我正在尝试启动一个 EC2 实例,并通过 cloudformation 附加一个弹性 IP。我有一个 YAML 文件,用于启动 EC2 实例并在启动后通过 UserData 属性 (AWS::EC2::Instance) 运行代码。然后,它通过 AWS::EC2::EIPAssociation 关联 IP。然而,这个订单不符合我的要求。我想先关联然后运行脚本,因为我的脚本实际上依赖于与之关联的IP。
有人知道如何先关联IP,然后通过YAML运行脚本吗?是否可以选择在 AWS::EC2::Instance 中定义弹性 IP?
您可以使用选项先创建 ENI > 将 EIP 与其关联 > 在启动期间使用此 ENI 作为实例的主接口。这样,您的 EC2 将提供关联的 EIP,从而可以访问互联网来处理用户数据。在下面的例子中,我也在进行EIP分配。如果您的情况不需要这样做,请对
EC2EIP
部分进行更改。
Metadata:
TemplateId: EC2 With EIP
Parameters:
EC2AmazonLinuxAMIID:
Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2
EC2Subnet:
Type: AWS::EC2::Subnet::Id
Description: Subnet to launch EC2
EC2VPC:
Type: AWS::EC2::VPC::Id
Description: VPC to launch EC2
KeyName:
Type: AWS::EC2::KeyPair::KeyName
Description: Key Pair to login
Resources:
EC2EIP:
Type: AWS::EC2::EIP
Properties:
PublicIpv4Pool: amazon
Domain: vpc
Tags:
- Key: Name
Value: EIP EC2
EC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: EC2 Security Group
VpcId: !Ref EC2VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '3389'
ToPort: '3389'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '80'
ToPort: '80'
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: '443'
ToPort: '443'
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: '-1'
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-EC2SecurityGroup"
EC2ENI:
Type: AWS::EC2::NetworkInterface
Properties:
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-EC2ENI"
Description: EC2 Network Interface
SourceDestCheck: 'false'
GroupSet:
- !Ref EC2SecurityGroup
SubnetId: !Ref EC2Subnet
EC2ENIAssociation:
Type: AWS::EC2::EIPAssociation
Properties:
NetworkInterfaceId: !Ref EC2ENI
AllocationId: !GetAtt EC2EIP.AllocationId
EC2Instance:
Type: AWS::EC2::Instance
DependsOn:
- EC2ENI
- EC2ENIAssociation
Properties:
InstanceType: t2.micro
ImageId: !Ref EC2AmazonLinuxAMIID
KeyName: !Ref KeyName
NetworkInterfaces:
- NetworkInterfaceId: !Ref EC2ENI
DeviceIndex: 0
UserData:
Fn::Base64: !Sub |
#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "Hello World from EC2 Instance" > /var/www/html/index.html
Tags:
- Key: Name
Value: !Sub "${AWS::StackName}-EC2Instance"
这允许您选择 VPC、子网作为参数。然后它从 Amazon 池中提取 EIP 并与 ENI 关联。接下来,启动一个EC2,上面提到了这个ENI。按照这个顺序,关联EIP后会触发
User-Data
。