模板名稱
ACS-ECS-UpdateAndCopyImage 更新ECS鏡像並同步到其它地區
模板描述
通過運行命令更新一個已存在的ECS鏡像後建立一個新ECS鏡像並且複製新鏡像到其他地區
模板類型
自動化
所有者
Alibaba Cloud
輸入參數
參數名稱 | 描述 | 類型 | 是否必填 | 預設值 | 約束 |
sourceImageId | 源鏡像ID | String | 是 | ||
regionId | 地區ID | String | 否 | {{ ACS::RegionId }} | |
zoneId | 交換器可用性區域 | String | 否 | “” | |
targetImageName | 新鏡像的名稱 | String | 否 | UpdateImage_from_{{sourceImageId}}on{{ACS::ExecutionId}} | |
instanceType | 執行個體類型 | String | 否 | ecs.g5.large | 字串校正Regex : ecs.[A-Za-z0-9.-]* |
whetherCreateVpc | 是否建立VPC | Boolean | 否 | False | |
vpcCidrBlock | 專用網路IPv4網段 | String | 否 | 192.168.0.0/16 | |
vSwitchCidrBlock | 交換器子網網段 | String | 否 | 192.168.1.0/24 | |
securityGroupId | 安全性群組ID | String | 否 | “” | |
vSwitchId | 交換器ID | String | 否 | “” | |
internetMaxBandwidthOut | 流量公網頻寬 | Number | 否 | 0 | |
ramRoleName | 執行個體的RAM角色 | String | 否 | “” | |
systemDiskCategory | 系統硬碟的雲端硬碟種類 | String | 否 | cloud_essd | |
tags | 鏡像標籤 | Json | 否 | [] | |
commandType | 雲助手命令類型 | String | 否 | RunShellScript | |
commandContent | 在ECS執行個體中執行的雲助手命令 | String | 否 | echo hello | |
timeout | 逾時時間 | Number | 否 | 600 | |
targetRegionIds | 目標地區ID | List | 否 | [] | |
accountIds | 授權共用鏡像的阿里雲帳號ID | List | 否 | [] | |
scalingConfigurationIds | 待修改的伸縮配置ID | List | 否 | [] | |
launchTemplateNames | 待更新的執行個體啟動模板名稱列表 | List | 否 | [] | |
rateControl | 任務執行的並發比率 | Json | 否 | {‘Mode’: ‘Concurrency’, ‘MaxErrors’: 0, ‘Concurrency’: 5} | |
OOSAssumeRole | OOS扮演的RAM角色 | String | 否 | “” |
輸出參數
參數名稱 | 描述 | 類型 |
updatedImageId | String | |
imageIdAndRegion | List |
執行此模板需要的權限原則
{
"Version": "1",
"Statement": [
{
"Action": [
"ros:CreateStack",
"ros:DeleteStack",
"ros:GetStack"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ecs:CopyImage",
"ecs:CreateImage",
"ecs:CreateLaunchTemplateVersion",
"ecs:DeleteInstance",
"ecs:DeleteLaunchTemplateVersion",
"ecs:DescribeCloudAssistantStatus",
"ecs:DescribeImages",
"ecs:DescribeInstances",
"ecs:DescribeInvocationResults",
"ecs:DescribeInvocations",
"ecs:DescribeLaunchTemplateVersions",
"ecs:DescribeLaunchTemplates",
"ecs:DescribeRegions",
"ecs:InstallCloudAssistant",
"ecs:ModifyImageSharePermission",
"ecs:ModifyLaunchTemplateDefaultVersion",
"ecs:RebootInstance",
"ecs:RunCommand",
"ecs:RunInstances",
"ecs:StopInstance"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ess:ModifyScalingConfiguration"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
詳情
模板內容
FormatVersion: OOS-2019-06-01
Description:
name-en: ACS-ECS-UpdateAndCopyImage
name-zh-cn: 更新ECS鏡像並同步到其它地區
en: Updates an existing ECS image via ECS Cloud Assistant then creates an ECS image and copy new image
zh-cn: 通過運行命令更新一個已存在的ECS鏡像後建立一個新ECS鏡像並且複製新鏡像到其他地區
categories:
- image_manage
Parameters:
regionId:
Type: String
Label:
en: RegionId
zh-cn: 地區ID
AssociationProperty: RegionId
Default: '{{ ACS::RegionId }}'
zoneId:
Type: String
Label:
en: VSwitch Availability Zone
zh-cn: 交換器可用性區域
Default: ''
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
AssociationPropertyMetadata:
RegionId: regionId
targetImageName:
Label:
en: TargetImageName
zh-cn: 新鏡像的名稱
Type: String
Description:
en: <p class="p">Note:</p> <ul class="ul"> <li class="li">Length is 2~128 English or Chinese characters</li> <li class="li"><font color='red'>must start with big or small letters or Chinese, not http:// and https://. </font></li> <li class="li">Can contain numbers, colons (:), underscores (_), or dashes (-). </li> </ul>
