在 Amazon EC2 上部署应用程序
您可以使用 CloudFormation 在 Amazon EC2 实例上自动安装、配置和启动应用程序。这样能让您轻松复制部署和更新现有安装而无需直接连接到该实例,从而为您节省大量时间和工作量。
CloudFormation 包括一组基于 cloud-init 的帮助程序脚本(cfn-init、cfn-signal、cfn-get-metadata 和 cfn-hup)。您可从 CloudFormation 模板中调用这些帮助程序脚本来在使用相同模板的 Amazon EC2 实例上安装、配置和更新应用程序。有关更多信息,请参阅 中的 CloudFormation 帮助程序脚本参考。
以下演练描述了如何创建一个模板,该模板使用帮助程序脚本来安装、配置和启动 Apache、MySQL 和 PHP,从而启动 LAMP 堆栈。您将从可设置运行 Amazon Linux 的基础 Amazon EC2 实例的简单模板入手,然后继续添加模板,直至描述为 LAMP 堆栈已满为止。
提供的示例基于旧版本的 Amazon Linux。在更新 AMI 以使用所需的 Amazon Linux 版本并更新辅助脚本以支持该版本之前,您将无法启动从这些模板启动的实例。有关在 AL2023 上安装 LAMP 堆栈的信息,请参阅《AL2023 用户指南》中的教程:在 AL2023 上安装 LAMP 服务器。
注意
考虑将 Amazon Systems Manager 参数作为 Mappings 部分的备选。要避免每次要使用的 AMI 发生更改时都使用新 ID 来更新所有模板,请在创建或更新堆栈时使用 AWS::SSM::Parameter::Value<AWS::EC2::Image::Id> 参数类型来检索最新 AMI ID。常用 AMI 的最新版本也可作为 Systems Manager 中的公有参数提供。有关更多信息,请参阅在运行时指定现有资源。
第 1 步:创建一个基本模板
首先是基础模板,该模板定义了带有安全组的单个 Amazon EC2 实例。该安全组将允许端口 22 上的 SSH 流量,允许端口 80 上的 HTTP 流量,如以下示例所示。
除了 Amazon EC2 实例和安全组之外,我们还创建了三个输入参数,这些参数可指定实例类型、用于 SSH 访问的 Amazon EC2 密钥对以及可用于以 SSH 方式连接实例的 IP 地址范围。映射部分可确保 CloudFormation 使用适用于堆栈的区域和 Amazon EC2 实例类型的正确 AMI ID。最后,输出部分将输出 Web 服务器的公共 URL。
AWSTemplateFormatVersion: 2010-09-09 Description: >- AWS CloudFormation sample template LAMP_Single_Instance: Create a LAMP stack using a single EC2 instance and a local MySQL database for storage. This template demonstrates using the AWS CloudFormation bootstrap scripts to install the packages and files necessary to deploy the Apache web server, PHP, and MySQL at instance launch time. **WARNING** This template creates an Amazon EC2 instance. You will be billed for the AWS resources used if you create a stack from this template. Parameters: KeyName: Description: Name of an existing EC2 KeyPair to enable SSH access to the instance Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: Can contain only ASCII characters. InstanceType: Description: WebServer EC2 instance type Type: String Default: t2.small AllowedValues: - t1.micro - t2.nano - t2.micro - t2.small - t2.medium - t2.large - m1.small - m1.medium - m1.large - m1.xlarge - m2.xlarge - m2.2xlarge - m2.4xlarge - m3.medium - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - c1.medium - c1.xlarge - c3.large - c3.xlarge - c3.2xlarge - c3.4xlarge - c3.8xlarge - c4.large - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - g2.2xlarge - g2.8xlarge - r3.large - r3.xlarge - r3.2xlarge - r3.4xlarge - r3.8xlarge - i2.xlarge - i2.2xlarge - i2.4xlarge - i2.8xlarge - d2.xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - hi1.4xlarge - hs1.8xlarge - cr1.8xlarge - cc2.8xlarge - cg1.4xlarge ConstraintDescription: must be a valid EC2 instance type. SSHLocation: Description: The IP address range that can be used to SSH to the EC2 instances Type: String MinLength: '9' MaxLength: '18' Default: 0.0.0.0/0 AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})' ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x Mappings: AWSInstanceType2Arch: t1.micro: Arch: HVM64 t2.nano: Arch: HVM64 t2.micro: Arch: HVM64 t2.small: Arch: HVM64 t2.medium: Arch: HVM64 t2.large: Arch: HVM64 m1.small: Arch: HVM64 m1.medium: Arch: HVM64 m1.large: Arch: HVM64 m1.xlarge: Arch: HVM64 m2.xlarge: Arch: HVM64 m2.2xlarge: Arch: HVM64 m2.4xlarge: Arch: HVM64 m3.medium: Arch: HVM64 m3.large: Arch: HVM64 m3.xlarge: Arch: HVM64 m3.2xlarge: Arch: HVM64 m4.large: Arch: HVM64 m4.xlarge: Arch: HVM64 m4.2xlarge: Arch: HVM64 m4.4xlarge: Arch: HVM64 m4.10xlarge: Arch: HVM64 c1.medium: Arch: HVM64 c1.xlarge: Arch: HVM64 c3.large: Arch: HVM64 c3.xlarge: Arch: HVM64 c3.2xlarge: Arch: HVM64 c3.4xlarge: Arch: HVM64 c3.8xlarge: Arch: HVM64 c4.large: Arch: HVM64 c4.xlarge: Arch: HVM64 c4.2xlarge: Arch: HVM64 