ALIYUN::SLB::Listener類型用於建立負載平衡監聽。
文法
{
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"MasterSlaveServerGroupId": String,
"AclStatus": String,
"Protocol": String,
"AclId": String,
"ServerCertificateId": String,
"HealthCheck": Map,
"RequestTimeout": Integer,
"IdleTimeout": Integer,
"ListenerPort": Integer,
"HttpConfig": Map,
"Bandwidth": Integer,
"AclType": String,
"BackendServerPort": Integer,
"Scheduler": String,
"LoadBalancerId": String,
"CACertificateId": String,
"Persistence": Map,
"VServerGroupId": String,
"Description": String,
"PortRange": List,
"StartListener": Boolean,
"EnableHttp2": String,
"Gzip": String,
"TLSCipherPolicy": String,
"AclIds": List,
"ProxyProtocolV2Enabled": Boolean,
"ConnectionDrainTimeout": Integer,
"Tags": List,
"FullNatEnabled": Boolean,
"ConnectionDrain": String
}
}屬性
屬性名稱 | 類型 | 必須 | 允許更新 | 描述 | 約束 |
MasterSlaveServerGroupId | String | 否 | 否 | 主備伺服器組ID。 | 無 |
AclStatus | String | 否 | 是 | 是否開啟存取控制功能。 | 取值:
|
EnableHttp2 | String | 否 | 是 | 是否開啟HTTP2特性。 | 取值:
|
AclId | String | 否 | 是 | 監聽綁定的存取原則組ID。 | 當AclStatus取值為on時,必須指定該參數。 |
AclType | String | 否 | 是 | 存取控制類型。 | 取值:
|
Protocol | String | 是 | 否 | 網路通訊協定。 | 取值:
|
ListenerPort | Integer | 是 | 否 | Server Load Balancer執行個體前端使用的連接埠。 | 取值範圍:1~65,535。 |
Bandwidth | Integer | 是 | 是 | 監聽的頻寬峰值。 | 取值範圍:-1或1~1000。 單位:Mbps。 取值說明:
|
BackendServerPort | Integer | 否 | 否 | Server Load Balancer執行個體後端使用的連接埠。 | 取值範圍:1~65,535。 |
FullNatEnabled | Boolean | 否 | 是 | 當啟用全NAT模式時,可以支援後端伺服器作為用戶端進行訪問。 | 預設值為false。 注意:僅對TCP或UDP監聽器生效。 |
LoadBalancerId | String | 是 | 否 | Server Load Balancer執行個體的ID。 | 無 |
HealthCheck | Map | 否 | 是 | 健全狀態檢查設定。 | 更多資訊,請參見HealthCheck 屬性。 |
Persistence | Map | 否 | 是 | 相關參數的持久化。 | 更多資訊,請參見Persistence 屬性。 |
Scheduler | String | 否 | 否 | 調度演算法。 | 取值:
|
CACertificateId | String | 否 | 否 | CA認證ID。 | 只對HTTPS協議有效。 |
ServerCertificateId | String | 否 | 是 | 伺服器憑證的ID。 | 只對HTTPS協議有效,且必須指定該參數。 |
VServerGroupId | String | 否 | 是 | 伺服器組ID。 | 無 |
RequestTimeout | Integer | 否 | 否 | 請求逾時時間。 | 取值範圍:1~180。 單位:秒。 |
IdleTimeout | Integer | 否 | 否 | 串連空閑逾時時間。 | 取值範圍:1~60。 單位:秒。 |
HttpConfig | Map | 否 | 否 | 用於配置HTTP協議。 | 更多資訊,請參見HttpConfig 屬性。 |
Description | String | 否 | 否 | 監聽的描述資訊。 | 長度為1~80個字元。可包含英文字母、漢字、數字、短劃線(-)、正斜線(/)、半形句號(.)和底線(_)。 |
PortRange | List | 否 | 否 | 監聽的連接埠範圍。 | 目前僅支援開啟全連接埠監聽,即 StartPort=1,EndPort=65,535。 更多資訊,請參見PortRange 屬性。 |
StartListener | Boolean | 否 | 否 | 是否啟動監聽器。 | 取值:
|
Gzip | String | 否 | 是 | 指定是否啟用Gzip壓縮,以壓縮特定類型的檔案。 | 取值:
|
TLSCipherPolicy | String | 否 | 是 | TLS安全性原則。 | 每個安全性原則包含可用於HTTPS的TLS協議版本和密碼套件。 說明 當Protocol為 |
AclIds | List | 否 | 是 | 與要建立的接聽程式關聯的存取控制的ID列表。 | 如果 |
ProxyProtocolV2Enabled | Boolean | 否 | 是 | 是否支援通過Proxy Protocol協議攜帶用戶端源地址到後端伺服器。 | 取值:
|
ConnectionDrainTimeout | Integer | 否 | 是 | 設定串連優雅中斷逾時時間。 | 單位:秒。 取值範圍:10~900。 |
Tags | List | 否 | 是 | 標籤列表 | 更多資訊,請參見Tags屬性。 |
ConnectionDrain | String | 否 | 是 | 是否開啟串連優雅中斷。 | 取值:
|
HealthCheck 文法
"HealthCheck": {
"Domain": String,
"Interval": Integer,
"URI": String,
"HttpCode": String,
"HealthyThreshold": Integer,
"HealthCheckType": String,
"Timeout": Integer,
"UnhealthyThreshold": Integer,
"Port": Integer,
"Switch": String,
"HealthCheckMethod": String,
"Req": String,
"Exp": String
}HealthCheck 屬性
屬性名稱 | 類型 | 必須 | 允許更新 | 描述 | 約束 |
Domain | String | 否 | 否 | 用於健全狀態檢查的網域名稱。 | 取值:
說明 使用者佈建此參數為$_ip或空時,負載平衡會使用各後端伺服器的私網IP作為健全狀態檢查使用的網域名稱。 |
Interval | Integer | 否 | 否 | 健全狀態檢查的時間間隔。 | 取值範圍:1~5。 單位:秒。 |
URI | String | 否 | 否 | 用於健全狀態檢查的URI。 | 長度為1~80個字元。必須以正斜線(/)開頭,可包含英文字母、數字、短劃線(-)、正斜線(/)、半形句號(.)、百分比符號(%)、問號(?)、井號(#)和and(&)。 |
