有没有办法检查 ssm send_command 是否正常运行?
[英]Is there a way to check that ssm send_command is running properly?
问题描述
I am currently trying to remotely run a script on my ec2 instance using python and boto but I can't tell if my call to send_command is working correctly.
我目前正在尝试使用 python 和 boto 在我的 ec2 实例上远程运行脚本,但我无法判断我对send_command的调用是否正常工作。 As of right now my code looks like截至目前,我的代码看起来像
ec2 = boto3.client('ssm',region_name='us-east-2', aws_access_key_id='XXXXXXXXX',aws_secret_access_key='XXXXXXXXXXXXXXXXXXX')
a = ec2.send_command(InstanceIds=ids, DocumentName='AWS-RunShellScript', Comment='abcdabcd', Parameters={"commands":["mkdir hello"]})
all I am trying to do is make a new directory and then ssh into my instance and see if it is there.我要做的就是创建一个新目录,然后将 ssh 放入我的实例中,看看它是否存在。 I have run this script a few times now and have had no luck at all, is there something I am missing or is there a better way to check if the send_command call is working?我现在已经运行了这个脚本几次,但一点运气都没有,我是否遗漏了什么,或者是否有更好的方法来检查send_command调用是否有效?
1 个解决方案
解决方案1
0 2021-05-07 21:05:57
Yes, there are in fact many ways to check if the command worked or not.是的,实际上有很多方法可以检查命令是否有效。
If we run the following command:如果我们运行以下命令:
ssm_response = ec2.send_command(InstanceIds=[instance_id],
DocumentName='AWS-RunShellScript',
Parameters={"commands": ["cd ~ && mkdir hello && ls -lart"]})
The return of the send_command is a dictionary which contains an id for the command. send_command的返回是一个字典,其中包含命令的 id。 This id can be retrieved as follows:可以按如下方式检索此 id:
command_id = ssm_response['Command']['CommandId']
We need this id since it is expected that the command will run for a longer time and send_command will not wait until the command terminates.我们需要这个 id,因为预计命令将运行更长的时间,并且send_command不会等到命令终止。
In order to get the status of the command, we can use get_command_invocation as follows:为了获取命令的状态,我们可以使用get_command_invocation如下:
command_invocation_result = ec2.get_command_invocation(CommandId=command_id, InstanceId=instance_id)
The result of this function is also a dictionary, from which we may retrieve a lot of information about the command.这个 function 的结果也是一个字典,我们可以从中检索到很多关于命令的信息。
command_invocation_result['Status'] ## Returns the status of the execution of the command
command_invocation_result['StatusDetails'] ## Returns more information about the execution status
We can get also the output of the command and the error output of the command:我们还可以得到命令的output和命令的错误output:
command_invocation_result['StandardOutputContent']
command_invocation_result['StandardErrorContent']
Please not that in the command I'm doing an ls -lart for which the output can be retrieved from the StandardOutputContent .请不要在命令中执行ls -lart ,可以从StandardOutputContent检索 output 。
Documentation for the send_command and get_invocation_command : https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html send_command和get_invocation_command的文档: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html
Also, we can go into the AWS console -> Systems Manager -> Run Command, select the Command History and we should get some information about the executed commands there as well:此外,我们可以 go 进入 AWS 控制台 -> 系统管理器 -> 运行命令,select 命令历史记录,我们还应该在此处获得有关已执行命令的一些信息:
Last but not least, in order to successfully run commands, the EC2 instance needs to have an IAM role for SSM: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-rc-setting-up.html最后但同样重要的是,为了成功运行命令,EC2 实例需要具有 SSM 的 IAM 角色: https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-rc-setting- up.html
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.