c4.4xlarge: Arch: HVM64 c4.8xlarge: Arch: HVM64 g2.2xlarge: Arch: HVMG2 g2.8xlarge: Arch: HVMG2 r3.large: Arch: HVM64 r3.xlarge: Arch: HVM64 r3.2xlarge: Arch: HVM64 r3.4xlarge: Arch: HVM64 r3.8xlarge: Arch: HVM64 i2.xlarge: Arch: HVM64 i2.2xlarge: Arch: HVM64 i2.4xlarge: Arch: HVM64 i2.8xlarge: Arch: HVM64 d2.xlarge: Arch: HVM64 d2.2xlarge: Arch: HVM64 d2.4xlarge: Arch: HVM64 d2.8xlarge: Arch: HVM64 hi1.4xlarge: Arch: HVM64 hs1.8xlarge: Arch: HVM64 cr1.8xlarge: Arch: HVM64 cc2.8xlarge: Arch: HVM64 AWSRegionArch2AMI: us-east-1: HVM64: ami-0ff8a91507f77f867 HVMG2: ami-0a584ac55a7631c0c us-west-2: HVM64: ami-a0cfeed8 HVMG2: ami-0e09505bc235aa82d us-west-1: HVM64: ami-0bdb828fd58c52235 HVMG2: ami-066ee5fd4a9ef77f1 eu-west-1: HVM64: ami-047bb4163c506cd98 HVMG2: ami-0a7c483d527806435 eu-west-2: HVM64: ami-f976839e HVMG2: NOT_SUPPORTED eu-west-3: HVM64: ami-0ebc281c20e89ba4b HVMG2: NOT_SUPPORTED eu-central-1: HVM64: ami-0233214e13e500f77 HVMG2: ami-06223d46a6d0661c7 ap-northeast-1: HVM64: ami-06cd52961ce9f0d85 HVMG2: ami-053cdd503598e4a9d ap-northeast-2: HVM64: ami-0a10b2721688ce9d2 HVMG2: NOT_SUPPORTED ap-northeast-3: HVM64: ami-0d98120a9fb693f07 HVMG2: NOT_SUPPORTED ap-southeast-1: HVM64: ami-08569b978cc4dfa10 HVMG2: ami-0be9df32ae9f92309 ap-southeast-2: HVM64: ami-09b42976632b27e9b HVMG2: ami-0a9ce9fecc3d1daf8 ap-south-1: HVM64: ami-0912f71e06545ad88 HVMG2: ami-097b15e89dbdcfcf4 us-east-2: HVM64: ami-0b59bfac6be064b78 HVMG2: NOT_SUPPORTED ca-central-1: HVM64: ami-0b18956f HVMG2: NOT_SUPPORTED sa-east-1: HVM64: ami-07b14488da8ea02a0 HVMG2: NOT_SUPPORTED cn-north-1: HVM64: ami-0a4eaf6c4454eda75 HVMG2: NOT_SUPPORTED cn-northwest-1: HVM64: ami-6b6a7d09 HVMG2: NOT_SUPPORTED Resources: WebServerInstance: Type: AWS::EC2::Instance Properties: ImageId: !FindInMap - AWSRegionArch2AMI - !Ref 'AWS::Region' - !FindInMap - AWSInstanceType2Arch - !Ref InstanceType - Arch InstanceType: !Ref InstanceType SecurityGroups: - !Ref WebServerSecurityGroup KeyName: !Ref KeyName WebServerSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Enable HTTP access via port 80 SecurityGroupIngress: - IpProtocol: tcp FromPort: 80 ToPort: 80 CidrIp: 0.0.0.0/0 - IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: !Ref SSHLocation Outputs: WebsiteURL: Description: URL for newly created LAMP stack Value: !Join - '' - - 'http://' - !GetAtt - WebServerInstance - PublicDnsName
第 2 步:为 LAMP 安装添加帮助脚本
您将基于上一个基础 Amazon EC2 模板进行构建来自动安装 Apache、MySQL 和 PHP。为了安装应用程序,您将添加 UserData 属性和 Metadata 属性。但该模板在进入下一个部分之前将不会配置和启动应用程序。
UserData 属性运行两条 shell 命令:安装 CloudFormation 帮助程序脚本,然后运行 cfn-init 帮助程序脚本。由于帮助程序脚本会定期更新,因此可运行 yum install -y aws-cfn-bootstrap 命令来确保您将获得最新的帮助程序脚本。在运行 cfn-init 时,它从 AWS::CloudFormation::Init 资源中读取元数据,这将描述要由 cfn-init 执行的操作。例如,您可使用 cfn-init 和 AWS::CloudFormation::Init 安装软件包,将文件写入磁盘或启动某项服务。在我们的案例中,cfn-init 安装列出的软件包(httpd、mysql 和 php)并创建 /var/www/html/index.php 文件(一个示例 PHP 应用程序)。
在以下示例中,为了简洁,将删除所有用省略号 (...) 标记的部分。
AWSTemplateFormatVersion: 2010-09-09 Description: 'AWS CloudFormation Sample Template LAMP_Install_Only: ...' Resources: WebServerInstance: Type: AWS::EC2::Instance Metadata: Comment1: Configure the bootstrap helpers to install the Apache Web Server and PHP Comment2: Save website content to /var/www/html/index.php AWS::CloudFormation::Init: configSets: Install: - Install Install: packages: yum: mysql: [] mysql-server: [] mysql-libs: [] httpd: [] php: [] php-mysql: [] files: /var/www/html/index.php: content: !Join - '' - - | <html> - |2 <head> - |2 <title>AWS CloudFormation PHP Sample</title> - |2 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> - |2 </head> - |2 <body> - |2 <h1>Welcome to the AWS CloudFormation PHP Sample</h1> - |2 <p/> - |2 <?php - |2 // Print out the current data and time - |2 print "The Current Date and Time is: <br/>"; - |2 print date("g:i A l, F j Y."); - |2 ?