0
AWS CloudFormation 스크립트를 작성하여 EC2 인스턴스를 작성하고 있습니다. 일부 패키지를 설치하고 일부 repos를 다운로드하고 일부 스크립트를 실행하여 인스턴스를 프로비저닝하고 싶습니다. Amazon은 UserData 필드를 사용하여 CloudFormation에서이 작업을 수행 할 수 있다고 말합니다. 그러나, 그것은 전혀 작동하지 않는 것 같습니다. 여기 AWS CloudFormation 'UserData'가 작동하지 않는 것 같습니다.
내가 현재 함께 일하고 있어요 무엇 :DWHServer:
Type: "AWS::EC2::Instance"
Properties:
DisableApiTermination: false # no termination protection
EbsOptimized: false # optimize for elastic block store
IamInstanceProfile: !Ref DWHServerIAMIP
ImageId: "ami-5189a661" # ubunty-trusty-14.04-amd64-server-20150325
InstanceInitiatedShutdownBehavior: "terminate"
InstanceType: "t2.medium"
KeyName: !FindInMap [EnvMap, KeyPair, !Ref EnvType]
Monitoring: true
SecurityGroupIds:
- !Ref DWHServerSG
SourceDestCheck: true # ??
SubnetId: "subnet-aed2ecf6" # Stage-etl-2c
UserData: !Base64
"Fn::Join": ["", ["#!/bin/bash -xe\n", "touch ~/confirm_work.txt\n"]]
이 가장 간단한 예입니다. 파일이 실행되고 있음을 증명하기를 원합니다. 하지만 그렇게하지는 않습니다. 문서에서는 /var/log/cloud-init-output.log이라는 것을 보려고합니다. 거기를 보았지만 UserData에 대해서는 아무 것도 보지 않았습니다. 일종의 네트워크 오류가있는 것처럼 보이지만이를 해석하는 방법이나 그에 대한 조치를 잘 모르겠습니다. 모든 팁 크게 감사하겠습니다
Cloud-init v. 0.7.5 running 'init-local' at Sat, 04 Mar 2017 02:40:07 +0000. Up 3.85 seconds.
Cloud-init v. 0.7.5 running 'init' at Sat, 04 Mar 2017 02:40:09 +0000. Up 6.01 seconds.
ci-info: +++++++++++++++++++++++++Net device info+++++++++++++++++++++++++
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: | Device | Up | Address | Mask | Hw-Address |
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: | lo | True | 127.0.0.1 | 255.0.0.0 | . |
ci-info: | eth0 | True | 10.0.7.84 | 255.255.255.0 | 0a:3a:b0:a4:96:5d |
ci-info: +--------+------+-----------+---------------+-------------------+
ci-info: ++++++++++++++++++++++++++++++Route info++++++++++++++++++++++++++++++
ci-info: +-------+-------------+----------+---------------+-----------+-------+
ci-info: | Route | Destination | Gateway | Genmask | Interface | Flags |
ci-info: +-------+-------------+----------+---------------+-----------+-------+
ci-info: | 0 | 0.0.0.0 | 10.0.7.1 | 0.0.0.0 | eth0 | UG |
ci-info: | 1 | 10.0.7.0 | 0.0.0.0 | 255.255.255.0 | eth0 | U |
ci-info: +-------+-------------+----------+---------------+-----------+-------+
Mar 4 02:40:11 ubuntu pollinate[723]: ERROR: Network communication failed [60]\n02:40:10.394529 * Hostname was NOT found in DNS cache
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
^M 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 002:40:10.407240 * Trying 91.189.94.24...
02:40:10.550022 * Connected to entropy.ubuntu.com (91.189.94.24) port 443 (#0)
02:40:10.551661 * successfully set certificate verify locations:
02:40:10.551698 * CAfile: /etc/pollinate/entropy.ubuntu.com.pem
CApath: /dev/null
02:40:10.551804 * SSLv3, TLS handshake, Client hello (1):
02:40:10.551832 } [data not shown]
02:40:10.711080 * SSLv3, TLS handshake, Server hello (2):
02:40:10.711129 { [data not shown]
02:40:10.711191 * SSLv3, TLS handshake, CERT (11):
02:40:10.711216 { [data not shown]
02:40:10.711490 * SSLv3, TLS alert, Server hello (2):
02:40:10.711520 } [data not shown]
02:40:10.711602 * SSL certificate problem: unable to get local issuer certificate
^M 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
02:40:10.711732 * Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html
curl performs SSL certificate verification by default, using a "bundle"
of Certificate Authority (CA) public keys (CA certs). If the default
bundle file isn't adequate, you can specify an alternate file
using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a
problem with the certificate (it might be expired, or the name might
not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
the -k (or --insecure) option.
2017-03-04 02:40:11,144 - util.py[WARNING]: Running seed_random (<module 'cloudinit.config.cc_seed_random' from '/usr/lib/python2.7/dist-packages/cloudinit/config/cc_seed_random.pyc'>) failed
Generating public/private rsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
0c:54:09:ab:bc:b8:63:b5:6c:d2:d5:47:21:4a:38:6f [email protected]
The key's randomart image is:
+--[ RSA 2048]----+
| .oo.. |
| o...o . |
| +o. . . |
| . .Eo . |
| o. .S. |
| .... . . |
| .+.o . |
| +.= |
| ..+ |
+-----------------+
Generating public/private dsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_dsa_key.
Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub.
The key fingerprint is:
89:26:94:17:79:6d:45:15:fc:5f:37:95:31:2e:e9:f7 [email protected]
The key's randomart image is:
+--[ DSA 1024]----+
| .. . oooo+o|
| .... o +.o|
| o .. . o o.|
| . . . . . ..+|
| . o S . .=|
| o . o|
| E|
| |
| |
+-----------------+
Generating public/private ecdsa key pair.
Your identification has been saved in /etc/ssh/ssh_host_ecdsa_key.
Your public key has been saved in /etc/ssh/ssh_host_ecdsa_key.pub.
The key fingerprint is:
af:a2:c7:b3:95:5c:17:2e:ce:69:b3:f6:39:c7:67:91 [email protected]
The key's randomart image is:
+--[ECDSA 256]---+
| |
| |
| . |
| . . |
| S o o .|
| . * + E |
| . + B . .|
| =. o.o..o o|
| .o.+....oo o |
+-----------------+
Cloud-init v. 0.7.5 running 'modules:config' at Sat, 04 Mar 2017 02:40:14 +0000. Up 11.53 seconds.
Generating locales... en_US.UTF-8... up-to-date
Generation complete.
Cloud-init v. 0.7.5 running 'modules:final' at Sat, 04 Mar 2017 02:40:17 +0000. Up 13.61 seconds.
+ touch /root/confirm_work.txt
Cloud-init v. 0.7.5 finished at Sat, 04 Mar 2017 02:40:17 +0000. Datasource DataSourceEc2. Up 13.83 seconds
: 여기
인스턴스에 클라우드 초기화-output.log 파일의 내용입니다. 감사!
인스턴스의 시스템 로그를 확인 했습니까? EC2 콘솔에서 인스턴스를 선택한 다음, 작업 -> 인스턴스 설정 -> 시스템 로그 얻기 – spg
시스템 로그를보고 cloud-init-output.log 파일이 부팅 후 동일한 정보를 제공합니다. 그래도 제안에 감사드립니다! – bgenchel