Wie installiere ich ein CloudFormation-Helper-Skript auf Ubuntu- oder RHEL-AMIs?

Lösung

Verwende die Vorlage, um das CloudFormation-Helper-Skript für Ubuntu 20.04 LTS-, Ubuntu 22.04 LTS- und RHEL 9-AMIs während des Startvorgangs zu installieren.

Die neuesten Binärdateien des aws-cfn-bootstrap-Pakets findest du in der Referenz zu den CloudFormation-Helper-Skripten.

Verwende die UserData-Eigenschaft der Instance und lade dann das Skript für die AMIs herunter und installiere es. Erstelle für cfn-hup /lib/systemd/system/cfn-hup.service die cfn-hup-Konfigurationsdatei, den cfn-hup-Hook und die systemd-Datei. Verwende für die Serviceaktivierung in systemd die Taste Befehl, um den Service zu starten.

Beispielvorlage:

AWSTemplateFormatVersion: "2010-09-09"

Description: Installing Cloudformation helper scripts in Ubuntu 22.04 LTS

Parameters:
  KeyName:
    Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
    Type: AWS::EC2::KeyPair::KeyName
  Version:
    Description: Ubuntu release version
    Type: String
    AllowedValues:
      - ubuntu2004
      - ubuntu2204
      - Rhel9
  InstanceType:
    Description: WebServer EC2 instance type
    Type: String
    AllowedValues:
      - t1.micro
      - t2.nano
      - t2.micro
      - t2.small
      - t2.medium
      - t2.large
      - m1.small
      - m1.medium
      - m1.large
      - m1.xlarge
      - m2.xlarge
      - m2.2xlarge
      - m2.4xlarge
      - m3.medium
      - m3.large
      - m3.xlarge
      - m3.2xlarge
      - m4.large
      - m4.xlarge
      - m4.2xlarge
      - m4.4xlarge
      - m4.10xlarge
      - c1.medium
      - c1.xlarge
      - c3.large
      - c3.xlarge
      - c3.2xlarge
      - c3.4xlarge
      - c3.8xlarge
      - c4.large
      - c4.xlarge
      - c4.2xlarge
      - c4.4xlarge
      - c4.8xlarge
      - r3.large
      - r3.xlarge
      - r3.2xlarge
      - r3.4xlarge
      - r3.8xlarge
      - i2.xlarge
      - i2.2xlarge
      - i2.4xlarge
      - i2.8xlarge
      - d2.xlarge
      - d2.2xlarge
      - d2.4xlarge
      - d2.8xlarge
      - hs1.8xlarge
      - cr1.8xlarge
      - cc2.8xlarge
    Default: t2.small
    ConstraintDescription: must be a valid EC2 instance type.

  SSHLocation:
    Description: The IP address range that can be used to SSH to the EC2 instances
    Type: String
    Default: 0.0.0.0/0
    MinLength: "9"
    MaxLength: "18"
    AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})
    ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.

