我对 AWS 服务非常陌生。我正在尝试使用 AWS 云形成并创建了一个模板。我无法使用该模板创建机器,因为每次启动配置尝试安装 tomcat 时都会失败,然后一切都会回滚。
它回滚的原因是因为它没有找到 java_home,尽管我在脚本中设置了它
以下是我的脚本。请帮助我修复 tomcat 安装。
{
“AWSTemplateFormatVersion”:“2010-09-09”,
“参数”: {
“环境”: {
"描述": "环境名称。允许值为 dev、qa 和 live",
“类型”:“字符串”,
“默认”:“dev”,
“AllowedValues”:[“dev”、“qa”、“live”、“test”]
},
“VPC”:{
"描述": "选择 VPC",
“类型”:“AWS :: EC2 :: VPC :: Id”
},
“实例类型”:{
“描述”:“[类型=vCPU,内存,存储] t2.micro=1,1,ebs t2.small=1,2,ebs t2.medium=2,4,ebs m3.medium=1,3.75,ssd(4gb)m3.large=2,7.5,ssd(32)m3.xlarge=4,15,ssd(2x40gb)m3.2xlarge=8,30,ssd(2x80)”,
“类型”:“字符串”,
“默认”:“t2.micro”,
"允许值": [
“t2.micro”,
“t2.小”,
“t2.介质”,
“m3.中等”,
“m3.large”,
“m3.xlarge”,
“m3.2xlarge”
],
“ConstraintDescription”:“[类型=vCPU,内存,存储] t2.micro=1,1,ebs t2.small=1,2,ebs t2.medium=2,4,ebs m3.medium=1,3.75,ssd(4gb)m3.large=2,7.5,ssd(32)m3.xlarge=4,15,ssd(2x40gb)m3.2xlarge=8,30,ssd(2x80)”
},
“密钥对”:{
“描述”:“选择您想要用于远程桌面访问的 EC2 密钥对”,
“类型”:“AWS :: EC2 ::密钥对::密钥名称”
},
“版本号”:{
“类型”:“字符串”,
“默认”:“1.0.0”
},
“最小服务实例数”:{
“类型”:“字符串”,
“默认”:“1”
},
“MaxInstancesInService”:{
“类型”:“字符串”,
“默认”:“3”
},
“Windows类型”:{
“描述”:“Windows 核心或基础”,
“类型”:“字符串”,
“默认”:“核心”,
“AllowedValues”:[“基础”,“核心”]
}
},
“映射”:{
“区域 2AMI”:{
“美国东部-1”:{
“基地”:“ami-c1740ab6”,
“核心”:“ami-a1bac4d6”
},
“美国西部-1”:{
“基地”:“ami-c1740ab6”,
“核心”:“ami-a1bac4d6”
},
“美国西部-2”:{
“基地”:“ami-c1740ab6”,
“核心”:“ami-a1bac4d6”
},
“欧盟-西部-1”:{
“基地”:“ami-77ea3e00”,
“核心”:“ami-1ba25a6c”
},
“sa-east-1”:{
“基地”:“ami-c1740ab6”,
“核心”:“ami-a1bac4d6”
},
“ap-东南-1”:{
“基地”:“ami-c1740ab6”,
“核心”:“ami-a1bac4d6”
},
“ap-东南-2”:{
“基地”:“ami-c1740ab6”,
“核心”:“ami-a1bac4d6”
},
“ap-东北-1”:{
“基地”:“ami-c1740ab6”,
“核心”:“ami-a1bac4d6”
}
}
},
“资源”: {
“根角色”:{
“类型”:“AWS :: IAM ::角色”,
“特性”: {
“假设角色政策文档”:{
"版本":"2012-10-17",
“陈述”: [
{
"效果": "允许",
“主要的”: {
“服务”:[“ec2.amazonaws.com”]
},
“操作”:[“sts:AssumeRole”]
}
]
},
“小路”: ”/”
}
},
“角色策略”:{
“类型”:“AWS :: IAM :: Policy”,
“特性”: {
“策略名称”:“S3-LEGO-ProdReg-WWW-FullAccess-LEGO-ProdReg-WWW”,
“政策文件”:{
"版本":"2012-10-17",
“陈述”: [
{
"效果": "允许",
“操作”:[“s3:ListAllMyBuckets”],
“资源”:“arn:aws:s3:::*”
},
{
"效果": "允许",
“行动”: [
“s3:列表桶”,
“s3:获取存储桶位置”
],
“资源”:{“Fn::Join”:[“”,[“arn:aws:s3:::lego-”,{“Ref”:“环境”},“-prodreg-www-builds-r1”]]}
