资源编排ROS集成示例

使用资源编排服务ROS调用DCDN。本文为您介绍如何编写一个资源编排的模板,自动化添加DCDN一个域名。

资源编排ROS

  • 资源编排服务ROS(Resource Orchestration Service)是阿里云提供的一项简化云计算资源管理的服务。开发者和管理员可以编写模板,在模板中定义所需的阿里云资源(例如:ECS 实例、RDS 数据库实例)、资源间的依赖关系等。ROS 的编排引擎将根据模板自动完成所有资源的创建和配置,实现自动化部署及运维。更多详情,请参见什么是资源编排服务

  • 支持使用资源编排服务ROS调用DCDN。编排的资源只包括普通资源。

权限说明

在本案例中,需要自动化添加DCDN。默认情况下资源编排直接使用当前登录控制台的用户凭证,要求当前用户必须具备以下权限:

  • AliyunDCDNFullAccess:管理DCDN资源的权限。

阿里云账号拥有所有API的访问权限,风险很高。强烈建议您创建并使用RAM用户进行API访问或日常运维。请根据业务的实际情况按需分配权限后进行接口调用。RAM用户需具备操作DCDN资源的权限。具体操作,请参见全站加速系统权限策略参考

操作步骤

  1. 登录资源编排ROS控制台,单击顶部导航栏地域下拉框,选择您需要的地域。

  2. 单击左侧菜单栏中的资源栈,选择创建资源栈 > 使用ROS

    • 指定模板:选中选择已有模板

    • 模板录入方式:选中输入模板

  3. 模板内容选择ROS,并输入代码。

    创建DCDN实例的语法、说明及示例,请参见ALIYUN::DCDN::Domain。该示例中,添加一个全站加速域名。

    YAML格式

    ROSTemplateFormatVersion: '2015-09-01'
    Parameters:
      CheckUrl:
        Description: ''
        Type: String
      DomainName:
        Description: 'The name of the accelerated domain. You can specify only one domain
          name.  Wildcard domain names are supported. Wildcard domain names must start
          with a period (.). Example: .a.com.'
        Type: String
      ResourceGroupId:
        Description: The ID of the resource group. If you do not specify this parameter,
          the system automatically uses the ID of the default resource group.
        Type: String
      SSLPub:
        Description: Indicates the public key of the certificate if the HTTPS protocol
          is enabled.
        Type: String
      Scope:
        Description: 'The region where your accelerated service is deployed. Valid values:  domestic
          (default): mainland China. overseas: outside mainland China. global: all countries
          in the world.'
        Type: String
      Sources:
        Description: The origin information.
        Type: Json
      TopLevelDomain:
        Description: ''
        Type: String
    Resources:
      DCDNDomain:
        Properties:
          CheckUrl:
            Ref: CheckUrl
          DomainName:
            Ref: DomainName
          ResourceGroupId:
            Ref: ResourceGroupId
          Scope:
            Ref: Scope
          Sources:
            Ref: Sources
          TopLevelDomain:
            Ref: TopLevelDomain
        Type: ALIYUN::DCDN::Domain
    Outputs:
      CertName:
        Description: The name of the certificate.
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - CertName
      Cname:
        Description: The canonical name (CNAME) of the accelerated domain.
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - Cname
      Description:
        Description: The reason that causes the review failure.
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - Description
      DomainName:
        Description: 'The name of the accelerated domain. You can specify only one domain
          name.  Wildcard domain names are supported. Wildcard domain names must start
          with a period (.). Example: .a.com.'
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - DomainName
      ResourceGroupId:
        Description: The ID of the resource group. If you do not specify this parameter,
          the system automatically uses the ID of the default resource group.
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - ResourceGroupId
      SSLProtocol:
        Description: 'Indicates whether the SSL certificate is enabled. Valid values:  on:
          enabled off: disabled'
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - SSLProtocol
      SSLPub:
        Description: Indicates the public key of the certificate if the HTTPS protocol
          is enabled.
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - SSLPub
      Scope:
        Description: 'The region where your accelerated service is deployed. Valid values:  domestic
          (default): mainland China. overseas: outside mainland China. global: all countries
          in the world.'
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - Scope
      Sources:
        Description: The origin information.
        Value:
          Fn::GetAtt:
          - DCDNDomain
          - Sources