> - |2 <p/> - |2 <?php - |2 // Setup a handle for CURL - |2 $curl_handle=curl_init(); - |2 curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2); - |2 curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1); - |2 // Get the hostname of the instance from the instance metadata - |2 curl_setopt($curl_handle,CURLOPT_URL,'http://169.254.169.254/latest/meta-data/public-hostname'); - |2 $hostname = curl_exec($curl_handle); - |2 if (empty($hostname)) - |2 { - |2 print "Sorry, for some reason, we got no hostname back <br />"; - |2 } - |2 else - |2 { - |2 print "Server = " . $hostname . "<br />"; - |2 } - |2 // Get the instance-id of the instance from the instance metadata - |2 curl_setopt($curl_handle,CURLOPT_URL,'http://169.254.169.254/latest/meta-data/instance-id'); - |2 $instanceid = curl_exec($curl_handle); - |2 if (empty($instanceid)) - |2 { - |2 print "Sorry, for some reason, we got no instance id back <br />"; - |2 } - |2 else - |2 { - |2 print "EC2 instance-id = " . $instanceid . "<br />"; - |2 } - ' $Database = "' - !Ref DBName - | "; - ' $DBUser = "' - !Ref DBUsername - | "; - ' $DBPassword = "' - !Ref DBPassword - | "; - |2 print "Database = " . $Database . "<br />"; - |2 $dbconnection = mysql_connect('localhost', $DBUser, $DBPassword, $Database) - |2 or die("Could not connect: " . mysql_error()); - |2 print ("Connected to $Database successfully"); - |2 mysql_close($dbconnection); - |2 ?> - |2 <h2>PHP Information</h2> - |2 <p/> - |2 <?php - |2 phpinfo(); - |2 ?> - |2 </body> - | </html> mode: '000600' owner: apache group: apache services: sysvinit: httpd: enabled: 'true' ensureRunning: 'true' Properties: ImageId: !FindInMap - AWSRegionArch2AMI - !Ref 'AWS::Region' - !FindInMap - AWSInstanceType2Arch - !Ref InstanceType - Arch InstanceType: !Ref InstanceType SecurityGroups: - !Ref WebServerSecurityGroup KeyName: !Ref KeyName UserData: !Base64 Fn::Sub: |- #!/bin/bash -xe yum update -y aws-cfn-bootstrap # Install the files and packages from the metadata /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource WebServerInstance --configsets Install --region ${AWS::Region}
第 3 步:扩展脚本以配置 Apache、MySQL 和 PHP
现在我们有一个可安装 Linux、Apache、MySQL 和 PHP 的模板,我们将需要扩展该模板以使其自动配置和运行 Apache、MySQL、和 PHP。在以下示例中,我们扩展了 Parameters 部分、AWS::CloudFormation::Init 资源和 UserData 属性来完成配置。与上一个模板一样,为了简洁,将删除所有用省略号 (...) 标记的部分。模板的新增部分以红色斜体文本显示。
该示例定义了 DBUsername 和 DBPassword 参数并将其 NoEcho 属性设置为 true。如果您将 NoEcho 属性设置为 true,则对于描述堆栈或堆栈事件的任何调用,CloudFormation 返回使用星号 (*****) 遮蔽的参数值,但存储在下面指定位置的信息除外。
重要
使用 NoEcho 属性不会遮蔽在以下各区段中存储的任何信息:
-
Metadata模板区段。CloudFormation 不会转换、修改或编辑您在Metadata部分中包含的任何信息。有关更多信息,请参阅 Metadata。 -
Outputs模板区段。有关更多信息,请参阅 Outputs。 -
资源定义的
Metadata属性。有关更多信息,请参阅Metadata属性。
强烈建议您不要使用这些机制来包含敏感信息,例如密码。
重要
我们建议不要将敏感信息直接嵌入 CloudFormation 模板中,而应使用堆栈模板中的动态参数来引用在 CloudFormation 外部存储和管理的敏感信息,例如 Amazon Systems Manager Parameter Store 或 Amazon Secrets Manager 中的敏感信息。
有关更多信息,请参阅请勿将凭证嵌入您的模板最佳实践。
该示例添加多个参数来获取用于配置 MySQL 数据库的信息,如数据库名称、用户名、密码和根密码。这些参数还包含各种限制,可在 CloudFormation 创建堆栈之前,捕获格式不正确的值。
在 AWS::CloudFormation::Init 资源中,我们添加了一个 MySQL 设置文件,该文件包含数据库名称、用户名和密码。该示例还添加了 services 属性来确保 httpd 和 mysqld 服务正常运行(将 ensureRunning 设置为 true)并确保这些服务在重新引导实例时将重新启动(将 enabled 设置为 true)。好的做法是,还包含 cfn-hup 帮助程序脚本,可利用该脚本通过更新堆栈模板来对正在运行的实例进行配置更新。例如,您可以更改示例 PHP 应用程序,然后运行堆栈更新来部署更改。
为了在安装完成后运行 MySQL 命令,示例添加了另一个配置集来运行这些命令。在您有一系列必须按特定顺序完成的任务时,配置集很有用。示例首先运行 Install 配置集,然后运行 Configure 配置集。Configure 配置集指定数据库根密码,然后创建数据库。在命令部分中,按名称的字母顺序处理这些命令,以便示例在每个命令名称的前面添加一个数字来表示其所需的运行顺序。
