ALIYUN::SLB::Listener类型用于创建负载均衡监听。
语法
{
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"MasterSlaveServerGroupId": String,
"AclStatus": String,
"Protocol": String,
"AclId": String,
"ServerCertificateId": String,
"HealthCheck": Map,
"RequestTimeout": Integer,
"IdleTimeout": Integer,
"ListenerPort": Integer,
"HttpConfig": Map,
"Bandwidth": Integer,
"AclType": String,
"BackendServerPort": Integer,
"Scheduler": String,
"LoadBalancerId": String,
"CACertificateId": String,
"Persistence": Map,
"VServerGroupId": String,
"Description": String,
"PortRange": List,
"StartListener": Boolean,
"EnableHttp2": String,
"Gzip": String,
"TLSCipherPolicy": String,
"AclIds": List,
"ProxyProtocolV2Enabled": Boolean,
"ConnectionDrainTimeout": Integer,
"Tags": List,
"FullNatEnabled": Boolean,
"ConnectionDrain": String
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
MasterSlaveServerGroupId | String | 否 | 否 | 主备服务器组ID。 | 无 |
AclStatus | String | 否 | 是 | 是否开启访问控制功能。 | 取值:
|
EnableHttp2 | String | 否 | 是 | 是否开启HTTP2特性。 | 取值:
|
AclId | String | 否 | 是 | 监听绑定的访问策略组ID。 | 当AclStatus取值为on时,必须指定该参数。 |
AclType | String | 否 | 是 | 访问控制类型。 | 取值:
|
Protocol | String | 是 | 否 | 网络协议。 | 取值:
|
ListenerPort | Integer | 是 | 否 | 负载均衡实例前端使用的端口。 | 取值范围:1~65,535。 |
Bandwidth | Integer | 是 | 是 | 监听的带宽峰值。 | 取值范围:-1或1~1000。 单位:Mbps。 取值说明:
|
BackendServerPort | Integer | 否 | 否 | 负载均衡实例后端使用的端口。 | 取值范围:1~65,535。 |
FullNatEnabled | Boolean | 否 | 是 | 当启用全NAT模式时,可以支持后端服务器作为客户端进行访问。 | 默认值为false。 注意:仅对TCP或UDP监听器生效。 |
LoadBalancerId | String | 是 | 否 | 负载均衡实例的ID。 | 无 |
HealthCheck | Map | 否 | 是 | 健康检查设置。 | 更多信息,请参见HealthCheck 属性。 |
Persistence | Map | 否 | 是 | 相关参数的持久化。 | 更多信息,请参见Persistence 属性。 |
Scheduler | String | 否 | 否 | 调度算法。 | 取值:
|
CACertificateId | String | 否 | 否 | CA证书ID。 | 只对HTTPS协议有效。 |
ServerCertificateId | String | 否 | 是 | 服务器证书的ID。 | 只对HTTPS协议有效,且必须指定该参数。 |
VServerGroupId | String | 否 | 是 | 服务器组ID。 | 无 |
RequestTimeout | Integer | 否 | 否 | 请求超时时间。 | 取值范围:1~180。 单位:秒。 |
IdleTimeout | Integer | 否 | 否 | 连接空闲超时时间。 | 取值范围:1~60。 单位:秒。 |
HttpConfig | Map | 否 | 否 | 用于配置HTTP协议。 | 更多信息,请参见HttpConfig 属性。 |
Description | String | 否 | 否 | 监听的描述信息。 | 长度为1~80个字符。可包含英文字母、汉字、数字、短划线(-)、正斜线(/)、半角句号(.)和下划线(_)。 |
PortRange | List | 否 | 否 | 监听的端口范围。 | 目前仅支持开启全端口监听,即 StartPort=1,EndPort=65,535。 更多信息,请参见PortRange 属性。 |
StartListener | Boolean | 否 | 否 | 是否启动监听器。 | 取值:
|
Gzip | String | 否 | 是 | 指定是否启用Gzip压缩,以压缩特定类型的文件。 | 取值:
|
TLSCipherPolicy | String | 否 | 是 | TLS安全策略。 | 每个安全策略包含可用于HTTPS的TLS协议版本和密码套件。 说明 当Protocol为 |
AclIds | List | 否 | 是 | 与要创建的侦听器关联的访问控制的ID列表。 | 如果 |
ProxyProtocolV2Enabled | Boolean | 否 | 是 | 是否支持通过Proxy Protocol协议携带客户端源地址到后端服务器。 | 取值:
|
ConnectionDrainTimeout | Integer | 否 | 是 | 设置连接优雅中断超时时间。 | 单位:秒。 取值范围:10~900。 |
Tags | List | 否 | 是 | 标签列表 | 更多信息,请参见Tags属性。 |
ConnectionDrain | String | 否 | 是 | 是否开启连接优雅中断。 | 取值:
|
HealthCheck 语法
"HealthCheck": {
"Domain": String,
"Interval": Integer,
"URI": String,
"HttpCode": String,
"HealthyThreshold": Integer,
"HealthCheckType": String,
"Timeout": Integer,
"UnhealthyThreshold": Integer,
"Port": Integer,
"Switch": String,
"HealthCheckMethod": String,
"Req": String,
"Exp": String
}HealthCheck 属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Domain | String | 否 | 否 | 用于健康检查的域名。 | 取值:
说明 用户设置此参数为$_ip或空时,负载均衡会使用各后端服务器的私网IP作为健康检查使用的域名。 |
Interval | Integer | 否 | 否 | 健康检查的时间间隔。 | 取值范围:1~5。 单位:秒。 |
URI | String | 否 | 否 | 用于健康检查的URI。 | 长度为1~80个字符。必须以正斜线(/)开头,可包含英文字母、数字、短划线(-)、正斜线(/)、半角句号(.)、百分号(%)、问号(?)、井号(#)和and(&)。 |
HttpCode | String | 否 | 否 | HTTP状态码。 | 取值:
多个HTTP状态码之间用半角逗号(,)分隔。 |
HealthyThreshold | Integer | 否 | 否 | 判定健康检查结果为success的阈值。即,健康检查连续成功多少次后,将后端服务器的健康检查状态由fail改为success。 | 取值范围:1~10。 |
HealthCheckType | String | 否 | 否 | 健康检查类型。 | 取值:
|
Timeout | Integer | 否 | 否 | 每次健康检查响应的最大超时时间。 | 取值范围:1~50。 单位:秒。 说明 如果Timeout值小于Interval值,则Timeout无效,超时时间为Interval的值。 |
UnhealthyThreshold | Integer | 否 | 否 | 判定健康检查结果为fail的阈值。即,健康检查连续失败多少次后,将后端服务器的健康检查状态由success改为fail。 | 取值范围:1~10。 |
Port | Integer | 否 | 否 | 用于健康检查的端口。 | 取值范围:0~65,535。 |
Switch | String | 否 | 否 | 是否启用健康检查。 | 取值:
说明 当前仅对HTTP或HTTPS协议有效。如果未设置Switch,默认将禁用健康检查,除非已经配置了健康检查项目。 |
HealthCheckMethod | String | 否 | 否 | 健康检查方法。 | 取值:
说明 当Protocol取值为 |
Req | String | 否 | 否 | UDP监听健康检查的请求字符串仅限于字母和数字 | 最大长度为64个字符。 |
Exp | String | 否 | 否 | UDP监听健康检查的响应字符串仅限于字母和数字。 | 最大长度为64个字符。 |
Persistence 语法
