UserData:
'Fn::Base64': |
#!/bin/bash
yum -y install docker
dockerd
docker pull apache/superset
在上面提到的Cloudformation UserData标签中:一切正常,直到dockerd。docker pull命令未执行。模板不会生成任何错误。但是,当我ssh到cloudformation模板创建的ec2实例中时,我看不到docker映像。我可以在ec2上手动运行docker pull <image>,它可以工作。
从云形成模板中从ec2上的docker hub(而不是ECR(提取图像需要任何特定设置吗?
我的整个CF模板供参考:
Parameters:
InstanceType:
Type: String
Default: t2.micro
Description: Enter instance size. Default is t3a.medium.
AllowedValues: # dropdown options
- t1.nano
- t1.micro
- t2.micro
Key:
Type: AWS::EC2::KeyPair::KeyName
Default: aseem-ec2-eu-west-1
Description: The key used to access the instance.
Mappings:
AmiIdForRegion:
us-east-1:
AMI: ami-04ad2567c9e3d7893
eu-west-1:
AMI: ami-09d4a659cdd8677be
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 172.34.0.0/16
EnableDnsSupport: true
EnableDnsHostnames: true
InstanceTenancy: default
Tags:
- Key: Name
Value: Linux VPC
InternetGateway:
Type: AWS::EC2::InternetGateway
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
SubnetA:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: eu-west-1a
VpcId: !Ref VPC
CidrBlock: 172.34.1.0/24
MapPublicIpOnLaunch: true
RouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
InternetRoute:
Type: AWS::EC2::Route
DependsOn:
- InternetGateway
- VPCGatewayAttachment
Properties:
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
RouteTableId: !Ref RouteTable
SubnetARouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref RouteTable
SubnetId: !Ref SubnetA
SecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: Enable HTTP access via port 80
GroupName: superset-ec2-security-group-3
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 8080 # HTTP- port 80
ToPort: 8080
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22 # ssh
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
SecurityGroupEgress: # all external traffic
- IpProtocol: -1
CidrIp: 0.0.0.0/0
ElasticIP:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
InstanceId: !Ref LinuxEc2
LinuxEc2:
Type: AWS::EC2::Instance
Properties:
SubnetId: !Ref SubnetA
SecurityGroupIds:
- !Ref SecurityGroup
ImageId: !FindInMap [ AmiIdForRegion,!Ref AWS::Region,AMI ]
KeyName: !Ref Key
InstanceType: !Ref InstanceType
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: 100
Tags:
- Key: Name # naming your instance
Value: superset-6
UserData:
'Fn::Base64': |
#!/bin/bash
yum -y install docker
dockerd
docker pull apache/superset
Outputs:
PublicDnsName:
Value: !GetAtt LinuxEc2.PublicDnsName
PublicIp:
Value: !GetAtt LinuxEc2.PublicIp
您不应该在用户数据中执行dockerd。这将启动docker守护进程并冻结进一步的执行。相反,它应该是:
UserData:
'Fn::Base64': |
#!/bin/bash
yum -y install docker
systemctl enable docker
systemctl start docker
docker pull apache/superset