Ndinayamba kugwira ntchito ndi cloudformation Zaka 4 zapitazo. Kuyambira pamenepo ndathyola zida zambiri, ngakhale zomwe zidapangidwa kale. Koma nthawi zonse ndikasokoneza, ndimaphunzira zatsopano. Kupyolera muzochitikazi, ndigawana nawo maphunziro ofunika kwambiri omwe ndaphunzira.
Phunziro 1: Kusintha koyesa musanawatumize
Ndinaphunzira phunziroli nditangoyamba kugwira nawo ntchito cloudformation. Sindikukumbukira zomwe ndinaphwanya panthawiyo, koma ndikukumbukira kuti ndinagwiritsa ntchito lamuloli aws cloudformation update. Lamuloli limangotulutsa template popanda kutsimikizira zosintha zomwe zidzatumizidwe. Sindikuganiza kuti kulongosola kulikonse kumafunikira chifukwa chake muyenera kuyesa zosintha zonse musanazitumize.
Pambuyo pa kulephera kumeneku, ndinasintha nthawi yomweyo pipeline yopumira, m'malo mwa zosintha ndi lamulo pangani-sintha-seti
# OPERATION is either "UPDATE" or "CREATE"
changeset_id=$(aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "$OPERATION"
--parameters "$PARAMETERS"
--output text
--query Id)
aws cloudformation wait
change-set-create-complete --change-set-name "$changeset_id"
Kusinthako kukapangidwa, sikukhala ndi zotsatira pa stack yomwe ilipo. Mosiyana ndi lamulo lakusintha, njira yosinthira siyambitsa kutumizidwa kwenikweni. M'malo mwake, imapanga mndandanda wa zosintha zomwe mungawunikenso musanatumizidwe. Mutha kuwona kusintha kwa mawonekedwe a aws console. Koma ngati mukufuna kusintha zonse zomwe mungathe, fufuzani mu CLI:
# this command is presented only for demonstrational purposes.
# the real command should take pagination into account
aws cloudformation describe-change-set
--change-set-name "$changeset_id"
--query 'Changes[*].ResourceChange.{Action:Action,Resource:ResourceType,ResourceId:LogicalResourceId,ReplacementNeeded:Replacement}'
--output tableLamuloli liyenera kutulutsa zotsatira zofanana ndi izi:
--------------------------------------------------------------------
| DescribeChangeSet |
+---------+--------------------+----------------------+------------+
| Action | ReplacementNeeded | Resource | ResourceId |
+---------+--------------------+----------------------+------------+
| Modify | True | AWS::ECS::Cluster | MyCluster |
| Replace| True | AWS::RDS::DBInstance| MyDB |
| Add | None | AWS::SNS::Topic | MyTopic |
+---------+--------------------+----------------------+------------+Samalani kwambiri kusintha komwe kuli Action Sinthanitsani, Chotsani kapena kuti Kusintha Kukufunika - Zowona. Izi ndi zosintha zowopsa kwambiri ndipo nthawi zambiri zimayambitsa kutayika kwa chidziwitso.
Zosintha zikawunikiridwa, zitha kutumizidwa
aws cloudformation execute-change-set --change-set-name "$changeset_id"
operation_lowercase=$(echo "$OPERATION" | tr '[:upper:]' '[:lower:]')
aws cloudformation wait "stack-${operation_lowercase}-complete"
--stack-name "$STACK_NAME"PHUNZIRO 2: Gwiritsani ntchito ndondomeko ya stack kuti zinthu za boma zisasinthidwe kapena kuchotsedwa
Nthawi zina kungoona zosintha sikokwanira. Tonse ndife anthu ndipo timalakwitsa zinthu. Patangopita nthawi pang'ono titayamba kugwiritsa ntchito zosintha, mnzanga wa timu mosadziwa adatumiza zomwe zidapangitsa kuti pakhale zosintha za database. Palibe choipa chomwe chinachitika chifukwa chinali malo oyesera.