"Persistence": {
"PersistenceTimeout": Integer,
"CookieTimeout": Integer,
"XForwardedFor": String,
"XForwardedFor_SLBID": String,
"XForwardedFor_proto": String,
"XForwardedFor_SLBIP": String,
"Cookie": String,
"StickySession": String,
"StickySessionType": String,
"XForwardedFor_ClientSrcPort": String,
"XForwardedFor_SLBPORT": String
}Persistence 属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
StickySession | String | 否 | 是 | 是否开启会话保持。 | 取值:
|
PersistenceTimeout | Integer | 否 | 是 | 连接持久化的超时时间。 | 取值范围:0~1000。 默认值:0。表示关闭。 单位:秒。 |
CookieTimeout | Integer | 否 | 是 | Cookie超时时间。 | 取值范围:1~86,400。 单位:秒。 说明 当StickySession为on且StickySessionType为insert时,该参数必选。 |
XForwardedFor | String | 否 | 是 | 是否通过X-Forwarded-Fort头字段获取来访者真实IP。 | 取值:
|
XForwardedFor_proto | String | 否 | 是 | 是否通过X-Forwarded-Proto头字段获取负载均衡实例的监听协议。 | 取值:
|
XForwardedFor_SLBID | String | 否 | 是 | 是否通过SLB-ID头字段获取负载均衡实例ID。 | 取值:
|
XForwardedFor_SLBIP | String | 否 | 是 | 是否通过SLB-IP头字段获取客户端请求的真实IP。 | 取值:
|
Cookie | String | 否 | 是 | 服务器上配置的Cookie。 | 长度为1~200个字符,不能以美元符号($)开头。可包含英文字母和数字,不能包含半角逗号(,)、半角分号(;)和空格( )。 说明 当StickySession为on且StickySessionType为server时,该参数必选。 |
StickySessionType | String | 否 | 是 | Cookie的处理方式。 | 取值:
说明 当StickySession的值为on时,必须指定该参数。 |
XForwardedFor_ClientSrcPort | String | 否 | 是 | 是否通过X-Forwarded-Client-srcport头字段获取客户端连接负载均衡实例所使用的端口。 | 取值:
|
XForwardedFor_SLBPORT | String | 否 | 是 | 是否通过X-Forwarded-Port头字段获取负载均衡实例的监听端口。 | 取值:
|
HttpConfig 语法
"HttpConfig": {
"ForwardPort": Integer,
"ListenerForward": String
}HttpConfig 属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
ForwardPort | Integer | 否 | 否 | HTTP到HTTPS监听转发端口。 | 取值范围:1~65,535。 默认值:443。 |
ListenerForward | String | 否 | 否 | 是否将HTTP启用为HTTPS转发。 | 取值:
|
PortRange 语法
"PortRange": [
{
"StartPort": Integer,
"EndPort": Integer
}
]PortRange 属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
StartPort | Integer | 是 | 否 | 起始端口。 | 取值:1。 |
EndPort | Integer | 是 | 否 | 结束端口。 | 取值:65,535。 |
Tags 语法
"Tags": [
{
"Key": String,
"Value": String
}
]Tags 属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Key | String | 是 | 否 | 标签键。 | 无 |
Value | String | 否 | 否 | 标签值。 | 无 |
返回值
Fn::GetAtt
LoadBalancerId:负载均衡实例的唯一标识。
ListenerPortsAndProtocol:负载均衡实例前端使用的端口和协议。
Arn:阿里云资源名称。
示例
场景 1 :创建负载均衡监听。
ROSTemplateFormatVersion: '2015-09-01'
Description: Test SLB Listener
Parameters:
SlbInstanceId:
AssociationProperty: ALIYUN::SLB::Instance::InstanceId
Type: String
Resources:
Listener:
Type: ALIYUN::SLB::Listener
Properties:
BackendServerPort: 8080
Bandwidth: 50
ListenerPort: 80
LoadBalancerId:
Ref: SlbInstanceId
Protocol: https
Scheduler: wrr
Outputs: {}{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "Test SLB Listener",
"Parameters": {
"SlbInstanceId": {
"AssociationProperty": "ALIYUN::SLB::Instance::InstanceId",
"Type": "String"
}
},
"Resources": {
"Listener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"BackendServerPort": 8080,
"Bandwidth": 50,
"ListenerPort": 80,
"LoadBalancerId": {
"Ref": "SlbInstanceId"
},
"Protocol": "https",
"Scheduler": "wrr"
}
}
},
"Outputs": {
}
}场景 2 :创建有健康检查的负载均衡监听。
ROSTemplateFormatVersion: '2015-09-01'
Description: Test SLB Listener
Parameters:
SlbInstanceId:
AssociationProperty: ALIYUN::SLB::Instance::InstanceId
Type: String
Resources:
Listener:
Type: ALIYUN::SLB::Listener
Properties:
ListenerPort: 80
Bandwidth: 10
HealthCheck:
HttpCode: http_2xx,http_3xx,http_4xx,http_5xx
HealthCheckType: http
UnhealthyThreshold: 3
Timeout: 5
HealthyThreshold: 3
Port: 80
URI: /
Interval: 5
LoadBalancerId:
Ref: SlbInstanceId
BackendServerPort: 80
Protocol: http
Outputs: {}{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "Test SLB Listener",
"Parameters": {
"SlbInstanceId": {
"AssociationProperty": "ALIYUN::SLB::Instance::InstanceId",
"Type": "String"
}
},
"Resources": {
"Listener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"BackendServerPort": 8080,
"Bandwidth": 50,
"ListenerPort": 80,
"LoadBalancerId": {
"Ref": "SlbInstanceId"
},
"Protocol": "https",
"Scheduler": "wrr"
}
}
},
"Outputs": {
}
}场景 3 :创建高可用Web服务。
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 构建高可用Web服务,包含双可用区ECS实例、负载均衡SLB、NAS存储挂载,自动同步配置,支持公网访问。
en: Constructing a highly available web service comprises dual availability zone
ECS instances, a Load Balancer (SLB), Network Attached Storage (NAS) mounts, automatic
