我正在使用以下云形成脚本来创建新的ECS集群
*{
"AWSTemplateFormatVersion":"2010-09-09","Parameters":{
"KeyName":{
"Type":"AWS::EC2::KeyPair::KeyName","Description":"Name of an existing EC2 KeyPair to enable SSH access to the ECS instances."
},"VpcId":{
"Type":"AWS::EC2::VPC::Id","Description":"Select a VPC that allows instances to access the Internet."
},"SubnetId":{
"Type":"List<AWS::EC2::Subnet::Id>","Description":"Select at two subnets in your selected VPC."
},"DesiredCapacity":{
"Type":"Number","Default":"1","Description":"Number of instances to launch in your ECS cluster."
},"MaxSize":{
"Type":"Number","Description":"Maximum number of instances that can be launched in your ECS cluster."
},"InstanceType":{
"Description":"EC2 instance type","Type":"String","Default":"t2.micro","AllowedValues":[
"t2.micro","t2.small","t2.medium","t2.large","m3.medium","m3.large","m3.xlarge","m3.2xlarge","m4.large","m4.xlarge","m4.2xlarge","m4.4xlarge","m4.10xlarge","c4.large","c4.xlarge","c4.2xlarge","c4.4xlarge","c4.8xlarge","c3.large","c3.xlarge","c3.2xlarge","c3.4xlarge","c3.8xlarge","r3.large","r3.xlarge","r3.2xlarge","r3.4xlarge","r3.8xlarge","i2.xlarge","i2.2xlarge","i2.4xlarge","i2.8xlarge"
],"ConstraintDescription":"Please choose a valid instance type."
}
},"Mappings":{
"AWSRegionToamI":{
"us-east-1":{
"AMIID":"ami-0c65e6401a50512c5"
}
}
},"Resources":{
"ECSCluster":{
"Type":"AWS::ECS::Cluster"
},"EcsSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup","Properties":{
"GroupDescription":"ECS Security Group","VpcId":{
"Ref":"VpcId"
}
}
},"EcsSecurityGroupHTTPinbound":{
"Type":"AWS::EC2::SecurityGroupIngress","Properties":{
"GroupId":{
"Ref":"EcsSecurityGroup"
},"IpProtocol":"tcp","FromPort":"80","ToPort":"80","CidrIp":"0.0.0.0/0"
}
},"EcsSecurityGroupSSHinbound":{
"Type":"AWS::EC2::SecurityGroupIngress","FromPort":"22","ToPort":"22","EcsSecurityGroupALBports":{
"Type":"AWS::EC2::SecurityGroupIngress","FromPort":"31000","ToPort":"61000","SourceSecurityGroupId":{
"Ref":"EcsSecurityGroup"
}
}
},"CloudwatchLogsGroup":{
"Type":"AWS::Logs::LogGroup","Properties":{
"LogGroupName":{
"Fn::Join":[
"-",[
"ECSLogGroup",{
"Ref":"AWS::StackName"
}
]
]
},"RetentionInDays":14
}
},"taskdefinition":{
"Type":"AWS::ECS::TaskDefinition","Properties":{
"Family":{
"Fn::Join":[
"",[
{
"Ref":"AWS::StackName"
},"-ecs-demo-app"
]
]
},"ContainerDefinitions":[
{
"Name":"simple-app","Cpu":"10","Essential":"true","Image":"httpd:2.4","Memory":"300","LogConfiguration":{
"LogDriver":"awslogs","Options":{
"awslogs-group":{
"Ref":"CloudwatchLogsGroup"
},"awslogs-region":{
"Ref":"AWS::Region"
},"awslogs-stream-prefix":"ecs-demo-app"
}
},"MountPoints":[
{
"ContainerPath":"/usr/local/apache2/htdocs","SourceVolume":"my-vol"
}
],"PortMappings":[
{
"ContainerPort":80
}
]
},{
"Name":"busybox","Cpu":10,"Command":[
"/bin/sh -c \"while true; do echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p>' > top; /bin/date > date ; echo '</div></body></html>' > bottom; cat top date bottom > /usr/local/apache2/htdocs/index.html ; sleep 1; done\""