    JSON格式

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Parameters": {
        "Status": {
          "Type": "String",
          "Description": "The status of the accelerated domain.  online: The domain is enabled. offline: The domain is disabled. configuring: The domain is being configured. configure_failed: The domain configuration failed. checking: The domain is under review. check_failed: The domain failed the review."
        },
        "SecurityToken": {
          "Type": "String",
          "Description": ""
        },
        "CheckUrl": {
          "Type": "String",
          "Description": ""
        },
        "ResourceGroupId": {
          "Type": "String",
          "Description": "The ID of the resource group. If you do not specify this parameter, the system automatically uses the ID of the default resource group."
        },
        "Scope": {
          "Type": "String",
          "Description": "The region where your accelerated service is deployed. Valid values:  domestic (default): mainland China. overseas: outside mainland China. global: all countries in the world."
        },
        "DomainName": {
          "Type": "String",
          "Description": "The name of the accelerated domain. You can specify only one domain name.  Wildcard domain names are supported. Wildcard domain names must start with a period (.). Example: .a.com."
        },
        "TopLevelDomain": {
          "Type": "String",
          "Description": ""
        },
        "Sources": {
          "Type": "Json",
          "Description": "The origin information."
        }
      },
      "Resources": {
        "DCDNDomain": {
          "Type": "ALIYUN::DCDN::Domain",
          "Properties": {
            "SecurityToken": {
              "Ref": "SecurityToken"
            },
            "CheckUrl": {
              "Ref": "CheckUrl"
            },
            "ResourceGroupId": {
              "Ref": "ResourceGroupId"
            },
            "Scope": {
              "Ref": "Scope"
            },
            "DomainName": {
              "Ref": "DomainName"
            },
            "SSLPub": {
              "Ref": "SSLPub"
            },
            "CertName": {
              "Ref": "CertName"
            },
            "TopLevelDomain": {
              "Ref": "TopLevelDomain"
            },
            "Sources": {
              "Ref": "Sources"
            }
          }
        }
      },
      "Outputs": {
        "Description": {
          "Description": "The reason that causes the review failure.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "Description"
            ]
          }
        },
        "ResourceGroupId": {
          "Description": "The ID of the resource group. If you do not specify this parameter, the system automatically uses the ID of the default resource group.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "ResourceGroupId"
            ]
          }
        },
        "Scope": {
          "Description": "The region where your accelerated service is deployed. Valid values:  domestic (default): mainland China. overseas: outside mainland China. global: all countries in the world.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "Scope"
            ]
          }
        },
        "DomainName": {
          "Description": "The name of the accelerated domain. You can specify only one domain name.  Wildcard domain names are supported. Wildcard domain names must start with a period (.). Example: .a.com.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "DomainName"
            ]
          }
        },
        "SSLPub": {
          "Description": "Indicates the public key of the certificate if the HTTPS protocol is enabled.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "SSLPub"
            ]
          }
        },
        "CertName": {
          "Description": "The name of the certificate.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "CertName"
            ]
          }
        },
        "Cname": {
          "Description": "The canonical name (CNAME) of the accelerated domain.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "Cname"
            ]
          }
        },
        "Sources": {
          "Description": "The origin information.",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "Sources"
            ]
          }
        },
        "SSLProtocol": {
          "Description": "Indicates whether the SSL certificate is enabled. Valid values:  on: enabled off: disabled",
          "Value": {
            "Fn::GetAtt": [
              "DCDNDomain",
              "SSLProtocol"
            ]
          }
        }
      }
    }
  4. 单击创建,执行资源栈。

  5. 创建成功后,您可以通过OpenAPI、SDK或者在DCDN控制台,查看到所添加的域名。

    p826771