configuration synchronization, and is accessible via the public internet.
Parameters:
NasZone1:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用区1要不同与可用区2。
en: Availability zone 1 must be different from Availability zone 2.
Label:
zh-cn: NAS可用区1
en: NAS Availability Zone1
NasZone2:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用区2要不同与可用区1。
en: Availability zone 2 must be different from Availability zone 1.
Label:
zh-cn: NAS可用区2
en: NAS Availability Zone2
CommonName:
Default: high-availability
Type: String
InstancePassword:
Type: String
Description:
zh-cn: >-
服务器登录密码,长度8~30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
中的特殊符号)。
en: >-
Server login password, Length 8~30, must contain three(Capital letters,
lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special
symbol in).
MinLength: 8
Label:
zh-cn: 实例密码
en: Instance Password
AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
NoEcho: true
MaxLength: 30
AssociationProperty: 'ALIYUN::ECS::Instance::Password'
ConstraintDescription:
zh-cn: '长度8~30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;''<>,.?/ 中的特殊符号)。'
en: >-
Length 8~30, must contain three(Capital letters, lowercase letters,
numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
EcsInstanceType2:
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
SystemDiskCategory: cloud_essd
InstanceChargeType: PostPaid
ZoneId: '${Zone2}'
Type: String
Label:
zh-cn: 可用区2的实例类型
en: Instance Type Of Availability Zone2
Zone2:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用区2要不同与可用区1。
en: Availability zone 2 must be different from Availability zone 1.
Label:
zh-cn: 交换机可用区2
en: VSwitch Availability Zone2
Zone1:
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
Type: String
Description:
zh-cn: 可用区1要不同与可用区2。
en: Availability zone 1 must be different from Availability zone 2.
Label:
zh-cn: 交换机可用区1
en: VSwitch Availability Zone1
EcsInstanceType1:
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
SystemDiskCategory: cloud_essd
InstanceChargeType: PostPaid
ZoneId: '${Zone1}'
Type: String
Label:
zh-cn: 可用区1的实例类型
en: Instance Type Of Availability Zone1
Rules:
DifferentZones2:
Assertions:
- Assert:
'Fn::Not':
'Fn::Equals':
- Ref: NasZone1
- Ref: NasZone2
AssertDescription: NAS Zones must be different
DifferentZones1:
Assertions:
- Assert:
'Fn::Not':
'Fn::Equals':
- Ref: Zone1
- Ref: Zone2
AssertDescription: ECS Zones must be different
Outputs:
ECS1URL:
Description: ECS 1 URL
Value:
'Fn::Sub':
- >-
https://ecs.console.aliyun.com/#/server/region/${region}?instanceIds=${InstanceID}
- InstanceID:
'Fn::Select':
- '0'
- 'Fn::GetAtt':
- EcsInstanceGroup1
- InstanceIds
region:
Ref: 'ALIYUN::Region'
FileSystemId1:
Description:
zh-cn: 主NAS
en: Master NAS
Value:
'Fn::Sub':
- 'https://nasnext.console.aliyun.com/${region}/filesystem/${InstanceID}'
- InstanceID:
'Fn::GetAtt':
- MasterFileSystem
- FileSystemId
region:
Ref: 'ALIYUN::Region'
ECS2URL:
Description: ECS 2 URL
Value:
'Fn::Sub':
- >-
https://ecs.console.aliyun.com/#/server/region/${region}?instanceIds=${InstanceID}
- InstanceID:
'Fn::Select':
- '0'
- 'Fn::GetAtt':
- EcsInstanceGroup1
- InstanceIds
region:
Ref: 'ALIYUN::Region'
SlbIpAddress:
Description:
zh-cn: 对外暴露的公网IP地址
en: Public IP Addresses
Value:
'Fn::Sub':
- 'http://${ServerAddress}'
- ServerAddress:
'Fn::GetAtt':
- Slb
- IpAddress
FileSystemId2:
Description:
zh-cn: 备NAS
en: Backup NAS
Value:
'Fn::Sub':
- 'https://nasnext.console.aliyun.com/${region}/filesystem/${InstanceID}'
- InstanceID:
'Fn::GetAtt':
- BackupFileSystem
- FileSystemId
region:
Ref: 'ALIYUN::Region'
MountInfo1:
Description:
zh-cn: NAS在ECS上的挂载目录1
en: NAS mounting directory 1 on ECS
Value: '/nas_master'
MountInfo2:
Description:
zh-cn: NAS在ECS上的挂载目录2
en: NAS mounting directory 2 on ECS
Value: '/nas_backup'
Resources:
SlbListener:
Type: 'ALIYUN::SLB::Listener'
Properties:
Protocol: http
HealthCheck:
HealthCheckType: http
Interval: 2
URI: /
UnhealthyThreshold: 3
HealthyThreshold: 3
Timeout: 5
HttpCode: 'http_2xx,http_3xx,http_4xx,http_5xx'
Port: 80
ListenerPort: 80
Bandwidth: 10
BackendServerPort: 80
LoadBalancerId:
Ref: Slb
DependsOn:
- Slb
EcsSecurityGroup:
Type: 'ALIYUN::ECS::SecurityGroup'
Properties:
SecurityGroupIngress:
- Priority: 1
PortRange: 80/80
NicType: internet
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