},
{
"效果": "允许",
“行动”: [
“s3:PutObject”,
“s3:获取对象”
“s3:删除对象”
],
“资源”:{“Fn::Join”:[“”,[“arn:aws:s3:::lego-”,{“Ref”:“环境”},“-prodreg-www-builds-r1/*”]]}
},
{
"效果": "允许",
“操作”:[“ec2:Describe*”],
“资源”:“*”
},
{
"效果": "允许",
“行动”: [
“dynamodb:获取项目”,
“dynamodb:BatchGetItem”,
“dynamodb:查询”,
“dynamodb:PutItem”,
“dynamodb:更新项目”,
“dynamodb:删除项目”,
“dynamodb:描述表”
],
“资源”:“*”
},
{
"效果": "允许",
“行动”: [
“sqs:发送消息”,
“sqs:接收消息”,
“sqs:删除消息”,
“sqs:获取队列网址”
],
“资源”:[{“Fn :: Join”:[“”,[“arn:aws:sqs:”,{“Ref”:“AWS :: Region”},“:”,{“Ref”:“AWS :: AccountId”},“:*”]]}]
},
{
"效果": "允许",
“操作”:[“ec2:CreateTags”],
“资源”:“*”
},
{
"效果": "允许",
"操作": [ "日志:*" ],
“资源”:“arn:aws:logs:*:*:*”
}
]
},
“角色”:[{“Ref”:“RootRole”}]
}
},
“RootInstanceProfile”:{
“类型”:“AWS :: IAM :: InstanceProfile”,
“特性”: {
“小路”: ”/”,
“角色”:[{“Ref”:“RootRole”}]
}
},
“万维网”:{
“类型”:“AWS :: EC2 :: SecurityGroup”,
“特性”: {
"GroupDescription": { "Fn::Join": [ "", [ "WWW 安全组", { "Ref": "Environment" }, " environment" ] ] },
"VpcId": { "Ref": "VPC" },
"标签": [
{
"密钥": "名称",
“值”:“WWW”
},
{
“关键”:“环境”,
“值”:{“Ref”:“环境”}
}
],
“安全组入口”:[
{
“IpProtocol”:“tcp”,
"起始端口": "8080",
"目的端口":"8080",
“CidrIp”:“171.20.68.68/32”
},
{
“IpProtocol”:“tcp”,
"发件端口": "3389",
"目的地端口": "3389",
“CidrIp”:“171.20.68.68/32”
}
],
“安全组出口”:[ ]
}
},
“WWWIngress1”:{
“类型”:“AWS :: EC2 :: SecurityGroupIngress”,
“特性”: {
"群组编号": {
“参考”:“WWW”
},
“IpProtocol”:“tcp”,
"起始端口": "8080",
"目的端口":"8080",
“源安全组 ID”:{
“参考”:“ElbWWW”
}
}
},
“ElbWWW”:{
“类型”:“AWS :: EC2 :: SecurityGroup”,
“特性”: {
"GroupDescription": { "Fn::Join": [ "", [ "用于画廊的 WWW 的 ELB 安全组", { "Ref": "Environment" }, " environment" ] ] },
"VpcId": { "Ref": "VPC" },
"标签": [
{
"密钥": "名称",
“值”:“ELB WWW”
},
{
“关键”:“环境”,
“值”:{“Ref”:“环境”}
}
],
“安全组入口”:[
{
“IpProtocol”:“tcp”,
"起始端口": "8080",
"目的端口":"8080",
“CidrIp”:“0.0.0.0/0”
}
],
“安全组出口”:[ ]
}
},
“WwwElasticLoadBalancer”:{
“类型”:“AWS :: ElasticLoadBalancing :: LoadBalancer”,
“特性”: {
"LoadBalancerName": { "Fn::Join": [ "-", [ "LEGO-ProdReg-WWW", { "Ref": "环境" } ] ] },
“可用性区域”:{“Fn::GetAZs”:“”},
“安全组”:[ { “Ref”:“ElbWWW” } ],
“CrossZone”:真实,
“听众”:[
{
“负载均衡端口”:“8080”,
“实例端口”:“8080”,