HttpCode | String | 否 | 否 | HTTP狀態代碼。 | 取值:
多個HTTP狀態代碼之間用半形逗號(,)分隔。 |
HealthyThreshold | Integer | 否 | 否 | 判定健全狀態檢查結果為success的閾值。即,健全狀態檢查連續成功多少次後,將後端伺服器的健全狀態檢查狀態由fail改為success。 | 取值範圍:1~10。 |
HealthCheckType | String | 否 | 否 | 健全狀態檢查類型。 | 取值:
|
Timeout | Integer | 否 | 否 | 每次健全狀態檢查響應的最大逾時時間。 | 取值範圍:1~50。 單位:秒。 說明 如果Timeout值小於Interval值,則Timeout無效,逾時時間為Interval的值。 |
UnhealthyThreshold | Integer | 否 | 否 | 判定健全狀態檢查結果為fail的閾值。即,健全狀態檢查連續失敗多少次後,將後端伺服器的健全狀態檢查狀態由success改為fail。 | 取值範圍:1~10。 |
Port | Integer | 否 | 否 | 用於健全狀態檢查的連接埠。 | 取值範圍:0~65,535。 |
Switch | String | 否 | 否 | 是否啟用健全狀態檢查。 | 取值:
說明 當前僅對HTTP或HTTPS協議有效。如果未設定Switch,預設將禁用健全狀態檢查,除非已經配置了健全狀態檢查專案。 |
HealthCheckMethod | String | 否 | 否 | 健全狀態檢查方法。 | 取值:
說明 當Protocol取值為 |
Req | String | 否 | 否 | UDP監聽健全狀態檢查的請求字串僅限於字母和數字 | 最大長度為64個字元。 |
Exp | String | 否 | 否 | UDP監聽健全狀態檢查的響應字串僅限於字母和數字。 | 最大長度為64個字元。 |
Persistence 文法
"Persistence": {
"PersistenceTimeout": Integer,
"CookieTimeout": Integer,
"XForwardedFor": String,
"XForwardedFor_SLBID": String,
"XForwardedFor_proto": String,
"XForwardedFor_SLBIP": String,
"Cookie": String,
"StickySession": String,
"StickySessionType": String,
"XForwardedFor_ClientSrcPort": String,
"XForwardedFor_SLBPORT": String
}Persistence 屬性
屬性名稱 | 類型 | 必須 | 允許更新 | 描述 | 約束 |
StickySession | String | 否 | 是 | 是否開啟會話保持。 | 取值:
|
PersistenceTimeout | Integer | 否 | 是 | 串連持久化的逾時時間。 | 取值範圍:0~1000。 預設值:0。表示關閉。 單位:秒。 |
CookieTimeout | Integer | 否 | 是 | Cookie逾時時間。 | 取值範圍:1~86,400。 單位:秒。 說明 當StickySession為on且StickySessionType為insert時,該參數必選。 |
XForwardedFor | String | 否 | 是 | 是否通過X-Forwarded-Fort頭欄位擷取來訪者真實IP。 | 取值:
|
XForwardedFor_proto | String | 否 | 是 | 是否通過X-Forwarded-Proto頭欄位擷取Server Load Balancer執行個體的監聽協議。 | 取值:
|
XForwardedFor_SLBID | String | 否 | 是 | 是否通過SLB-ID頭欄位擷取Server Load Balancer執行個體ID。 | 取值:
|
XForwardedFor_SLBIP | String | 否 | 是 | 是否通過SLB-IP頭欄位擷取用戶端請求的真實IP。 | 取值:
|
Cookie | String | 否 | 是 | 伺服器上配置的Cookie。 | 長度為1~200個字元,不能以貨幣符號($)開頭。可包含英文字母和數字,不能包含半形逗號(,)、半形分號(;)和空格( )。 說明 當StickySession為on且StickySessionType為server時,該參數必選。 |
StickySessionType | String | 否 | 是 | Cookie的處理方式。 | 取值:
說明 當StickySession的值為on時,必須指定該參數。 |
XForwardedFor_ClientSrcPort | String | 否 | 是 | 是否通過X-Forwarded-Client-srcport頭欄位擷取用戶端串連Server Load Balancer執行個體所使用的連接埠。 | 取值:
|
XForwardedFor_SLBPORT | String | 否 | 是 | 是否通過X-Forwarded-Port頭欄位擷取Server Load Balancer執行個體的監聽連接埠。 | 取值:
|
HttpConfig 文法
"HttpConfig": {
"ForwardPort": Integer,
"ListenerForward": String
}HttpConfig 屬性
屬性名稱 | 類型 | 必須 | 允許更新 | 描述 | 約束 |
ForwardPort | Integer | 否 | 否 | HTTP到HTTPS監聽轉送連接埠。 | 取值範圍:1~65,535。 預設值:443。 |
ListenerForward | String | 否 | 否 | 是否將HTTP啟用為HTTPS轉寄。 | 取值:
|
PortRange 文法
"PortRange": [
{
"StartPort": Integer,
"EndPort": Integer
}
]PortRange 屬性
屬性名稱 | 類型 | 必須 | 允許更新 | 描述 | 約束 |
StartPort | Integer | 是 | 否 | 開始端點口。 | 取值:1。 |
EndPort | Integer | 是 | 否 | 結束連接埠。 | 取值:65,535。 |
Tags 文法
"Tags": [
{
"Key": String,
"Value": String
}
]Tags 屬性
屬性名稱 | 類型 | 必須 | 允許更新 | 描述 | 約束 |
Key | String | 是 | 否 | 標籤鍵。 | 無 |
Value | String | 否 | 否 | 標籤值。 | 無 |
傳回值
Fn::GetAtt
LoadBalancerId:Server Load Balancer執行個體的唯一標識。
ListenerPortsAndProtocol:Server Load Balancer執行個體前端使用的連接埠和協議。
Arn:阿里雲資源名稱。
樣本
情境 1 :建立負載平衡監聽。
ROSTemplateFormatVersion: '2015-09-01'
Description: Test SLB Listener
Parameters:
SlbInstanceId:
AssociationProperty: ALIYUN::SLB::Instance::InstanceId
Type: String
Resources:
Listener:
Type: ALIYUN::SLB::Listener
Properties:
BackendServerPort: 8080
Bandwidth: 50
ListenerPort: 80
LoadBalancerId:
Ref: SlbInstanceId
Protocol: https
Scheduler: wrr