zh-cn: <p class="p">注意:</p> <ul class="ul"> <li class="li">長度為2~128個英文或中文字元</li> <li class="li"><font color='red'>必須以大小字母或中文開頭,不能以http://和https://開頭。</font></li> <li class="li">可以包含數字、半形冒號(:)、底線(_)或者短劃線(-)。</li> </ul>
Default: 'UpdateImage_from_{{sourceImageId}}_on_{{ACS::ExecutionId}}'
sourceImageId:
Label:
en: SourceImageId
zh-cn: 源鏡像ID
Type: String
AssociationProperty: 'ALIYUN::ECS::Image::ImageId'
AssociationPropertyMetadata:
RegionId: regionId
instanceType:
Label:
en: InstanceType
zh-cn: 執行個體類型
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
AllowedPattern: ecs\.[A-Za-z0-9\.\-]*
Default: 'ecs.g5.large'
whetherCreateVpc:
Type: Boolean
Label:
en: WhetherCreateVpc
zh-cn: 是否建立VPC
Default: false
vpcCidrBlock:
Type: String
Label:
en: VPC CIDR IPv4 Block
zh-cn: 專用網路IPv4網段
Description:
zh-cn: VPC的ip位址區段範圍,<br>您可以使用以下的ip位址區段或其子網:<br><font color='green'>[10.0.0.0/8]</font><br><font color='green'>[172.16.0.0/12]</font><br><font color='green'>[192.168.0.0/16]</font>
en: 'The ip address range of the VPC in the CidrBlock form; <br>You can use the following ip address ranges and their subnets: <br><font color=''green''>[10.0.0.0/8]</font><br><font color=''green''>[172.16.0.0/12]</font><br><font color=''green''>[192.168.0.0/16]</font>'
Default: 192.168.0.0/16
AssociationProperty: ALIYUN::VPC::VPC::CidrBlock
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- true
vSwitchCidrBlock:
Type: String
Label:
en: VSwitch CIDR Block
zh-cn: 交換器子網網段
Description:
zh-cn: 必須屬於VPC的子網段
en: Must belong to the subnet segment of VPC
Default: 192.168.1.0/24
AssociationProperty: ALIYUN::VPC::VSwitch::CidrBlock
AssociationPropertyMetadata:
VpcCidrBlock: vpcCidrBlock
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- true
securityGroupId:
Label:
en: SecurityGroupId
zh-cn: 安全性群組ID
Type: String
Default: ''
AssociationProperty: 'ALIYUN::ECS::SecurityGroup::SecurityGroupId'
AssociationPropertyMetadata:
RegionId: regionId
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- false
vSwitchId:
Label:
en: VSwitchId
zh-cn: 交換器ID
Type: String
Default: ''
AssociationProperty: 'ALIYUN::VPC::VSwitch::VSwitchId'
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
Filters:
- SecurityGroupId: securityGroupId
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- false
internetMaxBandwidthOut:
Type: Number
Label:
zh-cn: 流量公網頻寬
en: Internet Max Bandwidth Out
Description:
zh-cn: 取值範圍0-100, 0為不開公網ip
en: no public ip if zero
Default: 0
MinValue: 0
MaxValue: 100
ramRoleName:
Label:
en: RamRoleName
zh-cn: 執行個體的RAM角色
Type: String
AssociationProperty: ALIYUN::ECS::RAM::Role
Default: ''
systemDiskCategory:
Label:
en: SystemDiskCategory
zh-cn: 系統硬碟的雲端硬碟種類
Type: String
AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
AssociationPropertyMetadata:
RegionId: regionId
InstanceType: instanceType
Default: cloud_essd
tags:
Label:
en: Tags
zh-cn: 鏡像標籤
Type: Json
AssociationProperty: Tags
AssociationPropertyMetadata:
ShowSystem: false
Default: []
commandType:
Label:
en: CommandType
zh-cn: 雲助手命令類型
Type: String
AllowedValues:
- RunBatScript
- RunPowerShellScript
- RunShellScript
Default: RunShellScript
commandContent:
Label:
en: CommandContent
zh-cn: 在ECS執行個體中執行的雲助手命令
Type: String
AssociationProperty: Code
Default: 'echo hello'
timeout:
Label:
en: Timeout
zh-cn: 逾時時間
Type: Number
Default: 600
targetRegionIds:
Label:
en: TargetRegionIds
zh-cn: 目標地區ID
Type: List
AllowedValues:
- all-regions
- cn-beijing
- cn-qingdao
- cn-zhangjiakou
- cn-huhehaote
- cn-hangzhou
- cn-shanghai
- cn-shenzhen
- cn-chengdu
- cn-hongkong
- cn-heyuan
- cn-wulanchabu
- ap-northeast-1
- ap-southeast-1
- ap-southeast-2
- ap-southeast-3
- ap-southeast-5
- ap-south-1
- us-east-1
- us-west-1
- eu-west-1
- me-east-1
- eu-central-1
Default: []
accountIds:
Label:
en: AccountIds
zh-cn: 授權共用鏡像的阿里雲帳號ID
Type: List
Default: []
scalingConfigurationIds:
Description:
en: <font color='red'><b>Must correspond to the selected region</b></font>
zh-cn: <font color='red'><b>必須要在所選的地區</b></font>
Label:
en: ScalingConfigurationIds
zh-cn: 待修改的伸縮配置ID
Type: List
Default: []
launchTemplateNames:
Description:
en: <font color='red'><b>Must correspond to the selected region</b></font>
zh-cn: <font color='red'><b>必須要在所選的地區</b></font>
Label:
en: LaunchTemplateNames
zh-cn: 待更新的執行個體啟動模板名稱列表
Type: List
Default: []
rateControl:
Label:
en: RateControl
zh-cn: 任務執行的並發比率
Type: Json
AssociationProperty: RateControl
Default:
Mode: Concurrency
MaxErrors: 0
Concurrency: 5
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: OOS扮演的RAM角色
Type: String
Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: createStack
Action: 'ACS::ExecuteAPI'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Create a resource stack
zh-cn: 建立資源棧
Properties:
Service: ROS
API: CreateStack
Parameters:
RegionId: '{{ regionId }}'
StackName: 'OOS-{{ACS::ExecutionId}}'
TimeoutInMinutes: 10
DisableRollback: false
Parameters:
- ParameterKey: ZoneId
ParameterValue: '{{ zoneId }}'
- ParameterKey: VpcCidrBlock
ParameterValue: '{{ vpcCidrBlock }}'
- ParameterKey: VSwitchCidrBlock
ParameterValue: '{{ vSwitchCidrBlock }}'
TemplateBody: |
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
ZoneId:
Type: String
VpcCidrBlock:
Type: String
VSwitchCidrBlock:
Type: String
Resources:
EcsVpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock:
Ref: VpcCidrBlock
VpcName:
Ref: ALIYUN::StackName
EcsVSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
ZoneId:
Ref: ZoneId
VpcId:
Ref: EcsVpc
CidrBlock:
Ref: VSwitchCidrBlock
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
VpcId:
Ref: EcsVpc
Outputs:
SecurityGroupId:
Value:
Ref: EcsSecurityGroup
VSwitchId:
Value:
Ref: EcsVSwitch
Outputs:
StackId:
Type: String
ValueSelector: StackId
- Name: untilStackReady
Action: 'ACS::WaitFor'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Wait for the stack status CREATE_COMPLETE
zh-cn: 等待資源棧至建立成功狀態
OnError: deleteStack
Properties:
Service: ROS
API: GetStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{createStack.StackId}}'
DesiredValues:
- CREATE_COMPLETE
StopRetryValues:
- CREATE_FAILED
- CHECK_FAILED
- ROLLBACK_FAILED
- ROLLBACK_COMPLETE
- CREATE_ROLLBACK_COMPLETE
PropertySelector: Status
Outputs:
securityGroupId:
Type: String
ValueSelector: 'Outputs[0].OutputValue'
vSwitchId:
Type: String
ValueSelector: 'Outputs[1].OutputValue'
- Name: runInstances
Action: ACS::ECS::RunInstances
Description:
en: Create a ECS instance with source image
zh-cn: 用源鏡像建立一台ECS執行個體
OnError: deleteStack
Properties:
regionId: '{{ regionId }}'
imageId: '{{ sourceImageId }}'
instanceType: '{{ instanceType }}'
securityGroupId:
Fn::If:
- Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
- '{{ untilStackReady.securityGroupId }}'
- '{{ securityGroupId }}'
vSwitchId:
Fn::If:
- Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
- '{{ untilStackReady.vSwitchId }}'
- '{{ vSwitchId }}'
internetMaxBandwidthOut: '{{ internetMaxBandwidthOut }}'
ramRoleName: '{{ ramRoleName }}'
systemDiskCategory: '{{ systemDiskCategory }}'
Outputs:
instanceId:
ValueSelector: instanceIds[0]
Type: String
- Name: installCloudAssistant
Action: ACS::ECS::InstallCloudAssistant
Description:
en: Install cloud assistant for ECS instance
zh-cn: 給執行個體安裝雲助手
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
- Name: runCommand
Action: ACS::ECS::RunCommand
Description:
en: Run cloud assistant command on ECS instance
zh-cn: 在執行個體中運行雲助手命令
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
commandContent: '{{ commandContent }}'
commandType: '{{ commandType }}'
instanceId: '{{ runInstances.instanceId }}'
timeout: '{{ timeout }}'
- Name: stopInstance
Action: ACS::ECS::StopInstance
Description:
en: Stops the ECS instance
zh-cn: 停止ECS執行個體
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
- Name: createImage
Action: ACS::ECS::CreateImage
Description:
en: Create new image with the specified image name and instance ID
zh-cn: 通過指定執行個體ID和鏡像名稱建立新的鏡像
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
tags: '{{tags}}'
imageName: '{{ targetImageName }}-{{ ACS::CurrentUTCTime }}'
instanceId: '{{ runInstances.instanceId }}'
Outputs:
imageId:
ValueSelector: imageId
Type: String
- Name: deleteInstanceAfterUpdateImageSuccessfully
Action: ACS::ExecuteAPI
Description:
en: Release the instance after updating the image successfully
zh-cn: 刪除ECS執行個體
Properties:
Service: ECS
API: DeleteInstance
Risk: Normal
Parameters:
RegionId: '{{ regionId }}'
InstanceId: '{{ runInstances.instanceId }}'
Force: true
- Name: deleteStack
Action: 'ACS::ExecuteApi'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Delete the stack
zh-cn: 刪除資源棧
Properties:
Service: ROS
API: DeleteStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{ createStack.StackId }}'
- Name: queryAllAvailableRegions
Action: 'ACS::ExecuteAPI'
Description:
en: View all available regions
zh-cn: 查詢當前所有可用地區
Properties:
Service: ECS
API: DescribeRegions
Parameters:
RegionId: '{{ regionId }}'
Outputs:
regionIds:
Type: List
ValueSelector: >-
Regions.Region[]|.RegionId|select([scan("{{regionId}}|test")]|length<1)
allRegionsChosen:
Type: String
ValueSelector: '.|{{targetRegionIds}}|sort|.[0]'
- Name: whetherCloneToAllRegions
Action: 'ACS::Choice'
Description:
en: Choose next task by targetRegionIds Chosen
zh-cn: 根據所選目的地區判斷下一步執行
Properties:
DefaultTask: copyImage
Choices:
- When:
'Fn::Equals':
- all-regions
- '{{ queryAllAvailableRegions.allRegionsChosen }}'
NextTask: copyImageToAllRegions
- Name: copyImage
Action: 'ACS::ECS::CopyImage'
OnSuccess: whetherToShareImage
OnError: 'ACS::END'
Description:
en: Copy image to regions chosen
zh-cn: 複製鏡像到被指定的地區
Properties:
regionId: '{{ regionId }}'
imageId: '{{ createImage.imageId }}'
targetRegionId: '{{ ACS::TaskLoopItem }}'
targetImageName: '{{ targetImageName }}-{{ ACS::CurrentUTCTime }}'
Loop:
Items: '{{ targetRegionIds }}'
RateControl: '{{ rateControl }}'
Outputs:
imageIdsWithRegion:
AggregateType: 'Fn::ListJoin'
AggregateField: imageIdWithRegion
