0
Cloudformation初始化配置文件我使用AWS Cloudformation脚本,弹出一个自动缩放EC2实例 - 下面不写文件
"GatewayLabAutoScalingGroup": {
"Metadata": {
"AWS::CloudFormation::Init": {
"config": {
"commands": {
"a_install_pip": {
"command": "pip install requests boto3"
},
"c_restart_cron": {
"command": "service crond restart"
},
"d_restart_cfn_hup": {
"command": "service cfn-hup restart"
}
},
"files": {
"/etc/cfn/cfn-hup.conf": {
"content": {
"Fn::Join": [
"",
[
"[main]\nstack=",
{
"Ref": "AWS::StackName"
},
"\nregion=",
{
"Ref": "AWS::Region"
},
"\nverbose=true\ninterval=1\n"
]
]
},
"group": "root",
"mode": "000644",
"owner": "root"
},
"/usr/local/sbin/join_ad_script.sh": {
"content": {
"Fn::Join": [
"",
[
"sudo yum -y update\nsudo yum -y install sssd realmd krb5-workstation\nsudo realm leave\n\nDOMAIN=\"",
{
"Ref": "SimpleADDomain"
},
"\"\n\ncat <<EOF > /etc/resolv.conf\nnameserver ",
{
"Fn::Select": [
0,
{
"Fn::GetAtt": [
"WorkspacesSimplead",
"DnsIpAddresses"
]
}
]
},
"\nnameserver ",
{
"Fn::Select": [
1,
{
"Fn::GetAtt": [
"WorkspacesSimplead",
"DnsIpAddresses"
]
}
]
},
"\nEOF\n\n# empty all current sssd cache\nsss_cache -E\n\necho ",
{
"Ref": "SimpleADPassword"
},
" | sudo realm join -U [email protected]${DOMAIN^^} ${DOMAIN^^} --verbose\nsudo sed -re 's/^(PasswordAuthentication)([[:space:]]+)no/\\1\\2yes/' -i.`date -I` /etc/ssh/sshd_config\necho \"enumerate=true\" >> /etc/sssd/sssd.conf\nsudo service sssd restart\nsudo service sshd restart\n\n# empty all current sssd cache\nsss_cache -E\n"
]
]
},
"group": "root",
"mode": "000755",
"owner": "root"
}
}
}
}
},
"Properties": {
"AvailabilityZones": [
{
"Fn::Select": [
0,
{
"Fn::GetAZs": ""
}
]
}
],
"HealthCheckGracePeriod": 300,
"HealthCheckType": "EC2",
"LaunchConfigurationName": {
"Ref": "GatewayLabLaunchConfiguration"
},
"LoadBalancerNames": [
],
"MaxSize": 2,
"MinSize": 1,
"Tags": [
{
"Key": "Name",
"PropagateAtLaunch": true,
"Value": "hub-autoscaling"
}
}
],
"VPCZoneIdentifier": [
{
"Ref": "EC2SubnetSubnet1"
}
]
},
"Type": "AWS::AutoScaling::AutoScalingGroup",
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"MaxBatchSize": 1,
"MinInstancesInService": 1,
"PauseTime": "PT60S"
}
}
}
这些文件不会在该实例 实例写入提供的示例代码在私人VPC 快到了,我们已经在8080端口上
配置的代理时,该实例连接到NAT网关不使用代理
我有80端口工作正常,22 & 443开辟了
你检查过'/无功/日志/云的init-output.log'文件在实例?这将是理解为什么不能将文件放置在实例上的好地方。 – asdf
谢谢@asdf我已经做到了; cfn正在使用169.254.169.254来查询元数据,它正在失败;该实例位于代理的后面; 我在/etc/profile.d上创建了proxy.sh,其中http/ftp代理变量导出到环境中 还有一些问题,我很难解决它们 – DWGuru