Ke ile ka qala ho sebetsa le cloudformation 4 lilemo tse fetileng. Ho tloha ka nako eo ke robile lisebelisoa tse ngata, esita le tse neng li se li ntse li hlahisoa. Empa nako le nako ha ke ne ke senya ntho e itseng, ke ne ke ithuta ntho e ncha. Ka phihlelo ena, ke tla arolelana tse ling tsa lithuto tsa bohlokoa ka ho fetisisa tseo ke ithutileng tsona.
Thuto ea 1: Liteko li fetoha pele u li sebelisa
Ke ithutile thuto ena hang ka mor'a hore ke qale ho sebetsa le cloudformation. Ha ke hopole hore na hantle-ntle ke ile ka roba eng ka nako eo, empa ka sebele ke hopola hore ke sebelisitse taelo aws cloudformation update. Taelo ena e hlahisa template ntle le netefatso ea liphetoho tse tla sebelisoa. Ha ke nahane hore ho na le tlhaloso e hlokahalang bakeng sa hore na ke hobane'ng ha u lokela ho hlahloba liphetoho tsohle pele u li sebelisa.
Ka mor'a ho hlōleha hona, ke ile ka fetoha hang-hang pipeline ea ho tsamaisoa, ho tlosa taelo ea ntlafatso ka taelo bopa-fetola-sete
# OPERATION is either "UPDATE" or "CREATE"
changeset_id=$(aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "$OPERATION"
--parameters "$PARAMETERS"
--output text
--query Id)
aws cloudformation wait
change-set-create-complete --change-set-name "$changeset_id"
Hang ha phetoho e entsoe, ha e na phello ho stack e teng. Ho fapana le taelo ea ntlafatso, mokhoa oa ho fetola ha o qale ho tsamaisoa. Ho e-na le hoo, e etsa lethathamo la liphetoho tseo u ka li hlahlobang pele u romelloa. U ka sheba liphetoho ho sebopeho sa aws console. Empa haeba u khetha ho iketsetsa tsohle tseo u ka li khonang, joale li hlahlobe ho CLI:
# this command is presented only for demonstrational purposes.
# the real command should take pagination into account
aws cloudformation describe-change-set
--change-set-name "$changeset_id"
--query 'Changes[*].ResourceChange.{Action:Action,Resource:ResourceType,ResourceId:LogicalResourceId,ReplacementNeeded:Replacement}'
--output tableTaelo ena e lokela ho hlahisa tlhahiso e tšoanang le e latelang:
--------------------------------------------------------------------
| DescribeChangeSet |
+---------+--------------------+----------------------+------------+
| Action | ReplacementNeeded | Resource | ResourceId |
+---------+--------------------+----------------------+------------+
| Modify | True | AWS::ECS::Cluster | MyCluster |
| Replace| True | AWS::RDS::DBInstance| MyDB |
| Add | None | AWS::SNS::Topic | MyTopic |
+---------+--------------------+----------------------+------------+Ela hloko ka ho khethehileng liphetoho moo Ketso e leng teng Kenya sebaka, hlakola kapa kae Ho Hlokahala Phetoho - 'Nete. Tsena ke liphetoho tse kotsi ka ho fetisisa 'me hangata li lebisa ho lahleheloa ke boitsebiso.
Ha liphetoho li se li hlahlobiloe, li ka sebelisoa
aws cloudformation execute-change-set --change-set-name "$changeset_id"
operation_lowercase=$(echo "$OPERATION" | tr '[:upper:]' '[:lower:]')
aws cloudformation wait "stack-${operation_lowercase}-complete"
--stack-name "$STACK_NAME"Thuto ea 2: Sebelisa leano la stack ho thibela lisebelisoa tsa mmuso ho nkeloa sebaka kapa ho tlosoa
Ka linako tse ling ho sheba feela liphetoho ha hoa lekana. Kaofela re batho 'me kaofela re etsa liphoso. Nakoana ka mor'a hore re qale ho sebelisa liphetoho, molekane oa ka o ile a etsa ts'ebetso e sa tsebeng e ileng ea fella ka ntlafatso ea database. Ha ho letho le lebe le etsahetseng hobane e ne e le tikoloho ea liteko.
