[英]How to upload/ deploy and organise the AWS CloudFormation templates when the templates are exporting values mutually
我正在使用 CloudFormation 模板部署我的 AWS 資源。 但是我有兩個模板,它們相互導出和導入值並使用這些值。
我有一個使用現有資源和以下模板的模板,稱為 storage-resources.yml
AWSTemplateFormatVersion: "2010-09-09"
Description: "Permanent resources to be imported"
Parameters:
DBInstanceIdentifier:
Type: String
Default: 'patheindbidentifier'
DBName:
Type: String
Default: 'patheindb'
DBUsername:
Type: String
Default: 'patheindbadmin'
DBClass:
Type: String
Default: 'db.t2.micro'
DBAllocatedStorage:
Type: String
Default: '5'
DBPassword:
Type: String
Resources:
StorageBucket:
Type: AWS::S3::Bucket
DeletionPolicy: Retain
UpdateReplacePolicy: Retain
Properties:
BucketName: pathein-directory-storage
AccessControl: PublicRead
DBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Database security group
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '3306'
ToPort: '3306'
SourceSecurityGroupId: !ImportValue PatheinWebServerSecurityGroup.GroupId
WebDatabase:
Type: AWS::RDS::DBInstance
DeletionPolicy: Retain
UpdateReplacePolicy: Retain
Properties:
DBInstanceIdentifier: !Ref DBInstanceIdentifier
DBName: !Ref DBName
DBInstanceClass: !Ref DBClass
AllocatedStorage: !Ref DBAllocatedStorage
Engine: MySQL
MasterUsername: !Ref DBUsername
MasterUserPassword: !Ref DBPassword
VPCSecurityGroups:
- !GetAtt DBSecurityGroup.GroupId
Outputs:
StorageBucket:
Description: "S3 storage bucket"
Value: !Ref StorageBucket
Export:
Name: PatheinStorageBucket
正如您在上面的模板中看到的,我正在導出 S3 存儲桶。 另一件事是我正在導入資源並按如下方式使用它。
!ImportValue PatheinWebServerSecurityGroup.GroupId
PatheinWebServerSecurityGroup 基本上位於另一個名為 core.yml 的模板中。 我還將 S3 存儲桶從 resources.yml 模板導入到 core.yml 模板中。
現在,我要做的是嘗試使用使用現有資源的選項來部署 resources.yml。 但問題是我無法上傳它並且在我上傳時拋出錯誤,因為 core.yml 模板尚不存在,並且它正在使用 core.yml 模板中的 PatheinWebServerSecurityGroup。
在這種情況下上傳或部署模板的最佳方式是什么? 我什至在做正確的事情? 我怎樣才能做得更好?
根據評論。
由於模板之間存在循環依賴關系,最簡單的解決方案是將StorageBucket
從resources.yml
移動到core.yml
,然后從那里導出。 這樣在resources.yml
您將同時導入PatheinWebServerSecurityGroup
和StorageBucket
。
另一種方法是將StorageBucket
和PatheinWebServerSecurityGroup
移動到第三個模板中,從而打破循環依賴。
另請注意,您不能這樣做:
!ImportValue PatheinWebServerSecurityGroup.GroupId
例如,您可以擁有以下兩個具有循環依賴關系的模板(必須創建我自己的示例 core.yml):
核心文件
Resources:
MyELB:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
AccessLoggingPolicy:
#EmitInterval: Integer
Enabled: true
S3BucketName: !ImportValue PatheinStorageBucket
#S3BucketPrefix: String
Listeners:
- InstancePort: 80
LoadBalancerPort: 80
Protocol: HTTP
PatheinWebServerSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Database security group
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '3306'
ToPort: '3306'
CidrIp: 10.0.0.0/16
Outputs:
WebServerSecurityGroup:
Description: "Security Group"
Value: !Ref PatheinWebServerSecurityGroup
Export:
Name: PatheinWebServerSecurityGroup
資源.yml
Resources:
StorageBucket:
Type: AWS::S3::Bucket
#DeletionPolicy: Retain
#UpdateReplacePolicy: Retain
Properties:
BucketName: pathein-directory-storage-332112
AccessControl: PublicRead
DBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Database security group
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '3306'
ToPort: '3306'
SourceSecurityGroupId: !ImportValue PatheinWebServerSecurityGroup.GroupId
Outputs:
StorageBucket:
Description: "S3 storage bucket"
Value: !Ref StorageBucket
Export:
Name: PatheinStorageBucket
為了解決上述問題,您可以創建第三個模板來定義StorageBucket
和PatheinWebServerSecurityGroup
:
基本文件
Resources:
StorageBucket:
Type: AWS::S3::Bucket
#DeletionPolicy: Retain
#UpdateReplacePolicy: Retain
Properties:
BucketName: pathein-directory-storage-332112
AccessControl: PublicRead
PatheinWebServerSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Database security group
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '3306'
ToPort: '3306'
CidrIp: 10.0.0.0/16
Outputs:
StorageBucket:
Description: "S3 storage bucket"
Value: !Ref StorageBucket
Export:
Name: PatheinStorageBucket
WebServerSecurityGroup:
Description: "Security Group"
Value: !GetAtt PatheinWebServerSecurityGroup.GroupId
Export:
Name: PatheinWebServerSecurityGroupId
然后 core.yml 和 resource.yml 將是:
核心文件
Resources:
MyELB:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
AccessLoggingPolicy:
#EmitInterval: Integer
Enabled: true
S3BucketName: !ImportValue PatheinStorageBucket
#S3BucketPrefix: String
Listeners:
- InstancePort: 80
LoadBalancerPort: 80
Protocol: HTTP
AvailabilityZones: !GetAZs ""
資源.yml
Resources:
DBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Database security group
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '3306'
ToPort: '3306'
SourceSecurityGroupId: !ImportValue PatheinWebServerSecurityGroupId
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.