The ALIYUN::ECS::RunCommand resource type executes a Shell, PowerShell, or Batch script on one or more ECS instances.
Syntax
{
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"Parameters": Map,
"Description": String,
"Timeout": Integer,
"ContentEncoding": String,
"Name": String,
"WorkingDir": String,
"CommandContent": String,
"Type": String,
"Frequency": String,
"EnableParameter": Boolean,
"InstanceIds": List,
"KeepCommand": Boolean,
"Sync": Boolean,
"Tags": List,
"RunAgainOn": List,
"WindowsPasswordName": String,
"RepeatMode": String,
"ResourceGroupId": String,
"Launcher": String,
"ContainerName": String,
"ContainerId": String,
"Username": String
}
}Properties
|
Property Name |
Type |
Required |
Updatable |
Description |
Constraints |
|
Parameters |
Map |
No |
Yes |
Key-value pairs for custom parameters when the script contains them. For example, if the script content is `echo {{name}}`, specify `{"name":"Jack"}` using the Parameters property. The custom parameter automatically replaces the variable `name`, resulting in a new script that executes `echo Jack`. |
|
|
Description |
String |
No |
No |
Script description. |
Supports all character sets. The length cannot exceed 512 characters. |
|
Timeout |
Integer |
No |
Yes |
The timeout for script execution. |
Unit: seconds. Default value: 60. Timeouts occur if the script cannot run because of process issues, missing modules, or a missing Cloud Assistant Agent. After a timeout, the script process terminates forcibly. |
|
ContentEncoding |
String |
No |
Yes |
The encoding method for the script content (CommandContent). |
Values:
Note
If you enter an incorrect value, the system treats it as Base64. |
|
Name |
String |
No |
No |
Script name. |
Supports all character sets. The length cannot exceed 128 characters. |
|
WorkingDir |
String |
No |
Yes |
The working directory for the script on the ECS instance. |
Default values:
|
|
CommandContent |
String |
Yes |
Yes |
The plaintext or Base64-encoded content of the script. |
|
|
Type |
String |
Yes |
Yes |
The language type of the O&M script. |
Values:
|
|
Frequency |
String |
No |
No |
The execution interval of the auto triggered task. |
None |
|
EnableParameter |
Boolean |
No |
Yes |
Indicates whether the script contains custom parameters. |
Valid values:
|
|
InstanceIds |
List |
Yes |
Yes |
The list of ECS instance IDs. |
Specify a maximum of 20 ECS instances. The ECS instances must be running. |
|
KeepCommand |
Boolean |
No |
No |
Indicates whether to keep the script after execution. |
Values:
|
|
Sync |
Boolean |
No |
No |
Indicates whether to use a synchronous call. |
Values:
|
|
Tags |
List |
No |
Yes |
Tags. |
Supports a maximum of 20 tags. For more information, see Tags properties. |
|
RunAgainOn |
List |
No |
No |
The stage to execute the command again. |
None |
|
WindowsPasswordName |
String |
No |
No |
The password name for the user who executes commands on Windows instances. |
The length cannot exceed 255 characters. If you want to execute commands on Windows instances as a non-default user (System), pass both the Note
When you execute commands as the root user on Linux instances or the System user on Windows instances, do not pass this parameter. |
|
RepeatMode |
String |
No |
No |
Sets the command execution method. |
Values:
Default values:
Note:
|
|
Launcher |
String |
No |
No |
The bootstrap program for script execution. |
The length cannot exceed 1 KB. |
|
ResourceGroupId |
String |
No |
No |
The resource group ID for command execution. |
If you specify this parameter:
|
|
ContainerName |
String |
No |
No |
Container name. |
Note:
|
|
ContainerId |
String |
No |
No |
Container ID. |
Supports only 64-bit hexadecimal strings. You can specify the container runtime explicitly using prefixes such as Note:
|
|
Username |
String |
No |
Yes |
The username for executing commands on the ECS instance. |
The length cannot exceed 255 characters.
You can also specify other existing users on the instance to execute commands. Executing Cloud Assistant commands as a regular user is more secure. For more information, see Configure a regular user to execute Cloud Assistant commands. |
Tags syntax
"Tags": [
{
"Key": String,
"Value": String
}
]Tags properties
|
Property Name |
Type |
Required |
Updatable |
Description |
Constraints |
|
Key |
String |
Yes |
No |
Tag key. |
The length is 1 to 128 characters. It cannot start with |
|
Value |
String |
No |
No |
Tag value. |
The length is 0 to 128 characters. It cannot start with |
Return values
Fn::GetAtt
-
CommandId: The ID of the script.
-
InvokeId: The ID of the script execution.
-
InvokeInstances: The list of instances that executed the command.
-
InvokeResults: The results of the command execution.
Examples
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
InstanceId:
Type: String
AssociationProperty: ALIYUN::ECS::Instance::InstanceId
Resources:
RunCommand:
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent:
Fn::Sub:
|
#!/bin/sh
yum install -y tree
Type: RunShellScript
InstanceIds:
- Ref: InstanceId
Outputs:
CommandId:
Description: The id of command created.
Value:
Fn::GetAtt:
- RunCommand
- CommandId
InvokeId:
Description: The invoke id of command.
Value:
Fn::GetAtt:
- RunCommand
- InvokeId
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"InstanceId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceId"
}
},
"Resources": {
"RunCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": {
"Fn::Sub":
"#!/bin/sh\nyum install -y tree\n"
},
"Type": "RunShellScript",
"InstanceIds": [
{
"Ref": "InstanceId"
}
]
}
}
},
"Outputs": {
"CommandId": {
"Description": "The id of command created.",
"Value": {
"Fn::GetAtt": [
"RunCommand",
"CommandId"
]
}
},
"InvokeId": {
"Description": "The invoke id of command.",
"Value": {
"Fn::GetAtt": [
"RunCommand",
"InvokeId"
]
}
}
}
}UpdatePolicy overview
After executing a script on a group of ECS instances using ALIYUN::ECS::RunCommand, you can use the UpdatePolicy property to control how the ECS::RunCommand configuration is updated when you update the configurations of these instances in batches. For the UpdatePolicy property syntax, see the following section.
UpdatePolicy syntax
"UpdatePolicy": {
"RollingUpdate": Map
}UpdatePolicy properties
|
Property Name |
Type |
Required |
Updatable |
Description |
Constraints |
|
RollingUpdate |
Map |
No |
Yes |
Controls the strategy for updating existing commands. |
For details, see RollingUpdate properties. |
RollingUpdate syntax
"RollingUpdate": {
"MaxBatchSize": Integer,
"PauseTime": Integer
}RollingUpdate properties
|
Property Name |
Type |
Required |
Updatable |
Description |
Constraints |
|
MaxBatchSize |
Integer |
Yes |
Yes |
The number of ECS instances to execute commands in each batch. |
Value range: 1 to 1000. |
|
PauseTime |
Integer |
No |
Yes |
The pause time (unit: seconds) between command executions for each batch. Default is 0. |
Value range: 0 to 3600. |
Scenario 1: Execute RunCommand on existing ECS instances.
ROSTemplateFormatVersion: '2015-09-01'
Resources:
RunCommand:
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent: xxx
Type: RunShellScript
Sync: true
InstanceIds:
- i-2zxxxx
- i-2zxxxx
- i-2zxxxx
{
"ROSTemplateFormatVersion": "2015-09-01",
"Resources": {
"RunCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": "xxx",
"Type": "RunShellScript",
"Sync": true,
"InstanceIds": [
"i-2zxxxx",
"i-2zxxxx",
"i-2zxxxx"
]
}
}
}
}After you successfully create the stack, update the configurations of the ECS instances where the command was executed. Configure the UpdatePolicy property during the update.
ROSTemplateFormatVersion: '2015-09-01'
Resources:
RunCommand:
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent: xxx
Type: RunShellScript
Sync: true
InstanceIds:
- i-2zxxxx
- i-2zxxxx
- i-2zxxxx
- i-2zxxxx
- i-2zxxxx
UpdatePolicy:
RollingUpdate:
MaxBatchSize: 2
PauseTime: 10
{
"ROSTemplateFormatVersion": "2015-09-01",
"Resources": {
"RunCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": "xxx",
"Type": "RunShellScript",
"Sync": true,
"InstanceIds": [
"i-2zxxxx",
"i-2zxxxx",
"i-2zxxxx",
"i-2zxxxx",
"i-2zxxxx"
]
},
"UpdatePolicy": {
"RollingUpdate": {
"MaxBatchSize": 2,
"PauseTime": 10
}
}
}
}
}Set MaxBatchSize to 2. Before the update, InstanceIds contains three ECS instances. After the update, InstanceIds contains five ECS instances. During the stack update, the original three instances undergo Upgrade/Downgrade in two batches (2 and 1). The system processes the original InstanceIds in the order they were provided. The two new instances execute the command simultaneously.
Scenario 2: Create an ECS instance (Alibaba Cloud Linux 3) and deploy a Django environment.
ROSTemplateFormatVersion: '2015-09-01'
Description: Deploy the Django environment.