],"EntryPoint":[
"sh","-c"
],"Essential":false,"Image":"busybox","Memory":200,"VolumesFrom":[
{
"SourceContainer":"simple-app"
}
]
}
],"Volumes":[
{
"Name":"my-vol"
}
]
}
},"ECSALB":{
"Type":"AWS::ElasticLoadBalancingV2::LoadBalancer","Properties":{
"Name":"ECSALB","Scheme":"internet-facing","LoadBalancerAttributes":[
{
"Key":"idle_timeout.timeout_seconds","Value":"30"
}
],"Subnets":{
"Ref":"SubnetId"
},"SecurityGroups":[
{
"Ref":"EcsSecurityGroup"
}
]
}
},"ALBListener":{
"Type":"AWS::ElasticLoadBalancingV2::Listener","DependsOn":"ECSServiceRole","Properties":{
"Defaultactions":[
{
"Type":"forward","TargetGroupArn":{
"Ref":"ECSTG"
}
}
],"LoadBalancerArn":{
"Ref":"ECSALB"
},"Port":"80","Protocol":"HTTP"
}
},"ECSALBListenerRule":{
"Type":"AWS::ElasticLoadBalancingV2::ListenerRule","DependsOn":"ALBListener","Properties":{
"actions":[
{
"Type":"forward","Conditions":[
{
"Field":"path-pattern","Values":[
"/"
]
}
],"ListenerArn":{
"Ref":"ALBListener"
},"Priority":1
}
},"ECSTG":{
"Type":"AWS::ElasticLoadBalancingV2::TargetGroup","DependsOn":"ECSALB","Properties":{
"HealthCheckintervalSeconds":10,"HealthCheckPath":"/","HealthCheckProtocol":"HTTP","HealthCheckTimeoutSeconds":5,"HealthyThresholdCount":2,"Name":"ECSTG","Port":80,"Protocol":"HTTP","UnhealthyThresholdCount":2,"ECSAutoScalingGroup":{
"Type":"AWS::AutoScaling::AutoScalingGroup","Properties":{
"VPCZoneIdentifier":{
"Ref":"SubnetId"
},"LaunchConfigurationName":{
"Ref":"ContainerInstances"
},"MinSize":"1","MaxSize":{
"Ref":"MaxSize"
},"DesiredCapacity":{
"Ref":"DesiredCapacity"
}
},"CreationPolicy":{
"ResourceSignal":{
"Timeout":"PT300M"
}
},"UpdatePolicy":{
"AutoScalingReplacingUpdate":{
"WillReplace":"true"
}
}
},"ContainerInstances":{
"Type":"AWS::AutoScaling::LaunchConfiguration","Properties":{
"ImageId":{
"Fn::FindInmap":[
"AWSRegionToamI",{
"Ref":"AWS::Region"
},"AMIID"
]
},"SecurityGroups":[
{
"Ref":"EcsSecurityGroup"
}
],"InstanceType":{
"Ref":"InstanceType"
},"IamInstanceProfile":{
"Ref":"EC2InstanceProfile"
},"KeyName":{
"Ref":"KeyName"
},"UserData":{
"Fn::Base64": {
"Fn::Join": [
"",[
"#!/bin/bash\n","# Install the files and packages from the metadata\n","sudo /opt/aws/bin/cfn-init -v "," --stack ",{
"Ref": "AWS::StackName"
}," --resource ContainerInstances "," --region ",{
"Ref": "AWS::Region"
},"\n","sudo yum -y update \n","# Signal the status from cfn-init\n","sudo /opt/aws/bin/cfn-signal -e $? "," --resource ECSAutoScalingGroup ","\n"
]
]
}
}
}
},"service":{
"Type":"AWS::ECS::Service","Properties":{
"Cluster":{
"Ref":"ECSCluster"
},"DesiredCount":"1","LoadBalancers":[
{
"ContainerName":"simple-app","ContainerPort":"80","Role":{
"Ref":"ECSServiceRole"
},"TaskDefinition":{
"Ref":"taskdefinition"
}
}
},"ECSServiceRole":{
"Type":"AWS::IAM::Role","Properties":{
"AssumeRolePolicyDocument":{
"Statement":[
{
"Effect":"Allow","Principal":{
"Service":[
"ecs.amazonaws.com"
]
},"action":[
"sts:AssumeRole"
]
}
]
},"Path":"/","Policies":[
{
"PolicyName":"ecs-service","PolicyDocument":{
"Statement":[