  SubnetId:
    Type: AWS::EC2::Subnet::Id
Conditions:
  ubuntu2004Version: !Equals
    - !Ref 'Version'
    - ubuntu2004
  ubuntu2204Version: !Equals
    - !Ref 'Version'
    - ubuntu2204
  RHEL9Version: !Equals
    - !Ref 'Version'
    - Rhel9
  notrhel:
    !Not [!Equals [!Ref Version, Rhel9]]
Mappings:
  AWSRegionArch2004AMI:
    us-east-1:
      HVM64: ami-0149b2da6ceec4bb0
    us-west-2:
      HVM64: ami-0c09c7eb16d3e8e70
    us-west-1:
      HVM64: ami-03f6d497fceb40069
    eu-west-1:
      HVM64: ami-0fd8802f94ed1c969
    eu-west-2:
      HVM64: ami-04842bc62789b682e
    eu-west-3:
      HVM64: ami-064736ff8301af3ee
    eu-central-1:
      HVM64: ami-06148e0e81e5187c8
    ap-northeast-1:
      HVM64: ami-09b18720cb71042df
    ap-northeast-2:
      HVM64: ami-07d16c043aa8e5153
    ap-northeast-3:
      HVM64: ami-09d2f3a31110c6ad4
    ap-southeast-1:
      HVM64: ami-00e912d13fbb4f225
    ap-southeast-2:
      HVM64: ami-055166f8a8041fbf1
    ap-south-1:
      HVM64: ami-024c319d5d14b463e
    us-east-2:
      HVM64: ami-0d5bf08bc8017c83b
    ca-central-1:
      HVM64: ami-043a72cf696697251
    sa-east-1:
      HVM64: ami-00742e66d44c13cd9
  AWSRegionArch2204AMI:
    us-east-1:
      HVM64: ami-08c40ec9ead489470
    us-west-2:
      HVM64: ami-017fecd1353bcc96e
    us-west-1:
      HVM64: ami-02ea247e531eb3ce6
    eu-west-1:
      HVM64: ami-096800910c1b781ba
    eu-west-2:
      HVM64: ami-0f540e9f488cfa27d
    eu-west-3:
      HVM64: ami-0493936afbe820b28
    eu-central-1:
      HVM64: ami-0caef02b518350c8b
    ap-northeast-1:
      HVM64: ami-03f4fa076d2981b45
    ap-northeast-2:
      HVM64: ami-0e9bfdb247cc8de84
    ap-northeast-3:
      HVM64: ami-08c2ee02329b72f26
    ap-southeast-1:
      HVM64: ami-07651f0c4c315a529
    ap-southeast-2:
      HVM64: ami-09a5c873bc79530d9
    ap-south-1:
      HVM64: ami-062df10d14676e201
    us-east-2:
      HVM64: ami-097a2df4ac947655f
    ca-central-1:
      HVM64: ami-0a7154091c5c6623e
    sa-east-1:
      HVM64: ami-04b3c23ec8efcc2d6
  AWSRegionArchRhelAMI:
    us-east-1:
      HVM64: ami-0149b2da6ceec4bb0
    us-west-2:
      HVM64: ami-0c09c7eb16d3e8e70
    us-west-1:
      HVM64: ami-03f6d497fceb40069
    eu-west-1:
      HVM64: ami-0fd8802f94ed1c969
    eu-west-2:
      HVM64: ami-04842bc62789b682e
    eu-west-3:
      HVM64: ami-064736ff8301af3ee
    eu-central-1:
      HVM64: ami-06148e0e81e5187c8
    ap-northeast-1:
      HVM64: ami-09b18720cb71042df
    ap-northeast-2:
      HVM64: ami-07d16c043aa8e5153
    ap-northeast-3:
      HVM64: ami-09d2f3a31110c6ad4
    ap-southeast-1:
      HVM64: ami-00e912d13fbb4f225
    ap-southeast-2:
      HVM64: ami-055166f8a8041fbf1
    ap-south-1:
      HVM64: ami-024c319d5d14b463e
    us-east-2:
      HVM64: ami-0d5bf08bc8017c83b
    ca-central-1:
      HVM64: ami-043a72cf696697251
    sa-east-1:
      HVM64: ami-00742e66d44c13cd9
Resources:
  EC2Instance:
    CreationPolicy:
      ResourceSignal:
        Timeout: PT10M
        Count: "1"
    Type: AWS::EC2::Instance
    Metadata:
      AWS::CloudFormation::Init:
        configSets:
          full_install:
            - install_and_enable_cfn_hup
        install_and_enable_cfn_hup:
          files:
            /etc/cfn/cfn-hup.conf:
              content: !Sub |
                [main]
                stack=${AWS::StackId}
                region=${AWS::Region}
              mode: "000400"
              owner: root
              group: root
            /etc/cfn/hooks.d/cfn-auto-reloader.conf:
              content: !Sub |
                [cfn-auto-reloader-hook]
                triggers=post.update
                path=Resources.EC2Instance.Metadata.AWS::CloudFormation::Init
                action=/opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource EC2Instance --configsets InstallAndRun --region ${AWS::Region}
                runas=root
              mode: "000400"
              owner: root
              group: root
            /lib/systemd/system/cfn-hup.service:
              content: |
                [Unit]
                Description=cfn-hup daemon
                [Service]
                Type=simple
                ExecStart=/usr/local/bin/cfn-hup
                Restart=always
                [Install]
                WantedBy=multi-user.target
          commands:
            01enable_cfn_hup:
              command: systemctl enable cfn-hup.service
            02start_cfn_hup:
              command: systemctl start cfn-hup.service
    Properties:
      InstanceType: !Ref InstanceType
      SubnetId: !Ref SubnetId
      SecurityGroupIds:
        - !GetAtt InstanceSecurityGroup.GroupId
      KeyName: !Ref KeyName
      ImageId: !If
        - ubuntu2004Version
        - !FindInMap
          - AWSRegionArch2004AMI
          - !Ref 'AWS::Region'
          - HVM64
        - !If
          - ubuntu2204Version
          - !FindInMap
            - AWSRegionArch2204AMI
            - !Ref 'AWS::Region'
            - HVM64
          - !FindInMap
            - AWSRegionArchRhelAMI
            - !Ref 'AWS::Region'
            - HVM64
      UserData:
        !If
          - notrhel
          - Fn::Base64:
              Fn::Sub: |
                #!/bin/bash -xe
                sudo apt-get update -y
                sudo apt-get -y install python3-pip
                mkdir -p /opt/aws/
                sudo pip3 install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz
                sudo ln -s /usr/local/init/ubuntu/cfn-hup /etc/init.d/cfn-hup
                /usr/local/bin/cfn-init -v --stack ${AWS::StackName} --resource EC2Instance --configsets full_install --region ${AWS::Region}
                /usr/local/bin/cfn-signal -e $?  --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region}
          - Fn::Base64:
              Fn::Sub: |
                #!/bin/bash -xe
                sudo apt-get update -y
                sudo apt-get -y install python3-pip
                mkdir -p /opt/aws/
                sudo pip3 install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz
                sudo ln -s /usr/local/init/ubuntu/cfn-hup /etc/init.d/cfn-hup
                /usr/local/bin/cfn-init -v --stack ${AWS::StackName} --resource EC2Instance --configsets full_install --region ${AWS::Region}
                /usr/local/bin/cfn-signal -e $?  --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region}

  InstanceSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Enable SSH access via port 22
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: "22"
          ToPort: "22"
          CidrIp: !Ref SSHLocation

Hinweis: Verwende multi-user.target, um systemd zu einer Abhängigkeit von einem vorhandenen Boot-Ziel zu machen.

Nachdem du den Stack erstellt hast, stelle eine Verbindung zur Instance her.

Um zu bestätigen, dass der Service cfn-hup nach dem Start des Stacks gestartet wird, führe den folgenden Befehl aus:

systemctl status cfn-hup

Beispielausgabe:

cfn-hup.service - cfn-hup daemon   Loaded: loaded (/usr/lib/systemd/system/cfn-hup.service; enabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-10-12 08:10:26 EDT; 1min 11s ago
 Main
PID: 4852 (cfn-hup)
   CGroup: /system.slice/cfn-hup.service            
           └─4852 /usr/bin/python /opt/aws/bin/cfn-hup
Oct 12 08:10:26 ip-172-31-44-180.ec2.internal systemd[1]: Started cfn-hup daemon.
Oct 12 08:10:26 ip-172-31-44-180.ec2.internal systemd[1]: Starting cfn-hup daemon...