AWSTemplateFormatVersion: 2010-09-09 Description: >- AWS CloudFormation Sample Template LAMP_Single_Instance: Create a LAMP stack using a single EC2 instance and a local MySQL database for storage. This template demonstrates using the AWS CloudFormation bootstrap scripts to install the packages and files necessary to deploy the Apache web server, PHP and MySQL at instance launch time. **WARNING** This template creates an Amazon EC2 instance. You will be billed for the AWS resources used if you create a stack from this template. Parameters:DBName: Default: MyDatabase Description: MySQL database name Type: String MinLength: '1' MaxLength: '64' AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*' ConstraintDescription: Must begin with a letter and contain only alphanumeric characters DBUsername: NoEcho: 'true' Description: Username for MySQL database access Type: String MinLength: '1' MaxLength: '16' AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*' ConstraintDescription: Must begin with a letter and contain only alphanumeric characters DBPassword: NoEcho: 'true' Description: Password for MySQL database access Type: String MinLength: '1' MaxLength: '41' AllowedPattern: '[a-zA-Z0-9]*' ConstraintDescription: Must contain only alphanumeric characters DBRootPassword: NoEcho: 'true' Description: Root password for MySQL Type: String MinLength: '1' MaxLength: '41' AllowedPattern: '[a-zA-Z0-9]*' ConstraintDescription: Must contain only alphanumeric charactersResources: WebServerInstance: Type: AWS::EC2::Instance Metadata: Comment1: >- Configure the bootstrap helpers to install the Apache Web Server and PHP Comment2: Save website content to /var/www/html/index.php AWS::CloudFormation::Init: configSets:InstallAndRun: - Install - ConfigureInstall: packages: yum: mysql: [] mysql-server: [] mysql-libs: [] httpd: [] php: [] php-mysql: [] files: /var/www/html/index.php: content: ...: null mode: '000600' owner: apache group: apache/tmp/setup.mysql: content: !Sub | CREATE DATABASE ${DBName}; GRANT ALL ON ${DBName}.* TO '${DBUsername}'@localhost IDENTIFIED BY '${DBPassword}'; mode: '000400' owner: root group: root /etc/cfn/cfn-hup.conf: content: !Sub | [main] stack=${AWS::StackId} region=${AWS::Region} mode: '000400' owner: root group: root /etc/cfn/hooks.d/cfn-auto-reloader.conf: content: !Sub |- [cfn-auto-reloader-hook] triggers=post.update path=Resources.WebServerInstance.Metadata.AWS::CloudFormation::Init action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource WebServerInstance --configsets InstallAndRun --region ${AWS::Region} runas=rootservices: sysvinit: mysqld: enabled: 'true' ensureRunning: 'true' httpd: enabled: 'true' ensureRunning: 'true' cfn-hup: enabled: 'true' ensureRunning: 'true' files: - /etc/cfn/cfn-hup.conf - /etc/cfn/hooks.d/cfn-auto-reloader.confConfigure: commands: 01_set_mysql_root_password: command: !Sub |- mysqladmin -u root password '${DBRootPassword}' test: !Sub |- $(mysql ${DBName} -u root --password='${DBRootPassword}' >/dev/null 2>&1 </dev/null); (( $? != 0 )) 02_create_database: command: !Sub |- mysql -u root --password='${DBRootPassword}' < /tmp/setup.mysql test: !Sub |- $(mysql ${DBName} -u root --password='${DBRootPassword}' >/dev/null 2>&1 </dev/null); (( $? != 0 ))Properties: ImageId: !FindInMap - AWSRegionArch2AMI - !Ref 'AWS::Region' - !FindInMap - AWSInstanceType2Arch - !Ref InstanceType - Arch InstanceType: !Ref InstanceType SecurityGroups: - !Ref WebServerSecurityGroup KeyName: !Ref KeyName UserData: !Base64 Fn::Sub: |- #!/bin/bash -xe yum update -y aws-cfn-bootstrap # Install the files and packages from the metadata /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource WebServerInstance --configsetsInstallAndRun--region ${AWS::Region} WebServerSecurityGroup: ...: Outputs: ...: ...
