リソース(Instance0StackName)のCloudFormationリソースファイルを更新します。
手順に必要な設定値を変数に格納をします。
1. CloudFormationリソース名
CloudFormationリソース名を指定します。
変数の設定: TEMPLATE_CFN_RESOURCE_NAME='Instance0StackName'
変数の設定:
TEMPLATE_CFN_RESOURCE_NAME='Instance0StackName'
2. リソースファイル名
リソースファイル用ディレクトリを指定します。
変数の設定: DIR_TEMPLATE_CFN_RESOURCE="${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources"
DIR_TEMPLATE_CFN_RESOURCE="${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources"
リソースファイル名を指定します。
変数の設定: FILE_TEMPLATE_CFN_RESOURCE="${DIR_TEMPLATE_CFN_RESOURCE}/${TEMPLATE_CFN_RESOURCE_NAME}.txt" \ && echo ${FILE_TEMPLATE_CFN_RESOURCE} 結果(例): ${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources/Instance0StackName.txt
FILE_TEMPLATE_CFN_RESOURCE="${DIR_TEMPLATE_CFN_RESOURCE}/${TEMPLATE_CFN_RESOURCE_NAME}.txt" \ && echo ${FILE_TEMPLATE_CFN_RESOURCE}
結果(例):
${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources/Instance0StackName.txt
3. キーペア名
キーペア名を指定します。
変数の設定: EC2_KEY_PAIR_NAME="handson-cli-cfn-ec2-Instance-keypair"
EC2_KEY_PAIR_NAME="handson-cli-cfn-ec2-Instance-keypair"
各変数に正しい設定値が格納されていることを確認しながら保存します。
変数の確認: cat << END # 1. TEMPLATE_CFN_RESOURCE_NAME:"Instance0StackName" TEMPLATE_CFN_RESOURCE_NAME="${TEMPLATE_CFN_RESOURCE_NAME}" # 2. FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources/Instance0StackName.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # 3. EC2_KEY_PAIR_NAME:"handson-cli-cfn-ec2-Instance-keypair" EC2_KEY_PAIR_NAME="${EC2_KEY_PAIR_NAME}" END
変数の確認:
cat << END # 1. TEMPLATE_CFN_RESOURCE_NAME:"Instance0StackName" TEMPLATE_CFN_RESOURCE_NAME="${TEMPLATE_CFN_RESOURCE_NAME}" # 2. FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources/Instance0StackName.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # 3. EC2_KEY_PAIR_NAME:"handson-cli-cfn-ec2-Instance-keypair" EC2_KEY_PAIR_NAME="${EC2_KEY_PAIR_NAME}" END
下段の変数が入っていない、もしくは上段と同等の値が入っていない場合は、それぞれの手順番号に戻って変数の設定を行います。
CFnリソースファイルを更新します。
変数の確認: cat << END # FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources/Instance0StackName.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # EC2_KEY_PAIR_NAME:"handson-cli-cfn-ec2-Instance-keypair" EC2_KEY_PAIR_NAME="${EC2_KEY_PAIR_NAME}" END コマンド: if [ ! $( grep 'KeyName:' ${FILE_TEMPLATE_CFN_RESOURCE}) ];then cat << EOF >> ${FILE_TEMPLATE_CFN_RESOURCE} KeyName: ${EC2_KEY_PAIR_NAME} EOF fi cat ${FILE_TEMPLATE_CFN_RESOURCE} 結果(例): Instance0StackName: Type: AWS::EC2::Instance Properties: ImageId: ami-09ebacdc178ae23b7 InstanceType: t2.micro Tags: - Key: Name Value: !Ref AWS::StackName NetworkInterfaces: - DeviceIndex: "0" SubnetId: !Ref Subnet0 GroupSet: - !Ref SecurityGroup0 AssociatePublicIpAddress: "true" UserData: !Base64 | #!/bin/bash # configure sshd cat << EOF >> /etc/ssh/sshd_config Port 22022 EOF systemctl restart sshd.service # yum yum update -y # # logs agent # readonly EC2_METADATA_SECOND='900' readonly EC2_METADATA_TOKEN=$( \ curl -s \ -X PUT "http://169.254.169.254/latest/api/token" \ -H "X-aws-ec2-metadata-token-ttl-seconds: ${EC2_METADATA_SECOND}" \ ) readonly EC2_METADATA_HEADER="X-aws-ec2-metadata-token: ${EC2_METADATA_TOKEN}" readonly EC2_REGION_NAME=$( \ curl -s -H "${EC2_METADATA_HEADER}" \ http://169.254.169.254/latest/meta-data/placement/availability-zone \ | sed -e 's/[a-z]*$//' \ ) # install cloudwatch agent readonly URL_DOWNLOAD_LINK="https://s3.