“协议”:“HTTP”
}
],
“健康检查”: {
“目标”:{“Fn::Join”:[“”,[“HTTP:”,“8080”,“/”]]},
“健康阈值”:“3”,
“不健康阈值”:“5”,
“间隔”:“10”,
“超时”:“5”
},
"标签": [
{ "键": "名称", "值": "LEGO-ProdReg-WWW" },
{ “Key”:“环境”, “Value”:“Ref”:“环境” } }
]
}
},
“启动配置”:{
“类型”:“AWS :: AutoScaling :: LaunchConfiguration”,
“特性”: {
“ImageId”:{“Fn::FindInMap”:[“Region2AMI”,{“Ref”:“AWS::Region”},{“Ref”:“WindowsType”}]},
“安全组”:[ { “Ref”:“WWW” } ],
“密钥名称”:{“Ref”:“密钥对”},
"实例类型": { "Ref": "实例类型" },
“IamInstanceProfile”:{“Ref”:“RootInstanceProfile”},
“用户数据”: {
"Fn::Base64": {
"Fn::加入": [
"\r\n",
[
“”
{“Fn::Join”: [“”,[“cfn-init.exe -v -c \“full\”-s“,{“Ref”:“AWS::StackId”},”-r LaunchConfig“,”--region“,{“Ref”:“AWS::Region”}]]},
{ “Fn::Join”: [ “”, [ “cfn-signal.exe -e %ERRORLEVEL% \””, { “Fn::Base64”: { “Ref”: “WindowsServerWaitHandle” } }, “\”” ] ] },
“”
]
]
}
}
},
“元数据”:{
“AWS :: CloudFormation ::身份验证”:{
“S3AccessCreds”:{
“类型”:“s3”,
“角色名称”:{“Ref”:“RootRole”},
“buckets”:{“Fn::Join”:[“”,[“lego-”,{“Ref”:“环境”},“-prodreg-www-builds-r1”]]}
}
},
“AWS::CloudFormation::Init”:{
“配置集”:{
"full": [ "配置", "设置", "重置", "开始" ],
“更新”:[“配置”,“重置”,“开始”]
},
“配置”: {
“来源”:{
“C:\\tomcat”:{
“Fn::Join”:[“”,[“https://s3-”,{“Ref”:“AWS::Region”},“.amazonaws.com/lego-”,{“Ref”:“环境”},“-prodreg-www-builds-r1/apache-tomcat-8.0.21.zip”]]
},
“C:\\tomcat\\apache-tomcat-8.0.21”:{
“Fn::Join”:[“”,[“https://s3-”,{“Ref”:“AWS::Region”},“.amazonaws.com/lego-”,{“Ref”:“环境”},“-prodreg-www-builds-r1/conf.zip”]]
},
“C:\\tomcat\\apache-tomcat-8.0.21\\webapps”:{
“Fn::Join”:[“”,[“https://s3-”,{“Ref”:“AWS::Region”},“.amazonaws.com/lego-”,{“Ref”:“环境”},“-prodreg-www-builds-r1/ProductKeyGenerator.zip”]]
},
“c:\\cfn\\”:{
“Fn::Join”:[“”,[“https://s3-”,{“Ref”:“AWS::Region”},“.amazonaws.com/lego-”,{“Ref”:“环境”},“-prodreg-www-builds-r1/jdk-7u80-windows-x64.zip”]]
}
},
“文件”:{
“c:\\cfn\\cfn-hup.conf”:{
“内容”: {
"Fn::加入": [
“”
[
“[主要]\n”,
“堆栈=”,
{ “Ref”:“AWS :: StackId” },
"\n",
"地区=",
{ “Ref”:“AWS :: Region” },
"\n",
“间隔=1”,
“\n”
]
]
}
},
“c:\\cfn\\hooks.d\\cfn-auto-reloader.conf”:{
“内容”: {
"Fn::加入": [
“”
[
“[cfn-自动重新加载器挂钩]\n”,
“触发器=post.update\n”
“路径=Resources.LaunchConfig.Metadata.AWS::CloudFormation::Init\n”,
