System Operations on AWS - Lab 7 - CloudFormation

CloudFormation模板:创建一个VPC(包含Public子网,Private子网,分别在不同的AZ),创建NAT,Bastion Server在Public子网。

1. 修改并运行AWS CloudFormation模板

1.1 添加AMI ID到模板中

1.1.1 下载模板

https://d2lrzjb0vjvpn5.cloudfront.net/sys-ops/v2.4/lab-7-automating/static/Lab-7-Start-CF.template

1.1.2 替换ImageId("ImageId" : "ami-b5a7ea85"),如下

"ImageId" : {
    "Fn::FindInMap" : [
        "AmazonLinuxAMI", {
            "Ref" : "AWS::Region"
        },
        "AMI"
    ]
}

1.2 运行模板

1.2.1 复制密钥对名称

1.2.2 运行模板

2. 用新的模板更新堆栈

2.1 添加InstanceType参数到模板中

添加highlight部分到Parameter节

"Parameters" : {
  "BastionHostKeyName" : {
    "Type" : "String",
    "Description" : "The name of the private key file to use for SSH/RDP access to the bastion host."
  },
  "BastionSecurityCIDR" : {
    "Type" : "String",
    "Description" : "The CIDR range to use to lock down security on the bastion host.",
    "Default" : "0.0.0.0/0"
  },
  "BastionInstanceType" : {
    "Type" : "String",
    "Description" : "The size of the instance to use for the bastion host."
  }
}

修改BastionServer节中"InstanceType" : "t2.small"为

"InstanceType" : {
    "Ref" : "BastionInstanceType"
}

2.2 更新已存在堆栈

检查Bastion Server的Instance Type

posted @ 2016-03-06 15:13  Edward Guan  阅读(508)  评论(0编辑  收藏  举报