Ngakhale zolemba zathu zikuwonetsa mndandanda wa zosintha ndikufunsa kuti zitsimikizidwe, Kusintha kwa Replace kunadumphidwa chifukwa mndandanda wa zosinthazo unali waukulu kwambiri kotero kuti sunagwirizane ndi zenera. Ndipo popeza uku kunali kusintha kwabwino m'malo oyesera, palibe chidwi chochuluka chomwe chinaperekedwa pakusintha.
Pali zothandizira zomwe simukufuna kuzisintha kapena kuzichotsa. Izi ndi ntchito zanthawi zonse, monga nkhokwe ya RDS kapena gulu la elasticsearch, ndi zina zotero. Zingakhale zabwino ngati aws angakane kutumizidwa ngati ntchitoyo ikufunika kufufutidwa. Mwamwayi, cloudformation ili ndi njira yopangira izi. Izi zimatchedwa stack policy, ndipo mutha kuwerenga zambiri za izi :
STACK_NAME=$1
RESOURCE_ID=$2
POLICY_JSON=$(cat <<EOF
{
"Statement" : [{
"Effect" : "Deny",
"Action" : [
"Update:Replace",
"Update:Delete"
],
"Principal": "*",
"Resource" : "LogicalResourceId/$RESOURCE_ID"
}]
}
EOF
)
aws cloudformation set-stack-policy --stack-name "$STACK_NAME"
--stack-policy-body "$POLICY_JSON"Phunziro 3: Gwiritsani ntchito UsePreviousValue pokonzanso stack yokhala ndi magawo achinsinsi
Mukapanga gulu la RDS mysql, AWS imafuna kuti mupereke dzina la MasterUsername ndi MasterUserPassword. Popeza ndibwino kuti musasunge zinsinsi mu code source ndipo ndimafuna kusinthiratu chilichonse, ndidakhazikitsa "smart mechanism" pomwe zisanachitike kutumizidwa zidziwitso zidzapezedwa kuchokera ku s3, ndipo ngati zidziwitso sizipezeka, zidziwitso zatsopano zimapangidwa ndipo kusungidwa mu s3.
Zidziwitso izi zidzaperekedwa ngati magawo ku cloudformation create-change-set command. Ndikuyesera script, zidachitika kuti kugwirizana kwa s3 kunatayika, ndipo "smart mechanism" yanga inachiyesa ngati chizindikiro chopanga zidziwitso zatsopano.
Ngati ndidayamba kugwiritsa ntchito script iyi popanga ndipo vuto lolumikizana lidachitikanso, lingasinthire stack ndi zidziwitso zatsopano. Pankhaniyi, palibe choipa chidzachitike. Komabe, ndinasiya njira iyi ndikuyamba kugwiritsa ntchito ina, ndikupereka zidziwitso kamodzi kokha - popanga stack. Ndipo pambuyo pake, pamene stack ikufunika kusinthidwa, m'malo mofotokoza mtengo wachinsinsi wa parameter, ndimangogwiritsa ntchito. UsePreviousValue=zoona:
aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "UPDATE"
--parameters "ParameterKey=MasterUserPassword,UsePreviousValue=true"Phunziro 4: Gwiritsani ntchito kasinthidwe ka rollback
Gulu lina lomwe ndidagwira nawo ntchito lidagwiritsa ntchito ntchitoyi cloudformation, woyitana kasinthidwe ka rollback. Ndinali ndisanakumanepo nazo ndipo mwamsanga ndinazindikira kuti zingapangitse kuti ntchito zanga zikhale zozizira kwambiri. Tsopano ndimagwiritsa ntchito nthawi iliyonse ndikatumiza code yanga ku lambda kapena ECS pogwiritsa ntchito cloudformation.
Momwe zimagwirira ntchito: mumatchula Alamu ya CloudWatch mu parameter --rollback-configurationpamene mupanga zosintha. Pambuyo pake, mukasintha kusintha, aws amayang'anira alamu kwa mphindi imodzi. Imabwezeretsanso kutumizidwa ngati alamu isintha kukhala ALARM panthawiyi.