VpcId:
Ref: EcsVpc
SecurityGroupEgress:
- Priority: 1
PortRange: '-1/-1'
DestCidrIp: 0.0.0.0/0
NicType: internet
IpProtocol: all
- Priority: 1
PortRange: '-1/-1'
DestCidrIp: 0.0.0.0/0
NicType: intranet
IpProtocol: all
SecurityGroupName:
'Fn::Sub': '${CommonName}_sg'
MasterNasMountTarget:
Type: 'ALIYUN::NAS::MountTarget'
Properties:
NetworkType: Vpc
FileSystemId:
Ref: MasterFileSystem
VpcId:
Ref: EcsVpc
VSwitchId:
Ref: EcsVSwitch3
AccessGroupName: DEFAULT_VPC_GROUP_NAME
EcsVSwitch4:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_002'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.4.0/24
ZoneId:
Ref: NasZone2
MasterFileSystem:
Type: 'ALIYUN::NAS::FileSystem'
Properties:
StorageType: Capacity
ProtocolType: NFS
VpcId:
Ref: EcsVpc
Description: MasterNAS
ZoneId:
Ref: NasZone1
EcsVSwitch2:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_002'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.2.0/24
ZoneId:
Ref: Zone2
EcsVSwitch3:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_002'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.3.0/24
ZoneId:
Ref: NasZone1
EcsVSwitch1:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VSwitchName:
'Fn::Sub': '${CommonName}_vsw_001'
VpcId:
Ref: EcsVpc
CidrBlock: 192.168.1.0/24
ZoneId:
Ref: Zone1
BackupFileSystem:
Type: 'ALIYUN::NAS::FileSystem'
Properties:
StorageType: Capacity
ProtocolType: NFS
VpcId:
Ref: EcsVpc
Description: BackupNAS
ZoneId:
Ref: NasZone2
BackupNasMountTarget:
Type: 'ALIYUN::NAS::MountTarget'
Properties:
NetworkType: Vpc
FileSystemId:
Ref: BackupFileSystem
VpcId:
Ref: EcsVpc
VSwitchId:
Ref: EcsVSwitch4
AccessGroupName: DEFAULT_VPC_GROUP_NAME
EcsInstanceGroup1:
Type: 'ALIYUN::ECS::InstanceGroup'
Properties:
SystemDiskCategory: cloud_essd
VpcId:
Ref: EcsVpc
SecurityGroupId:
Ref: EcsSecurityGroup
SystemDiskSize: 40
ImageId: aliyun_3_x64_20G_alibase_20230727.vhd
SpotStrategy: SpotAsPriceGo
IoOptimized: optimized
VSwitchId:
Ref: EcsVSwitch1
Password:
Ref: InstancePassword
InstanceName:
'Fn::Sub': '${CommonName}_ecs_001'
InstanceType:
Ref: EcsInstanceType1
ZoneId:
Ref: Zone1
MaxAmount: 1
EcsInstanceGroup2:
Type: 'ALIYUN::ECS::InstanceGroup'
Properties:
SystemDiskCategory: cloud_essd
VpcId:
Ref: EcsVpc
SecurityGroupId:
Ref: EcsSecurityGroup
SystemDiskSize: 40
ImageId: aliyun_3_x64_20G_alibase_20230727.vhd
SpotStrategy: SpotAsPriceGo
IoOptimized: optimized
VSwitchId:
Ref: EcsVSwitch2
Password:
Ref: InstancePassword
InstanceName:
'Fn::Sub': '${CommonName}_ecs_002'
InstanceType:
Ref: EcsInstanceType2
ZoneId:
Ref: Zone2
MaxAmount: 1
EcsVpc:
Type: 'ALIYUN::ECS::VPC'
Properties:
VpcName:
'Fn::Sub': '${CommonName}_vpc'
CidrBlock: 192.168.0.0/16
SlbBackendServerAttachment:
Type: 'ALIYUN::SLB::BackendServerAttachment'
Properties:
BackendServerList:
'Fn::ListMerge':
- 'Fn::GetAtt':
- EcsInstanceGroup1
- InstanceIds
- 'Fn::GetAtt':
- EcsInstanceGroup2
- InstanceIds
BackendServerWeightList:
- 100
- 100
LoadBalancerId:
Ref: Slb
Slb:
Type: 'ALIYUN::SLB::LoadBalancer'
Properties:
AddressType: internet
LoadBalancerName:
'Fn::Sub': '${CommonName}-slb'
InstanceChargeType: PayByCLCU
PayType: PayOnDemand
InstanceRunCommand:
Type: 'ALIYUN::ECS::RunCommand'
Properties:
CommandContent:
'Fn::Sub': >-
#!/bin/bash
if [ ! -f .ros.provision ]; then
echo "Name: 高可用及共享存储Web服务" > .ros.provision
fi
name=$(grep "^Name:" .ros.provision | awk -F':' '{print $2}' | sed -e
's/^[[:space:]]*//' -e 's/[[:space:]]*$//')
if [[ "$name" != "高可用及共享存储Web服务" ]]; then
echo "当前实例已使用过\"$name\"教程的一键配置,不能再使用本教程的一键配置"
exit 0
fi
echo "#########################"
echo "# Check Network"
echo "#########################"
ping -c 2 -W 2 aliyun.com > /dev/null
if [[ $? -ne 0 ]]; then
echo "当前实例无法访问公网"
exit 0
fi
if ! grep -q "^Step1: Prepare Environment$" .ros.provision; then
echo "#########################"
echo "# Prepare Environment"
echo "#########################"
systemctl status firewalld
systemctl stop firewalld
echo "Step1: Prepare Environment" >> .ros.provision
else
echo "#########################"
echo "# Environment has been ready"
echo "#########################"
fi
if ! grep -q "^Step2: Install Nginx and deploy service$"
.ros.provision; then
echo "#########################"
echo "# Install Nginx"
echo "#########################"
sudo yum -y install nginx
