创建AmazonSAM template (SAM 模板) - Amazon CodeDeploy
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

创建AmazonSAM template (SAM 模板)

创建AmazonSAM 模板文件,用于指定基础架构中的组件。

创建AmazonSAM template (SAM 模板)

  1. 创建名为 SAM-Tutorial 的目录。

  2. SAM-Tutorial 目录中创建名为 template.yml 的文件。

  3. 将以下 YAML 代码复制到 template.yml 中。这是 Amazon SAM 模板。

    AWSTemplateFormatVersion : '2010-09-09' Transform: AWS::Serverless-2016-10-31 Description: A sample SAM template for deploying Lambda functions. Resources: # Details about the myDateTimeFunction Lambda function myDateTimeFunction: Type: AWS::Serverless::Function Properties: Handler: myDateTimeFunction.handler Runtime: nodejs10.x # Instructs your myDateTimeFunction is published to an alias named "live". AutoPublishAlias: live # Grants this function permission to call lambda:InvokeFunction Policies: - Version: "2012-10-17" Statement: - Effect: "Allow" Action: - "lambda:InvokeFunction" Resource: '*' DeploymentPreference: # Specifies the deployment configuration Type: Linear10PercentEvery1Minute # Specifies Lambda functions for deployment lifecycle hooks Hooks: PreTraffic: !Ref beforeAllowTraffic PostTraffic: !Ref afterAllowTraffic # Specifies the BeforeAllowTraffic lifecycle hook Lambda function beforeAllowTraffic: Type: AWS::Serverless::Function Properties: Handler: beforeAllowTraffic.handler Policies: - Version: "2012-10-17" # Grants this function permission to call codedeploy:PutLifecycleEventHookExecutionStatus Statement: - Effect: "Allow" Action: - "codedeploy:PutLifecycleEventHookExecutionStatus" Resource: !Sub 'arn:aws:codedeploy:${AWS::Region}:${AWS::AccountId}:deploymentgroup:${ServerlessDeploymentApplication}/*' - Version: "2012-10-17" # Grants this function permission to call lambda:InvokeFunction Statement: - Effect: "Allow" Action: - "lambda:InvokeFunction" Resource: !Ref myDateTimeFunction.Version Runtime: nodejs10.x # Specifies the name of the Lambda hook function FunctionName: 'CodeDeployHook_beforeAllowTraffic' DeploymentPreference: Enabled: false Timeout: 5 Environment: Variables: NewVersion: !Ref myDateTimeFunction.Version # Specifies the AfterAllowTraffic lifecycle hook Lambda function afterAllowTraffic: Type: AWS::Serverless::Function Properties: Handler: afterAllowTraffic.handler Policies: - Version: "2012-10-17" Statement: # Grants this function permission to call codedeploy:PutLifecycleEventHookExecutionStatus - Effect: "Allow" Action: - "codedeploy:PutLifecycleEventHookExecutionStatus" Resource: !Sub 'arn:aws:codedeploy:${AWS::Region}:${AWS::AccountId}:deploymentgroup:${ServerlessDeploymentApplication}/*' - Version: "2012-10-17" Statement: # Grants this function permission to call lambda:InvokeFunction - Effect: "Allow" Action: - "lambda:InvokeFunction" Resource: !Ref myDateTimeFunction.Version Runtime: nodejs10.x # Specifies the name of the Lambda hook function FunctionName: 'CodeDeployHook_afterAllowTraffic' DeploymentPreference: Enabled: false Timeout: 5 Environment: Variables: NewVersion: !Ref myDateTimeFunction.Version

此模板指定以下内容。有关更多信息,请参阅 。Amazon SAM模板概念.

Lambda 函数称为myDateTimeFunction

发布此 Lambda 函数时,AutoPublishAlias行将其链接到名为的别名live. 在本教程的后面,该函数的更新会通过 Amazon CodeDeploy 触发部署,从而将生产流量从原始版本逐渐转移到更新版本。

两个 Lambda 部署验证函数

以下 Lambda 函数在 CodeDeploy 生命周期挂钩期间执行。该函数包含代码,用于验证更新的 myDateTimeFunction 的部署。验证测试的结果通过PutLifecycleEventHookExecutionStatusAPI 方法。如果验证测试失败,则部署失败并回滚。

  • CodeDeployHook_beforeAllowTrafficBeforeAllowTraffic 挂钩期间运行。

  • CodeDeployHook_afterAllowTrafficAfterAllowTraffic 挂钩期间运行。

这两个函数的名称以 CodeDeployHook_ 开头。这些区域有:CodeDeployRoleForLambda角色允许调用 Lambdainvoke方法仅在 Lambda 函数中,采用以此前缀开头的名称。有关更多信息,请参阅 。用于 AppSpec 的 “hooks” 部分AmazonLambda 部署PutLifecycleEventHookExecutionStatus中的CodeDeploy.

自动检测更新的 Lambda 函数

AutoPublishAlias 术语指示框架检测 myDateTimeFunction 函数何时发生了变化,然后使用 live 别名进行部署。

部署配置

部署配置用于确定 CodeDeploy 应用程序将流量从 Lambda 函数的原始版本转移到新版本的速率。此模板指定预定义的部署配置 Linear10PercentEvery1Minute

注意

您无法在AmazonSAM 模板。有关更多信息,请参阅Create a Deployment Configuration

部署生命周期挂钩函数

Hooks 部分指定在生命周期事件挂钩期间运行的函数。PreTraffic 指定在 BeforeAllowTraffic 挂钩期间运行的函数。PostTraffic 指定在 AfterAllowTraffic 挂钩期间运行的函数。

Lambda 调用另一个 Lambda 函数的权限

指定lambda:InvokeFunction权限授予AmazonSAM 应用程序调用 Lambda 函数的权限。当CodeDeployHook_beforeAllowTrafficCodeDeployHook_afterAllowTraffic函数在验证测试期间调用部署的 Lambda 函数。