AWS - cfn-init不创建文件
问题描述:
我是云技术新手。 我正在使用cfn-init创建一个文件。但不创建文件,也不会失败。堆栈成功使用EC2实例等所需资源创建。此外,它还会按用户数据中所述安装AWS CLI。 但它只是不创建我想创建的文件。 我尝试使用不允许回滚堆栈的高级选项。但/var/log/cfn-init.log不会被创建。 请参阅下面的模板?我在这做什么不对吗?AWS - cfn-init不创建文件
{
"Parameters" : {
"KeyName" : {
"Description" : "The EC2 Key Pair to allow SSH access to the instance",
"Type" : "AWS::EC2::KeyPair::KeyName"
}
},
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Metadata" : {
"Comment" : "Install a simple application",
"AWS::CloudFormation::Init" : {
"config" : {
"files" : {
"/tmp/setup.mysql" : {
"content" : { "Fn::Join" : ["", ["[default]\n","region=",{"Ref": "AWS::Region"}]]},
"mode" : "000775",
"owner" : "ec2-user",
"group" : "ec2-user"
}
}
}
} },
"Properties" : {
"SecurityGroups" : [ {
"Ref" : "InstanceSecurityGroup" }
],
"IamInstanceProfile" : {"Ref" : "RootInstanceProfile"} ,
"KeyName" : { "Ref" : "KeyName"},
"InstanceType" : "t2.micro",
"ImageId" : "ami-58277d3d",
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"curl https://s3.amazonaws.com/aws-cli/awscli-bundle.zip -o awscli-bundle.zip\n",
"unzip awscli-bundle.zip\n",
"sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws\n",
"/opt/aws/bin/cfn-init -v ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource Ec2Instance ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"cfn-signal -e 0",
" --stack ",
{
"Ref": "AWS::StackName"
},
" --region ",
{
"Ref": "AWS::Region"
},
" --resource ",
"Ec2Instance",
"\n"
]
]
}
}
}
},
"RootRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service": [ "ec2.amazonaws.com" ]
},
"Action": [ "sts:AssumeRole" ]
} ]
},
"Path": "/",
"Policies": [ {
"PolicyName": "root",
"PolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Action": ["cloudwatch:PutMetricData"],
"Resource": "*"
} ]
}
} ]
}
},
"RootInstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [ {
"Ref": "RootRole"
} ]
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access via port 22",
"Tags" : [{ "Key" : "Name", "Value" : "SecurityGr_EC2WithParam" }],
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : "0.0.0.0/0"
} ]
}
}
}
}
答
在你的comment发现,在你的AWS::EC2::Instance资源的UserData属性要求的第一行是#!/bin/bash\n。
这是必要的,以便用于通过cloud-init处理以被解释为User-Data Script用户数据,如在AWS EC2文档部分所指出的,Running Commands on Your Linux Instance at Launch:
用户数据外壳脚本必须从
#!开始字符和要读取脚本的解释器的路径(通常为/bin/bash)。也
注意sudo是不是在你的用户数据脚本必要的,因为文件中还指出:
脚本输入作为为
root用户执行的用户数据,所以不使用sudo命令在脚本中。
最后,note的AWS CLI默认情况下,这就是为什么你注意到AWS CLI仍然对您的实例安装,尽管您的用户数据脚本没有正确地运行来自亚马逊的Linux AMI实例预装。
你想在文件内容中完全插入什么?它是默认区域吗?你可能想再次检查那个块 – Ali
我能解决这个阿里。将“UserData”中的第一行添加为“#!/ bin/bash \ n”,对于任何需要工作的命令,我们需要在Userdata中提供一个shell环境,否则无法创建任何文件。谢谢 – Wills