Outputs: {}{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "Test SLB Listener",
"Parameters": {
"SlbInstanceId": {
"AssociationProperty": "ALIYUN::SLB::Instance::InstanceId",
"Type": "String"
}
},
"Resources": {
"Listener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"BackendServerPort": 8080,
"Bandwidth": 50,
"ListenerPort": 80,
"LoadBalancerId": {
"Ref": "SlbInstanceId"
},
"Protocol": "https",
"Scheduler": "wrr"
}
}
},
"Outputs": {
}
}情境 2 :建立有健全狀態檢查的負載平衡監聽。
ROSTemplateFormatVersion: '2015-09-01'
Description: Test SLB Listener
Parameters:
SlbInstanceId:
AssociationProperty: ALIYUN::SLB::Instance::InstanceId
Type: String
Resources:
Listener:
Type: ALIYUN::SLB::Listener
Properties:
ListenerPort: 80
Bandwidth: 10
HealthCheck:
HttpCode: http_2xx,http_3xx,http_4xx,http_5xx
HealthCheckType: http
UnhealthyThreshold: 3
Timeout: 5
HealthyThreshold: 3
Port: 80
URI: /
Interval: 5
LoadBalancerId:
Ref: SlbInstanceId
BackendServerPort: 80
Protocol: http
Outputs: {}{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "Test SLB Listener",
"Parameters": {
"SlbInstanceId": {
"AssociationProperty": "ALIYUN::SLB::Instance::InstanceId",
"Type": "String"
}
},
"Resources": {
"Listener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"BackendServerPort": 8080,
"Bandwidth": 50,
"ListenerPort": 80,
"LoadBalancerId": {
"Ref": "SlbInstanceId"
},
"Protocol": "https",
"Scheduler": "wrr"
}
}
},
"Outputs": {
}
}情境 3 :建立高可用Web服務。
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 構建高可用Web服務,包含雙可用性區域ECS執行個體、Server Load Balancer、NAS儲存掛載,自動同步配置,支援公網訪問。
en: Constructing a highly available web service comprises dual availability zone
ECS instances, a Load Balancer (SLB), Network Attached Storage (NAS) mounts, automatic
configuration synchronization, and is accessible via the public internet.
Parameters:
NasZone1:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用性區域1要不同與可用性區域2。
en: Availability zone 1 must be different from Availability zone 2.
Label:
zh-cn: NAS可用性區域1
en: NAS Availability Zone1
NasZone2:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用性區域2要不同與可用性區域1。
en: Availability zone 2 must be different from Availability zone 1.
Label:
zh-cn: NAS可用性區域2
en: NAS Availability Zone2
CommonName:
Default: high-availability
Type: String
InstancePassword:
Type: String
Description:
zh-cn: >-
伺服器登入密碼,長度8~30,必須包含三項(大寫字母、小寫字母、數字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
中的特殊符號)。
en: >-
Server login password, Length 8~30, must contain three(Capital letters,
lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special
symbol in).
MinLength: 8
Label:
zh-cn: 執行個體密碼
en: Instance Password
AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
NoEcho: true
MaxLength: 30
AssociationProperty: 'ALIYUN::ECS::Instance::Password'
ConstraintDescription:
zh-cn: '長度8~30,必須包含三項(大寫字母、小寫字母、數字、 ()`~!@#$%^&*_-+=|{}[]:;''<>,.?/ 中的特殊符號)。'
en: >-
Length 8~30, must contain three(Capital letters, lowercase letters,
numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
EcsInstanceType2:
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
SystemDiskCategory: cloud_essd
InstanceChargeType: PostPaid
ZoneId: '${Zone2}'
Type: String
Label:
zh-cn: 可用性區域2的執行個體類型
en: Instance Type Of Availability Zone2
Zone2:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用性區域2要不同與可用性區域1。
en: Availability zone 2 must be different from Availability zone 1.
Label:
zh-cn: 交換器可用性區域2
en: VSwitch Availability Zone2
Zone1:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用性區域1要不同與可用性區域2。
en: Availability zone 1 must be different from Availability zone 2.