Parameters:
ZoneId:
Default: Null
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
Required: true
Type: String
Label: Availability Zone
InstanceType:
AssociationPropertyMetadata:
SystemDiskCategory: cloud_essd
SpotStrategy: SpotAsPriceGo
InstanceChargeType: PostPaid
ZoneId: ${ZoneId}
Default: Null
Required: true
Label: Instance Type
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
Type: String
InstancePassword:
Description: Server logon password. Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
Confirm: true
Default: Null
Type: String
Label: Instance Password
NoEcho: true
AssociationProperty: ALIYUN::ECS::Instance::Password
ConstraintDescription: Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
ImageId:
AssociationPropertyMetadata:
ValueLabelMapping:
aliyun_3_x64_20G_alibase_20240528.vhd: Alibaba Cloud Linux 3
Default: aliyun_3_x64_20G_alibase_20240528.vhd
Required: true
Label: Image of Instance
AllowedValues:
- aliyun_3_x64_20G_alibase_20240528.vhd
Type: String
Outputs: {}
Conditions: {}
Resources:
SecurityGroupIngress_80:
Type: ALIYUN::ECS::SecurityGroupIngress
Properties:
IpProtocol: tcp
SecurityGroupId:
Ref: SecurityGroup
NicType: intranet
SourceCidrIp: 0.0.0.0/0
PortRange: 80/80
SecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
SecurityGroupIngress:
- PortRange: 80/80
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: '-1/-1'
SourceCidrIp: 0.0.0.0/0
IpProtocol: icmp
VpcId:
Ref: Vpc
SecurityGroupName: deploy_django_by_ros_sg
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
VpcName: deploy_django_by_ros_vpc
CidrBlock: 192.168.0.0/16
DeployDjango:
Type: ALIYUN::ECS::RunCommand
Properties:
Type: RunShellScript
CommandContent:
Fn::Sub: |-
#!/bin/bash
sudo yum -y install nginx python3-devel.x86_64
sudo pip3 install Django uwsgi
sudo mkdir /home/myblog && cd /home/myblog
sudo /usr/local/bin/django-admin.py startproject uwsgi_project
sudo sed -i 's/ALLOWED_HOSTS = \[\]/ALLOWED_HOSTS = \["*"\]/g' /home/myblog/uwsgi_project/uwsgi_project/settings.py
sudo mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
sudo mv /etc/uwsgi.ini /etc/uwsgi.ini.bak
cat << "EOF" > /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
upstream django {
server 127.0.0.1:8001; # The specific port must match the port defined in your uWSGI configuration file
}
server {
listen 80; # The NGINX access port
server_name test;
charset utf-8;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location /static {
autoindex on;
alias /home/myblog/uwsgi_project/uwsgi_project/static; # The specific directory depends on your actual deployment directory
}
location / {
uwsgi_pass 127.0.0.1:8001;
include uwsgi_params; # The specific directory depends on your actual deployment directory
include /etc/nginx/uwsgi_params; # The specific directory depends on your actual deployment directory
uwsgi_param UWSGI_SCRIPT iCourse.wsgi; # The specific directory depends on your actual deployment directory
uwsgi_param UWSGI_CHDIR /iCourse; # The specific directory depends on your actual deployment directory
index index.html index.htm;
client_max_body_size 35m;
index index.html index.htm;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
EOF
cat << "EOF" > /etc/uwsgi.ini
[uwsgi]
socket = 127.0.0.1:8001
chdir = /home/myblog/uwsgi_project/
wsgi-file = uwsgi_project/wsgi.py
processes = 4
threads = 2
vacuum = true
buffer-size = 65536
EOF
cat << "EOF" > /etc/systemd/system/uwsgi.service
[Unit]
Description=uwsgi service
After=network.target
[Service]
Type=simple
User=nginx
Group=nginx
ExecStart=/usr/local/bin/uwsgi --ini /etc/uwsgi.ini
[Install]
WantedBy=multi-user.target
EOF
sudo systemctl daemon-reload
sudo systemctl enable nginx.service
sudo systemctl restart nginx.service
sudo systemctl enable uwsgi.service
sudo systemctl restart uwsgi.service
Sync: true
InstanceIds:
- Ref: EcsInstance
Timeout: 3600
VSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
VSwitchName: deploy_django_by_ros_vsw
VpcId:
Ref: Vpc
CidrBlock: 192.168.0.0/24
ZoneId:
Ref: ZoneId
EcsInstance:
Type: ALIYUN::ECS::InstanceGroup
Properties:
SystemDiskCategory: cloud_essd
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: SecurityGroup
ImageId:
Ref: ImageId
InternetMaxBandwidthOut: 100
SpotStrategy: SpotAsPriceGo
VSwitchId:
Ref: VSwitch
Password:
Ref: InstancePassword
InstanceName: deploy_django_by_ros_ecs
InstanceType:
Ref: InstanceType
ZoneId:
Ref: ZoneId
MaxAmount: 1
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- ZoneId
- ImageId
- InstanceType
- InstancePassword
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "Deploy the Django environment.",
"Parameters": {
"ZoneId": {
"Default": null,
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Required": true,
"Type": "String",
"Label": "Availability Zone"
},
"InstanceType": {
"AssociationPropertyMetadata": {
"SystemDiskCategory": "cloud_essd",
"SpotStrategy": "SpotAsPriceGo",
"InstanceChargeType": "PostPaid",
"ZoneId": "${ZoneId}"
},
"Default": null,
"Required": true,
"Label": "Instance Type",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"Type": "String"
},
"InstancePassword": {
"Description": "Server logon password. Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"Confirm": true,
"Default": null,
"Type": "String",
"Label": "Instance Password",
"NoEcho": true,
"AssociationProperty": "ALIYUN::ECS::Instance::Password",
"ConstraintDescription": "Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/"
},
"ImageId": {
"AssociationPropertyMetadata": {
"ValueLabelMapping": {
"aliyun_3_x64_20G_alibase_20240528.vhd": "Alibaba Cloud Linux 3"
}
},
"Default": "aliyun_3_x64_20G_alibase_20240528.vhd",
"Required": true,
"Label": "Image of Instance",
"AllowedValues": [
"aliyun_3_x64_20G_alibase_20240528.vhd"
],
"Type": "String"
}
},
"Outputs": {},
"Conditions": {},
"Resources": {
"SecurityGroupIngress_80": {
"Type": "ALIYUN::ECS::SecurityGroupIngress",
"Properties": {
"IpProtocol": "tcp",
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"NicType": "intranet",
"SourceCidrIp": "0.0.0.0/0",
"PortRange": "80/80"
}
},
"SecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"SecurityGroupIngress": [
{
"PortRange": "80/80",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "-1/-1",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "icmp"
}
],
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupName": "deploy_django_by_ros_sg"
}
},
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"VpcName": "deploy_django_by_ros_vpc",
"CidrBlock": "192.168.0.0/16"
}
},
"DeployDjango": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"Type": "RunShellScript",
"CommandContent": {
"Fn::Sub": "#!/bin/bash\nsudo yum -y install nginx python3-devel.x86_64\n\n\nsudo pip3 install Django uwsgi\nsudo mkdir /home/myblog && cd /home/myblog\n\nsudo /usr/local/bin/django-admin.py startproject uwsgi_project\n\nsudo sed -i 's/ALLOWED_HOSTS = \\[\\]/ALLOWED_HOSTS = \\[\"*\"\\]/g' /home/myblog/uwsgi_project/uwsgi_project/settings.py\nsudo mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak\nsudo mv /etc/uwsgi.ini /etc/uwsgi.ini.bak\n\ncat << \"EOF\" > /etc/nginx/nginx.conf\nuser nginx;\nworker_processes auto;\nerror_log /var/log/nginx/error.log;\npid /run/nginx.pid;\n# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.\ninclude /usr/share/nginx/modules/*.conf;\nevents {\n worker_connections 1024;\n}\nhttp {\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n access_log /var/log/nginx/access.log main;\n sendfile on;\n tcp_nopush on;\n tcp_nodelay on;\n keepalive_timeout 65;\n types_hash_max_size 4096;\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n # Load modular configuration files from the /etc/nginx/conf.d directory.\n # See http://nginx.org/en/docs/ngx_core_module.html#include\n # for more information.\n include /etc/nginx/conf.d/*.conf;\n upstream django {\n server 127.0.0.1:8001; # The specific port must match the port defined in your uWSGI configuration file\n }\n server {\n listen 80; # The NGINX access port\n server_name test;\n charset utf-8;\n # Load configuration files for the default server block.\n include /etc/nginx/default.d/*.conf;\n location /static {\n autoindex on;\n alias /home/myblog/uwsgi_project/uwsgi_project/static; # The specific directory depends on your actual deployment directory\n }\n location / {\n uwsgi_pass 127.0.0.1:8001;\n include uwsgi_params; # The specific directory depends on your actual deployment directory\n include /etc/nginx/uwsgi_params; # The specific directory depends on your actual deployment directory\n uwsgi_param UWSGI_SCRIPT iCourse.wsgi; # The specific directory depends on your actual deployment directory\n uwsgi_param UWSGI_CHDIR /iCourse; # The specific directory depends on your actual deployment directory\n index index.html index.htm;\n client_max_body_size 35m;\n index index.html index.htm;\n }\n error_page 404 /404.html;\n location = /40x.html {\n }\n error_page 500 502 503 504 /50x.html;\n location = /50x.html {\n }\n }\n} \nEOF\n\ncat << \"EOF\" > /etc/uwsgi.ini\n[uwsgi]\nsocket = 127.0.0.1:8001\nchdir = /home/myblog/uwsgi_project/\nwsgi-file = uwsgi_project/wsgi.py\nprocesses = 4\nthreads = 2\nvacuum = true\nbuffer-size = 65536\nEOF\n\ncat << \"EOF\" > /etc/systemd/system/uwsgi.service\n[Unit]\nDescription=uwsgi service\nAfter=network.target\n[Service]\nType=simple\nUser=nginx\nGroup=nginx\nExecStart=/usr/local/bin/uwsgi --ini /etc/uwsgi.ini\n[Install]\nWantedBy=multi-user.target\nEOF\nsudo systemctl daemon-reload\nsudo systemctl enable nginx.service\nsudo systemctl restart nginx.service\nsudo systemctl enable uwsgi.service\nsudo systemctl restart uwsgi.service"
},
"Sync": true,
"InstanceIds": [
{
"Ref": "EcsInstance"
}
],
"Timeout": 3600
}
},
"VSwitch": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": "deploy_django_by_ros_vsw",
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "192.168.0.0/24",
"ZoneId": {
"Ref": "ZoneId"
}
}
},
"EcsInstance": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"SystemDiskCategory": "cloud_essd",
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"ImageId": {
"Ref": "ImageId"
},
"InternetMaxBandwidthOut": 100,
"SpotStrategy": "SpotAsPriceGo",
"VSwitchId": {
"Ref": "VSwitch"
},
"Password": {
"Ref": "InstancePassword"
},
"InstanceName": "deploy_django_by_ros_ecs",
"InstanceType": {
"Ref": "InstanceType"
},
"ZoneId": {
"Ref": "ZoneId"
},
"MaxAmount": 1
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"ZoneId",
"ImageId",
"InstanceType",
"InstancePassword"
]
}
]
}
}
}Scenario 3: Configure IPv6 addresses for ECS instances (Windows/Linux) and automatically allocate IPv6 Internet bandwidth.