第 4 步:添加创建策略和信号配置
最后,您需要通过某种方式来指示 CloudFormation 仅在所有服务 (如 Apache 和 MySQL) 运行后而不是在创建所有堆栈资源后完成堆栈创建。换句话说,如果您使用前一个部分中的模板来启动堆栈,则 CloudFormation 会在成功创建所有资源后将堆栈的状态设置为 CREATE_COMPLETE。不过,如果一个或多个服务启动失败,CloudFormation 仍会将堆栈状态设置为 CREATE_COMPLETE。要防止状态在成功启动所有服务之前更为 CREATE_COMPLETE,您可将 CreationPolicy 属性添加到实例。该属性将实例的状态置于 CREATE_IN_PROGRESS,直至 CloudFormation 收到所需数量的成功信号或超出超时期限,以使您能够控制何时成功创建实例。有关更多信息,请参阅 CreationPolicy 属性。
以下示例将创建策略添加到 Amazon EC2 实例来确保 cfn-init 在创建堆栈之前完成 LAMP 的安装和配置。在与创建策略结合使用时,该示例需要运行 cfn-signal 帮助程序脚本以在安装和配置所有应用程序时向 CloudFormation 发送信号。有关更多信息,请参阅 cfn-signal。
AWSTemplateFormatVersion: 2010-09-09 Description: 'AWS CloudFormation Sample Template LAMP_Single_Instance: ...' Resources: WebServerInstance: Type: AWS::EC2::Instance Properties: ImageId: !FindInMap - AWSRegionArch2AMI - !Ref 'AWS::Region' - !FindInMap - AWSInstanceType2Arch - !Ref InstanceType - Arch InstanceType: !Ref InstanceType SecurityGroups: - !Ref WebServerSecurityGroup KeyName: !Ref KeyName UserData: !Base64 Fn::Sub: |- #!/bin/bash -xe yum update -y aws-cfn-bootstrap # Install the files and packages from the metadata /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource WebServerInstance --configsets InstallAndRun --region ${AWS::Region} # Signal the status from cfn-init /opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource WebServerInstance --region ${AWS::Region} CreationPolicy: ResourceSignal: Timeout: PT5M WebServerSecurityGroup: ...: ...
创建策略属性使用 ISO 8601 格式来定义 5 分钟的超时期限。因为您等待 1 个实例进行配置,所以您只需等待一个成功信号(默认计数)。
在 UserData 属性中,如果所有服务均已成功配置并启动,则模板将运行 cfn-signal 脚本来发送成功信号与退出代码。当您使用 cfn-signal 脚本时,必须添加堆栈 ID 或名称以及要发送信号的资源的逻辑 ID。如果配置失败,cfn-signal 将发送导致资源创建失败的失败信号。如果 CloudFormation 在超时期限内没有收到成功信号,资源创建也会失败。
以下示例显示了最终的完整模板。
AWSTemplateFormatVersion: 2010-09-09 Description: >- AWS CloudFormation Sample Template LAMP_Single_Instance: Create a LAMP stack using a single EC2 instance and a local MySQL database for storage. This template demonstrates using the AWS CloudFormation bootstrap scripts to install the packages and files necessary to deploy the Apache web server, PHP and MySQL at instance launch time. **WARNING** This template creates an Amazon EC2 instance. You will be billed for the AWS resources used if you create a stack from this template. Parameters: KeyName: Description: Name of an existing EC2 KeyPair to enable SSH access to the instance Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. DBName: Default: MyDatabase Description: MySQL database name Type: String MinLength: '1' MaxLength: '64' AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*' ConstraintDescription: must begin with a letter and contain only alphanumeric characters. DBUser: NoEcho: 'true' Description: Username for MySQL database access Type: String MinLength: '1' MaxLength: '16' AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*' ConstraintDescription: must begin with a letter and contain only alphanumeric characters. DBPassword: NoEcho: 'true' Description: Password for MySQL database access Type: String MinLength: '1' MaxLength: '41' AllowedPattern: '[a-zA-Z0-9]*' ConstraintDescription: must contain only alphanumeric characters. DBRootPassword: NoEcho: 'true' Description: Root password for MySQL Type: String MinLength: '1' MaxLength: '41' AllowedPattern: '[a-zA-Z0-9]*' ConstraintDescription: must contain only alphanumeric