Label:
zh-cn: 交換器可用性區域1
en: VSwitch Availability Zone1
EcsInstanceType1:
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
SystemDiskCategory: cloud_essd
InstanceChargeType: PostPaid
ZoneId: '${Zone1}'
Type: String
Label:
zh-cn: 可用性區域1的執行個體類型
en: Instance Type Of Availability Zone1
Rules:
DifferentZones2:
Assertions:
- Assert:
'Fn::Not':
'Fn::Equals':
- Ref: NasZone1
- Ref: NasZone2
AssertDescription: NAS Zones must be different
DifferentZones1:
Assertions:
- Assert:
'Fn::Not':
'Fn::Equals':
- Ref: Zone1
- Ref: Zone2
AssertDescription: ECS Zones must be different
Outputs:
ECS1URL:
Description: ECS 1 URL
Value:
'Fn::Sub':
- >-
https://ecs.console.alibabacloud.com/#/server/region/${region}?instanceIds=${InstanceID}
- InstanceID:
'Fn::Select':
- '0'
- 'Fn::GetAtt':
- EcsInstanceGroup1
- InstanceIds
region:
Ref: 'ALIYUN::Region'
FileSystemId1:
Description:
zh-cn: 主NAS
en: Master NAS
Value:
'Fn::Sub':
- 'https://nas.console.alibabacloud.com/${region}/filesystem/${InstanceID}'
- InstanceID:
'Fn::GetAtt':
- MasterFileSystem
- FileSystemId
region:
Ref: 'ALIYUN::Region'
ECS2URL:
Description: ECS 2 URL
Value:
'Fn::Sub':
- >-
https://ecs.console.alibabacloud.com/#/server/region/${region}?instanceIds=${InstanceID}
- InstanceID:
'Fn::Select':
- '0'
- 'Fn::GetAtt':
- EcsInstanceGroup1
- InstanceIds
region:
Ref: 'ALIYUN::Region'
SlbIpAddress:
Description:
zh-cn: 對外暴露的公網IP地址
en: Public IP Addresses
Value:
'Fn::Sub':
- 'http://${ServerAddress}'
- ServerAddress:
'Fn::GetAtt':
- Slb
- IpAddress
FileSystemId2:
Description:
zh-cn: 備NAS
en: Backup NAS
Value:
'Fn::Sub':
- 'https://nas.console.alibabacloud.com/${region}/filesystem/${InstanceID}'
- InstanceID:
'Fn::GetAtt':
- BackupFileSystem
- FileSystemId
region:
Ref: 'ALIYUN::Region'
MountInfo1:
Description:
zh-cn: NAS在ECS上的掛載目錄1
en: NAS mounting directory 1 on ECS
Value: '/nas_master'
MountInfo2:
Description:
zh-cn: NAS在ECS上的掛載目錄2
en: NAS mounting directory 2 on ECS
Value: '/nas_backup'
Resources:
SlbListener:
Type: 'ALIYUN::SLB::Listener'
Properties:
Protocol: http
HealthCheck:
HealthCheckType: http
Interval: 2
URI: /
UnhealthyThreshold: 3
HealthyThreshold: 3
Timeout: 5
HttpCode: 'http_2xx,http_3xx,http_4xx,http_5xx'
Port: 80
ListenerPort: 80
Bandwidth: 10
BackendServerPort: 80
LoadBalancerId:
Ref: Slb
DependsOn:
- Slb
EcsSecurityGroup:
Type: 'ALIYUN::ECS::SecurityGroup'
Properties:
SecurityGroupIngress:
- Priority: 1
PortRange: 80/80
NicType: internet
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
VpcId:
Ref: EcsVpc
SecurityGroupEgress:
- Priority: 1
PortRange: '-1/-1'
DestCidrIp: 0.0.0.0/0
NicType: internet
IpProtocol: all
- Priority: 1
PortRange: '-1/-1'
DestCidrIp: 0.0.0.0/0
NicType: intranet
IpProtocol: all
SecurityGroupName:
'Fn::Sub': '${CommonName}_sg'
MasterNasMountTarget:
Type: 'ALIYUN::NAS::MountTarget'
Properties:
NetworkType: Vpc
FileSystemId:
Ref: MasterFileSystem
VpcId:
Ref: EcsVpc
VSwitchId:
Ref: EcsVSwitch3
AccessGroupName: DEFAULT_VPC_GROUP_NAME
EcsVSwitch4:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_002'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.4.0/24
ZoneId:
Ref: NasZone2
MasterFileSystem:
Type: 'ALIYUN::NAS::FileSystem'
Properties:
StorageType: Capacity
ProtocolType: NFS
VpcId:
Ref: EcsVpc
Description: MasterNAS
ZoneId:
Ref: NasZone1
EcsVSwitch2:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_002'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.2.0/24
ZoneId:
Ref: Zone2
EcsVSwitch3:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_002'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.3.0/24
ZoneId:
Ref: NasZone1
EcsVSwitch1:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_001'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.1.0/24
ZoneId:
Ref: Zone1
BackupFileSystem:
Type: 'ALIYUN::NAS::FileSystem'
Properties:
StorageType: Capacity
ProtocolType: NFS
VpcId:
Ref: EcsVpc
Description: BackupNAS
ZoneId:
Ref: NasZone2
BackupNasMountTarget:
Type: 'ALIYUN::NAS::MountTarget'
Properties:
NetworkType: Vpc
FileSystemId:
Ref: BackupFileSystem
VpcId:
Ref: EcsVpc
VSwitchId:
Ref: EcsVSwitch4
AccessGroupName: DEFAULT_VPC_GROUP_NAME
EcsInstanceGroup1:
Type: 'ALIYUN::ECS::InstanceGroup'
Properties:
SystemDiskCategory: cloud_essd
VpcId:
Ref: EcsVpc
SecurityGroupId:
Ref: EcsSecurityGroup
SystemDiskSize: 40
ImageId: aliyun_3_x64_20G_alibase_20230727.vhd
SpotStrategy: SpotAsPriceGo
IoOptimized: optimized
VSwitchId:
Ref: EcsVSwitch1
Password:
Ref: InstancePassword
InstanceName:
'Fn::Sub': '${CommonName}_ecs_001'
InstanceType:
Ref: EcsInstanceType1
ZoneId:
Ref: Zone1
MaxAmount: 1
EcsInstanceGroup2:
Type: 'ALIYUN::ECS::InstanceGroup'
Properties:
SystemDiskCategory: cloud_essd
VpcId:
Ref: EcsVpc
SecurityGroupId:
Ref: EcsSecurityGroup
SystemDiskSize: 40
ImageId: aliyun_3_x64_20G_alibase_20230727.vhd
SpotStrategy: SpotAsPriceGo
IoOptimized: optimized
VSwitchId:
Ref: EcsVSwitch2
Password:
Ref: InstancePassword
InstanceName:
'Fn::Sub': '${CommonName}_ecs_002'
InstanceType:
Ref: EcsInstanceType2
ZoneId:
Ref: Zone2
MaxAmount: 1
EcsVpc:
Type: 'ALIYUN::ECS::VPC'
Properties:
VpcName:
'Fn::Sub': '${CommonName}_vpc'
CidrBlock: 192.168.0.0/16
SlbBackendServerAttachment:
Type: 'ALIYUN::SLB::BackendServerAttachment'
Properties:
BackendServerList:
'Fn::ListMerge':
- 'Fn::GetAtt':
- EcsInstanceGroup1
- InstanceIds
- 'Fn::GetAtt':
- EcsInstanceGroup2
- InstanceIds
BackendServerWeightList:
- 100
- 100
LoadBalancerId:
Ref: Slb
Slb:
Type: 'ALIYUN::SLB::LoadBalancer'
Properties:
AddressType: internet
LoadBalancerName:
'Fn::Sub': '${CommonName}-slb'
InstanceChargeType: PayByCLCU