ROSTemplateFormatVersion: '2015-09-01'
Mappings: {}
Parameters:
EcsInstanceId:
AssociationPropertyMetadata:
Status: Running
Visible:
Condition:
Fn::Equals:
- ${InstanceSource}
- UseExisted
Default: Null
Required: true
Label: ECS Instance ID
AssociationProperty: ALIYUN::ECS::Instance::InstanceId
Type: String
CommonName:
Default: config-ipv6
Type: String
PublicIpv6Address:
AssociationPropertyMetadata:
ValueLabelMapping:
Enable: Enable IPv6 Internet Bandwidth
Disable: Disable IPv6 Internet Bandwidth
AllowedValues:
- Enable
- Disable
Type: String
Description: By default, the IPv6 address assigned to the ECS instance can be used only for communications over private networks. To allow communications over the Internet, you must enable IPv6 Internet bandwidth. Select your configuration from the preceding options.
Label: Configure IPv6 Internet Bandwidth
InstancePassword:
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${InstanceSource}
- CreateNew
Description: Server logon password. Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
Confirm: true
Default: Null
ConstraintDescription: Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
Label: Instance Password
NoEcho: true
AssociationProperty: ALIYUN::ECS::Instance::Password
Type: String
ImageId:
AssociationPropertyMetadata:
IsSupportCloudinit: true
Visible:
Condition:
Fn::Equals:
- ${InstanceSource}
- CreateNew
SupportedImageOwnerAlias:
- system
Default: aliyun_3_9_x64_20G_alibase_20231219.vhd
Required: true
Label: Image of Instance
AssociationProperty: ALIYUN::ECS::Image::ImageId
Type: String
InstanceSource:
Default: CreateNew
AssociationPropertyMetadata:
ValueLabelMapping:
UseExisted: Select Existing Instance
CreateNew: Create New Instance
AllowedValues:
- CreateNew
- UseExisted
Type: String
Label: Instance Source
ZoneId:
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${InstanceSource}
- CreateNew
AutoSelectFirst: true
Default: Null
Required: true
Label: Availability Zone
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
Type: String
Ipv6CidrBlockNumber:
AssociationProperty: AutoCompleteInput
AssociationPropertyMetadata:
Length: 2
CharacterClasses:
- Class: number
min: 1
Type: Number
InstanceType:
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${InstanceSource}
- CreateNew
SystemDiskCategory: cloud_essd
SpotStrategy: SpotAsPriceGo
InstanceChargeType: PostPaid
ZoneId: ${ZoneId}
Default: Null
Required: true
Label: Instance Type
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
Type: String
Outputs:
EcsLoginAddress:
Description: ECS logon address.
Value:
Fn::Sub:
- https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs®ionId=${ALIYUN::Region}&instanceId=${InstanceId}
- InstanceId:
Fn::If:
- UseExistedInstance
- Ref: EcsInstanceId
- Ref: EcsInstance
Description: Create ECS instances and configure IPv6 addresses, supporting both new creations and existing instances, with automatic allocation of public IPv6 bandwidth.
Conditions:
DsIpv6Addresses.IsBodyEmpty:
Fn::Equals:
- ''
- ''
CreateInstance:
Fn::Equals:
- Ref: InstanceSource
- CreateNew
DsIpv6Gateway.IsBodyEmpty:
Fn::Equals:
- ''
- ''
UseExistedInstance:
Fn::Equals:
- Ref: InstanceSource
- UseExisted
CreateAndEnableIpv6:
Fn::And:
- CreateInstance
- Fn::Equals:
- Ref: PublicIpv6Address
- Enable
DsIpv6Addresses.IsRPC:
Fn::Not:
Fn::TransformNamespace:
- Condition
- DsIpv6Addresses.
- Fn::Contains:
- - OSS
- FC
- SLS
- CS
- VPC
DsIpv6Gateway.IsRPC:
Fn::Not:
Fn::TransformNamespace:
- Condition
- DsIpv6Gateway.
- Fn::Contains:
- - OSS
- FC
- SLS
- CS
- VPC
Resources:
DsVsw:
Type: DATASOURCE::VPC::VSwitch
Properties:
VSwitchId:
Fn::Jq:
- First
- .[0].VswitchId
- Fn::GetAtt:
- DsEcs
- Instances
Condition: UseExistedInstance
DsIpv6Addresses.Execution:
Type: ALIYUN::OOS::Execution
Properties:
TemplateName:
Ref: DsIpv6Addresses.Template
Condition: UseExistedInstance
Metadata:
ALIYUN::ROS::Module:
LogicalIdHierarchy: DsIpv6Addresses
TypeHierarchy: MODULE::ACS::OOS::ExecuteAPI
DsIpv6Gateway.Template:
Type: ALIYUN::OOS::Template
Properties:
Content:
Fn::Str:
Fn::If:
- DsIpv6Gateway.IsRPC
- Outputs:
Result:
Type: List
Value: '{{ ExecuteAPI.Result }}'
FormatVersion: OOS-2019-06-01
Tasks:
- Action: ACS::ExecuteAPI
Outputs:
Result:
Type: List
ValueSelector: .
Name: ExecuteAPI
Properties:
API: DescribeIpv6Gateways
Service: VPC
Parameters:
VpcId:
Fn::Jq:
- First
- .[0].VpcId
- Fn::GetAtt:
- DsEcs
- Instances
AutoPaging: true
Description: ROS Execute API
- Outputs:
Result:
Type: List
Value: '{{ ExecuteAPI.Result }}'
FormatVersion: OOS-2019-06-01
Tasks:
- Action: ACS::ExecuteAPI
Outputs:
Result:
Type: List
ValueSelector: .