sudo wget -O /usr/share/nginx/html/index.html https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231013/jhgg/index.html
sudo wget -O /usr/share/nginx/html/lipstick.png https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20230925/zevs/lipstick.png
sudo systemctl start nginx
sudo systemctl enable nginx
echo "Step2: Install Nginx and deploy service" >> .ros.provision
else
echo "#########################"
echo "# Nginx has been installed"
echo "#########################"
fi
if ! grep -q "^Step3: Mount to the ECS" .ros.provision; then
echo "#########################"
echo "# Mount to the ECS"
echo "#########################"
mkdir /nas_master
mkdir /nas_backup
sudo yum install -y nfs-utils
sudo echo "options sunrpc tcp_slot_table_entries=128" >> /etc/modprobe.d/sunrpc.conf
sudo echo "options sunrpc tcp_max_slot_table_entries=128" >> /etc/modprobe.d/sunrpc.conf
sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${MasterNasMountTarget.MountTargetDomain}:/ /nas_master
sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup
sudo echo "${MasterNasMountTarget.MountTargetDomain}:/ /nas_master nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0" >> /etc/fstab
sudo echo "${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0" >> /etc/fstab
df -h | grep aliyun
else
echo "#########################"
echo "# The ECS has been attached to the Nas"
echo "#########################"
fi
if ! grep -q "^Step4: Shared file$" .ros.provision; then
echo "#########################"
echo "# Shared file"
echo "#########################"
sudo cp -Lvr /usr/share/nginx/html /nas_master
sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
echo "Step4: Shared file" >> .ros.provision
else
echo "#########################"
echo "# File has been Shared"
echo "#########################"
fi
if ! grep -q "^Step5: Install inotify-tools、rsync$" .ros.provision;
then
echo "#########################"
echo "# Install inotify-tools、rsync"
echo "#########################"
sudo yum install -y inotify-tools rsync
echo "Step6: Install inotify-tools、rsync" >> .ros.provision
else
echo "#########################"
echo "# Inotify-tools has been installed"
echo "#########################"
fi
if ! grep -q "^Step6: Install synchronization server$" .ros.provision;
then
echo "#########################"
echo "# Install synchronization server"
echo "#########################"
sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231017/pftz/sync_nas.sh
sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/en-US/20230925/wmaj/sync_check_switch.sh
sudo chmod +x /etc/systemd/system/sync_nas.sh
sudo chmod +x /etc/systemd/system/sync_check_switch.sh
cat > /etc/systemd/system/sync-check-switch.service << \EOF
[Unit]
Description=Sync Check Switch
After=network.target
[Service]
ExecStart=/etc/systemd/system/sync_check_switch.sh
RestartSec=3
Restart=always
[Install]
WantedBy=default.target
EOF
cat > /etc/systemd/system/sync-nas.service << \EOF
[Unit]
Description=Sync NAS Service
After=network.target
[Service]
ExecStart=/etc/systemd/system/sync_nas.sh
Restart=always
RestartSec=3
[Install]
WantedBy=default.target
EOF
sudo systemctl daemon-reload
sudo systemctl start sync-nas.service
sudo systemctl enable sync-check-switch.service
sudo systemctl start sync-check-switch.service
sudo systemctl enable sync-nas.service
echo "Step6: Install " >> .ros.provision
else
echo "#########################"
echo "# Synchronization server has been installed"
echo "#########################"
fi
Type: RunShellScript
Sync: true
InstanceIds:
- Ref: EcsInstanceGroup1
- Ref: EcsInstanceGroup2
Timeout: '300'
Metadata:
'ALIYUN::ROS::Interface':
ParameterGroups:
- Parameters:
- Zone1
- Zone2
- NasZone1
- NasZone2
Label:
default:
zh-cn: 可用区配置
en: Availability Zone
- Parameters:
- EcsInstanceType1
- EcsInstanceType2
- InstancePassword
Label:
default:
zh-cn: ECS实例配置
en: Instance Configure
TemplateTags:
- 'acs:technical-solution:high-availability-architecture:高可用及共享存储Web服务-tech_solu_12'
Hidden:
- CommonName
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "构建高可用Web服务,包含双可用区ECS实例、负载均衡SLB、NAS存储挂载,自动同步配置,支持公网访问。",
"en": "Constructing a highly available web service comprises dual availability zone ECS instances, a Load Balancer (SLB), Network Attached Storage (NAS) mounts, automatic configuration synchronization, and is accessible via the public internet."