PayType: PayOnDemand
InstanceRunCommand:
Type: 'ALIYUN::ECS::RunCommand'
Properties:
CommandContent:
'Fn::Sub': >-
#!/bin/bash
if [ ! -f .ros.provision ]; then
echo "Name: 高可用及共用儲存Web服務" > .ros.provision
fi
name=$(grep "^Name:" .ros.provision | awk -F':' '{print $2}' | sed -e
's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
if [[ "$name" != "高可用及共用儲存Web服務" ]]; then
echo "當前執行個體已使用過\"$name\"教程的一鍵配置,不能再使用本教程的一鍵配置"
exit 0
fi
echo "#########################"
echo "# Check Network"
echo "#########################"
ping -c 2 -W 2 aliyun.com > /dev/null
if [[ $? -ne 0 ]]; then
echo "當前執行個體無法訪問公網"
exit 0
fi
if ! grep -q "^Step1: Prepare Environment$" .ros.provision; then
echo "#########################"
echo "# Prepare Environment"
echo "#########################"
systemctl status firewalld
systemctl stop firewalld
echo "Step1: Prepare Environment" >> .ros.provision
else
echo "#########################"
echo "# Environment has been ready"
echo "#########################"
fi
if ! grep -q "^Step2: Install Nginx and deploy service$"
.ros.provision; then
echo "#########################"
echo "# Install Nginx"
echo "#########################"
sudo yum -y install nginx
sudo wget -O /usr/share/nginx/html/index.html https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231013/jhgg/index.html
sudo wget -O /usr/share/nginx/html/lipstick.png https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20230925/zevs/lipstick.png
sudo systemctl start nginx
sudo systemctl enable nginx
echo "Step2: Install Nginx and deploy service" >> .ros.provision
else
echo "#########################"
echo "# Nginx has been installed"
echo "#########################"
fi
if ! grep -q "^Step3: Mount to the ECS" .ros.provision; then
echo "#########################"
echo "# Mount to the ECS"
echo "#########################"
mkdir /nas_master
mkdir /nas_backup
sudo yum install -y nfs-utils
sudo echo "options sunrpc tcp_slot_table_entries=128" >> /etc/modprobe.d/sunrpc.conf
sudo echo "options sunrpc tcp_max_slot_table_entries=128" >> /etc/modprobe.d/sunrpc.conf
sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${MasterNasMountTarget.MountTargetDomain}:/ /nas_master
sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup
sudo echo "${MasterNasMountTarget.MountTargetDomain}:/ /nas_master nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0" >> /etc/fstab
sudo echo "${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0" >> /etc/fstab
df -h | grep aliyun
else
echo "#########################"
echo "# The ECS has been attached to the Nas"
echo "#########################"
fi
if ! grep -q "^Step4: Shared file$" .ros.provision; then
echo "#########################"
echo "# Shared file"
echo "#########################"
sudo cp -Lvr /usr/share/nginx/html /nas_master
sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
echo "Step4: Shared file" >> .ros.provision
else
echo "#########################"
echo "# File has been Shared"
echo "#########################"
fi
if ! grep -q "^Step5: Install inotify-tools、rsync$" .ros.provision;
then
echo "#########################"
echo "# Install inotify-tools、rsync"
echo "#########################"
sudo yum install -y inotify-tools rsync
echo "Step6: Install inotify-tools、rsync" >> .ros.provision
else
echo "#########################"
echo "# Inotify-tools has been installed"
echo "#########################"
fi
if ! grep -q "^Step6: Install synchronization server$" .ros.provision;
then
echo "#########################"
echo "# Install synchronization server"
echo "#########################"
sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231017/pftz/sync_nas.sh
sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/en-US/20230925/wmaj/sync_check_switch.sh
sudo chmod +x /etc/systemd/system/sync_nas.sh
sudo chmod +x /etc/systemd/system/sync_check_switch.sh
cat > /etc/systemd/system/sync-check-switch.service << \EOF
[Unit]
Description=Sync Check Switch
After=network.target
[Service]
ExecStart=/etc/systemd/system/sync_check_switch.sh
RestartSec=3
Restart=always
[Install]
WantedBy=default.target
EOF
cat > /etc/systemd/system/sync-nas.service << \EOF
[Unit]
Description=Sync NAS Service
After=network.target
[Service]
ExecStart=/etc/systemd/system/sync_nas.sh
Restart=always
RestartSec=3
[Install]
WantedBy=default.target
EOF
sudo systemctl daemon-reload
sudo systemctl start sync-nas.service
sudo systemctl enable sync-check-switch.service
sudo systemctl start sync-check-switch.service
sudo systemctl enable sync-nas.service
echo "Step6: Install " >> .ros.provision
else
echo "#########################"
echo "# Synchronization server has been installed"
echo "#########################"
fi
Type: RunShellScript
Sync: true
InstanceIds:
- Ref: EcsInstanceGroup1
- Ref: EcsInstanceGroup2
Timeout: '300'
Metadata:
'ALIYUN::ROS::Interface':
ParameterGroups:
- Parameters:
- Zone1
- Zone2
- NasZone1
- NasZone2
Label:
default:
zh-cn: 可用性區域配置
en: Availability Zone
- Parameters:
- EcsInstanceType1
- EcsInstanceType2
- InstancePassword
Label:
default:
zh-cn: ECS執行個體配置
en: Instance Configure
TemplateTags:
- 'acs:technical-solution:high-availability-architecture:高可用及共用儲存Web服務-tech_solu_12'
Hidden:
- CommonName
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "構建高可用Web服務,包含雙可用性區域ECS執行個體、Server Load Balancer、NAS儲存掛載,自動同步配置,支援公網訪問。",
"en": "Constructing a highly available web service comprises dual availability zone ECS instances, a Load Balancer (SLB), Network Attached Storage (NAS) mounts, automatic configuration synchronization, and is accessible via the public internet."