Name: ExecuteAPI
Properties:
Body:
Fn::If:
- DsIpv6Gateway.IsBodyEmpty
- Null
- ''
Parameters:
VpcId:
Fn::Jq:
- First
- .[0].VpcId
- Fn::GetAtt:
- DsEcs
- Instances
Service: VPC
URI: ''
AutoPaging: true
Headers: {}
API: DescribeIpv6Gateways
Method: GET
Description: ROS Execute API
TemplateName:
Fn::Sub:
- ${__auto_generated__DsIpv6Gateway__Parameter__Prefix}-template-${ALIYUN::StackId}
- __auto_generated__DsIpv6Gateway__Parameter__Prefix: DescribeIpv6Gateways
Condition: UseExistedInstance
Metadata:
ALIYUN::ROS::Module:
LogicalIdHierarchy: DsIpv6Gateway
TypeHierarchy: MODULE::ACS::OOS::ExecuteAPI
ConfigureIPv6Address:
Type: ALIYUN::ROS::Stack
Properties:
TemplateBody:
ROSTemplateFormatVersion: '2015-09-01'
Conditions:
Windows:
Fn::Equals:
- windows
- Ref: OsType
Linux:
Fn::Equals:
- linux
- Ref: OsType
Resources:
WindowsCommand:
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent:
Fn::Sub: |-
# powershell
Write-Output "Start"
$install_dir = "C:\Windows\system32"
$install_path = "$install_dir\ecs-utils-ipv6.exe"
$Is64Bit = [Environment]::Is64BitOperatingSystem
Write-Output "Is64BitOperatingSystem: $Is64Bit"
if(-not (Test-Path -Path $install_path)){
# download the tool
if ([Environment]::Is64BitOperatingSystem) {
$tool_url = 'https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/win/64/ecs-utils-ipv6.exe'
} else {
$tool_url = 'https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/win/32/ecs-utils-ipv6.exe'
}
Write-Output "Download ecs-utils-ipv6.exe form url $tool_url"
Invoke-WebRequest -uri $tool_url -OutFile $install_path
Unblock-File $install_path
}
# run the tool
Write-Output "Run ecs-utils-ipv6.exe"
$maxRetries = 10
$retryInterval = 10
$retryCount = 0
while ($retryCount -lt $maxRetries) {
try {
Start-Process -FilePath "$install_path" -ArgumentList "--noenterkey" -NoNewWindow
Write-Output "Successfully!"
break
} catch {
Write-Error "run failed: $($_.Exception.Message). Start retry $($retryCount + 1)"
Start-Sleep -Seconds $retryInterval
$retryCount++
}
}
if ($retryCount -eq $maxRetries) {
Write-Error "Failed!"
}
Type: RunPowerShellScript
Sync: true
InstanceIds:
- Ref: InstanceId
Timeout: 3600
Condition: Windows
DependsOn: WaiteWindowsReady
WaiteWindowsReady:
Type: ALIYUN::ROS::Sleep
Properties:
CreateDuration: 300
Condition: Windows
LinuxCommand:
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent:
Fn::Sub: |-
#!/bin/bash
# script exit code:
# 0 - success
# 1 - unsupported system
# 2 - network not available
# 3 - failed to run ecs-utils-ipv6 tool
# 4 - failed to modify /etc/eni_utils/eni-function
function unsupported_system() {
log_fatal 1 "Unsupported System: $1"
}
function log_info() {
printf "%s [INFO] %s\n" "$(date '+%Y-%m-%d %H:%M:%S')" "$1"
}
function log_error() {
printf "%s [ERROR] %s\n" "$(date '+%Y-%m-%d %H:%M:%S')" "$1"
}
function log_fatal() {
printf "\n========================================================================\n"
printf "%s [FATAL] %s\n" "$(date '+%Y-%m-%d %H:%M:%S')" "$1"
printf "\n========================================================================\n"
exit $1
}
function debug_exec(){
local cmd="$@"
log_info "$cmd"
eval "$cmd"
ret=$?
echo ""
log_info "$cmd, exit code: $ret"
return $ret
}
function check_network_available() {
log_info "ping ecs-image-utils.oss-cn-hangzhou.aliyuncs.com ..."
if ! debug_exec ping -c 4 ecs-image-utils.oss-cn-hangzhou.aliyuncs.com; then
log_fatal 2 "Could not connect to https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com"
fi
}
function run_ipv6_tool() {
log_info "run ecs-utils-ipv6 tool"
debug_exec chmod +x ./ecs-utils-ipv6
if ! debug_exec ./ecs-utils-ipv6; then
log_fatal 3 "Failed to run ecs-utils-ipv6 tool"
fi
}
function check_multi_eni_util() {
log_info "check multi-nic-util config"
if test -f /sbin/eni-ifscan; then
if ! debug_exec "sed -i 's/IPV6INIT=no/IPV6INIT=yes\n DHCPV6C=yes/g' /etc/eni_utils/eni-function"; then
log_fatal 4 "Failed to modify /etc/eni_utils/eni-function"
fi
fi
}
log_info "System Information:"
if ! lsb_release -a; then
unsupported_system
fi;
echo ""
check_network_available
RHEL=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/rhel/ecs-utils-ipv6
Debian=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/debian/ecs-utils-ipv6
SLES=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/sles/ecs-utils-ipv6
FreeBSD=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/freebsd/ecs-utils-ipv6
linux=$(lsb_release -a | grep "Distributor ID:" | cut -d':' -f2 | cut -d '(' -f1 | xargs echo -n)
case $linux in
CentOS|RedHat|Fedora|Aliyun|AlibabaCloud|Fedora|AnolisOS) wget --timeout=10 -q -O ecs-utils-ipv6 $RHEL ;;
Debian|Ubuntu) wget --timeout=10 -q -O ecs-utils-ipv6 $Debian ;;
SUSE|OpenSUSE) wget --timeout=10 -q -O ecs-utils-ipv6 $SLES ;;
FreeBSD) wget --timeout=10 -q -O ecs-utils-ipv6 $FreeBSD ;;
*) unsupported_system $linux ;;
esac
run_ipv6_tool
check_multi_eni_util
Type: RunShellScript
Sync: true
InstanceIds:
- Ref: InstanceId
Timeout: 3600
Condition: Linux
Parameters:
OsType:
Default: Null
Type: String
InstanceId:
Type: String
Parameters:
OsType:
Fn::Jq:
- First
- .[0].OSType
- Fn::GetAtt:
- DsEcs
- Instances
InstanceId:
Fn::If:
- UseExistedInstance
- Ref: EcsInstanceId
- Ref: EcsInstance
DependsOn:
- AssignIpv6Address
SecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
SecurityGroupIngress:
- PortRange: 3389/3389
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: '-1/-1'
SourceCidrIp: 0.0.0.0/0
IpProtocol: icmp
- PortRange: '-1/-1'
Ipv6SourceCidrIp: '::/0'
IpProtocol: icmpv6
VpcId:
Ref: Vpc
SecurityGroupName:
Fn::Sub: ${CommonName}-sg
Condition: CreateInstance
AssignIpv6Address:
Type: ALIYUN::ROS::Stack
Properties:
TemplateBody:
ROSTemplateFormatVersion: '2015-09-01'
Conditions:
AssignIpv6Addresses:
Fn::Equals:
- Null
- Ref: Ipv6AddressId
EnableIpv6ForVpc:
Fn::Equals:
- Null
- Ref: Ipv6GatewayId
EnableIpv6ForVsw:
Fn::Equals:
- true
- Fn::Contains:
- - Null
- ''
- Ref: VswIpv6Address
Ipv6InternetBandwidth:
Fn::And:
- Fn::Equals:
- Fn::If:
- AssignIpv6Addresses
- Null
- ''
- Ref: Ipv6InternetBandwidthId
- Fn::Equals:
- Ref: PublicIpv6Address
- Enable
Resources:
IpV6Address:
Type: ALIYUN::ECS::AssignIpv6Addresses
Properties:
Ipv6AddressCount: 1
NetworkInterfaceId:
Ref: NetworkInterfaceId
Condition: AssignIpv6Addresses
DependsOn: OpenIPv6ForVsw
Ipv6InternetBandwidth:
Type: ALIYUN::VPC::Ipv6InternetBandwidth
Properties:
InternetChargeType: PayByTraffic
Bandwidth: 1
Ipv6AddressId:
Fn::If:
- AssignIpv6Addresses
- Fn::Select:
- 0
- Fn::GetAtt:
- IpV6Address
- Ipv6AddressIds
- Ref: Ipv6AddressId
Ipv6GatewayId:
Fn::If:
- EnableIpv6ForVpc
- Ref: Ipv6Gateway
- Ref: Ipv6GatewayId
Condition: Ipv6InternetBandwidth
DependsOn: Sleep
Sleep:
Type: ALIYUN::ROS::Sleep
Properties:
CreateDuration: 60