Leha mangolo a rona a ne a bonts'a lethathamo la liphetoho mme a kopa netefatso, phetoho ea Replace e ile ea tlotsoa hobane lenane la liphetoho le ne le le leholo hoo le neng le sa kenelle skrineng. 'Me kaha sena e ne e le ntlafatso e tloaelehileng sebakeng sa liteko, ha hoa ka ha lebisoa tlhokomelo e ngata ho liphetoho.
Ho na le lisebelisoa tseo ho seng mohla u batlang ho li khutlisa kapa ho li tlosa. Tsena ke lits'ebeletso tse felletseng, joalo ka mohlala oa database oa RDS kapa sehlopha sa elasticsearch, joalo-joalo. Ho ka ba monate haeba aws e ka hana ho romelloa ka bo eona haeba ts'ebetso e ntseng e etsoa e ka hloka ho hlakoloa ha sesebelisoa se joalo. Ka lehlohonolo, cloudformation e na le mokhoa o hahelletsoeng oa ho etsa sena. Sena se bitsoa stack policy, 'me u ka bala haholoanyane ka eona ho :
STACK_NAME=$1
RESOURCE_ID=$2
POLICY_JSON=$(cat <<EOF
{
"Statement" : [{
"Effect" : "Deny",
"Action" : [
"Update:Replace",
"Update:Delete"
],
"Principal": "*",
"Resource" : "LogicalResourceId/$RESOURCE_ID"
}]
}
EOF
)
aws cloudformation set-stack-policy --stack-name "$STACK_NAME"
--stack-policy-body "$POLICY_JSON"Thuto ea 3: Sebelisa UsePreviousValue ha u nchafatsa stack ka liparamente tsa lekunutu
Ha o theha mokhatlo oa RDS mysql, AWS e hloka hore u fane ka MasterUsername le MasterUserPassword. Kaha ho molemo hore u se ke ua boloka liphiri mohloling oa mohloli 'me ke ne ke batla ho iketsetsa ntho e' ngoe le e 'ngoe ka ho feletseng, ke ile ka kenya ts'ebetsong "mochine o bohlale" moo pele ho romelloa mangolo a tla fumanoa ho s3, 'me haeba mangolo a sa fumanoe, mangolo a macha a hlahisoa le bolokoa ka s3 .
Lintlha tsena li tla fetisoa joalo ka liparamente ho cloudformation create-change-set command. Ha ke ntse ke etsa liteko ka script, ho ile ha etsahala hore khokahanyo ea s3 e lahlehe, 'me "mochine o bohlale" oa ka o ile oa e nka e le letšoao la ho hlahisa lintlha tse ncha.
Haeba ke ne ke qala ho sebelisa sengoloa sena tlhahisong mme bothata ba khokahano bo etsahala hape, bo ne bo tla nchafatsa stack ka lintlha tse ncha. Tabeng ena, ha ho letho le lebe le tla etsahala. Leha ho le joalo, ke ile ka lahla mokhoa ona 'me ka qala ho sebelisa e' ngoe, ke fana ka lintlha hanngoe feela - ha ke theha stack. 'Me hamorao, ha stack e hloka ho ntlafatsoa, ho e-na le ho hlalosa boleng ba lekunutu ba parameter, ke ne ke tla sebelisa feela. UsePreviousValue=nete:
aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "UPDATE"
--parameters "ParameterKey=MasterUserPassword,UsePreviousValue=true"Thuto ea 4: Sebelisa tlhophiso ea rollback
Sehlopha se seng seo ke neng ke sebetsa le sona se ile sa sebelisa mosebetsi oo cloudformation, bitsoa tlhophiso ya rollback. Ke ne ke e-s'o ka ke e bona pele 'me ka potlako ke ile ka hlokomela hore e tla etsa hore ho tsamaisa mekotla ea ka ho pholile le ho feta. Hona joale ke e sebelisa nako le nako ha ke kenya khoutu ea ka ho lambda kapa ECS ke sebelisa cloudformation.
Kamoo e sebetsang kateng: o hlalosa Alamo ea CloudWatch ka parameter --rollback-configurationha o theha sesebelisoa sa ho fetola. Hamorao, ha o etsa liphetoho tse ngata, aws e beha leihlo alamo bonyane motsotso o le mong. E khutlisetsa ts'ebetsong haeba alamo e fetola boemo ho ALARM nakong ena.