},
"Parameters": {
"NasZone1": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用性區域1要不同與可用性區域2。",
"en": "Availability zone 1 must be different from Availability zone 2."
},
"Label": {
"zh-cn": "NAS可用性區域1",
"en": "NAS Availability Zone1"
}
},
"NasZone2": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用性區域2要不同與可用性區域1。",
"en": "Availability zone 2 must be different from Availability zone 1."
},
"Label": {
"zh-cn": "NAS可用性區域2",
"en": "NAS Availability Zone2"
}
},
"CommonName": {
"Default": "high-availability",
"Type": "String"
},
"InstancePassword": {
"Type": "String",
"Description": {
"zh-cn": "伺服器登入密碼,長度8~30,必須包含三項(大寫字母、小寫字母、數字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符號)。",
"en": "Server login password, Length 8~30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)."
},
"MinLength": 8,
"Label": {
"zh-cn": "執行個體密碼",
"en": "Instance Password"
},
"AllowedPattern": "[0-9A-Za-z\\_\\-\\&:;'<>,=%`~!@#\\(\\)\\$\\^\\*\\+\\|\\{\\}\\[\\]\\.\\?\\/]+$",
"NoEcho": true,
"MaxLength": 30,
"AssociationProperty": "ALIYUN::ECS::Instance::Password",
"ConstraintDescription": {
"zh-cn": "長度8~30,必須包含三項(大寫字母、小寫字母、數字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符號)。",
"en": "Length 8~30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)."
}
},
"EcsInstanceType2": {
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"SystemDiskCategory": "cloud_essd",
"InstanceChargeType": "PostPaid",
"ZoneId": "${Zone2}"
},
"Type": "String",
"Label": {
"zh-cn": "可用性區域2的執行個體類型",
"en": "Instance Type Of Availability Zone2"
}
},
"Zone2": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用性區域2要不同與可用性區域1。",
"en": "Availability zone 2 must be different from Availability zone 1."
},
"Label": {
"zh-cn": "交換器可用性區域2",
"en": "VSwitch Availability Zone2"
}
},
"Zone1": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用性區域1要不同與可用性區域2。",
"en": "Availability zone 1 must be different from Availability zone 2."
},
"Label": {
"zh-cn": "交換器可用性區域1",
"en": "VSwitch Availability Zone1"
}
},
"EcsInstanceType1": {
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"SystemDiskCategory": "cloud_essd",
"InstanceChargeType": "PostPaid",
"ZoneId": "${Zone1}"
},
"Type": "String",
"Label": {
"zh-cn": "可用性區域1的執行個體類型",
"en": "Instance Type Of Availability Zone1"
}
}
},
"Rules": {
"DifferentZones2": {
"Assertions": [
{
"Assert": {
"Fn::Not": {
"Fn::Equals": [
{
"Ref": "NasZone1"
},
{
"Ref": "NasZone2"
}
]
}
},
"AssertDescription": "NAS Zones must be different"
}
]
},
"DifferentZones1": {
"Assertions": [
{
"Assert": {
"Fn::Not": {
"Fn::Equals": [
{
"Ref": "Zone1"
},
{
"Ref": "Zone2"
}
]
}
},
"AssertDescription": "ECS Zones must be different"
}
]
}
},
"Outputs": {
"ECS1URL": {
"Description": "ECS 1 URL",
"Value": {
"Fn::Sub": [
"https://ecs.console.alibabacloud.com/#/server/region/${region}?instanceIds=${InstanceID}",
{
"InstanceID": {
"Fn::Select": [
"0",
{
"Fn::GetAtt": [
"EcsInstanceGroup1",
"InstanceIds"
]
}
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"FileSystemId1": {
"Description": {
"zh-cn": "主NAS",
"en": "Master NAS"
},
"Value": {
"Fn::Sub": [
"https://nas.console.alibabacloud.com/${region}/filesystem/${InstanceID}",
{
"InstanceID": {
"Fn::GetAtt": [
"MasterFileSystem",
"FileSystemId"
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"ECS2URL": {
"Description": "ECS 2 URL",
"Value": {
"Fn::Sub": [
"https://ecs.console.alibabacloud.com/#/server/region/${region}?instanceIds=${InstanceID}",
{
"InstanceID": {
"Fn::Select": [
"0",
{
"Fn::GetAtt": [
"EcsInstanceGroup1",
"InstanceIds"
]
}
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"SlbIpAddress": {
"Description": {
"zh-cn": "對外暴露的公網IP地址",
"en": "Public IP Addresses"
},
"Value": {
"Fn::Sub": [
"http://${ServerAddress}",
{
"ServerAddress": {
"Fn::GetAtt": [
"Slb",
"IpAddress"
]
}
}
]
}
},
"FileSystemId2": {
"Description": {
"zh-cn": "備NAS",
"en": "Backup NAS"
},
"Value": {
"Fn::Sub": [
"https://nas.console.alibabacloud.com/${region}/filesystem/${InstanceID}",
{
"InstanceID": {
"Fn::GetAtt": [
"BackupFileSystem",
"FileSystemId"
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"MountInfo1": {
"Description": {
"zh-cn": "NAS在ECS上的掛載目錄1",
"en": "NAS mounting directory 1 on ECS"
},
"Value": "/nas_master"
},
"MountInfo2": {
"Description": {
"zh-cn": "NAS在ECS上的掛載目錄2",
"en": "NAS mounting directory 2 on ECS"
},
"Value": "/nas_backup"
}
},
"Resources": {
"SlbListener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"Protocol": "http",
"HealthCheck": {
"HealthCheckType": "http",
"Interval": 2,
"URI": "/",
"UnhealthyThreshold": 3,
"HealthyThreshold": 3,
"Timeout": 5,
"HttpCode": "http_2xx,http_3xx,http_4xx,http_5xx",
"Port": 80
},
"ListenerPort": 80,
"Bandwidth": 10,
"BackendServerPort": 80,
"LoadBalancerId": {