Condition: AssignIpv6Addresses
DependsOn: IpV6Address
OpenIPv6ForVsw:
Version: default
Type: MODULE::ACS::OOS::ExecuteAPI
Properties:
Prefix: open-ipv6-for-vsw
API: ModifyVSwitchAttribute
Method: POST
Parameters:
Ipv6CidrBlock:
Ref: Ipv6CidrBlockNumber
VSwitchId:
Ref: VswId
EnableIPv6: true
Service: VPC
Condition: EnableIpv6ForVsw
DependsOn: Ipv6Gateway
Ipv6Gateway:
Type: ALIYUN::VPC::Ipv6Gateway
Properties:
VpcId:
Ref: VpcId
Condition: EnableIpv6ForVpc
DependsOn: OpenIPv6ForVpc
OpenIPv6ForVpc:
Version: default
Type: MODULE::ACS::OOS::ExecuteAPI
Properties:
Prefix: open-ipv6-for-vpc
API: ModifyVpcAttribute
Method: POST
Parameters:
VpcId:
Ref: VpcId
EnableIPv6: true
Service: VPC
Condition: EnableIpv6ForVpc
Parameters:
VpcId:
Type: String
NetworkInterfaceId:
Type: String
Ipv6GatewayId:
Default: Null
Type: String
VswId:
Type: String
PublicIpv6Address:
Default: Disable
Type: String
Ipv6AddressId:
Default: Null
Type: String
Ipv6InternetBandwidthId:
Default: Null
Type: String
Ipv6CidrBlockNumber:
Type: Number
VswIpv6Address:
Type: String
Parameters:
VpcId:
Fn::Jq:
- First
- .[0].VpcId
- Fn::GetAtt:
- DsEcs
- Instances
NetworkInterfaceId:
Fn::Select:
- 0
- Fn::GetAtt:
- DsEni
- NetworkInterfaceIds
Ipv6GatewayId:
Fn::Jq:
- First
- .[0].Ipv6Gateways.Ipv6Gateway[0].Ipv6GatewayId
- Fn::If:
- UseExistedInstance
- Fn::Select:
- Result
- Fn::GetAtt:
- DsIpv6Gateway.Execution
- Outputs
- Null
- Fn::Select:
- not_exist
- {}
- Null
- invalid output(Output) of module{DsIpv6Gateway, MODULE::ACS::OOS::ExecuteAPI}, as condition(UseExistedInstance) is false
VswId:
Fn::Jq:
- First
- .[0].VswitchId
- Fn::GetAtt:
- DsEcs
- Instances
PublicIpv6Address:
Ref: PublicIpv6Address
Ipv6AddressId:
Fn::Jq:
- First
- .[0].Ipv6Addresses.Ipv6Address[0].Ipv6AddressId
- Fn::If:
- UseExistedInstance
- Fn::Select:
- Result
- Fn::GetAtt:
- DsIpv6Addresses.Execution
- Outputs
- Null
- Fn::Select:
- not_exist
- {}
- Null
- invalid output(Output) of module{DsIpv6Addresses, MODULE::ACS::OOS::ExecuteAPI}, as condition(UseExistedInstance) is false
Ipv6InternetBandwidthId:
Fn::Jq:
- First
- .[0].Ipv6Addresses.Ipv6Address[0].Ipv6InternetBandwidth.Ipv6InternetBandwidthId
- Fn::If:
- UseExistedInstance
- Fn::Select:
- Result
- Fn::GetAtt:
- DsIpv6Addresses.Execution
- Outputs
- Null
- Fn::Select:
- not_exist
- {}
- Null
- invalid output(Output) of module{DsIpv6Addresses, MODULE::ACS::OOS::ExecuteAPI}, as condition(UseExistedInstance) is false
Ipv6CidrBlockNumber:
Ref: Ipv6CidrBlockNumber
VswIpv6Address:
Fn::GetAtt:
- DsVsw
- Ipv6CidrBlock
Condition: UseExistedInstance
SecurityGroupIngress:
Type: ALIYUN::ECS::SecurityGroupIngress
Properties:
IpProtocol: icmpv6
SecurityGroupId:
Fn::Jq:
- First
- .[0].SecurityGroupIds[0]
- Fn::GetAtt:
- DsEcs
- Instances
NicType: intranet
PortRange: '-1/-1'
Ipv6SourceCidrIp: '::/0'
Condition: UseExistedInstance
Ipv6InternetBandwidth:
Type: ALIYUN::VPC::Ipv6InternetBandwidth
Properties:
InternetChargeType: PayByTraffic
Bandwidth: 1
Ipv6AddressId:
Fn::Jq:
- First
- .[0][0]
- Fn::GetAtt:
- EcsInstance
- Ipv6AddressIds
Ipv6GatewayId:
Ref: Ipv6Gateway
Condition: CreateAndEnableIpv6
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
EnableIpv6: true
VpcName:
Fn::Sub: ${CommonName}-vpc
CidrBlock: 192.168.0.0/16
Condition: CreateInstance
DsEcs:
Type: DATASOURCE::ECS::Instances
Properties:
InstanceIds:
- Fn::If:
- UseExistedInstance
- Ref: EcsInstanceId
- Ref: EcsInstance
DsIpv6Addresses.Template:
Type: ALIYUN::OOS::Template
Properties:
Content:
Fn::Str:
Fn::If:
- DsIpv6Addresses.IsRPC
- Outputs:
Result:
Type: List
Value: '{{ ExecuteAPI.Result }}'
FormatVersion: OOS-2019-06-01
Tasks:
- Action: ACS::ExecuteAPI
Outputs:
Result:
Type: List
ValueSelector: .
Name: ExecuteAPI
Properties:
API: DescribeIpv6Addresses
Service: VPC
Parameters:
AssociatedInstanceId:
Ref: EcsInstanceId
AutoPaging: true
Description: ROS Execute API
- Outputs:
Result:
Type: List
Value: '{{ ExecuteAPI.Result }}'
FormatVersion: OOS-2019-06-01
Tasks:
- Action: ACS::ExecuteAPI
Outputs:
Result:
Type: List
ValueSelector: .
Name: ExecuteAPI
Properties:
Body:
Fn::If:
- DsIpv6Addresses.IsBodyEmpty
- Null
- ''
Parameters:
AssociatedInstanceId:
Ref: EcsInstanceId
Service: VPC
URI: ''
AutoPaging: true
Headers: {}
API: DescribeIpv6Addresses
Method: GET
Description: ROS Execute API
TemplateName:
Fn::Sub:
- ${__auto_generated__DsIpv6Addresses__Parameter__Prefix}-template-${ALIYUN::StackId}
- __auto_generated__DsIpv6Addresses__Parameter__Prefix: DescribeIpv6Addresses
Condition: UseExistedInstance
Metadata:
ALIYUN::ROS::Module:
LogicalIdHierarchy: DsIpv6Addresses
TypeHierarchy: MODULE::ACS::OOS::ExecuteAPI
VSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
VSwitchName:
Fn::Sub: ${CommonName}-vsw
Ipv6CidrBlock: 0
VpcId:
Ref: Vpc
CidrBlock: 192.168.0.0/24
ZoneId:
Ref: ZoneId
Condition: CreateInstance
Ipv6Gateway:
Type: ALIYUN::VPC::Ipv6Gateway
Properties:
VpcId:
Ref: Vpc
Condition: CreateInstance
DependsOn:
- VSwitch
EcsInstance:
Type: ALIYUN::ECS::InstanceGroup
Properties:
SystemDiskCategory: cloud_essd
VpcId:
Ref: Vpc
Ipv6AddressCount: 1
SecurityGroupId:
Ref: SecurityGroup
ImageId:
Ref: ImageId
InternetMaxBandwidthOut: 100
SpotStrategy: SpotAsPriceGo
VSwitchId:
Ref: VSwitch
Password:
Ref: InstancePassword
InstanceName:
Fn::Sub: ${CommonName}-ecs
InstanceType:
Ref: InstanceType
ZoneId:
Ref: ZoneId
MaxAmount: 1
Condition: CreateInstance
DsEni:
Type: DATASOURCE::ECS::NetworkInterfaces
Properties:
InstanceId:
Ref: EcsInstanceId
Type: Primary
Condition: UseExistedInstance
DsIpv6Gateway.Execution:
Type: ALIYUN::OOS::Execution
Properties:
TemplateName:
Ref: DsIpv6Gateway.Template
Condition: UseExistedInstance
Metadata:
ALIYUN::ROS::Module:
LogicalIdHierarchy: DsIpv6Gateway
TypeHierarchy: MODULE::ACS::OOS::ExecuteAPI
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- InstanceSource
- ZoneId
- ImageId
- InstanceType
- InstancePassword
- EcsInstanceId
- PublicIpv6Address
Hidden:
- CommonName
- Ipv6CidrBlockNumber
{
"ROSTemplateFormatVersion": "2015-09-01",
"Mappings": {},
"Parameters": {
"EcsInstanceId": {
"AssociationPropertyMetadata": {
"Status": "Running",
"Visible": {
"Condition": {
"Fn::Equals": [
"${InstanceSource}",
"UseExisted"
]
}
}
},
"Default": null,
"Required": true,
"Label": "ECS Instance ID",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceId",
"Type": "String"
},
"CommonName": {
"Default": "config-ipv6",
"Type": "String"
},
"PublicIpv6Address": {
"AssociationPropertyMetadata": {
"ValueLabelMapping": {
"Enable": "Enable IPv6 Internet Bandwidth",
"Disable": "Disable IPv6 Internet Bandwidth"
}
},
"AllowedValues": [
"Enable",
"Disable"
],
"Type": "String",
