" {
dry-run = "false"
aws_asg_name = "my-asg-name"
node_drain_deadline = "5m"
datacenter = "dc1"
}
}
}
EOF
destination = "${NOMAD_TASK_DIR}/policies/hashistack.hcl"
}
resources {
cpu = 50
memory = 128
}
service {
name = "autoscaler"
port = "http"
check {
type = "http"
path = "/v1/health"
interval = "5s"
timeout = "2s"
}
}
}
}
}
我的 IAM 角色附加到 ec2,我可以在盒子上执行 cli 命令。
有任何想法吗?
解决方案
推荐阅读
- c# - 更新 .NET Standard 库以使用 ASP.NET Core 2.2 和 3.0
- doctrine - 如何为 bin/console 启用学说:schema 命名空间?
- c# - Webforms - DataBinding() GridView - 如何绑定具有列表的列表
财产? - c# - AspNet Core SignalR - 在单声道上运行时的依赖性问题
- javascript - 使用 Aura 开发的 salesforce 应用程序无法解决 IE11 兼容性问题
- javascript - 为什么从 chrome 扩展运行的 jQuery 代码与从浏览器控制台运行的 jQuery 代码的行为不同?
- c# - 不同的数据库连接可以更新 Oracle 中的同一事务吗?
- python - Django-“python manage.py runserver”不工作
- python - 运行带有exec问题nltk的python脚本
- php - SQLSTATE[HY000] [1045] 用户 'root'@'localhost' 在 ../laravel/framework/src/Illuminate/Database/Connectors/Connector.php:70 的访问被拒绝