"Ref": "Slb"
}
},
"DependsOn": [
"Slb"
]
},
"EcsSecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"SecurityGroupIngress": [
{
"Priority": 1,
"PortRange": "80/80",
"NicType": "internet",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
}
],
"VpcId": {
"Ref": "EcsVpc"
},
"SecurityGroupEgress": [
{
"Priority": 1,
"PortRange": "-1/-1",
"DestCidrIp": "0.0.0.0/0",
"NicType": "internet",
"IpProtocol": "all"
},
{
"Priority": 1,
"PortRange": "-1/-1",
"DestCidrIp": "0.0.0.0/0",
"NicType": "intranet",
"IpProtocol": "all"
}
],
"SecurityGroupName": {
"Fn::Sub": "${CommonName}_sg"
}
}
},
"MasterNasMountTarget": {
"Type": "ALIYUN::NAS::MountTarget",
"Properties": {
"NetworkType": "Vpc",
"FileSystemId": {
"Ref": "MasterFileSystem"
},
"VpcId": {
"Ref": "EcsVpc"
},
"VSwitchId": {
"Ref": "EcsVSwitch3"
},
"AccessGroupName": "DEFAULT_VPC_GROUP_NAME"
}
},
"EcsVSwitch4": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_002"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.4.0/24",
"ZoneId": {
"Ref": "NasZone2"
}
}
},
"MasterFileSystem": {
"Type": "ALIYUN::NAS::FileSystem",
"Properties": {
"StorageType": "Capacity",
"ProtocolType": "NFS",
"VpcId": {
"Ref": "EcsVpc"
},
"Description": "MasterNAS",
"ZoneId": {
"Ref": "NasZone1"
}
}
},
"EcsVSwitch2": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_002"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.2.0/24",
"ZoneId": {
"Ref": "Zone2"
}
}
},
"EcsVSwitch3": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_002"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.3.0/24",
"ZoneId": {
"Ref": "NasZone1"
}
}
},
"EcsVSwitch1": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_001"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.1.0/24",
"ZoneId": {
"Ref": "Zone1"
}
}
},
"BackupFileSystem": {
"Type": "ALIYUN::NAS::FileSystem",
"Properties": {
"StorageType": "Capacity",
"ProtocolType": "NFS",
"VpcId": {
"Ref": "EcsVpc"
},
"Description": "BackupNAS",
"ZoneId": {
"Ref": "NasZone2"
}
}
},
"BackupNasMountTarget": {
"Type": "ALIYUN::NAS::MountTarget",
"Properties": {
"NetworkType": "Vpc",
"FileSystemId": {
"Ref": "BackupFileSystem"
},
"VpcId": {
"Ref": "EcsVpc"
},
"VSwitchId": {
"Ref": "EcsVSwitch4"
},
"AccessGroupName": "DEFAULT_VPC_GROUP_NAME"
}
},
"EcsInstanceGroup1": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"SystemDiskCategory": "cloud_essd",
"VpcId": {
"Ref": "EcsVpc"
},
"SecurityGroupId": {
"Ref": "EcsSecurityGroup"
},
"SystemDiskSize": 40,
"ImageId": "aliyun_3_x64_20G_alibase_20230727.vhd",
"SpotStrategy": "SpotAsPriceGo",
"IoOptimized": "optimized",
"VSwitchId": {
"Ref": "EcsVSwitch1"
},
"Password": {
"Ref": "InstancePassword"
},
"InstanceName": {
"Fn::Sub": "${CommonName}_ecs_001"
},
"InstanceType": {
"Ref": "EcsInstanceType1"
},
"ZoneId": {
"Ref": "Zone1"
},
"MaxAmount": 1
}
},
"EcsInstanceGroup2": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"SystemDiskCategory": "cloud_essd",
"VpcId": {
"Ref": "EcsVpc"
},
"SecurityGroupId": {
"Ref": "EcsSecurityGroup"
},
"SystemDiskSize": 40,
"ImageId": "aliyun_3_x64_20G_alibase_20230727.vhd",
"SpotStrategy": "SpotAsPriceGo",
"IoOptimized": "optimized",
"VSwitchId": {
"Ref": "EcsVSwitch2"
},
"Password": {
"Ref": "InstancePassword"
},
"InstanceName": {
"Fn::Sub": "${CommonName}_ecs_002"
},
"InstanceType": {
"Ref": "EcsInstanceType2"
},
"ZoneId": {
"Ref": "Zone2"
},
"MaxAmount": 1
}
},
"EcsVpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"VpcName": {
"Fn::Sub": "${CommonName}_vpc"
},
"CidrBlock": "192.168.0.0/16"
}
},
"SlbBackendServerAttachment": {
"Type": "ALIYUN::SLB::BackendServerAttachment",
"Properties": {
"BackendServerList": {
"Fn::ListMerge": [
{
"Fn::GetAtt": [
"EcsInstanceGroup1",
"InstanceIds"
]
},
{
"Fn::GetAtt": [
"EcsInstanceGroup2",
"InstanceIds"
]
}
]
},
"BackendServerWeightList": [
100,
100
],
"LoadBalancerId": {
"Ref": "Slb"
}
}
},
"Slb": {
"Type": "ALIYUN::SLB::LoadBalancer",
"Properties": {
"AddressType": "internet",
"LoadBalancerName": {
"Fn::Sub": "${CommonName}-slb"
},
"InstanceChargeType": "PayByCLCU",
"PayType": "PayOnDemand"
}
},
"InstanceRunCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": {
