问题
In my cloudformation stack, I have a launch config which runs ansible scripts in the user data. The problem here is, my stack status shows CREATE_COMPLETE even if the ansible scripts have not completed exacution. After I ssh into the ec2 instance, I see the logs which shows the ansible execution still in progress. My sample cloudformation stack json is something like this:
"OpenShiftMasterASLaunchConfig": {
"Type": "AWS::AutoScaling::LaunchConfiguration",
"Metadata": {
"AWS::CloudFormation::Init": {
"configSets": {
"quickstart": ["GetPublicKey", "AddPublicKey", "rpms", "ConfigSSHD", "DockerGroup", "DockerSecurity", "InstallAWSCLI", "SetPrivateKey", "StartServices"]
},
"rpms": {
"packages": {
"yum": {
"epel-release": [],
"NetworkManager": [],
"ansible": [],
"docker": [],
"git": [],
"python-boto": [],
"python-cryptography": [],
"python-lxml": [],
"python-pip": [],
"origin-docker-excluder": [],
"centos-release-openshift-origin": [],
"atomic-openshift-utils": [],
"origin-clients": [],
"awslogs" : []
}
}
},
"Properties": {
"AssociatePublicIpAddress" : "true",
"KeyName": {
"Ref": "KeyPairName"
},
"ImageId": {
"Fn::FindInMap": [
"AWSAMIRegionMap",
{
"Ref": "AWS::Region"
},
"CENTOS7HVM"
]
},
"BlockDeviceMappings": [{
"DeviceName": "/dev/sda1",
"Ebs": {
"VolumeSize": "100"
}
}],
"InstanceMonitoring": "true",
"IamInstanceProfile": {
"Ref": "SetupRoleProfile"
},
"InstanceType": {
"Ref": "MasterInstanceType"
},
"SecurityGroups": [{
"Ref": "OpenShiftSecurityGroup"
}],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"", [
"bash /local/scripts/openshift-origin-bootstrap-master.sh\n",
"ansible-playbook -i /local/ansible/inventory/hosts.cluster /local/openshift-ansible/playbooks/prerequisites.yml >> /local/prereq.log\n",
"ansible-playbook -i /local/ansible/inventory/hosts.cluster /local/openshift-ansible/playbooks/deploy_cluster.yml -vvv > /local/cluster.log\n",
"bash /local/scripts/configure_openebs.sh\n"
]
]
}
}
}
This is just a sample to illustrate. The ansible-playbook commands here, are still under execution when the stack shows as completed. Is there any way to delay the create condition on the stack to make sure all the user data is executed first. I tried using the wait condition but it is not giving the desired result.
回答1:
Associate a CreationPolicy with your resource to prevent its status from reaching 'create complete' until your userdata script signals CloudFormation (at the end of userdata). Here's an example.
来源:https://stackoverflow.com/questions/50877978/cloudformation-stack-shows-as-complete-before-execution-of-all-user-data