“操作=cfn-init.exe -v -c \”更新\“ -s”,
{ “Ref”:“AWS :: StackId” },
“ -r 启动配置”
“ - 地区 ”,
{ “Ref”:“AWS :: Region” },
“\n”
]
]
}
},
“c:\\cfn\\time-server.cmd”:{
“内容”: {
"Fn::加入": [
"\r\n",
[
“sc triggerinfo w32time 启动/networkon 停止/networkoff”
“reg 添加 \”HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\W32Time\\TimeProviders\\NtpClient\“/v SpecialPollInterval /t REG_DWORD /d 0x3c /f”,
“reg 添加 \”HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\services\\W32Time\\Parameters\“/v 类型 /t REG_SZ /d \”NTP\“/f”,
“网络停止 w32time”,
“w32tm /config /syncfromflags:manual /manualpeerlist:\”0.pool.ntp.org,0x1 time.nist.gov,0x1 1.pool.ntp.org,0x1 2.pool.ntp.org,0x1\””,
“网络启动 w32time”,
“退出/B 0”
]
]
}
},
“c:\\cfn\\windows-update.cmd”:{
“内容”: {
"Fn::加入": [
"\r\n",
[
“reg 添加 \”HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\” /v AUOptions /t REG_DWORD /d 1 /f”,
“sc config wuauserv start=disabled”
“网络停止wuauserv”,
“sc config trustinstaller start=disabled”,
“网络停止受信任的安装程序”,
“退出/B 0”
]
]
}
},
“c:\\cfn\\call-tomcat-service.cmd”:{
“内容”: {
"Fn::加入": [
"\r\n",
[
“netsh advfirewall 防火墙添加规则名称 =“打开端口 8080”dir=in action=allow protocol=TCP localport=8080”,
“设置JAVA_HOME=C:\\Program Files\\Java\\jdk1.7.0_80”,
“cd C:\\tomcat\\apache-tomcat-8.0.21\\bin”,
“呼叫服务安装”,
“:: sc config Tomcat8 启动=自动”
“退出/B 0”
]
]
}
}
},
“命令”:{
“1-设置执行策略”:{
“命令”:“powershell set-executionpolicy remotesigned”,
“等待完成”:0
}
}
},
“设置”: {
“命令”:{
“1-windows-更新”:{
“命令”:“c:\\cfn\\windows-update.cmd”,
“等待完成”:0
},
“2 次服务器”:{
“命令”:“c:\\cfn\\time-server.cmd”,
“等待完成”:0
},
“3-安装-JDK”:{
“命令”:“c:\\cfn\\jdk-7u80-windows-x64.exe /s”,
“等待完成”:120
},
"4-设置JavaHome":{
“命令”:“echo c:\\cfn\\set_JAVA_HOME.cmd”,
“等待完成”:0
},
“5-安装-Tomcat8-作为服务”:{
“命令”:“c:\\cfn\\call-tomcat-service.cmd”,
“等待完成”:5
}
},
“包裹”:{
“msi”:{
“awscli”:“https://s3.amazonaws.com/aws-cli/AWSCLI64.msi”
}
},
“服务”: {
“窗口”:{
“cfn-hup”:{“enabled”:“true”,“ensureRunning”:“true”,“文件”:[“c:\\cfn\\cfn-hup.conf”,“c:\\cfn\\hooks.d\\cfn-auto-reloader.conf”]}
}
}
},
“重置”: {
“命令”:{
“1-Stop-Tomcat”:{
“命令”:“C:\\tomcat\\apache-tomcat-8.0.21\\bin\\Tomcat8 stop”,
“等待完成”:5
},
“2-启动-Tomcat”:{
