This topic helps you walk through the process about how to create a Resource Orchestration Service (ROS) template. In this example, a template that declares the resources used to connect an Elastic Compute Service (ECS) instance to an ApsaraDB RDS instance for data initialization is created.
Prerequisites
You are familiar with the syntax and the structure of ROS templates. For more information, see Getting started with templates.
Sample scenario
You want to create an ECS instance and an ApsaraDB RDS instance in a virtual private cloud (VPC) and obtain the connection information about the ApsaraDB RDS database from the ECS instance to initialize data.
Usage notes
You can view the resource types of the preceding resources to view the details of each resource property. For more information, see View resource types.
A resource type identifies the type of the resource that you want to use and declares the properties that you can specify for the resource. For example, the type, whether required, and whether editable are declared for a property in a resource type. If a property is required, you must declare the property in the Properties part of the Resources section of a template. Otherwise, the property is optional. If a property is editable, you can modify the property in a new template after the property is specified for a cloud resource in a stack template. Then, you can use the new template to update the stack and the resource. Otherwise, you cannot modify the property.
Create a template
You can refer to the documentation of resource types to find the resource types that best suit your needs. For more information, see List of resource types by service.
In this example, the following resource types are used: ALIYUN::ECS::VPC (creates a VPC), ALIYUN::ECS::Instance (creates an ECS instance), ALIYUN::RDS::DBInstance (creates an ApsaraDB RDS instance), ALIYUN::ECS::VSwitch (creates a vSwitch to which the ECS instance is connected), ALIYUN::ECS::SecurityGroup (creates a security group), and ALIYUN::ECS::RunCommand (runs a command to initialize data).
You can specify the preceding resource types in the Resources section of the template that you want to create.
Specify resources and associate the resources
Specify basic network resources
Specify the following basic network resources in the template: Vpc, VSwitch, and EcsSecurityGroup. Perform the following operations:
Set the Ref function to the ALIYUN::StackName pseudo parameter to obtain the stack name. Then, set a property to Ref: ALIYUN::StackName to associate the property value with the stack name. In the following sample template fragment, the value of
VpcNameinVpcand the value ofVSwitchNameinVSwitchare associated with the stack name. For more information, see Ref and ALIYUN::StackName.Use the Fn::Select and Fn::GetAZs functions together with the ALIYUN::Region pseudo parameter to obtain the first zone ID of the region where the stack resides. In the following sample template fragment, the value of
ZoneIdinVSwitchis obtained. For more information, see Functions and ALIYUN::Region.
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock: 192.168.0.0/16
VpcName:
Ref: ALIYUN::StackName
VSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
VSwitchName:
Ref: ALIYUN::StackName
VpcId:
Ref: Vpc
ZoneId:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: ALIYUN::Region
CidrBlock: 192.168.0.0/24
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
SecurityGroupName:
Ref: ALIYUN::StackName
VpcId:
Ref: Vpc
SecurityGroupEgress:
- PortRange: '-1/-1'
Priority: 1
IpProtocol: all
DestCidrIp: 0.0.0.0/0
NicType: intranetSpecify database resources
You can specify the following database resources in the template: DBInstance and DBAccount. Perform the following operation:
Use the Fn::GetAtt function to return the property value of a resource. In the following sample template fragment, the value of DBInstanceId in DBAccount is returned. For more information, see Fn::GetAtt.
Resources:
DBInstance:
Type: ALIYUN::RDS::DBInstance
Properties:
ZoneId:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: ALIYUN::Region
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch
Engine: MySQL
EngineVersion: '8.0'
DBInstanceClass: mysql.n4.medium.2c
DBInstanceStorage: 10
MultiAZ: true
DBInstanceNetType: Intranet
DBMappings:
- CharacterSetName: utf8
DBName: employees
SecurityIPList: 0.0.0.0/0
DBAccount:
Type: ALIYUN::RDS::Account
DependsOn:
- DBInstance
Properties:
DBInstanceId:
Fn::GetAtt:
- DBInstance
- DBInstanceId
AccountPassword:
Ref: DBPassword
AccountType: Super
AccountName: rdsuserSpecify ECS resources
You can specify the following ECS resources in the template: EcsInstance and InstanceRunCommand. Perform the following operation:
Use the Fn::Sub function to substitute variables in an input string with commands that you want to run. In the following sample template fragment, the commands are specified in the value of CommandContent in InstanceRunCommand. For more information, see Fn::Sub.