"Description": "By default, the IPv6 address assigned to the ECS instance can be used only for communications over private networks. To allow communications over the Internet, you must enable IPv6 Internet bandwidth. Select your configuration from the preceding options.",
"Label": "Configure IPv6 Internet Bandwidth"
},
"InstancePassword": {
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Equals": [
"${InstanceSource}",
"CreateNew"
]
}
}
},
"Description": "Server logon password. Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"Confirm": true,
"Default": null,
"ConstraintDescription": "Length 8-30. Must contain three of the following: uppercase letters, lowercase letters, numbers, or special characters such as ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"Label": "Instance Password",
"NoEcho": true,
"AssociationProperty": "ALIYUN::ECS::Instance::Password",
"Type": "String"
},
"ImageId": {
"AssociationPropertyMetadata": {
"IsSupportCloudinit": true,
"Visible": {
"Condition": {
"Fn::Equals": [
"${InstanceSource}",
"CreateNew"
]
}
},
"SupportedImageOwnerAlias": [
"system"
]
},
"Default": "aliyun_3_9_x64_20G_alibase_20231219.vhd",
"Required": true,
"Label": "Image of Instance",
"AssociationProperty": "ALIYUN::ECS::Image::ImageId",
"Type": "String"
},
"InstanceSource": {
"Default": "CreateNew",
"AssociationPropertyMetadata": {
"ValueLabelMapping": {
"UseExisted": "Select Existing Instance",
"CreateNew": "Create New Instance"
}
},
"AllowedValues": [
"CreateNew",
"UseExisted"
],
"Type": "String",
"Label": "Instance Source"
},
"ZoneId": {
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Equals": [
"${InstanceSource}",
"CreateNew"
]
}
},
"AutoSelectFirst": true
},
"Default": null,
"Required": true,
"Label": "Availability Zone",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String"
},
"Ipv6CidrBlockNumber": {
"AssociationProperty": "AutoCompleteInput",
"AssociationPropertyMetadata": {
"Length": 2,
"CharacterClasses": [
{
"Class": "number",
"min": 1
}
]
},
"Type": "Number"
},
"InstanceType": {
"AssociationPropertyMetadata": {
"Visible": {
"Condition": {
"Fn::Equals": [
"${InstanceSource}",
"CreateNew"
]
}
},
"SystemDiskCategory": "cloud_essd",
"SpotStrategy": "SpotAsPriceGo",
"InstanceChargeType": "PostPaid",
"ZoneId": "${ZoneId}"
},
"Default": null,
"Required": true,
"Label": "Instance Type",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"Type": "String"
}
},
"Outputs": {
"EcsLoginAddress": {
"Description": "ECS logon address.",
"Value": {
"Fn::Sub": [
"https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs®ionId=${ALIYUN::Region}&instanceId=${InstanceId}",
{
"InstanceId": {
"Fn::If": [
"UseExistedInstance",
{
"Ref": "EcsInstanceId"
},
{
"Ref": "EcsInstance"
}
]
}
}
]
}
}
},
"Description": "Create ECS instances and configure IPv6 addresses, supporting both new creations and existing instances, with automatic allocation of public IPv6 bandwidth.",
"Conditions": {
"DsIpv6Addresses.IsBodyEmpty": {
"Fn::Equals": [
"",
""
]
},
"CreateInstance": {
"Fn::Equals": [
{
"Ref": "InstanceSource"
},
"CreateNew"
]
},
"DsIpv6Gateway.IsBodyEmpty": {
"Fn::Equals": [
"",
""
]
},
"UseExistedInstance": {
"Fn::Equals": [
{
"Ref": "InstanceSource"
},
"UseExisted"
]
},
"CreateAndEnableIpv6": {
"Fn::And": [
"CreateInstance",
{
"Fn::Equals": [
{
"Ref": "PublicIpv6Address"
},
"Enable"
]
}
]
},
"DsIpv6Addresses.IsRPC": {
"Fn::Not": {
"Fn::TransformNamespace": [
"Condition",
"DsIpv6Addresses.",
{
"Fn::Contains": [
[
"OSS",
"FC",
"SLS",
"CS"
],
"VPC"
]
}
]
}
},
"DsIpv6Gateway.IsRPC": {
"Fn::Not": {
"Fn::TransformNamespace": [
"Condition",
"DsIpv6Gateway.",
{
"Fn::Contains": [
[
"OSS",
"FC",
"SLS",
"CS"
],
"VPC"
]
}
]
}
}
},
"Resources": {
"DsVsw": {
"Type": "DATASOURCE::VPC::VSwitch",
"Properties": {
"VSwitchId": {
"Fn::Jq": [
"First",
".[0].VswitchId",
{
"Fn::GetAtt": [
"DsEcs",
"Instances"
]
}
]
}
},
"Condition": "UseExistedInstance"
},
"DsIpv6Addresses.Execution": {
"Type": "ALIYUN::OOS::Execution",
"Properties": {
"TemplateName": {
"Ref": "DsIpv6Addresses.Template"
}
},
"Condition": "UseExistedInstance",
"Metadata": {
"ALIYUN::ROS::Module": {
"LogicalIdHierarchy": "DsIpv6Addresses",
"TypeHierarchy": "MODULE::ACS::OOS::ExecuteAPI"
}
}
},
"DsIpv6Gateway.Template": {
"Type": "ALIYUN::OOS::Template",
"Properties": {
"Content": {
"Fn::Str": {
"Fn::If": [
"DsIpv6Gateway.IsRPC",
{
"Outputs": {
"Result": {
"Type": "List",
"Value": "{{ ExecuteAPI.Result }}"
}
},
"FormatVersion": "OOS-2019-06-01",
"Tasks": [
{
"Action": "ACS::ExecuteAPI",
"Outputs": {
"Result": {
"Type": "List",
"ValueSelector": "."
}
},
"Name": "ExecuteAPI",
"Properties": {
"API": "DescribeIpv6Gateways",
"Service": "VPC",
"Parameters": {
"VpcId": {
"Fn::Jq": [
"First",
".[0].VpcId",
{
"Fn::GetAtt": [
"DsEcs",
"Instances"
]
}
]
}
},
"AutoPaging": true
}
}
],
"Description": "ROS Execute API"
},
{
"Outputs": {
"Result": {
"Type": "List",
"Value": "{{ ExecuteAPI.Result }}"
}
},
"FormatVersion": "OOS-2019-06-01",
"Tasks": [
{
"Action": "ACS::ExecuteAPI",
"Outputs": {
"Result": {
"Type": "List",
"ValueSelector": "."
}
},
"Name": "ExecuteAPI",
"Properties": {
"Body": {
"Fn::If": [
"DsIpv6Gateway.IsBodyEmpty",
null,
""
]
},
"Parameters": {
"VpcId": {
"Fn::Jq": [
"First",
".[0].VpcId",
{
"Fn::GetAtt": [
"DsEcs",
"Instances"
]
}
]
}
},
"Service": "VPC",
"URI": "",
"AutoPaging": true,
"Headers": {},
"API": "DescribeIpv6Gateways",
"Method": "GET"
}
}
],
"Description": "ROS Execute API"
}
]
}
},
"TemplateName": {
"Fn::Sub": [
"${__auto_generated__DsIpv6Gateway__Parameter__Prefix}-template-${ALIYUN::StackId}",
{
"__auto_generated__DsIpv6Gateway__Parameter__Prefix": "DescribeIpv6Gateways"
}
]
}
},
"Condition": "UseExistedInstance",
"Metadata": {
"ALIYUN::ROS::Module": {
"LogicalIdHierarchy": "DsIpv6Gateway",
"TypeHierarchy": "MODULE::ACS::OOS::ExecuteAPI"
}
}
},
"ConfigureIPv6Address": {
"Type": "ALIYUN::ROS::Stack",
"Properties": {
"TemplateBody": {
"ROSTemplateFormatVersion": "2015-09-01",
"Conditions": {
"Windows": {
"Fn::Equals": [
"windows",
{
"Ref": "OsType"
}
]
},
"Linux": {
"Fn::Equals": [
"linux",
{
"Ref": "OsType"
}
]
}
},
"Resources": {
"WindowsCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": {
"Fn::Sub": "# powershell\nWrite-Output \"Start\"\n$install_dir = \"C:\\Windows\\system32\"\n$install_path = \"$install_dir\\ecs-utils-ipv6.exe\"\n\n$Is64Bit = [Environment]::Is64BitOperatingSystem\nWrite-Output \"Is64BitOperatingSystem: $Is64Bit\"\n\nif(-not (Test-Path -Path $install_path)){\n # download the tool\n if ([Environment]::Is64BitOperatingSystem) {\n $tool_url = 'https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/win/64/ecs-utils-ipv6.exe' \n } else {\n $tool_url = 'https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/win/32/ecs-utils-ipv6.exe' \n }\n Write-Output \"Download ecs-utils-ipv6.exe form url $tool_url\"\n Invoke-WebRequest -uri $tool_url -OutFile $install_path\n Unblock-File $install_path\n}\n\n# run the tool\nWrite-Output \"Run ecs-utils-ipv6.exe\"\n$maxRetries = 10 \n$retryInterval = 10 \n$retryCount = 0 \n\nwhile ($retryCount -lt $maxRetries) {\n try {\n Start-Process -FilePath \"$install_path\" -ArgumentList \"--noenterkey\" -NoNewWindow\n Write-Output \"Successfully!\"\n break\n } catch {\n Write-Error \"run failed: $($_.Exception.Message). Start retry $($retryCount + 1)\"\n Start-Sleep -Seconds $retryInterval\n $retryCount++ \n }\n}\n\nif ($retryCount -eq $maxRetries) {\n Write-Error \"Failed!\"\n}"
