Na amata ona ou galue ma fa'aao 4 tausaga talu ai. Talu mai lena taimi ua ou talepeina le tele o atinaʻe, e oʻo lava i mea ua uma ona gaosia. Ae o taimi uma lava ou te faaseseina ai se mea, sa ou aoaoina se mea fou. E ala i lenei aafiaga, o le a ou faasoa atu ai nisi o lesona sili ona taua sa ou aoaoina.
Lesona 1: Su'ega su'ega a'o le'i fa'aogaina
Sa ou aoaoina lenei lesona i le taimi lava na amata ai ona ou galue fa'aao. Ou te le manatua le mea tonu na ou gau ai, ae ou te manatua lelei na ou faaaogaina le poloaiga fa'afouga aws cloudformation. O lenei fa'atonuga na'o le ta'avaleina o le fa'ata'ita'iga e aunoa ma se fa'amaoniga o suiga o le a tu'uina atu. Ou te le manatu e manaʻomia se faʻamatalaga pe aisea e tatau ai ona e suʻeina suiga uma aʻo leʻi faʻapipiʻiina.
Ina ua uma lenei toilalo, sa vave ona ou sui afaina o le faʻaleleia, sui le poloaiga fa'afou i le fa'atonuga faia-suia-set
# OPERATION is either "UPDATE" or "CREATE"
changeset_id=$(aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "$OPERATION"
--parameters "$PARAMETERS"
--output text
--query Id)
aws cloudformation wait
change-set-create-complete --change-set-name "$changeset_id"
O le taimi lava e fai ai se suiga, e leai se aoga i le faaputuga oi ai nei. E le pei o le faʻafouina o le faʻatonuga, o le suiga ole auala e le faʻaosoina ai le faʻapipiʻiina moni. Nai lo lena, e fatuina ai se lisi o suiga e mafai ona e toe iloiloina aʻo leʻi faʻapipiʻiina. E mafai ona e va'ai i suiga ile aws console interface. Ae afai e te manaʻo e faʻaogaina mea uma e te mafaia, ona siaki lea i le CLI:
# this command is presented only for demonstrational purposes.
# the real command should take pagination into account
aws cloudformation describe-change-set
--change-set-name "$changeset_id"
--query 'Changes[*].ResourceChange.{Action:Action,Resource:ResourceType,ResourceId:LogicalResourceId,ReplacementNeeded:Replacement}'
--output tableO lenei poloaiga e tatau ona maua ai galuega e pei o mea nei:
--------------------------------------------------------------------
| DescribeChangeSet |
+---------+--------------------+----------------------+------------+
| Action | ReplacementNeeded | Resource | ResourceId |
+---------+--------------------+----------------------+------------+
| Modify | True | AWS::ECS::Cluster | MyCluster |
| Replace| True | AWS::RDS::DBInstance| MyDB |
| Add | None | AWS::SNS::Topic | MyTopic |
+---------+--------------------+----------------------+------------+Totogi faʻapitoa i suiga o loʻo i ai le Action Sui, aveese po o fea Suiga Manaomia - Moni. O suiga ia e sili ona mata'utia ma e masani ona i'u ai i le leiloa o fa'amatalaga.
O le taimi lava e toe iloilo ai suiga, e mafai ona faʻapipiʻiina
aws cloudformation execute-change-set --change-set-name "$changeset_id"
operation_lowercase=$(echo "$OPERATION" | tr '[:upper:]' '[:lower:]')
aws cloudformation wait "stack-${operation_lowercase}-complete"
--stack-name "$STACK_NAME"Lesona 2: Fa'aaoga faiga fa'aputuga e puipuia ai punaoa fa'apitoa mai le suia pe aveese
O nisi taimi na o le matamata i suiga e le lava. O tatou uma lava o tagata ma tatou te faia uma lava mea sese. E le'i leva talu ona amata ona matou fa'aogaina suiga, na faia ma le le iloa e la'u 'au se fa'agaioiga na i'u ai i se fa'afouga fa'amaumauga. E leai se mea leaga na tupu ona o se siosiomaga faʻataʻitaʻi.