“命令”:“C:\\tomcat\\apache-tomcat-8.0.21\\bin\\Tomcat8 start”,
“等待完成”:5
}
}
},
“开始”: {
“命令”:{
"1-启动-Tomcat": {
“命令”:“C:\\tomcat\\apache-tomcat-8.0.21\\bin\\Tomcat8 start”,
“等待完成”:5
}
}
}
}
}
},
"WindowsServerWaitHandle": {
“类型”:“AWS :: CloudFormation :: WaitConditionHandle”
},
“WindowsServerWaitCondition”:{
“类型”:“AWS::CloudFormation::WaitCondition”,
“DependsOn”:“启动配置”,
“特性”: {
“句柄”:{“Ref”:“WindowsServerWaitHandle”},
“超时”:“3600”
}
},
“自动缩放组”:{
“类型”:“AWS :: AutoScaling :: AutoScalingGroup”,
“特性”: {
“可用性区域”:{“Fn::GetAZs”:“”},
“冷却时间”:300,
“启动配置名称”:{“Ref”:“启动配置”},
“MaxSize”:{“Ref”:“MaxInstancesInService”},
“MinSize”:{“Ref”:“MinInstancesInService”},
"HealthCheckGracePeriod": "900",
“健康检查类型”:“ELB”,
“负载均衡器名称”:[
{ "Fn::Join": [ "-", [ "LEGO", "ProdReg-WWW", { "Ref": "环境" } ] ] }
],
"标签": [
{
"密钥": "名称",
"值": { "Fn::Join": [ "", [ "LEGO-ProdReg-WWW-", { "Ref": "环境" }, "-", { "Ref": "BuildNumber" } ] ] },
“PropagateAtLaunch”:“true”
},
{ “Key”:“环境”, “值”:{ “Ref”:“环境” },“PropagateAtLaunch”:“true” }
]
},
“更新政策”:{
“自动缩放滚动更新”:{
“最小服务实例数”:“1”,
"最大批次大小": "1",
“暂停时间”:“PT5M”
}
}
},
“扩大规模政策”:{
“类型”:“AWS :: AutoScaling :: ScalingPolicy”,
“特性”: {
"AdjustmentType": "ChangeInCapacity",
“AutoScalingGroupName”:{“Ref”:“AutoScalingGroup”},
“冷却时间”:“600”,
“缩放调整”:“1”
}
},
“ScaleDownPolicy”:{
“类型”:“AWS :: AutoScaling :: ScalingPolicy”,
“特性”: {
"AdjustmentType": "ChangeInCapacity",
“AutoScalingGroupName”:{“Ref”:“AutoScalingGroup”},
“冷却时间”:“600”,
“缩放调整”:“-1”
}
},
“CPU警报高”:{
“类型”:“AWS :: CloudWatch :: Alarm”,
“特性”: {
“评估期”:“3”,
“统计”:“平均值”,
“阈值”:“90”,
"AlarmDescription": "如果 CPU 过高或指标消失则发出警报,表明实例已关闭",
“期间”:“60”,
“AlarmActions”:[{“Ref”:“ScaleUpPolicy”}],
“命名空间”:“AWS/EC2”,
“方面”: [
{
“名称”:“AutoScalingGroupName”,
“值”:{“Ref”:“AutoScalingGroup”}
}
],
"ComparisonOperator": "大于阈值",
“指标名称”:“CPU利用率”
}
},
“CPU报警低”:{
“类型”:“AWS :: CloudWatch :: Alarm”,
“特性”: {
“评估期”:“3”,
“统计”:“平均值”,
“阈值”:“30”,
"AlarmDescription": "如果 CPU 低则发出警报,以触发缩减规模",
“期间”:“60”,
“AlarmActions”:[{“Ref”:“ScaleDownPolicy”}],
“命名空间”:“AWS/EC2”,
“方面”: [
{
“名称”:“AutoScalingGroupName”,
“值”:{“Ref”:“AutoScalingGroup”}
}
],
“比较操作符”:“小于阈值”,
“指标名称”:“CPU利用率”
}
}
},
“描述”:“用于产品注册 DEV 的 EC2-Tomcat-Cluster”
}