},
"Type": "RunPowerShellScript",
"Sync": true,
"InstanceIds": [
{
"Ref": "InstanceId"
}
],
"Timeout": 3600
},
"Condition": "Windows",
"DependsOn": "WaiteWindowsReady"
},
"WaiteWindowsReady": {
"Type": "ALIYUN::ROS::Sleep",
"Properties": {
"CreateDuration": 300
},
"Condition": "Windows"
},
"LinuxCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": {
"Fn::Sub": "#!/bin/bash\n\n# script exit code:\n# 0 - success\n# 1 - unsupported system\n# 2 - network not available\n# 3 - failed to run ecs-utils-ipv6 tool\n# 4 - failed to modify /etc/eni_utils/eni-function\n\nfunction unsupported_system() {\n log_fatal 1 \"Unsupported System: $1\"\n}\n\nfunction log_info() {\n printf \"%s [INFO] %s\\n\" \"$(date '+%Y-%m-%d %H:%M:%S')\" \"$1\"\n}\n\nfunction log_error() {\n printf \"%s [ERROR] %s\\n\" \"$(date '+%Y-%m-%d %H:%M:%S')\" \"$1\"\n}\n\nfunction log_fatal() {\n printf \"\\n========================================================================\\n\"\n printf \"%s [FATAL] %s\\n\" \"$(date '+%Y-%m-%d %H:%M:%S')\" \"$1\"\n printf \"\\n========================================================================\\n\"\n exit $1\n}\n\nfunction debug_exec(){\n local cmd=\"$@\"\n log_info \"$cmd\"\n eval \"$cmd\"\n ret=$?\n echo \"\"\n log_info \"$cmd, exit code: $ret\"\n return $ret\n}\n\nfunction check_network_available() {\n log_info \"ping ecs-image-utils.oss-cn-hangzhou.aliyuncs.com ...\"\n if ! debug_exec ping -c 4 ecs-image-utils.oss-cn-hangzhou.aliyuncs.com; then\n log_fatal 2 \"Could not connect to https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com\"\n fi\n}\n\nfunction run_ipv6_tool() {\n log_info \"run ecs-utils-ipv6 tool\"\n debug_exec chmod +x ./ecs-utils-ipv6\n \n if ! debug_exec ./ecs-utils-ipv6; then\n log_fatal 3 \"Failed to run ecs-utils-ipv6 tool\"\n fi\n}\n\nfunction check_multi_eni_util() {\n log_info \"check multi-nic-util config\"\n if test -f /sbin/eni-ifscan; then\n \n if ! debug_exec \"sed -i 's/IPV6INIT=no/IPV6INIT=yes\\n DHCPV6C=yes/g' /etc/eni_utils/eni-function\"; then\n log_fatal 4 \"Failed to modify /etc/eni_utils/eni-function\"\n fi\n fi\n}\n\nlog_info \"System Information:\"\nif ! lsb_release -a; then\n unsupported_system\nfi;\necho \"\"\ncheck_network_available\n\nRHEL=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/rhel/ecs-utils-ipv6\nDebian=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/debian/ecs-utils-ipv6\nSLES=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/sles/ecs-utils-ipv6\nFreeBSD=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/freebsd/ecs-utils-ipv6\n\nlinux=$(lsb_release -a | grep \"Distributor ID:\" | cut -d':' -f2 | cut -d '(' -f1 | xargs echo -n)\ncase $linux in\n CentOS|RedHat|Fedora|Aliyun|AlibabaCloud|Fedora|AnolisOS) wget --timeout=10 -q -O ecs-utils-ipv6 $RHEL ;;\n Debian|Ubuntu) wget --timeout=10 -q -O ecs-utils-ipv6 $Debian ;;\n SUSE|OpenSUSE) wget --timeout=10 -q -O ecs-utils-ipv6 $SLES ;;\n FreeBSD) wget --timeout=10 -q -O ecs-utils-ipv6 $FreeBSD ;;\n *) unsupported_system $linux ;;\nesac\n\nrun_ipv6_tool\ncheck_multi_eni_util"
},
"Type": "RunShellScript",
"Sync": true,
"InstanceIds": [
{
"Ref": "InstanceId"
}
],
"Timeout": 3600
},
"Condition": "Linux"
}
},
"Parameters": {
"OsType": {
"Default": null,
"Type": "String"
},
"InstanceId": {
"Type": "String"
}
}
},
"Parameters": {
"OsType": {
"Fn::Jq": [
"First",
".[0].OSType",
{
"Fn::GetAtt": [
"DsEcs",
"Instances"
]
}
]
},
"InstanceId": {
"Fn::If": [
"UseExistedInstance",
{
"Ref": "EcsInstanceId"
},
{
"Ref": "EcsInstance"
}
]
}
}
},
"DependsOn": [
"AssignIpv6Address"
]
},
"SecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"SecurityGroupIngress": [
{
"PortRange": "3389/3389",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "-1/-1",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "icmp"
},
{
"PortRange": "-1/-1",
"Ipv6SourceCidrIp": "::/0",
"IpProtocol": "icmpv6"
}
],
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupName": {
"Fn::Sub": "${CommonName}-sg"
}
},
"Condition": "CreateInstance"
},
"AssignIpv6Address": {
"Type": "ALIYUN::ROS::Stack",
"Properties": {
"TemplateBody": {
"ROSTemplateFormatVersion": "2015-09-01",
"Conditions": {
"AssignIpv6Addresses": {
"Fn::Equals": [
null,
{
"Ref": "Ipv6AddressId"
}
]
},
"EnableIpv6ForVpc": {
"Fn::Equals": [
null,
{
"Ref": "Ipv6GatewayId"
}
]
},
"EnableIpv6ForVsw": {
"Fn::Equals": [
true,
{
"Fn::Contains": [
[
null,
""
],
{
"Ref": "VswIpv6Address"
}
]
}
]
},
"Ipv6InternetBandwidth": {
"Fn::And": [
{
"Fn::Equals": [
{
"Fn::If": [
"AssignIpv6Addresses",
null,
""
]
},
{
"Ref": "Ipv6InternetBandwidthId"
}
]
},
{
"Fn::Equals": [
{
"Ref": "PublicIpv6Address"
},
"Enable"
]
}
]
}
},
"Resources": {
"IpV6Address": {
"Type": "ALIYUN::ECS::AssignIpv6Addresses",
"Properties": {
"Ipv6AddressCount": 1,
"NetworkInterfaceId": {
"Ref": "NetworkInterfaceId"
}
},
"Condition": "AssignIpv6Addresses",
"DependsOn": "OpenIPv6ForVsw"
},
"Ipv6InternetBandwidth": {
"Type": "ALIYUN::VPC::Ipv6InternetBandwidth",
"Properties": {
"InternetChargeType": "PayByTraffic",
"Bandwidth": 1,
"Ipv6AddressId": {
"Fn::If": [
"AssignIpv6Addresses",
{
"Fn::Select": [
0,
{
"Fn::GetAtt": [
"IpV6Address",
"Ipv6AddressIds"
]
}
]
},
{
"Ref": "Ipv6AddressId"
}
]
},
"Ipv6GatewayId": {
"Fn::If": [
"EnableIpv6ForVpc",
{
"Ref": "Ipv6Gateway"
},
{
"Ref": "Ipv6GatewayId"
}
]
}
},
"Condition": "Ipv6InternetBandwidth",
"DependsOn": "Sleep"
},
"Sleep": {
"Type": "ALIYUN::ROS::Sleep",
"Properties": {
"CreateDuration": 60
},
"Condition": "AssignIpv6Addresses",
"DependsOn": "IpV6Address"
},
"OpenIPv6ForVsw": {
"Version": "default",
"Type": "MODULE::ACS::OOS::ExecuteAPI",
"Properties": {
"Prefix": "open-ipv6-for-vsw",
"API": "ModifyVSwitchAttribute",
"Method": "POST",
"Parameters": {
"Ipv6CidrBlock": {
"Ref": "Ipv6CidrBlockNumber"
},
"VSwitchId": {
"Ref": "VswId"
},
"EnableIPv6": true
},
"Service": "VPC"
},
"Condition": "EnableIpv6ForVsw",
"DependsOn": "Ipv6Gateway"
},
"Ipv6Gateway": {
"Type": "ALIYUN::VPC::Ipv6Gateway",
"Properties": {
"VpcId": {
"Ref": "VpcId"
}
},
"Condition": "EnableIpv6ForVpc",
"DependsOn": "OpenIPv6ForVpc"
},
"OpenIPv6ForVpc": {
"Version": "default",
"Type": "MODULE::ACS::OOS::ExecuteAPI",