E ui lava ina faʻaalia e a matou tusitusiga se lisi o suiga ma talosagaina se faʻamaoniga, o le Suiga suiga na misi ona o le lisi o suiga e matua tele na le fetaui i luga o le lau. Ma talu ai o se faʻafouga masani lea i se siosiomaga faʻataʻitaʻiga, e leʻi tele se gauai atu i suiga.
E iai punaoa e te le manaʻo e sui pe aveese. O 'au'aunaga tu'ufa'atasi ia, e pei o le RDS database instance po'o se elasticsearch cluster, ma isi. E manaia pe a aws e otometi lava ona teena le fa'aogaina pe a fai o le taotoga e mana'omia le tapeina o sea punaoa. O le mea e laki ai, o le cloudformation o loʻo i ai se auala faʻapipiʻi e fai ai lenei mea. E ta'ua lea o le stack policy, ma e mafai ona e faitau atili i ai i totonu :
STACK_NAME=$1
RESOURCE_ID=$2
POLICY_JSON=$(cat <<EOF
{
"Statement" : [{
"Effect" : "Deny",
"Action" : [
"Update:Replace",
"Update:Delete"
],
"Principal": "*",
"Resource" : "LogicalResourceId/$RESOURCE_ID"
}]
}
EOF
)
aws cloudformation set-stack-policy --stack-name "$STACK_NAME"
--stack-policy-body "$POLICY_JSON"Lesona 3: Fa'aaoga le UsePreviousValue pe a fa'afou se fa'aputuga fa'atasi ma fa'alilolilo
A e fatuina se RDS mysql entity, AWS e manaʻomia oe e tuʻuina atu se MasterUsername ma MasterUserPassword. Talu ai e sili atu le aua neʻi teuina mealilo i le faʻailoga autu ma sa ou manaʻo e faʻaogaina mea uma lava, na ou faʻatinoina se "atamai masini" lea aʻo leʻi tuʻuina atu faʻamatalaga o le a maua mai le s3, ma afai e le maua faʻamaoniga, o faʻamatalaga fou e gaosia ma teuina i le s3.
O nei fa'amaoniga o le a pasi atu e fai ma tapula'a i le cloudformation create-change-set command. Aʻo faʻataʻitaʻiina le tusitusiga, na tupu na leiloa le fesoʻotaʻiga i le s3, ma o laʻu "atamai masini" na faʻaaogaina o se faʻailoga e maua ai ni faʻamatalaga fou.
Afai na amata ona ou faʻaogaina lenei tusitusiga i le gaosiga ma toe tupu le faʻafitauli fesoʻotaʻiga, o le a faʻafouina le faaputuga ma ni faʻamatalaga fou. I lenei tulaga faapitoa, e leai se mea leaga e tupu. Ae ui i lea, na ou lafoaia lenei auala ma amata ona faʻaaogaina se isi, tuʻuina atu faʻamaoniga naʻo le tasi - pe a fatuina le faaputuga. Ma mulimuli ane, pe a manaʻomia le faʻafouina o le faaputuga, nai lo le faʻamaonia o le taua faalilolilo o le parakalafa, ou te faʻaaogaina UsePreviousValue=moni:
aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "UPDATE"
--parameters "ParameterKey=MasterUserPassword,UsePreviousValue=true"Lesona 4: Fa'aoga le fa'atulagaina o le toe fa'afo'i
O le isi au sa matou galulue faatasi na faʻaaogaina le galuega fa'aaovalaau fa'atonuga toe fa'afo'i. Ou te le'i tau i ai muamua ma na vave ona ou iloaina o le a sili atu le malulu o le fa'apipi'iina o a'u faaputuga. O lea ou te faʻaaogaina i taimi uma ou te faʻaogaina ai laʻu code i lambda poʻo le ECS e faʻaaoga ai le cloudformation.
Auala e galue ai: e te faʻamaonia Fa'ailo CloudWatch i le parameter --rollback-configurationpe a e faia se suiga. Mulimuli ane, a e faia se seti o suiga, e mata'ituina e le aws le fa'ailo mo le itiiti ifo ma le tasi le minute. E toe fa'afo'i i tua le fa'aogaina pe a suia le fa'ailo i le ALARM i lea taimi.
