File deployment packages - Compute Nest - Alibaba Cloud Documentation Center

Compute Nest provides file deployment packages to resolve the issues that you may encounter when you download software resources for script-based deployment. For example, the cloud resources are inaccessible over the Internet, or the download source of the resources is not stable. This topic describes how file deployment packages work. This topic also describes how to create and use a file deployment package.

Background information

Purpose
Compute Nest provides file deployment packages to resolve the issues that you may encounter when you download software resources for script-based deployment. For example, the cloud resources are inaccessible over the Internet, a file is too large, or the download source of the resources is not stable. After you upload a file to the specified Object Storage Service (OSS) bucket, Compute Nest automatically replicates the file to multiple regions and replaces the file identifier in a template with an internal OSS URL of the file in the corresponding region. This ensures stability and security of data transmission.
Benefits
As a service provider, you need to only specify a file identifier in a template and associate a file deployment package with the file identifier on the service details page of the Compute Nest console.
1. File replication: Compute Nest replicates the file that you uploaded to the general account of Compute Nest. Then, the file is replicated to the OSS buckets in different regions within the account.
2. File association: Compute Nest identifies the file identifier {{ computeneset::file::xxx}} in a template and associates the identifier with a file deployment package when you create a service. When a customer creates a service instance, Compute Nest identifies the region in which the customer wants to deploy the service instance and automatically selects the OSS URL of the file in that region. This way, the file URL dynamically changes by region.
3. Permission management: The public or private attribute of a file deployment package is determined by the attribute of services. If a file deployment package is not associated with a service, the file deployment package is private. If at least one public service is associated with a file deployment package, the file deployment package is public. If all services that are associated with a file deployment package are private, the file deployment package is private.
4. Download over an internal network: Compute Nest downloads file deployment packages over an internal network. When a customer creates a service instance, Compute Nest automatically generates an internal HTTP URL of the file in the OSS bucket in the corresponding region to replace the file identifier. Downloads over an internal network are stable and secure.

Usage notes

Define a file identifier in the Resource Orchestration Service (ROS) template for deploying a service, and associate a file deployment package with the file identifier. When a customer creates a service instance, Compute Nest automatically identifies the file identifier in the template and replaces it with the file URL in the region in which the service instance is deployed.

You can specify a file identifier by using one of the following fixed expressions:

(Recommend) If a file deployment package uses a private URL, specify the file identifier by using the fixed expression {{ computenest::file:: ${key}}}.
If a file deployment package uses a public URL, specify the file identifier by using the fixed expression {{ computenest::publicfile::${key}}}.
Note
In the preceding expressions, ${key} indicates a string without spaces.

The following sample YAML files show how to define file identifiers to use file deployment packages:

Important

When you define a file identifier in a template, we recommend that you enclose the identifier by using single quotation marks (') or double quotation marks (").
If you run the wget command to download a file, we recommend that you use the -O parameter to specify the file name of the downloaded file.

Define file identifiers in a common template

The following sample code shows how to define file identifiers in the UserData section of a template to download files and rename the files as TestFirst.txt and TestSecond.tar:

TiDBServer:
    Type: ALIYUN::ECS::InstanceGroup
    Properties:
      ...
      UserData:
        Fn::Sub:
          - |
            #!/bin/sh
            sleep 10
            wget '{{ computenest::file::DemoFirst }}' -O TestFirst.txt
            wget '{{ computenest::file::DemoSecond }}' -O TestSecond.tar
            ......

Define a file identifier in a MigrateTask template

SQLDump:
    Type: ALIYUN::RDS::MigrateTask
    Properties:
        ...
      DBName: mytest
      DBInstanceId:
        Fn::GetAtt:
          - Database
          - DBInstanceId
      OssObjectPositions: {{ computenest::file::DemoFirst }}

Create and use a file deployment package

Prerequisites

The file that you want to upload is prepared.

Create a file deployment package

Configure the basic information about the deployment package.

Log on to the Compute Nest console. In the left-side navigation pane, click Service Deployment Package. In the Deployment Package section of the Service Deployment Package page, click Create Deployment Package.

In the Deployment Package Information section, configure the parameters described in the following table.

Parameter	Description
Deployment Package Name	The name of the deployment package. The name must be 3 to 128 characters in length, and can contain letters, digits, and underscores (_). The name cannot be changed after the deployment package is created.
Version Name	The name of the deployment package version. The name must be 3 to 50 characters in length, and can contain letters, digits, and underscores (_).
Description	The description of the deployment package. The description must be 10 to 500 characters in length.
Resource Group	The name of the resource group to which the deployment package belongs. Resource groups are used to group your resources by usage, permission, and region. You can use resource groups to organize your resources in a hierarchical manner and group resources based on users and projects. For more information, see Manage resource groups.
Tag Settings	The tags that you want to add to the deployment package. Select or enter complete tag keys and tag values. You can add up to 20 tags to a deployment package. If no tag key or tag value are available, you can create a custom tag. For more information, see Add a custom tag.