${EC2_REGION_NAME}.amazonaws.com/amazoncloudwatch-agent-${EC2_REGION_NAME}/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm" cd /tmp/ wget ${URL_DOWNLOAD_LINK} rpm -U ./amazon-cloudwatch-agent.rpm # setup cloudwatch agent readonly LOGS_CONF='/opt/aws/amazon-cloudwatch-agent/etc/logs.conf' # logs.conf cat << EOF > ${LOGS_CONF} { "agent": { "logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log" }, "logs": { "logs_collected": { "files": { "collect_list": [ { "file_path": "/var/log/secure", "log_group_name": "/var/log/secure", "timezone": "UTC" } ] } }, "log_stream_name": "{instance_id}", "force_flush_interval" : 15 } } EOF # start cloudwatch agent /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl \ -a fetch-config \ -m ec2 \ -c file:${LOGS_CONF} \ -s KeyName: handson-cli-cfn-ec2-Instance-keypair
cat << END # FILE_TEMPLATE_CFN_RESOURCE:"${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources/Instance0StackName.txt" FILE_TEMPLATE_CFN_RESOURCE="${FILE_TEMPLATE_CFN_RESOURCE}" # EC2_KEY_PAIR_NAME:"handson-cli-cfn-ec2-Instance-keypair" EC2_KEY_PAIR_NAME="${EC2_KEY_PAIR_NAME}" END
コマンド:
if [ ! $( grep 'KeyName:' ${FILE_TEMPLATE_CFN_RESOURCE}) ];then cat << EOF >> ${FILE_TEMPLATE_CFN_RESOURCE} KeyName: ${EC2_KEY_PAIR_NAME} EOF fi cat ${FILE_TEMPLATE_CFN_RESOURCE}
Instance0StackName: Type: AWS::EC2::Instance Properties: ImageId: ami-09ebacdc178ae23b7 InstanceType: t2.micro Tags: - Key: Name Value: !Ref AWS::StackName NetworkInterfaces: - DeviceIndex: "0" SubnetId: !Ref Subnet0 GroupSet: - !Ref SecurityGroup0 AssociatePublicIpAddress: "true" UserData: !Base64 | #!/bin/bash # configure sshd cat << EOF >> /etc/ssh/sshd_config Port 22022 EOF systemctl restart sshd.service # yum yum update -y # # logs agent # readonly EC2_METADATA_SECOND='900' readonly EC2_METADATA_TOKEN=$( \ curl -s \ -X PUT "http://169.254.169.254/latest/api/token" \ -H "X-aws-ec2-metadata-token-ttl-seconds: ${EC2_METADATA_SECOND}" \ ) readonly EC2_METADATA_HEADER="X-aws-ec2-metadata-token: ${EC2_METADATA_TOKEN}" readonly EC2_REGION_NAME=$( \ curl -s -H "${EC2_METADATA_HEADER}" \ http://169.254.169.254/latest/meta-data/placement/availability-zone \ | sed -e 's/[a-z]*$//' \ ) # install cloudwatch agent readonly URL_DOWNLOAD_LINK="https://s3.${EC2_REGION_NAME}.amazonaws.com/amazoncloudwatch-agent-${EC2_REGION_NAME}/amazon_linux/amd64/latest/amazon-cloudwatch-agent.rpm" cd /tmp/ wget ${URL_DOWNLOAD_LINK} rpm -U ./amazon-cloudwatch-agent.rpm # setup cloudwatch agent readonly LOGS_CONF='/opt/aws/amazon-cloudwatch-agent/etc/logs.conf' # logs.conf cat << EOF > ${LOGS_CONF} { "agent": { "logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log" }, "logs": { "logs_collected": { "files": { "collect_list": [ { "file_path": "/var/log/secure", "log_group_name": "/var/log/secure", "timezone": "UTC" } ] } }, "log_stream_name": "{instance_id}", "force_flush_interval" : 15 } } EOF # start cloudwatch agent /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl \ -a fetch-config \ -m ec2 \ -c file:${LOGS_CONF} \ -s KeyName: handson-cli-cfn-ec2-Instance-keypair
「リソースファイル"${HOME}/environment/conf-handson-cli-cfn-ec2-Instance/resources/Instance0StackName.txt"に'KeyName'プロパティが存在する。」ことを確認します。
コマンド: cat ${FILE_TEMPLATE_CFN_RESOURCE} \ | grep 'KeyName:' 結果(例): KeyName: handson-cli-cfn-ec2-Instance-keypair
cat ${FILE_TEMPLATE_CFN_RESOURCE} \ | grep 'KeyName:'
KeyName: handson-cli-cfn-ec2-Instance-keypair