The initialized data in the sample template fragment is the test data provided by MySQL. To ensure the network stability when test data is downloaded, we recommend that you store the data in an Object Storage Service (OSS) bucket before you perform the operation.
Resources:
EcsInstance:
Type: ALIYUN::ECS::Instance
Properties:
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: EcsSecurityGroup
VSwitchId:
Ref: VSwitch
ImageId: centos_7
AllocatePublicIP: false
InstanceType: ecs.c5.large
SystemDiskSize: 40
SystemDiskCategory: cloud_essd
Password:
Ref: EcsInstancePassword
InstanceRunCommand:
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent:
Fn::Sub:
- |
#!/bin/bash
yum -y install holland-mysqldump.noarch unzip
wget -P /tmp https://ros-userdata-resources.oss-cn-beijing.aliyuncs.com/MySQL/test_db-master.zip
unzip /tmp/test_db-master.zip -d /tmp/
mysql -h${DBConnectString} -p3306 -urdsuser -p${DBPassword} < /tmp/test_db-master/employees.sql
- DBConnectString:
Fn::GetAtt:
- DBInstance
- InnerConnectionString
DBPassword:
Ref: DBPassword
Type: RunShellScript
InstanceIds:
- Fn::GetAtt:
- EcsInstance
- InstanceId
Timeout: '300'Complete sample template
ROSTemplateFormatVersion: '2015-09-01'
Description: { }
Parameters:
EcsInstancePassword:
NoEcho: true
Type: String
Description:
en: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)
AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
Label:
en: Instance Password
ConstraintDescription:
en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
MinLength: 8
MaxLength: 30
DBPassword:
NoEcho: true
Type: String
Label:
en: DB Password
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock: 192.168.0.0/16
VpcName:
Ref: ALIYUN::StackName
VSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
VSwitchName:
Ref: ALIYUN::StackName
VpcId:
Ref: Vpc
ZoneId:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: ALIYUN::Region
CidrBlock: 192.168.0.0/24
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
SecurityGroupName:
Ref: ALIYUN::StackName
VpcId:
Ref: Vpc
SecurityGroupEgress:
- PortRange: '-1/-1'
Priority: 1
IpProtocol: all
DestCidrIp: 0.0.0.0/0
NicType: intranet
DBInstance:
Type: ALIYUN::RDS::DBInstance
Properties:
ZoneId:
Fn::Select:
- '0'
- Fn::GetAZs:
Ref: ALIYUN::Region
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch
Engine: MySQL
EngineVersion: '8.0'
DBInstanceClass: mysql.n4.medium.2c
DBInstanceStorage: 10
MultiAZ: true
DBInstanceNetType: Intranet
DBMappings:
- CharacterSetName: utf8
DBName: employees
SecurityIPList: 0.0.0.0/0
EcsInstance:
Type: ALIYUN::ECS::Instance
Properties:
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: EcsSecurityGroup
VSwitchId:
Ref: VSwitch
ImageId: centos_7
AllocatePublicIP: false
InstanceType: ecs.c5.large
SystemDiskSize: 40
SystemDiskCategory: cloud_essd
Password:
Ref: EcsInstancePassword
Account:
Type: ALIYUN::RDS::Account
DependsOn:
- DBInstance
Properties:
DBInstanceId:
Fn::GetAtt:
- DBInstance
- DBInstanceId
AccountPassword:
Ref: DBPassword
AccountType: Super
AccountName: rdsuser
InstanceRunCommand:
Type: ALIYUN::ECS::RunCommand
DependsOn:
- Account
Properties:
CommandContent:
Fn::Sub:
- |
#!/bin/bash
yum -y install holland-mysqldump.noarch unzip
wget -P /tmp https://ros-userdata-resources.oss-cn-beijing.aliyuncs.com/MySQL/test_db-master.zip
unzip /tmp/test_db-master.zip -d /tmp/
mysql -h${DBConnectString} -p3306 -urdsuser -p${DBPassword} < /tmp/test_db-master/employees.sql
- DBConnectString:
Fn::GetAtt:
- DBInstance
- InnerConnectionString
DBPassword:
Ref: DBPassword
Type: RunShellScript
InstanceIds:
- Fn::GetAtt:
- EcsInstance
- InstanceId
Timeout: '300'Add parameter groups to a template and display the optional values of a parameter based on a filter condition
The preceding sample template declares multiple resources and their associations. The values of InstanceType and SystemDiskCategory in EcsInstance and the value of DBInstanceClass in DBInstance are literal values. Each time you create a stack in a different region, you must modify the template structure and change the property values.