M'munsimu muli chitsanzo cha template yotengedwa cloudformationmomwe ndimalenga cloudwatch alarm, yomwe imatsata ma metric ogwiritsa ntchito mumtambo monga kuchuluka kwa zolakwika mu zolemba zamtambo (metric imapangidwa kudzera MetricFilter):
Resources:
# this metric tracks number of errors in the cloudwatch logs. In this
# particular case it's assumed logs are in json format and the error logs are
# identified by level "error". See FilterPattern
ErrorMetricFilter:
Type: AWS::Logs::MetricFilter
Properties:
LogGroupName: !Ref LogGroup
FilterPattern: !Sub '{$.level = "error"}'
MetricTransformations:
- MetricNamespace: !Sub "${AWS::StackName}-log-errors"
MetricName: Errors
MetricValue: 1
DefaultValue: 0
ErrorAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: !Sub "${AWS::StackName}-errors"
Namespace: !Sub "${AWS::StackName}-log-errors"
MetricName: Errors
Statistic: Maximum
ComparisonOperator: GreaterThanThreshold
Period: 1 # 1 minute
EvaluationPeriods: 1
Threshold: 0
TreatMissingData: notBreaching
ActionsEnabled: yesTsopano Alamu angagwiritsidwe ntchito ngati kubwerera yambitsani pamene mukuchita bokosi lazida:
ALARM_ARN=$1
ROLLBACK_TRIGGER=$(cat <<EOF
{
"RollbackTriggers": [
{
"Arn": "$ALARM_ARN",
"Type": "AWS::CloudWatch::Alarm"
}
],
"MonitoringTimeInMinutes": 1
}
EOF
)
aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "UPDATE"
--rollback-configuration "$ROLLBACK_TRIGGER"Phunziro 5: Onetsetsani kuti mwatumiza mtundu waposachedwa kwambiri wa template
Ndikosavuta kugwiritsa ntchito mtundu wocheperako kuposa waposachedwa kwambiri wa template ya cloudformation, koma kutero kudzawononga kwambiri. Izi zidatichitikira kamodzi: wopanga sanakankhire zosintha zaposachedwa kuchokera ku Git ndipo mosazindikira adatumiza mtundu wakale wa stack. Izi zidapangitsa kuti pulogalamu yomwe idagwiritsa ntchito stack iyi ikhale yochepa.
Chinachake chosavuta monga kuwonjezera cheke kuti muwone ngati nthambiyo ilipo kale musanaipereke kungakhale bwino (poganiza kuti git ndi chida chanu chowongolera):
git fetch
HEADHASH=$(git rev-parse HEAD)
UPSTREAMHASH=$(git rev-parse master@{upstream})
if [[ "$HEADHASH" != "$UPSTREAMHASH" ]] ; then
echo "Branch is not up to date with origin. Aborting"
exit 1
fiPhunziro 6: Osayambitsanso gudumu
Zitha kuwoneka ngati kutumiza ndi cloudformation - ndi zophweka. Mukungofunika zolemba za bash zomwe zikuchita aws cli commands.
Zaka 4 zapitazo ndidayamba ndi zolemba zosavuta zotchedwa aws cloudformation create-stack command. Posakhalitsa script sinalinso yosavuta. Phunziro lililonse lomwe adaphunzira lidapangitsa kuti script ikhale yovuta kwambiri. Sizinali zovuta zokha, komanso zodzaza ndi nsikidzi.
Panopa ndikugwira ntchito mβdipatimenti yaingβono ya IT. Zochitika zawonetsa kuti gulu lirilonse liri ndi njira yakeyake yotumizira ma stacks a cloudformation. Ndipo izo ndi zoipa. Zikanakhala bwino ngati aliyense akanatsatira njira yofanana. Mwamwayi, pali zida zambiri zomwe zilipo kuti zikuthandizeni kutumiza ndi kukonza ma stacks a cloudformation.
Maphunzirowa adzakuthandizani kupewa zolakwika.
Source: www.habr.com