Outputs:
imageIdWithRegion:
ValueSelector: '.|(.imageId),"{{ ACS::TaskLoopItem }}"'
Type: List
- Name: copyImageToAllRegions
Action: 'ACS::ECS::CopyImage'
Description:
en: Copy image to all available regions
zh-cn: 複製鏡像到所有可用地區
Properties:
regionId: '{{ regionId }}'
imageId: '{{ createImage.imageId }}'
targetRegionId: '{{ ACS::TaskLoopItem }}'
targetImageName: '{{ targetImageName }}-{{ ACS::CurrentUTCTime }}'
Loop:
Items: '{{ queryAllAvailableRegions.regionIds }}'
RateControl: '{{ rateControl }}'
Outputs:
imageIdsWithRegion:
AggregateType: 'Fn::ListJoin'
AggregateField: imageIdWithRegion
Outputs:
imageIdWithRegion:
ValueSelector: '.|(.imageId),"{{ ACS::TaskLoopItem }}"'
Type: List
- Name: whetherToShareImage
Action: 'ACS::Choice'
Description:
en: Choose next task by accountIds
zh-cn: 根據輸入賬戶值判斷下一步執行
Properties:
DefaultTask: shareImage
Choices:
- When:
'Fn::Equals':
- []
- '{{ accountIds }}'
NextTask: modifyScalingConfiguration
- Name: shareImage
Action: 'ACS::ExecuteAPI'
Description:
en: Shares a custom image to other Alibaba Cloud accounts
zh-cn: 共用自訂鏡像到其他阿里雲帳號
Properties:
Service: ECS
API: ModifyImageSharePermission
Parameters:
RegionId: '{{ regionId }}'
ImageId: '{{ createImage.imageId }}'
AddAccount: '{{ accountIds }}'
- Name: modifyScalingConfiguration
Action: 'ACS::ExecuteAPI'
OnError: ACS::NEXT
Description:
en: Modify scaling configuration
zh-cn: 修改伸縮配置
Properties:
Service: ESS
API: ModifyScalingConfiguration
Parameters:
RegionId: '{{ regionId }}'
ScalingConfigurationId: '{{ ACS::TaskLoopItem }}'
ImageId: '{{ createImage.imageId }}'
Loop:
Items: '{{ scalingConfigurationIds }}'
- Name: updateLaunchTemplate
Action: 'ACS::ECS::UpdateLaunchTemplate'
OnSuccess: ACS::END
Description:
en: Update instance launch template
zh-cn: 更新執行個體啟動模板
Properties:
regionId: '{{ ACS::RegionId }}'
imageId: '{{ createImage.imageId }}'
launchTemplateName: '{{ ACS::TaskLoopItem }}'
Loop:
Items: '{{ launchTemplateNames }}'
- Name: deleteInstance
Action: ACS::ExecuteAPI
Description:
en: Deletes the ECS instance after updating the image failure
zh-cn: 刪除ECS執行個體
Properties:
Service: ECS
API: DeleteInstance
Risk: Normal
Parameters:
RegionId: '{{ regionId }}'
InstanceId: '{{ runInstances.instanceId }}'
Force: true
Outputs:
updatedImageId:
Type: String
Value: '{{ createImage.imageId }}'
imageIdAndRegion:
Type: List
Value:
'Fn::If':
- 'Fn::Equals':
- all-regions
- '{{ queryAllAvailableRegions.allRegionsChosen }}'
- '{{ copyImageToAllRegions.imageIdsWithRegion }}'
- '{{ copyImage.imageIdsWithRegion }}'
Metadata:
ALIYUN::OOS::Interface:
ParameterGroups:
- Parameters:
- regionId
- zoneId
- sourceImageId
Label:
default:
zh-cn: 選擇源鏡像
en: Select Origin Image
- Parameters:
- targetImageName
- tags
Label:
default:
zh-cn: 鏡像設定
en: Image Configure
- Parameters:
- instanceType
- whetherCreateVpc
- vpcCidrBlock
- vSwitchCidrBlock
- securityGroupId
- vSwitchId
- internetMaxBandwidthOut
- systemDiskCategory
- ramRoleName
Label:
default:
zh-cn: 配置中轉執行個體
en: ECS Instance Configure
- Parameters:
- commandType
- commandContent
- timeout
Label:
default:
zh-cn: 發送遠程命令
en: Run Command
- Parameters:
- targetRegionIds
- accountIds
Label:
default:
zh-cn: 鏡像分發
en: Copy Image
- Parameters:
- scalingConfigurationIds
- launchTemplateNames
- rateControl
- OOSAssumeRole
Label:
default:
zh-cn: 進階選項
en: Control Options