},
"Parameters": {
"NasZone1": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用区1要不同与可用区2。",
"en": "Availability zone 1 must be different from Availability zone 2."
},
"Label": {
"zh-cn": "NAS可用区1",
"en": "NAS Availability Zone1"
}
},
"NasZone2": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用区2要不同与可用区1。",
"en": "Availability zone 2 must be different from Availability zone 1."
},
"Label": {
"zh-cn": "NAS可用区2",
"en": "NAS Availability Zone2"
}
},
"CommonName": {
"Default": "high-availability",
"Type": "String"
},
"InstancePassword": {
"Type": "String",
"Description": {
"zh-cn": "服务器登录密码,长度8~30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。",
"en": "Server login password, Length 8~30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)."
},
"MinLength": 8,
"Label": {
"zh-cn": "实例密码",
"en": "Instance Password"
},
"AllowedPattern": "[0-9A-Za-z\\_\\-\\&:;'<>,=%`~!@#\\(\\)\\$\\^\\*\\+\\|\\{\\}\\[\\]\\.\\?\\/]+$",
"NoEcho": true,
"MaxLength": 30,
"AssociationProperty": "ALIYUN::ECS::Instance::Password",
"ConstraintDescription": {
"zh-cn": "长度8~30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。",
"en": "Length 8~30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)."
}
},
"EcsInstanceType2": {
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"SystemDiskCategory": "cloud_essd",
"InstanceChargeType": "PostPaid",
"ZoneId": "${Zone2}"
},
"Type": "String",
"Label": {
"zh-cn": "可用区2的实例类型",
"en": "Instance Type Of Availability Zone2"
}
},
"Zone2": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用区2要不同与可用区1。",
"en": "Availability zone 2 must be different from Availability zone 1."
},
"Label": {
"zh-cn": "交换机可用区2",
"en": "VSwitch Availability Zone2"
}
},
"Zone1": {
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"Type": "String",
"Description": {
"zh-cn": "可用区1要不同与可用区2。",
"en": "Availability zone 1 must be different from Availability zone 2."
},
"Label": {
"zh-cn": "交换机可用区1",
"en": "VSwitch Availability Zone1"
}
},
"EcsInstanceType1": {
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"SystemDiskCategory": "cloud_essd",
"InstanceChargeType": "PostPaid",
"ZoneId": "${Zone1}"
},
"Type": "String",
"Label": {
"zh-cn": "可用区1的实例类型",
"en": "Instance Type Of Availability Zone1"
}
}
},
"Rules": {
"DifferentZones2": {
"Assertions": [
{
"Assert": {
"Fn::Not": {
"Fn::Equals": [
{
"Ref": "NasZone1"
},
{
"Ref": "NasZone2"
}
]
}
},
"AssertDescription": "NAS Zones must be different"
}
]
},
"DifferentZones1": {
"Assertions": [
{
"Assert": {
"Fn::Not": {
"Fn::Equals": [
{
"Ref": "Zone1"
},
{
"Ref": "Zone2"
}
]
}
},
"AssertDescription": "ECS Zones must be different"
}
]
}
},
"Outputs": {
"ECS1URL": {
"Description": "ECS 1 URL",
"Value": {
"Fn::Sub": [
"https://ecs.console.aliyun.com/#/server/region/${region}?instanceIds=${InstanceID}",
{
"InstanceID": {
"Fn::Select": [
"0",
{
"Fn::GetAtt": [
"EcsInstanceGroup1",
"InstanceIds"
]
}
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"FileSystemId1": {
"Description": {
"zh-cn": "主NAS",
"en": "Master NAS"
},
"Value": {
"Fn::Sub": [
"https://nasnext.console.aliyun.com/${region}/filesystem/${InstanceID}",
{
"InstanceID": {
"Fn::GetAtt": [
"MasterFileSystem",
"FileSystemId"
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"ECS2URL": {
"Description": "ECS 2 URL",
"Value": {
"Fn::Sub": [
"https://ecs.console.aliyun.com/#/server/region/${region}?instanceIds=${InstanceID}",
{
"InstanceID": {
"Fn::Select": [
"0",
{
"Fn::GetAtt": [
"EcsInstanceGroup1",
"InstanceIds"
]
}
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"SlbIpAddress": {
"Description": {
"zh-cn": "对外暴露的公网IP地址",
"en": "Public IP Addresses"
},
"Value": {
"Fn::Sub": [
"http://${ServerAddress}",
{
"ServerAddress": {
"Fn::GetAtt": [
"Slb",
"IpAddress"
]
}
}
]
}
},
"FileSystemId2": {
"Description": {
"zh-cn": "备NAS",
"en": "Backup NAS"
},
"Value": {
"Fn::Sub": [
"https://nasnext.console.aliyun.com/${region}/filesystem/${InstanceID}",
{
"InstanceID": {
"Fn::GetAtt": [
"BackupFileSystem",
"FileSystemId"
]
},
"region": {
"Ref": "ALIYUN::Region"
}
}
]
}
},
"MountInfo1": {
"Description": {
"zh-cn": "NAS在ECS上的挂载目录1",
"en": "NAS mounting directory 1 on ECS"
},
"Value": "/nas_master"
},
"MountInfo2": {
"Description": {
"zh-cn": "NAS在ECS上的挂载目录2",
"en": "NAS mounting directory 2 on ECS"
},
"Value": "/nas_backup"
}
},
"Resources": {
"SlbListener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"Protocol": "http",
"HealthCheck": {
"HealthCheckType": "http",
"Interval": 2,
"URI": "/",
"UnhealthyThreshold": 3,
"HealthyThreshold": 3,
"Timeout": 5,
"HttpCode": "http_2xx,http_3xx,http_4xx,http_5xx",
"Port": 80
},
"ListenerPort": 80,
"Bandwidth": 10,
"BackendServerPort": 80,
"LoadBalancerId": {
"Ref": "Slb"
}
},
"DependsOn": [
"Slb"
]
},
"EcsSecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"SecurityGroupIngress": [
