Posted in: Aws云上云维
System Operations on AWS – CloudFormation教程
CloudFormation模板:创建一个VPC(包含Public子网,Private子网,分别在不同的AZ),创建NAT,Bastion Server在Public子网。
1. 修改并运行AWS CloudFormation模板
1.1 添加AMI ID到模板中
1.1.1 下载模板
1
|
https: //d2lrzjb0vjvpn5.cloudfront.net/sys-ops/v2.4/lab-7-automating/static/Lab-7-Start-CF.template |
1.1.2 替换ImageId(”ImageId” : “ami-b5a7ea85″),如下
1
2
3
4
5
6
7
8
|
"ImageId" : { "Fn::FindInMap" : [ "AmazonLinuxAMI" , { "Ref" : "AWS::Region" }, "AMI" ] } |
1.2 运行模板
1.2.1 复制密钥对名称
1.2.2 运行模板
2. 用新的模板更新堆栈
2.1 添加InstanceType参数到模板中
添加highlight部分到Parameter节
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
"Parameters" : { "BastionHostKeyName" : { "Type" : "String" , "Description" : "The name of the private key file to use for SSH/RDP access to the bastion host." }, "BastionSecurityCIDR" : { "Type" : "String" , "Description" : "The CIDR range to use to lock down security on the bastion host." , "Default" : "0.0.0.0/0" }, "BastionInstanceType" : { "Type" : "String" , "Description" : "The size of the instance to use for the bastion host." } } |
修改BastionServer节中”InstanceType” : “t2.small”为
1
2
3
|
"InstanceType" : { "Ref" : "BastionInstanceType" } |
2.2 更新已存在堆栈
检查Bastion Server的Instance Type