{
"Effect":"Allow","action":[
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer","elasticloadbalancing:DeregisterTargets","elasticloadbalancing:Describe*","elasticloadbalancing:RegisterInstancesWithLoadBalancer","elasticloadbalancing:RegisterTargets","ec2:Describe*","ec2:AuthorizeSecurityGroupIngress"
],"Resource":"*"
}
]
}
}
]
}
},"ServiceScalingTarget":{
"Type":"AWS::ApplicationAutoScaling::Scalabletarget","DependsOn":"service","Properties":{
"MaxCapacity":2,"MinCapacity":1,"ResourceId":{
"Fn::Join":[
"",[
"service/",{
"Ref":"ECSCluster"
},"/",{
"Fn::Getatt":[
"service","Name"
]
}
]
]
},"RoleARN":{
"Fn::Getatt":[
"AutoscalingRole","Arn"
]
},"ScalableDimension":"ecs:service:DesiredCount","ServiceNamespace":"ecs"
}
},"ServiceScalingPolicy":{
"Type":"AWS::ApplicationAutoScaling::ScalingPolicy","Properties":{
"PolicyName":"AStepPolicy","PolicyType":"StepScaling","ScalingTargetId":{
"Ref":"ServiceScalingTarget"
},"StepScalingPolicyConfiguration":{
"AdjustmentType":"PercentChangeInCapacity","Cooldown":60,"MetricAggregationType":"Average","StepAdjustments":[
{
"MetricIntervalLowerBound":0,"ScalingAdjustment":200
}
]
}
}
},"ALB500sAlarmScaleUp":{
"Type":"AWS::CloudWatch::Alarm","Properties":{
"EvaluationPeriods":"1","Statistic":"Average","Threshold":"10","AlarmDescription":"Alarm if our ALB generates too many HTTP 500s.","Period":"60","Alarmactions":[
{
"Ref":"ServiceScalingPolicy"
}
],"Namespace":"AWS/ApplicationELB","Dimensions":[
{
"Name":"LoadBalancer","Value":{
"Fn::Getatt" : [
"ECSALB","LoadBalancerFullName"
]
}
}
],"ComparisonOperator":"GreaterThanThreshold","MetricName":"HTTPCode_ELB_5XX_Count"
}
},"EC2Role":{
"Type":"AWS::IAM::Role","Principal":{
"Service":[
"ec2.amazonaws.com"
]
},"action":[
"ec2:Describetags","ecs:Createcluster","ecs:DeregisterContainerInstance","ecs:DiscoverPollEndpoint","ecs:Poll","ecs:RegisterContainerInstance","ecs:StartTelemetrySession","ecs:UpdateContainerInstancesState","ecs:Submit*","ecr:GetauthorizationToken","ecr:BatchCheckLayerAvailability","ecr:GetDownloadUrlForLayer","ecr:BatchGetImage","logs:CreateLogStream","logs:PutLogEvents"
],"AutoscalingRole":{
"Type":"AWS::IAM::Role","Principal":{
"Service":[
"application-autoscaling.amazonaws.com"
]
},"Policies":[
{
"PolicyName":"service-autoscaling","action":[
"application-autoscaling:*","cloudwatch:DescribeAlarms","cloudwatch:PutMetricAlarm","ecs:DescribeServices","ecs:UpdateService"
],"EC2InstanceProfile":{
"Type":"AWS::IAM::InstanceProfile","Properties":{
"Path":"/","Roles":[
{
"Ref":"EC2Role"
}
]
}
}
},"Outputs":{
"ecsservice":{
"Value":{
"Ref":"service"
}
},"ecscluster":{
"Value":{
"Ref":"ECSCluster"
}
},"ECSALB":{
"Description":"Your ALB DNS URL","Value":{
"Fn::Join":[
"",[
{
"Fn::Getatt":[
"ECSALB","DNsname"
]
}
]
]
}
},"taskdef":{
"Value":{
"Ref":"taskdefinition"
}
}
}
}*
在创建服务资源时被卡住了。
当我尝试调试它时,我在EC2实例的日志中找到ecs-agent docker: 注册成功完成。我在集群'默认'中以'arn:aws:ecs:us-east-1:504254995642:container-instance / 22a5c138-61b0-454f-b64e-f49a76fc6cbe'的身份运行
请您建议我如何将其配置为“ my-cluster”