characters. InstanceType: Description: WebServer EC2 instance type Type: String Default: t2.small AllowedValues: - t1.micro - t2.nano - t2.micro - t2.small - t2.medium - t2.large - m1.small - m1.medium - m1.large - m1.xlarge - m2.xlarge - m2.2xlarge - m2.4xlarge - m3.medium - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - c1.medium - c1.xlarge - c3.large - c3.xlarge - c3.2xlarge - c3.4xlarge - c3.8xlarge - c4.large - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - g2.2xlarge - g2.8xlarge - r3.large - r3.xlarge - r3.2xlarge - r3.4xlarge - r3.8xlarge - i2.xlarge - i2.2xlarge - i2.4xlarge - i2.8xlarge - d2.xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - hi1.4xlarge - hs1.8xlarge - cr1.8xlarge - cc2.8xlarge - cg1.4xlarge ConstraintDescription: must be a valid EC2 instance type. SSHLocation: Description: ' The IP address range that can be used to SSH to the EC2 instances' Type: String MinLength: '9' MaxLength: '18' Default: 0.0.0.0/0 AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})' ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x. Mappings: AWSInstanceType2Arch: t1.micro: Arch: HVM64 t2.nano: Arch: HVM64 t2.micro: Arch: HVM64 t2.small: Arch: HVM64 t2.medium: Arch: HVM64 t2.large: Arch: HVM64 m1.small: Arch: HVM64 m1.medium: Arch: HVM64 m1.large: Arch: HVM64 m1.xlarge: Arch: HVM64 m2.xlarge: Arch: HVM64 m2.2xlarge: Arch: HVM64 m2.4xlarge: Arch: HVM64 m3.medium: Arch: HVM64 m3.large: Arch: HVM64 m3.xlarge: Arch: HVM64 m3.2xlarge: Arch: HVM64 m4.large: Arch: HVM64 m4.xlarge: Arch: HVM64 m4.2xlarge: Arch: HVM64 m4.4xlarge: Arch: HVM64 m4.10xlarge: Arch: HVM64 c1.medium: Arch: HVM64 c1.xlarge: Arch: HVM64 c3.large: Arch: HVM64 c3.xlarge: Arch: HVM64 c3.2xlarge: Arch: HVM64 c3.4xlarge: Arch: HVM64 c3.8xlarge: Arch: HVM64 c4.large: Arch: HVM64 c4.xlarge: Arch: HVM64 c4.2xlarge: Arch: HVM64 c4.4xlarge: Arch: HVM64 c4.8xlarge: Arch: HVM64 g2.2xlarge: Arch: HVMG2 g2.8xlarge: Arch: HVMG2 r3.large: Arch: HVM64 r3.xlarge: Arch: HVM64 r3.2xlarge: Arch: HVM64 r3.4xlarge: Arch: HVM64 r3.8xlarge: Arch: HVM64 i2.xlarge: Arch: HVM64 i2.2xlarge: Arch: HVM64 i2.4xlarge: Arch: HVM64 i2.8xlarge: Arch: HVM64 d2.xlarge: Arch: HVM64 d2.2xlarge: Arch: HVM64 d2.4xlarge: Arch: HVM64 d2.8xlarge: Arch: HVM64 hi1.4xlarge: Arch: HVM64 hs1.8xlarge: Arch: HVM64 cr1.8xlarge: Arch: HVM64 cc2.8xlarge: Arch: HVM64 AWSInstanceType2NATArch: t1.micro: Arch: NATHVM64 t2.nano: Arch: NATHVM64 t2.micro: Arch: NATHVM64 t2.small: Arch: NATHVM64 t2.medium: Arch: NATHVM64 t2.large: Arch: NATHVM64 m1.small: Arch: NATHVM64 m1.medium: Arch: NATHVM64 m1.large: Arch: NATHVM64 m1.xlarge: Arch: NATHVM64 m2.xlarge: Arch: NATHVM64 m2.2xlarge: Arch: NATHVM64 m2.4xlarge: Arch: NATHVM64 m3.medium: Arch: NATHVM64 m3.large: Arch: NATHVM64 m3.xlarge: Arch: NATHVM64 m3.2xlarge: Arch: NATHVM64 m4.large: Arch: NATHVM64 m4.xlarge: Arch: NATHVM64 m4.2xlarge: Arch: NATHVM64 m4.4xlarge: Arch: NATHVM64 m4.10xlarge: Arch: NATHVM64 c1.medium: Arch: NATHVM64 c1.xlarge: Arch: NATHVM64 c3.large: Arch: NATHVM64 c3.xlarge: Arch: NATHVM64 c3.2xlarge: Arch: NATHVM64 c3.4xlarge: Arch: NATHVM64 c3.8xlarge: Arch: NATHVM64 c4.large: Arch: NATHVM64 c4.xlarge: Arch: NATHVM64 c4.2xlarge: Arch: NATHVM64 c4.4xlarge: Arch: NATHVM64 c4.8xlarge: Arch: NATHVM64 g2.2xlarge: Arch: NATHVMG2 g2.8xlarge: Arch: NATHVMG2 r3.large: Arch: NATHVM64 r3.xlarge: Arch: NATHVM64 r3.2xlarge: Arch: NATHVM64 r3.4xlarge: Arch: NATHVM64 r3.8xlarge: Arch: NATHVM64 i2.xlarge: Arch: NATHVM64 i2.2xlarge: Arch: NATHVM64 i2.4xlarge: Arch: NATHVM64 i2.8xlarge: Arch: NATHVM64 d2.xlarge: Arch: NATHVM64 d2.2xlarge: Arch: NATHVM64 d2.4xlarge: Arch: NATHVM64 d2.8xlarge: Arch: NATHVM64 hi1.4xlarge: Arch: NATHVM64 hs1.8xlarge: Arch: NATHVM64 cr1.8xlarge: Arch: NATHVM64 cc2.8xlarge: Arch: NATHVM64 AWSRegionArch2AMI: af-south-1: HVM64: ami-064cc455f8a1ef504 HVMG2: NOT_SUPPORTED ap-east-1: HVM64: ami-f85b1989 HVMG2: NOT_SUPPORTED ap-northeast-1: HVM64: ami-0b2c2a754d5b4da22 HVMG2: ami-09d0e0e099ecabba2 ap-northeast-2: HVM64: ami-0493ab99920f410fc HVMG2: NOT_SUPPORTED ap-northeast-3: HVM64: ami-01344f6f63a4decc1 HVMG2: NOT_SUPPORTED ap-south-1: HVM64: ami-03cfb5e1fb4fac428 HVMG2: ami-0244c1d42815af84a ap-southeast-1: HVM64: ami-0ba35dc9caf73d1c7 HVMG2: ami-0e46ce0d6a87dc979 ap-southeast-2: HVM64: ami-0ae99b503e8694028 HVMG2: ami-0c0ab057a101d8ff2 ca-central-1: HVM64: ami-0803e21a2ec22f953 HVMG2: NOT_SUPPORTED cn-north-1: HVM64: ami-07a3f215cc90c889c HVMG2: NOT_SUPPORTED cn-northwest-1: HVM64: ami-0a3b3b10f714a0ff4 HVMG2: NOT_SUPPORTED eu-central-1: HVM64: ami-0474863011a7d1541 HVMG2: ami-0aa1822e3eb913a11 eu-north-1: HVM64: ami-0de4b8910494dba0f HVMG2: ami-32d55b4c eu-south-1: HVM64: ami-08427144fe9ebdef6 HVMG2: NOT_SUPPORTED eu-west-1: HVM64: ami-015232c01a82b847b HVMG2: ami-0d5299b1c6112c3c7 eu-west-2: HVM64: ami-0765d48d7e15beb93 HVMG2: NOT_SUPPORTED eu-west-3: HVM64: ami-0caf07637eda19d9c HVMG2: NOT_SUPPORTED me-south-1: HVM64: ami-0744743d80915b497 HVMG2: NOT_SUPPORTED sa-east-1: HVM64: ami-0a52e8a6018e92bb0 HVMG2: NOT_SUPPORTED us-east-1: HVM64: ami-032930428bf1abbff HVMG2: ami-0aeb704d503081ea6 us-east-2: HVM64: ami-027cab9a7bf0155df HVMG2: NOT_SUPPORTED us-west-1: HVM64: ami-088c153f74339f34c HVMG2: ami-0a7fc72dc0e51aa77 us-west-2: HVM64: ami-01fee56b22f308154 HVMG2: ami-0fe84a5b4563d8f27 Resources: WebServerInstance: Type: AWS::EC2::Instance Metadata: AWS::CloudFormation::Init: configSets: InstallAndRun: - Install - Configure Install: packages: yum: mysql: [] mysql-server: [] mysql-libs: [] httpd: [] php: [] php-mysql: [] files: /var/www/html/index.php: content: !Join - '' - - | <html> - |2 <head> - |2 <title>AWS CloudFormation PHP Sample</title> - |2 <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> - |2 </head> - |2 <body> - |2 <h1>Welcome to the AWS CloudFormation PHP Sample</h1> - |2 <p/> - |2 <?php - |2 // Print out the current data and time - |2 print "The Current Date and Time is: <br/>"; - |2 print date("g:i A l, F j Y."); - |2 ?> - |2 <p/> - |2 <?php - |2 // Setup a handle for CURL - |2 $curl_handle=curl_init(); - |2 curl_setopt($curl_handle,CURLOPT_CONNECTTIMEOUT,2); - |2 curl_setopt($curl_handle,CURLOPT_RETURNTRANSFER,1); - |2 // Get the hostname of the intance from the instance metadata - |2 curl_setopt($curl_handle,CURLOPT_URL,'http://169.254.169.254/latest/meta-data/public-hostname'); - |2 $hostname = curl_exec($curl_handle); - |2 if (empty($hostname)) - |2 { - |2 print "Sorry, for some reason, we got no hostname back <br />"; - |2 } - |2 else - |2 { - |2 print "Server = " . $hostname . "<br />"; - |2 } - |2 // Get the instance-id of the intance from the instance metadata - |2 curl_setopt($curl_handle,CURLOPT_URL,'http://169.254.169.254/latest/meta-data/instance-id'); - |2 $instanceid = curl_exec($curl_handle); - |2 if (empty($instanceid)) - |2 { - |2 print "Sorry, for some reason, we got no instance id back <br />"; - |2 } - |2 else - |2 { - |2 print "EC2 instance-id = " . $instanceid . "<br />"; - |2 } - |2 $Database = "localhost"; - ' $DBUser = "' - !Ref DBUser - | "; - ' $DBPassword = "' - !Ref DBPassword - | "; - |2 print "Database = " . $Database . "<br />"; - |2 $dbconnection = mysql_connect($Database, $DBUser, $DBPassword) - |2 or die("Could not connect: " . mysql_error()); - |2 print ("Connected to $Database successfully"); - |2 mysql_close($dbconnection); - |2 ?> - |2 <h2>PHP Information</h2> - |2 <p/> - |2 <?php - |2 phpinfo(); - |2 ?> - |2 </body> - | </html> mode: '000600' owner: apache group: apache /tmp/setup.mysql: content: !Sub | CREATE DATABASE ${DBName}; GRANT ALL ON ${DBName}.* TO '${DBUsername}'@localhost IDENTIFIED BY '${DBPassword}'; mode: '000400' owner: root group: root /etc/cfn/cfn-hup.conf: content: !Sub | [main] stack=${AWS::StackId} region=${AWS::Region} mode: '000400' owner: root group: root /etc/cfn/hooks.d/cfn-auto-reloader.conf: content: !Sub |- [cfn-auto-reloader-hook] triggers=post.update path=Resources.WebServerInstance.Metadata.AWS::CloudFormation::Init action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource WebServerInstance --configsets InstallAndRun --region ${AWS::Region} runas=root mode: '000400' owner: root group: root services: sysvinit: mysqld: enabled: 'true' ensureRunning: 'true' httpd: enabled: 'true' ensureRunning: 'true' cfn-hup: enabled: 'true' ensureRunning: 'true' files: - /etc/cfn/cfn-hup.conf - /etc/cfn/hooks.d/cfn-auto-reloader.conf Configure: commands: 01_set_mysql_root_password: command: !Sub |- mysqladmin -u root password '${DBRootPassword}' test: !Sub |- $(mysql ${DBName} -u root --password='${DBRootPassword}' >/dev/null 2>&1 </dev/null); (( $? != 0 )) 02_create_database: command: !Sub |- mysql -u root --password='${DBRootPassword}' < /tmp/setup.mysql test: !Sub |- $(mysql ${DBName} -u root --password='${DBRootPassword}' >/dev/null 2>&1 </dev/null); (( $? != 0 )) Properties: ImageId: !FindInMap - AWSRegionArch2AMI - !Ref 'AWS::Region' - !FindInMap - AWSInstanceType2Arch - !Ref InstanceType - Arch InstanceType: !Ref InstanceType SecurityGroups: - !Ref WebServerSecurityGroup KeyName: !Ref KeyName UserData: !Base64 Fn::Sub: |- #!/bin/bash -xe yum update -y aws-cfn-bootstrap # Install the files and packages from the metadata /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource WebServerInstance --configsets InstallAndRun --region ${AWS::Region} # Signal the status from cfn-init /opt/aws/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource WebServerInstance --region ${AWS::Region} CreationPolicy: ResourceSignal: Timeout: PT5M WebServerSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Enable HTTP access via port 80 SecurityGroupIngress: - IpProtocol: tcp FromPort: '80' ToPort: '80' CidrIp: 0.0.0.0/0 - IpProtocol: tcp FromPort: '22' ToPort: '22' CidrIp: !Ref SSHLocation Outputs: WebsiteURL: Description: URL for newly created LAMP stack Value: !Join - '' - - 'http://' - !GetAtt - WebServerInstance - PublicDnsName
相关资源
您还可以在以下位置查看模板的 JSON 版本:LAMP_Single_Instance.template
有关使用 Amazon Linux 最新版本的其他 LAMP 堆栈模板示例,请参阅 GitHub 网站上的 ec2-lamp-server