O lo'o i lalo se fa'ata'ita'iga o se fa'ata'ita'iga siki fa'aaolea ou te faia ai fa'ailo uati, o lo'o fa'amauina se fua fa'aoga o le ao e pei o le numera o mea sese i totonu o fa'amaumauga ao (o le metric e gaosia e ala i MetricFilter):
Resources:
# this metric tracks number of errors in the cloudwatch logs. In this
# particular case it's assumed logs are in json format and the error logs are
# identified by level "error". See FilterPattern
ErrorMetricFilter:
Type: AWS::Logs::MetricFilter
Properties:
LogGroupName: !Ref LogGroup
FilterPattern: !Sub '{$.level = "error"}'
MetricTransformations:
- MetricNamespace: !Sub "${AWS::StackName}-log-errors"
MetricName: Errors
MetricValue: 1
DefaultValue: 0
ErrorAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: !Sub "${AWS::StackName}-errors"
Namespace: !Sub "${AWS::StackName}-log-errors"
MetricName: Errors
Statistic: Maximum
ComparisonOperator: GreaterThanThreshold
Period: 1 # 1 minute
EvaluationPeriods: 1
Threshold: 0
TreatMissingData: notBreaching
ActionsEnabled: yesO lenei Fa'ailoga e mafai ona faʻaaogaina e pei o tua fa'aoso pe a fa'atino le pusa meafaigaluega:
ALARM_ARN=$1
ROLLBACK_TRIGGER=$(cat <<EOF
{
"RollbackTriggers": [
{
"Arn": "$ALARM_ARN",
"Type": "AWS::CloudWatch::Alarm"
}
],
"MonitoringTimeInMinutes": 1
}
EOF
)
aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "UPDATE"
--rollback-configuration "$ROLLBACK_TRIGGER"Lesona 5: Ia mautinoa e te fa'apipi'iina le fa'ata'ita'iga fou
E faigofie ona fa'apipi'i se fa'ata'ita'iga fa'aonaponei, ae o le faia o lea mea o le a fa'aleagaina ai. Na tupu lenei mea ia i matou i se tasi taimi: e leʻi tuleia e se tagata faʻapipiʻi suiga lata mai mai Git ma faʻapipiʻiina ma le le iloa se faʻasologa muamua o le faaputuga. O le mea lea na i'u ai i le taimi fa'aletonu mo le talosaga na fa'aogaina lenei fa'aputuga.
O se mea faigofie e pei o le faʻaopoopoina o se siaki e vaʻai ai pe o le paranesi o loʻo faʻafou aʻo leʻi tuʻuina atu o le a lelei (faʻapea o le git o lau meafaigaluega e pulea ai):
git fetch
HEADHASH=$(git rev-parse HEAD)
UPSTREAMHASH=$(git rev-parse master@{upstream})
if [[ "$HEADHASH" != "$UPSTREAMHASH" ]] ; then
echo "Branch is not up to date with origin. Aborting"
exit 1
fiLesona 6: Aua le toe fa'afouina le uili
E foliga mai e fa'apipi'i fa'atasi ma fa'aao - e faigofie. E na'o lou mana'omia o le tele o fa'amaumauga bash e fa'atino ai aws cli fa'atonuga.
4 tausaga talu ai na ou amata i tusitusiga faigofie e taʻua o le aws cloudformation create-stack command. E lei umi ae le toe faigofie le mau. O lesona taitasi na a'oa'oina na atili ai ona lavelave le mau. Sa le gata ina faigata, ae sa tumu foi i mea sese.
Ou te faigaluega nei i se tamai matagaluega IT. O le poto masani ua fa'aalia ai e tofu le 'au ma lana lava auala e fa'apipi'i ai faaputuga cloudformation. Ma e leaga lena mea. E sili atu pe a tutusa le auala e faia e tagata uma. O le mea e laki ai, e tele meafaigaluega o loʻo avanoa e fesoasoani ia te oe e faʻapipiʻi ma faʻapipiʻi faʻapipiʻi cloudformation.
O nei lesona o le a fesoasoani ia te oe e aloese ai mai mea sese.
puna: www.habr.com