In this case, you can add the Parameters section to improve the flexibility and reusability of the template.
Add parameter groups to a template
You can add the Metadata section to a template to group the parameters that are defined in the Parameters section and define a label for each group.
You can classify parameters by resource or by resource parameter. The following table lists parameter groups that are added based on the preceding sample template. In this example, the parameters are classified by resource name or resource parameter name.
Parameter group | Resource name | Resource parameter name |
Basic network configurations |
|
|
Database configurations |
|
|
ECS configurations |
|
|
Display the optional values of a parameter based on a filter condition
If you want to specify a filter condition for a parameter and associate the parameter value with the filter condition chosen in the ROS console, you can specify AssociationProperty and AssociationPropertyMetadata in your template. In this example, the optional values of the ECSInstanceType parameter are displayed based on the value of ZoneId. To specify AssociationProperty and AssociationPropertyMetadata in ECSInstanceType, perform the following operations: In the official documentation of ROS, use ALIYUN::ECS::Instance to query the value of AssociationProperty that is supported by ECSInstanceType. The following value is queried: ALIYUN::ECS::Instance::InstanceType. Then, query the value of AssociationPropertyMetadata when AssociationProperty is set to ALIYUN::ECS::Instance::InstanceType and ZoneId is used as a filter condition. For more information about the official documentation, see AssociationProperty and AssociationPropertyMetadata.
Complete sample template
ROSTemplateFormatVersion: '2015-09-01'
Description: { }
Parameters:
VSwitchZoneId:
Type: String
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
Description:
en: Availability ID for existing switches
Label:
en: VSwitch Zone ID
VpcCidrBlock:
Default: 192.168.0.0/16
Label:
en: VPC CIDR Block
Type: String
Description:
en: New proprietary network IP address segment range, recommended use of the following IP address segments<br><font color='green'>[10.0.XX.XX/8]</font><br><font color='green'>[172.16.XX.XX/12]</font><br><font color='green'>[192.168.XX.XX/16]</font>
VSwitchCidrBlock:
Default: 192.168.0.0/24
Type: String
Description:
en: Must be a sub-network segment of the proprietary network and is not occupied by other VSwitches.
Label:
en: VSwitch CIDR Block
ECSInstanceType:
Type: String
Description:
en: <font color='blue'><b>1.Before selecting the model please confirm that the current available zone under the model is in stock, some models need to be reported in advance</b></font>]<br><font color='blue'><b>2.List of optional models</font>]<br></b></font>[ecs.c5.large <font color='green'>2vCPU 4GiB Intranet bandwidth1Gbps In-grid sending and receiving packages30MillionPPSS</font>]<br></b>[ecs.c5.xlarge <font color='green'>4vCPU 8GiB Intranet bandwidth1.5Gbps In-grid sending and receiving packages50MillionPPS</font>]<br></b>[ecs.c5.2xlarge <font color='green'>8vCPU 16GiB Intranet bandwidth2.5Gbps In-grid sending and receiving packages80MillionPPS</font>]
Label:
en: Instance Type
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
ZoneId: ${VSwitchZoneId}
ECSDiskSize:
Type: Number
Description:
en: 'The size of the instance system disk, in GiB. Value range: 40 to 500'
Label:
en: System Disk Space
MinValue: 40
MaxValue: 500
Default: 40
ECSDiskCategory:
Type: String
Description:
en: '<font color=''blue''><b>Optional values:</b></font><br>[cloud_efficiency: <font color=''green''>Efficient Cloud Disk</font>]<br>[cloud_ssd: <font color=''green''>SSD Cloud Disk</font>]<br>[cloud_essd: <font color=''green''>ESSD Cloud Disk</font>]<br>[cloud: <font color=''green''>Cloud Disk</font>]<br>[ephemeral_ssd: <font color=''green''>Local SSD Cloud Disk</font>]'
AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
AssociationPropertyMetadata:
ZoneId: ${VSwitchZoneId}
InstanceType: ${ECSInstanceType}
Label:
en: System Disk Type
EcsInstancePassword:
NoEcho: true
Type: String
Description:
en: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)
AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
Label:
en: Instance Password
ConstraintDescription:
en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
MinLength: 8
MaxLength: 30
DBInstanceClass:
Label:
en: DB Instance Class
AssociationProperty: ALIYUN::RDS::Instance::InstanceType
AssociationPropertyMetadata:
Engine: MySQL
ZoneId: ${VSwitchZoneId}
Type: String
Description:
en: 'Select the instance specification based on the type of database engine and the available area support;<br>see detail: <a href=''https://www.alibabacloud.com/help/doc-detail/26312.html'' target=''_blank''><b><font color=''blue''>Instance specification sheet</font></b></a>'
DBInstanceStorage:
Label:
en: Storage
Type: Number
Description:
en: The size range of RDS instances is 20 - 2000, Incrementing in every 5, unit GB
MinValue: 20
MaxValue: 2000
ConstraintDescription:
en: The size range of RDS instances is 20 - 2000, Incrementing in every 5, unit GB
Default: 200
DBName:
Type: String
Label:
en: DB Name
ConstraintDescription:
en: Must begin with a letter and contain only alphanumeric characters.