Ka tlase ke mohlala oa setšoantšo sa template cloudformationeo ke bopang ka yona alamo ea cloudwatch, e latedisang metric ya mosebedisi wa leru e le palo ya diphoso ho cloud log (metric e etswa ka MetricFilter):
Resources:
# this metric tracks number of errors in the cloudwatch logs. In this
# particular case it's assumed logs are in json format and the error logs are
# identified by level "error". See FilterPattern
ErrorMetricFilter:
Type: AWS::Logs::MetricFilter
Properties:
LogGroupName: !Ref LogGroup
FilterPattern: !Sub '{$.level = "error"}'
MetricTransformations:
- MetricNamespace: !Sub "${AWS::StackName}-log-errors"
MetricName: Errors
MetricValue: 1
DefaultValue: 0
ErrorAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: !Sub "${AWS::StackName}-errors"
Namespace: !Sub "${AWS::StackName}-log-errors"
MetricName: Errors
Statistic: Maximum
ComparisonOperator: GreaterThanThreshold
Period: 1 # 1 minute
EvaluationPeriods: 1
Threshold: 0
TreatMissingData: notBreaching
ActionsEnabled: yesHona joale alamo e ka sebelisoa e le rollback qala ha u sebelisa lebokose la lithulusi:
ALARM_ARN=$1
ROLLBACK_TRIGGER=$(cat <<EOF
{
"RollbackTriggers": [
{
"Arn": "$ALARM_ARN",
"Type": "AWS::CloudWatch::Alarm"
}
],
"MonitoringTimeInMinutes": 1
}
EOF
)
aws cloudformation create-change-set
--change-set-name "$CHANGE_SET_NAME"
--stack-name "$STACK_NAME"
--template-body "$TPL_PATH"
--change-set-type "UPDATE"
--rollback-configuration "$ROLLBACK_TRIGGER"Thuto ea 5: Etsa bonnete ba hore u sebelisa mofuta oa morao-rao oa thempleite
Ho bonolo ho sebelisa mofuta o fokolang ho feta oa morao-rao oa thempleite ea cloudformation, empa ho etsa joalo ho tla baka tšenyo e ngata. Sena se etsahetse ho rona hang: moqapi ha a ka a sutumelletsa liphetoho tsa morao-rao ho tsoa ho Git mme a sa tsebe a sebelisa mofuta o fetileng oa stack. Sena se ile sa fella ka hore nako e fokotsehe bakeng sa ts'ebeliso e sebelisitseng stack ena.
Ntho e bonolo joalo ka ho kenyelletsa cheke ho bona hore na lekala le ntse le le teng pele le itlama ho tla ba hantle (ho nka hore git ke sesebelisoa sa hau sa taolo ea mofuta):
git fetch
HEADHASH=$(git rev-parse HEAD)
UPSTREAMHASH=$(git rev-parse master@{upstream})
if [[ "$HEADHASH" != "$UPSTREAMHASH" ]] ; then
echo "Branch is not up to date with origin. Aborting"
exit 1
fiThuto ea 6: Se ke oa qapa lebili hape
Ho ka bonahala eka ho tsamaisa le cloudformation - ho bonolo. U hloka feela mangolo a mangata a bash a phethahatsang litaelo tsa aws cli.
Lilemong tse 4 tse fetileng ke ile ka qala ka mangolo a bonolo a bitsoang aws cloudformation create-stack command. Haufinyane mongolo o ne o se o se bonolo. Thuto e 'ngoe le e 'ngoe e ithutoang e ile ea etsa hore mongolo o be thata le ho feta. E ne e se thata feela, empa hape e ne e tletse litšitšili.
Hona joale ke sebetsa lefapheng le lenyenyane la IT. Boiphihlelo bo bonts'itse hore sehlopha ka seng se na le mokhoa oa sona oa ho tsamaisa mekotla ea cloudformation. Mme hoo ho hobe. Ho ne ho tla ba molemo haeba bohle ba ne ba ka nka mokhoa o tšoanang. Ka lehlohonolo, ho na le lisebelisoa tse ngata tse fumanehang ho u thusa ho tsamaisa le ho lokisa li-stacks tsa cloudformation.
Lithuto tsena li tla u thusa ho qoba liphoso.
Source: www.habr.com