{
"Priority": 1,
"PortRange": "80/80",
"NicType": "internet",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
}
],
"VpcId": {
"Ref": "EcsVpc"
},
"SecurityGroupEgress": [
{
"Priority": 1,
"PortRange": "-1/-1",
"DestCidrIp": "0.0.0.0/0",
"NicType": "internet",
"IpProtocol": "all"
},
{
"Priority": 1,
"PortRange": "-1/-1",
"DestCidrIp": "0.0.0.0/0",
"NicType": "intranet",
"IpProtocol": "all"
}
],
"SecurityGroupName": {
"Fn::Sub": "${CommonName}_sg"
}
}
},
"MasterNasMountTarget": {
"Type": "ALIYUN::NAS::MountTarget",
"Properties": {
"NetworkType": "Vpc",
"FileSystemId": {
"Ref": "MasterFileSystem"
},
"VpcId": {
"Ref": "EcsVpc"
},
"VSwitchId": {
"Ref": "EcsVSwitch3"
},
"AccessGroupName": "DEFAULT_VPC_GROUP_NAME"
}
},
"EcsVSwitch4": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_002"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.4.0/24",
"ZoneId": {
"Ref": "NasZone2"
}
}
},
"MasterFileSystem": {
"Type": "ALIYUN::NAS::FileSystem",
"Properties": {
"StorageType": "Capacity",
"ProtocolType": "NFS",
"VpcId": {
"Ref": "EcsVpc"
},
"Description": "MasterNAS",
"ZoneId": {
"Ref": "NasZone1"
}
}
},
"EcsVSwitch2": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_002"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.2.0/24",
"ZoneId": {
"Ref": "Zone2"
}
}
},
"EcsVSwitch3": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_002"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.3.0/24",
"ZoneId": {
"Ref": "NasZone1"
}
}
},
"EcsVSwitch1": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VSwitchName": {
"Fn::Sub": "${CommonName}_vsw_001"
},
"VpcId": {
"Ref": "EcsVpc"
},
"CidrBlock": "192.168.1.0/24",
"ZoneId": {
"Ref": "Zone1"
}
}
},
"BackupFileSystem": {
"Type": "ALIYUN::NAS::FileSystem",
"Properties": {
"StorageType": "Capacity",
"ProtocolType": "NFS",
"VpcId": {
"Ref": "EcsVpc"
},
"Description": "BackupNAS",
"ZoneId": {
"Ref": "NasZone2"
}
}
},
"BackupNasMountTarget": {
"Type": "ALIYUN::NAS::MountTarget",
"Properties": {
"NetworkType": "Vpc",
"FileSystemId": {
"Ref": "BackupFileSystem"
},
"VpcId": {
"Ref": "EcsVpc"
},
"VSwitchId": {
"Ref": "EcsVSwitch4"
},
"AccessGroupName": "DEFAULT_VPC_GROUP_NAME"
}
},
"EcsInstanceGroup1": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"SystemDiskCategory": "cloud_essd",
"VpcId": {
"Ref": "EcsVpc"
},
"SecurityGroupId": {
"Ref": "EcsSecurityGroup"
},
"SystemDiskSize": 40,
"ImageId": "aliyun_3_x64_20G_alibase_20230727.vhd",
"SpotStrategy": "SpotAsPriceGo",
"IoOptimized": "optimized",
"VSwitchId": {
"Ref": "EcsVSwitch1"
},
"Password": {
"Ref": "InstancePassword"
},
"InstanceName": {
"Fn::Sub": "${CommonName}_ecs_001"
},
"InstanceType": {
"Ref": "EcsInstanceType1"
},
"ZoneId": {
"Ref": "Zone1"
},
"MaxAmount": 1
}
},
"EcsInstanceGroup2": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"SystemDiskCategory": "cloud_essd",
"VpcId": {
"Ref": "EcsVpc"
},
"SecurityGroupId": {
"Ref": "EcsSecurityGroup"
},
"SystemDiskSize": 40,
"ImageId": "aliyun_3_x64_20G_alibase_20230727.vhd",
"SpotStrategy": "SpotAsPriceGo",
"IoOptimized": "optimized",
"VSwitchId": {
"Ref": "EcsVSwitch2"
},
"Password": {
"Ref": "InstancePassword"
},
"InstanceName": {
"Fn::Sub": "${CommonName}_ecs_002"
},
"InstanceType": {
"Ref": "EcsInstanceType2"
},
"ZoneId": {
"Ref": "Zone2"
},
"MaxAmount": 1
}
},
"EcsVpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"VpcName": {
"Fn::Sub": "${CommonName}_vpc"
},
"CidrBlock": "192.168.0.0/16"
}
},
"SlbBackendServerAttachment": {
"Type": "ALIYUN::SLB::BackendServerAttachment",
"Properties": {
"BackendServerList": {
"Fn::ListMerge": [
{
"Fn::GetAtt": [
"EcsInstanceGroup1",
"InstanceIds"
]
},
{
"Fn::GetAtt": [
"EcsInstanceGroup2",
"InstanceIds"
]
}
]
},
"BackendServerWeightList": [
100,
100
],
"LoadBalancerId": {
"Ref": "Slb"
}
}
},
"Slb": {
"Type": "ALIYUN::SLB::LoadBalancer",
"Properties": {
"AddressType": "internet",
"LoadBalancerName": {
"Fn::Sub": "${CommonName}-slb"
},
"InstanceChargeType": "PayByCLCU",
"PayType": "PayOnDemand"
}
},
"InstanceRunCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": {
"Fn::Sub": "#!/bin/bash\nif [ ! -f .ros.provision ]; then\n echo \"Name: 高可用及共享存储Web服务\" > .ros.provision\nfi\n\nname=$(grep \"^Name:\" .ros.provision | awk -F':' '{print $2}' | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//')\nif [[ \"$name\" != \"高可用及共享存储Web服务\" ]]; then\n echo \"当前实例已使用过\\\"$name\\\"教程的一键配置,不能再使用本教程的一键配置\"\n exit 0\nfi\n\necho \"#########################\"\necho \"# Check Network\"\necho \"#########################\"\nping -c 2 -W 2 aliyun.com > /dev/null\nif [[ $? -ne 0 ]]; then\n echo \"当前实例无法访问公网\"\n exit 0\nfi\n\nif ! grep -q \"^Step1: Prepare Environment$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Prepare Environment\"\n echo \"#########################\"\n systemctl status firewalld\n systemctl stop firewalld\n echo \"Step1: Prepare Environment\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Environment has been ready\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step2: Install Nginx and deploy service$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Install Nginx\"\n echo \"#########################\"\n sudo yum -y install nginx\n sudo wget -O /usr/share/nginx/html/index.html https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231013/jhgg/index.html\n sudo wget -O /usr/share/nginx/html/lipstick.png https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20230925/zevs/lipstick.png\n sudo systemctl start nginx\n sudo systemctl enable nginx\n echo \"Step2: Install Nginx and deploy service\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Nginx has been installed\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step3: Mount to the ECS\" .ros.provision; then\n echo \"#########################\"\n echo \"# Mount to the ECS\"\n echo \"#########################\"\n mkdir /nas_master\n mkdir /nas_backup\n sudo yum install -y nfs-utils\n sudo echo \"options sunrpc tcp_slot_table_entries=128\" >> /etc/modprobe.d/sunrpc.conf\n sudo echo \"options sunrpc tcp_max_slot_table_entries=128\" >> /etc/modprobe.d/sunrpc.conf\n sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${MasterNasMountTarget.MountTargetDomain}:/ /nas_master\n sudo mount -t nfs -o vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup\n\n sudo echo \"${MasterNasMountTarget.MountTargetDomain}:/ /nas_master nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0\" >> /etc/fstab\n \n sudo echo \"${BackupNasMountTarget.MountTargetDomain}:/ /nas_backup nfs vers=3,nolock,proto=tcp,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,_netdev,noresvport 0 0\" >> /etc/fstab\n\n df -h | grep aliyun\nelse\n echo \"#########################\"\n echo \"# The ECS has been attached to the Nas\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step4: Shared file$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Shared file\"\n echo \"#########################\"\n sudo cp -Lvr /usr/share/nginx/html /nas_master\n sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak\n echo \"Step4: Shared file\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# File has been Shared\"\n echo \"#########################\"\nfi\n\nif ! grep -q \"^Step5: Install inotify-tools、rsync$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Install inotify-tools、rsync\"\n echo \"#########################\"\n sudo yum install -y inotify-tools rsync\n echo \"Step6: Install inotify-tools、rsync\" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Inotify-tools has been installed\"\n echo \"#########################\"\nfi\nif ! grep -q \"^Step6: Install synchronization server$\" .ros.provision; then\n echo \"#########################\"\n echo \"# Install synchronization server\"\n echo \"#########################\"\n sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/zh-CN/20231017/pftz/sync_nas.sh\n sudo wget -P /etc/systemd/system/ https://help-static-aliyun-doc.aliyuncs.com/file-manage-files/en-US/20230925/wmaj/sync_check_switch.sh\n sudo chmod +x /etc/systemd/system/sync_nas.sh\n sudo chmod +x /etc/systemd/system/sync_check_switch.sh\n cat > /etc/systemd/system/sync-check-switch.service << \\EOF\n[Unit]\nDescription=Sync Check Switch\nAfter=network.target\n\n[Service]\nExecStart=/etc/systemd/system/sync_check_switch.sh\nRestartSec=3\nRestart=always\n\n[Install]\nWantedBy=default.target\nEOF\n\n cat > /etc/systemd/system/sync-nas.service << \\EOF\n[Unit]\nDescription=Sync NAS Service\nAfter=network.target\n\n[Service]\nExecStart=/etc/systemd/system/sync_nas.sh\nRestart=always\nRestartSec=3\n\n[Install]\nWantedBy=default.target\nEOF\n\n sudo systemctl daemon-reload\n sudo systemctl start sync-nas.service\n sudo systemctl enable sync-check-switch.service\n sudo systemctl start sync-check-switch.service\n sudo systemctl enable sync-nas.service\n echo \"Step6: Install \" >> .ros.provision\nelse\n echo \"#########################\"\n echo \"# Synchronization server has been installed\"\n echo \"#########################\"\nfi"
},
"Type": "RunShellScript",
"Sync": true,
"InstanceIds": [
{
"Ref": "EcsInstanceGroup1"
},
{
"Ref": "EcsInstanceGroup2"
}
],
"Timeout": "300"
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"ParameterGroups": [
{
"Parameters": [
"Zone1",
"Zone2",
"NasZone1",
"NasZone2"
],
"Label": {
"default": {
"zh-cn": "可用区配置",
"en": "Availability Zone"
}
}
},
{
"Parameters": [
"EcsInstanceType1",
"EcsInstanceType2",
"InstancePassword"
],
"Label": {
"default": {
"zh-cn": "ECS实例配置",
"en": "Instance Configure"
}
}
}
],
"TemplateTags": [
"acs:technical-solution:high-availability-architecture:高可用及共享存储Web服务-tech_solu_12"
],
"Hidden": [
"CommonName"
]
}
}
}该文章对您有帮助吗?