I have an AWS CLI script that will take AMI of instance, create a launch configuration, update the autoscaling group with latest launch config and perform instance refresh operation.
I don't want to perform instance refresh operation unless the AMI is in "available state". So, I am thinking of adding a condition that checks every 10 seconds.
Here is my exisiting script file:
...
#Create AMI
IMAGE=`aws ec2 create-image --instance-id ${INST_ID} --name NEW-IMAGE-${TIME} --no-reboot --output text`
echo "Create Image of instance ${INST_ID}"
#Create new launch Configuration
aws autoscaling create-launch-configuration --launch-configuration-name ${NEW_LC} --image-id ${IMAGE} --instance-type t2.micro --key forclient --associate-public-ip-address --security-groups sg-01be135cb14a00960
echo "Create new Launch Configuration ${NEW_LC}"
#Update Auto Scaling Group to use new Launch Configuration
aws autoscaling update-auto-scaling-group --auto-scaling-group-name ${ASG_NAME} --launch-configuration-name ${NEW_LC}
echo "New Launch Configuration is updated in ASG ${NEW_LC}"
aws autoscaling start-instance-refresh --auto-scaling-group-name ${ASG_NAME}
I don't want to run the 'start-instance-refresh' command until the 'create-image' is in 'available' state.
What changes do I need to make on this script file for this to happen?
You can use image-available waiter after you create the image:
aws ec2 wait image-available --image-ids ${IMAGE}
Related
When starting EC2 instances via aws cli I can specify a KmsKeyId for BlockDevices.
When starting an EC2 instance via Cloudformation (either directly or via ASG/LaunchConfiguration) this option does not exist.
How can I encrypt the block devices of my EC2 instances started via Cloudformation with a specific KMS Key?
It looks like the chain is:
Instance > [ BlockDeviceMapping ] > Ebs > KmsKeyId
I am running the following command
aws ec2 run-instances --image-id ${Ami_id} --count 1 --instance-type t2.micro --iam-instance-profile Name="bot_syndication_cloudwatch" --key-name my-key\
--security-group-ids sg-27b53b5c,sg-7ddd5306 --subnet-id subnet-96e0d6e0 \
--tag-specifications ResourceType=instance,Tags=[{Key=Name,Value=Stage-Content-Syndication},{Key=Environment,Value=Stage},{Key=Platform,Value=Windows}]\
--block-device-mappings "[{\"DeviceName\":\"/dev/sdj\",\"NoDevice\":\"\"}]" \
and I am getting this error
sg-7ddd5306, --tag-specifications, ResourceType=instance,Tags=[{Key=Name,Value=Stage-Content-Syndication},{Key=Environment,Value=Stage},{Key=Platform,Value=Windows}]--block-device-mappings, [{"DeviceName":"/dev/sdj","NoDevice":""}], sg-27b53b5c
Build step 'Execute shell' marked build as failure
The issue is with this parameter --security-group-ids sg-27b53b5c,sg-7ddd5306
If you have multiple security groups to assign on your ec2 instance, you need to separate with space such as
--security-group-ids sg-27b53b5c sg-7ddd5306
I'm trying to create an AWS server in the region "Canada(Central)", which, according to the Amazon documentation (http://docs.aws.amazon.com/general/latest/gr/rande.html), is called ca-central-1.
The command I'm running is:
knife ec2 server create -I ami-70299b14 -f t2.nano -S my-key -i ~/.ssh/my-key.pem -ssh-user ubuntu --region ca-central-1 -Z ca-central-1a
And the error I get is:
ERROR: ArgumentError: Unknown region: "ca-central-1"
The ami I'm using is one that I've used to launch a server in the region using the online EC2 Management Console.
I created an IAM user and kay pairs in this region and have given the user all permissions on ec2 resources, and I've also created an inbound rule for ssh in the region. Is there something else I'm missing?
Unfortunately fog-aws only added this region very recently so there isn't yet support for it in knife ec2. Will hopefully be in the next ChefDK release in a few weeks. For now you can just create VMs either from the aws command line tool or the web UI, and then use knife bootstrap on them.
1: your knife.rb as
knife[:aws_access_key_id] = "AWS_ACCESS_KEY"
knife[:aws_secret_access_key] = "AWS_SECRET"
knife[:ssh_key_name] = 'my-key'
knife[:image] = 'ami-21414f36'
knife[:flavor] = 't2.micro'
knife[:region] = 'ca-central-1'
knife[:availability_zone] = 'ca-central-1a'
knife[:ebs_size] = 30
knife[:editor] = 'nano'
2: Generate Key Pair for Canada (Center)
3: Run the knife ec2 server create command.
knife ec2 server create -I ami-70299b14 -f t2.nano -ssh-user ubuntu --region ca-central-1 -Z ca-central-1a
That's worked for me
Try this command:
knife ec2 server create -N node_name -I ami-21414f36 -f t2.micro -x '.\key_ca' -P 'ec2#123' --ssh-key key --region ca-central-1 --availability-zone 'ca-central-1a' --ebs-size 30 --security-group-ids sg-75cbd50d --bootstrap-protocol winrm --winrm-transport ssl --winrm-ssl-verify-mode verify_none
I am using the below Script to attach and detach the server from load balancer
#!/bin/bash
aws elb register-instances-with-load-balancer --load-balancer-name Load-BalancerLoadBalancer --instances i-a3f1446e
aws elb deregister-instances-from-load-balancer --load-balancer-name Load-BalancerLoadBalancer --instances i-a3f1446e
When I am running the script I am getting the error as below
Service elasticloadbalancing not available in region ap-southeast-1b
Service elasticloadbalancing not available in region ap-southeast-1b
Is there any changes I want to make the script working or Is there any alternate script to do the work.
The error says region ap-southeast-1b, but ap-southeast-1b is an Availability Zone, not a Region.
The Region should be ap-southeast-1.
Run aws configure and confirm that your Region is set correctly.
Seems your ELB is set in other regions, add --region in your command, for example, if the ELB is created at us-east-1:
aws elb register-instances-with-load-balancer --load-balancer-name Load-BalancerLoadBalancer --instances i-a3f1446e --region us-east-1
aws elb deregister-instances-from-load-balancer --load-balancer-name Load-BalancerLoadBalancer --instances i-a3f1446e --region us-east-1
Is there a procedure for adding another host into an existing cluster? I'm using EC2.
I'm thinking it could be done by using CloudFormation again:
aws cloudformation create-stack \
--template-body "$(<deis.template)" \
--stack-name deis-2 \
--parameters "$(<cloudformation.json)"
Which would need a new stack name. That adds the new host.
Or just launch a new instance with the cli?
aws ec2 run-instances --image-id ami-cfe125b8 --count 1 --instance-type m3.medium --key-name deis --security-groups sg-b7edc3c0,sg-c9edc3be
I'm guessing the host should be in both the coreos and deis security groups? And how does fleet know about the new host?
Then, we need to alter the hosts field?
deis clusters:info <cluster>
deis clusters:update <cluster> hosts=x,y,z
Anything else necessary? Is there another, easier way of doing it?
Since all we're dealing with here is CoreOS, it's completely possible to add new nodes to the cluster. The only requirement that you must do is to apply the cloud-config template that you applied to every other node in the cluster to the new instance. See https://coreos.com/docs/running-coreos/cloud-providers/ec2/ for more info.