MinLength: 1
MaxLength: 64
Default: employees
DBUsername:
Type: String
Description:
en: Primary account name of the database instance.
ConstraintDescription:
en: Consist of 2 to 16 characters of lowercase letters, underline. Must begin with a letter and be end with an alphanumeric character
Label:
en: DB Username
Default: rdsuser
MaxLength: 16
MinLength: 2
DBPassword:
NoEcho: true
Type: String
Label:
en: DB Password
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock:
Ref: VpcCidrBlock
VpcName:
Ref: ALIYUN::StackName
VSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
VSwitchName:
Ref: ALIYUN::StackName
VpcId:
Ref: Vpc
ZoneId:
Ref: VSwitchZoneId
CidrBlock:
Ref: VSwitchCidrBlock
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
SecurityGroupName:
Ref: ALIYUN::StackName
VpcId:
Ref: Vpc
SecurityGroupIngress:
- PortRange: '-1/-1'
Priority: 1
IpProtocol: all
NicType: intranet
SourceCidrIp: '0.0.0.0/0'
DBInstance:
Type: ALIYUN::RDS::DBInstance
Properties:
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch
Engine: MySQL
EngineVersion: '8.0'
DBInstanceClass:
Ref: DBInstanceClass
DBInstanceStorage:
Ref: DBInstanceStorage
DBInstanceNetType: Intranet
DBMappings:
- CharacterSetName: utf8
DBName:
Ref: DBName
SecurityIPList: 0.0.0.0/0
DBAccount:
Type: ALIYUN::RDS::Account
DependsOn:
- DBInstance
Properties:
DBInstanceId:
Fn::GetAtt:
- DBInstance
- DBInstanceId
AccountPassword:
Ref: DBPassword
AccountType: Super
AccountName:
Ref: DBUsername
EcsInstance:
Type: ALIYUN::ECS::Instance
Properties:
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: EcsSecurityGroup
VSwitchId:
Ref: VSwitch
ImageId: centos_7
AllocatePublicIP: true
InstanceType:
Ref: ECSInstanceType
SystemDiskSize:
Ref: ECSDiskSize
SystemDiskCategory:
Ref: ECSDiskCategory
Password:
Ref: EcsInstancePassword
InstanceRunCommand:
Type: ALIYUN::ECS::RunCommand
DependsOn:
- DBAccount
Properties:
CommandContent:
Fn::Sub:
- |
#!/bin/bash
yum -y install holland-mysqldump.noarch unzip
wget -P /tmp https://ros-userdata-resources.oss-cn-beijing.aliyuncs.com/MySQL/test_db-master.zip
unzip /tmp/test_db-master.zip -d /tmp/
mysql -h${DBConnectString} -p3306 -u${DBUsername} -p${DBPassword} < /tmp/test_db-master/employees.sql
- DBConnectString:
Fn::GetAtt:
- DBInstance
- InnerConnectionString
DBUsername:
Ref: DBUsername
DBPassword:
Ref: DBPassword
Type: RunShellScript
InstanceIds:
- Fn::GetAtt:
- EcsInstance
- InstanceId
Timeout: '500'
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- VSwitchZoneId
- VpcCidrBlock
- VSwitchCidrBlock
Label:
default:
en: Basic Network Configuration
- Parameters:
- ECSInstanceType
- ECSDiskSize
- ECSDiskCategory
- EcsInstancePassword
Label:
default:
en: Instance
- Parameters:
- DBInstanceClass
- DBInstanceStorage
- DBName
- DBUsername
- DBPassword
Label:
default:
en: Database