"Properties": {
"Prefix": "open-ipv6-for-vpc",
"API": "ModifyVpcAttribute",
"Method": "POST",
"Parameters": {
"VpcId": {
"Ref": "VpcId"
},
"EnableIPv6": true
},
"Service": "VPC"
},
"Condition": "EnableIpv6ForVpc"
}
},
"Parameters": {
"VpcId": {
"Type": "String"
},
"NetworkInterfaceId": {
"Type": "String"
},
"Ipv6GatewayId": {
"Default": null,
"Type": "String"
},
"VswId": {
"Type": "String"
},
"PublicIpv6Address": {
"Default": "Disable",
"Type": "String"
},
"Ipv6AddressId": {
"Default": null,
"Type": "String"
},
"Ipv6InternetBandwidthId": {
"Default": null,
"Type": "String"
},
"Ipv6CidrBlockNumber": {
"Type": "Number"
},
"VswIpv6Address": {
"Type": "String"
}
}
},
"Parameters": {
"VpcId": {
"Fn::Jq": [
"First",
".[0].VpcId",
{
"Fn::GetAtt": [
"DsEcs",
"Instances"
]
}
]
},
"NetworkInterfaceId": {
"Fn::Select": [
0,
{
"Fn::GetAtt": [
"DsEni",
"NetworkInterfaceIds"
]
}
]
},
"Ipv6GatewayId": {
"Fn::Jq": [
"First",
".[0].Ipv6Gateways.Ipv6Gateway[0].Ipv6GatewayId",
{
"Fn::If": [
"UseExistedInstance",
{
"Fn::Select": [
"Result",
{
"Fn::GetAtt": [
"DsIpv6Gateway.Execution",
"Outputs"
]
},
null
]
},
{
"Fn::Select": [
"not_exist",
{},
null,
"invalid output(Output) of module{DsIpv6Gateway, MODULE::ACS::OOS::ExecuteAPI}, as condition(UseExistedInstance) is false"
]
}
]
}
]
},
"VswId": {
"Fn::Jq": [
"First",
".[0].VswitchId",
{
"Fn::GetAtt": [
"DsEcs",
"Instances"
]
}
]
},
"PublicIpv6Address": {
"Ref": "PublicIpv6Address"
},
"Ipv6AddressId": {
"Fn::Jq": [
"First",
".[0].Ipv6Addresses.Ipv6Address[0].Ipv6AddressId",
{
"Fn::If": [
"UseExistedInstance",
{
"Fn::Select": [
"Result",
{
"Fn::GetAtt": [
"DsIpv6Addresses.Execution",
"Outputs"
]
},
null
]
},
{
"Fn::Select": [
"not_exist",
{},
null,
"invalid output(Output) of module{DsIpv6Addresses, MODULE::ACS::OOS::ExecuteAPI}, as condition(UseExistedInstance) is false"
]
}
]
}
]
},
"Ipv6InternetBandwidthId": {
"Fn::Jq": [
"First",
".[0].Ipv6Addresses.Ipv6Address[0].Ipv6InternetBandwidth.Ipv6InternetBandwidthId",
{
"Fn::If": [
"UseExistedInstance",
{
"Fn::Select": [
"Result",
{
"Fn::GetAtt": [
"DsIpv6Addresses.Execution",
"Outputs"
]
},
null
]
},
{
"Fn::Select": [
"not_exist",
{},
null,
"invalid output(Output) of module{DsIpv6Addresses, MODULE::ACS::OOS::ExecuteAPI}, as condition(UseExistedInstance) is false"
]
}
]
}
]
},
"Ipv6CidrBlockNumber": {
"Ref": "Ipv6CidrBlockNumber"
},
"VswIpv6Address": {
"Fn::GetAtt": [
"DsVsw",
"Ipv6CidrBlock"
]
}
}
},
"Condition": "UseExistedInstance"
},
"SecurityGroupIngress": {
"Type": "ALIYUN::ECS::SecurityGroupIngress",
"Properties": {
"IpProtocol": "icmpv6",
"SecurityGroupId": {
"Fn::Jq": [
"First",
".[0].SecurityGroupIds[0]",
{
"Fn::GetAtt": [
"DsEcs",
"Instances"
]
}
]
},
"NicType": "intranet",
"PortRange": "-1/-1",
"Ipv6SourceCidrIp": "::/0"
},
"Condition": "UseExistedInstance"
},
"Ipv6InternetBandwidth": {
"Type": "ALIYUN::VPC::Ipv6InternetBandwidth",
"Properties": {
"InternetChargeType": "PayByTraffic",
"Bandwidth": 1,
"Ipv6AddressId": {
"Fn::Jq": [
"First",
".[0][0]",
{
"Fn::GetAtt": [
"EcsInstance",
"Ipv6AddressIds"
]
}
]
},
"Ipv6GatewayId": {
"Ref": "Ipv6Gateway"
}
},
"Condition": "CreateAndEnableIpv6"
},
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"EnableIpv6": true,
"VpcName": {
"Fn::Sub": "${CommonName}-vpc"
},
"CidrBlock": "192.168.0.0/16"
},
"Condition": "CreateInstance"
},
"DsEcs": {
"Type": "DATASOURCE::ECS::Instances",
"Properties": {
"InstanceIds": [
{
"Fn::If": [
"UseExistedInstance",
{
"Ref": "EcsInstanceId"
},
{
"Ref": "EcsInstance"
}
]
}
]
}
},
"DsIpv6Addresses.Template": {
"Type": "ALIYUN::OOS::Template",
"Properties": {
"Content": {
"Fn::Str": {
"Fn::If": [
"DsIpv6Addresses.IsRPC",
{
"Outputs": {
"Result": {
"Type": "List",
"Value": "{{ ExecuteAPI.Result }}"
}
},
"FormatVersion": "OOS-2019-06-01",
"Tasks": [
{
"Action": "ACS::ExecuteAPI",
"Outputs": {
"Result": {
"Type": "List",
"ValueSelector": "."
}
},
"Name": "ExecuteAPI",
"Properties": {
"API": "DescribeIpv6Addresses",
"Service": "VPC",
"Parameters": {
"AssociatedInstanceId": {
"Ref": "EcsInstanceId"
}
},
"AutoPaging": true
}
}
],
"Description": "ROS Execute API"
},
{
"Outputs": {
"Result": {
"Type": "List",
"Value": "{{ ExecuteAPI.Result }}"
}
},
"FormatVersion": "OOS-2019-06-01",
"Tasks": [
{
"Action": "ACS::ExecuteAPI",
"Outputs": {
"Result": {
"Type": "List",
"ValueSelector": "."
}
},
"Name": "ExecuteAPI",
"Properties": {
"Body": {
"Fn::If": [
"DsIpv6Addresses.IsBodyEmpty",
null,
""
]
},
"Parameters": {
"AssociatedInstanceId": {
"Ref": "EcsInstanceId"
}
},
"Service": "VPC",
"URI": "",
"AutoPaging": true,
"Headers": {},
"API": "DescribeIpv6Addresses",
"Method": "GET"
}
}
],
"Description": "ROS Execute API"
}
]
}
},
"TemplateName": {
"Fn::Sub": [
"${__auto_generated__DsIpv6Addresses__Parameter__Prefix}-template-${ALIYUN::StackId}",
{
"__auto_generated__DsIpv6Addresses__Parameter__Prefix": "DescribeIpv6Addresses"
}
]
}
},
"Condition": "UseExistedInstance",
"Metadata": {
"ALIYUN::ROS::Module": {
"LogicalIdHierarchy": "DsIpv6Addresses",
"TypeHierarchy": "MODULE::ACS::OOS::ExecuteAPI"
}
}
},
"VSwitch": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}-vsw"
},
"Ipv6CidrBlock": 0,
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "192.168.0.0/24",
"ZoneId": {
"Ref": "ZoneId"
}
},
"Condition": "CreateInstance"
},
"Ipv6Gateway": {
"Type": "ALIYUN::VPC::Ipv6Gateway",
"Properties": {
"VpcId": {
"Ref": "Vpc"
}
},
"Condition": "CreateInstance",
"DependsOn": [
"VSwitch"
]
},
"EcsInstance": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"SystemDiskCategory": "cloud_essd",
"VpcId": {
"Ref": "Vpc"
},
"Ipv6AddressCount": 1,
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"ImageId": {
"Ref": "ImageId"
},
"InternetMaxBandwidthOut": 100,
"SpotStrategy": "SpotAsPriceGo",
"VSwitchId": {
"Ref": "VSwitch"
},
"Password": {
"Ref": "InstancePassword"
},
"InstanceName": {
"Fn::Sub": "${CommonName}-ecs"
},
"InstanceType": {
"Ref": "InstanceType"
},
"ZoneId": {
"Ref": "ZoneId"
},
"MaxAmount": 1
},
"Condition": "CreateInstance"
},
"DsEni": {
"Type": "DATASOURCE::ECS::NetworkInterfaces",
"Properties": {
"InstanceId": {
"Ref": "EcsInstanceId"
},
"Type": "Primary"
},
"Condition": "UseExistedInstance"
},
"DsIpv6Gateway.Execution": {
"Type": "ALIYUN::OOS::Execution",
"Properties": {
"TemplateName": {
"Ref": "DsIpv6Gateway.Template"
}
},
"Condition": "UseExistedInstance",
"Metadata": {
"ALIYUN::ROS::Module": {
"LogicalIdHierarchy": "DsIpv6Gateway",
"TypeHierarchy": "MODULE::ACS::OOS::ExecuteAPI"
}
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"InstanceSource",
"ZoneId",
"ImageId",
"InstanceType",
"InstancePassword",
"EcsInstanceId",
"PublicIpv6Address"
]
}
],
"Hidden": [
"CommonName",
"Ipv6CidrBlockNumber"
]
}
}
}For more examples, see public templates that contain this resource.