"Fn::Sub": "#!/bin/bash\nif [ ! -f .ros.provision ]; then\n echo \"Name: 高可用及共用儲存Web服務\" > .ros.provision\nfi\n\nname=$(grep \"^Name:\" .ros.provision | awk -F':' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')\nif [[ \"$name\" != \"高可用及共用儲存Web服務\" ]]; then\n echo \"當前執行個體已使用過\\\"$name\\\"教程的一鍵配置,不能再使用本教程的一鍵配置\"\n exit 0\nfi\n\necho \"#########################\"\necho \"# Check Network\"\necho \"#########################\"\nping -c 2 -W 2 aliyun.com > /dev/null\nif [[ $? -ne 0 ]]; then\n echo \"當前執行個體無法訪問公網\"\n exit 0\nfi\n\nif ! grep -q \"^Step1: Prepare Environment$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Prepare Environment\"\n echo \"#########################\"\n systemctl status firewalld\n systemctl stop firewalld\n echo \"Step1: Prepare Environment\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Environment has been ready\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step2: Install Nginx and deploy service$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Install Nginx\"\n echo \"#########################\"\n sudo yum -y install nginx\n sudo wget -O /usr/share/nginx/html/index.html https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231013/jhgg/index.html\n sudo wget -O /usr/share/nginx/html/lipstick.png https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20230925/zevs/lipstick.png\n sudo systemctl start nginx\n sudo systemctl enable nginx\n echo \"Step2: Install Nginx and deploy service\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Nginx has been installed\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step3: Mount to the ECS\" .ros.provision; then\n echo \"#########################\"\n echo \"# Mount to the ECS\"\n echo \"#########################\"\n mkdir /nas_master\n mkdir /nas_backup\n sudo yum install -y nfs-utils\n sudo echo \"options sunrpc tcp_slot_table_entries=128\" >> /etc/modprobe.d/sunrpc.conf\n sudo echo \"options sunrpc tcp_max_slot_table_entries=128\" >> /etc/modprobe.d/sunrpc.conf\n sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${MasterNasMountTarget.MountTargetDomain}:/ /nas_master\n sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup\n\n sudo echo \"${MasterNasMountTarget.MountTargetDomain}:/ /nas_master nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0\" >> /etc/fstab\n \n sudo echo \"${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0\" >> /etc/fstab\n\n df -h | grep aliyun\nelse\n echo \"#########################\"\n echo \"# The ECS has been attached to the Nas\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step4: Shared file$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Shared file\"\n echo \"#########################\"\n sudo cp -Lvr /usr/share/nginx/html /nas_master\n sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak\n echo \"Step4: Shared file\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# File has been Shared\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step5: Install inotify-tools、rsync$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Install inotify-tools、rsync\"\n echo \"#########################\"\n sudo yum install -y inotify-tools rsync\n echo \"Step6: Install inotify-tools、rsync\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Inotify-tools has been installed\"\n echo \"#########################\"\nfi\nif ! grep -q \"^Step6: Install synchronization server$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Install synchronization server\"\n echo \"#########################\"\n sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231017/pftz/sync_nas.sh\n sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/en-US/20230925/wmaj/sync_check_switch.sh\n sudo chmod +x /etc/systemd/system/sync_nas.sh\n sudo chmod +x /etc/systemd/system/sync_check_switch.sh\n cat > /etc/systemd/system/sync-check-switch.service << \\EOF\n[Unit]\nDescription=Sync Check Switch\nAfter=network.target\n\n[Service]\nExecStart=/etc/systemd/system/sync_check_switch.sh\nRestartSec=3\nRestart=always\n\n[Install]\nWantedBy=default.target\nEOF\n\n cat > /etc/systemd/system/sync-nas.service << \\EOF\n[Unit]\nDescription=Sync NAS Service\nAfter=network.target\n\n[Service]\nExecStart=/etc/systemd/system/sync_nas.sh\nRestart=always\nRestartSec=3\n\n[Install]\nWantedBy=default.target\nEOF\n\n sudo systemctl daemon-reload\n sudo systemctl start sync-nas.service\n sudo systemctl enable sync-check-switch.service\n sudo systemctl start sync-check-switch.service\n sudo systemctl enable sync-nas.service\n echo \"Step6: Install \" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Synchronization server has been installed\"\n echo \"#########################\"\nfi"
},
"Type": "RunShellScript",
"Sync": true,
"InstanceIds": [
{
"Ref": "EcsInstanceGroup1"
},
{
"Ref": "EcsInstanceGroup2"
}
],
"Timeout": "300"
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"Zone1",
"Zone2",
"NasZone1",
"NasZone2"
],
"Label": {
"default": {
"zh-cn": "可用性區域配置",
"en": "Availability Zone"
}
}
},
{
"Parameters": [
"EcsInstanceType1",
"EcsInstanceType2",
"InstancePassword"
],
"Label": {
"default": {
"zh-cn": "ECS執行個體配置",
"en": "Instance Configure"
}
}
}
],
"TemplateTags": [
"acs:technical-solution:high-availability-architecture:高可用及共用儲存Web服務-tech_solu_12"
],
"Hidden": [
"CommonName"
]
}
}
}更多樣本,請參考包含此資源的公用模板。