Configure the file deployment package.
1. In the Deployment Package Content section, select File for the Deployment Package Type parameter.
2. Select the region to which you want to upload the file for the Upload Deployment Package parameter. Then, select Upload Local File or Upload File Larger Than 5 GB based on the size of the local file that you want to upload.
  Optional. Perform the following operations to upload a file larger than 5 GB:
  1. Click Obtain Access Credential. The upload command for local upload or upload over an internal network from an Elastic Compute Service (ECS) instance appears. Copy the upload command based on your upload environment. Then, replace <source_file> and <target_file> in the command with the name of the source file and the name of the file after it is uploaded to Compute Nest.
  2. Upload the file by using Alibaba Cloud CLI.
  3. Enter the name of the uploaded file for the File Upload URL parameter.
3. Optional. Turn Configure Script Command on or off. Script commands are used to update service instances. You do not need to configure script commands for file associations.
  If you turn this switch on, you must configure the following parameters:
  1. OS: Select an operating system based on the operating system of your service.
  2. Download Directory: Select a directory on the ECS instance where the deployment package is downloaded. If the specified directory does not exist, you must create the directory before you download the deployment package.
  3. Command Type: Specify the type of the command.
  4. Command Content: Specify the command that you need to run after the deployment package is downloaded.
    You can reference the configuration parameters of a service instance in the command.
4. Configure the Distribution Region parameter. By default, All Regions is selected, which indicates that the file deployment package is distributed to all regions.
5. Click Publish Deployment Package.
  After a deployment package is published, you cannot modify the content of the published version. To modify the content, create a new version or a new deployment package.
View the deployment package.
1. Return to the Service Deployment Package page. Find the deployment package that you want to view and click its name. On the Packages tab, you can view the deployment progress.
2. After the status of the file deployment package becomes Available, click View in the Actions column to view the distribution result of the file deployment package.

Use a file deployment package

In this example, a private service is created to describe how to use a file deployment package.

On the Create Service page, set Select Service Creation Method to Custom Launch, Select Service Type to Private Service, and then click Next: Configure Settings.

Enter the basic service information as prompted. Select a template type and template creation method, select ROS for the Deployment Method parameter, and then enter the template content.

If {{ computenest::file::test }} or {{ computenest::publicfile::test }} exists in the ROS template, you can configure the Set File Association parameter in the Deployment Package Association section.

Sample template

Note

This sample template is used for testing only.

ROSTemplateFormatVersion: '2015-09-01'
Description:
  en: new ack
  zh-cn: 新建ack部署
Parameters:
  PayType:
    Type: String
    Label:
      en: ECS Instance Charge Type
      zh-cn: 付费类型
    Default: PostPaid
    AllowedValues:
      - PostPaid
      - PrePaid
    AssociationProperty: ChargeType
    AssociationPropertyMetadata:
      LocaleKey: InstanceChargeType
  PayPeriodUnit:
    Type: String
    Label:
      en: Pay Period Unit
      zh-cn: 购买资源时长周期
    Default: Month
    AllowedValues:
      - Month
      - Year
    AssociationProperty: PayPeriodUnit
    AssociationPropertyMetadata:
      Visible:
        Condition:
          Fn::Not:
            Fn::Equals:
              - ${PayType}
              - PostPaid
  PayPeriod:
    Type: Number
    Description:
      en: When the resource purchase duration is Month, the value of Period ranges from 1 to 9, 12, 24, 36, 48, or 60. <br><b><font color='red'> When ECS instance types are PrePaid valid </b></font>
      zh-cn: 当购买资源时长为Month时，Period取值：1~9 <br><b><font color='red'>当ECS实例类型为PrePaid有效</b></font>
    Label:
      en: Period
      zh-cn: 购买资源时长
    Default: 1
    AllowedValues:
      - 1
      - 2
      - 3
      - 4
      - 5
      - 6
      - 7
      - 8
      - 9
    AssociationProperty: PayPeriod
    AssociationPropertyMetadata:
      Visible:
        Condition:
          Fn::Not:
            Fn::Equals:
              - ${PayType}
              - PostPaid
  ZoneId:
    Type: String
    AssociationProperty: ALIYUN::ECS::Instance:ZoneId
    Label:
      en: Zone ID
      zh-cn: 可用区
    Default: cn-hangzhou-h
  VpcCidrBlock:
    Type: String
    Label:
      en: VPC CIDR IPv4 Block
      zh-cn: 专有网络IPv4网段
    Description:
      zh-cn: VPC的ip地址段范围，<br>您可以使用以下的ip地址段或其子网:<br><font color='green'>[10.0.0.0/8]</font><br><font color='green'>[172.16.0.0/12]</font><br><font color='green'>[192.168.0.0/16]</font>
      en: 'The ip address range of the VPC in the CidrBlock form; <br>You can use the following ip address ranges and their subnets: <br><font color=''green''>[10.0.0.0/8]</font><br><font color=''green''>[172.16.0.0/12]</font><br><font color=''green''>[192.168.0.0/16]</font>'
    Default: 192.168.0.0/16
    AssociationProperty: ALIYUN::VPC::VPC::CidrBlock
  VSwitchCidrBlock:
    Type: String
    Label:
      en: VSwitch CIDR Block
      zh-cn: 交换机子网网段
    Description:
      zh-cn: 必须属于VPC的子网段。 
      en: Must belong to the subnet segment of VPC.
    Default: 192.168.1.0/24
    AssociationProperty: ALIYUN::VPC::VSwitch::CidrBlock
    AssociationPropertyMetadata:
      VpcCidrBlock: VpcCidrBlock
  LoginPassword:
    NoEcho: true
    Type: String
    Description:
      en: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;<>,.?/ Special symbol in)
      zh-cn: 服务器登录密码,长度8-30，必须包含三项（大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;<>,.?/ 中的特殊符号）
    Label:
      en: Instance Password
      zh-cn: 实例密码
    ConstraintDescription:
      en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;<>,.?/ Special symbol in)
      zh-cn: 长度8-30，必须包含三项（大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;<>,.?/ 中的特殊符号）
    AssociationProperty: ALIYUN::ECS::Instance::Password
    AllowedPattern: ^[a-zA-Z0-9-\(\)\`\~\!\@\#\$\%\^\&\*\_\-\+\=\|\{\}\[\]\:\;\<\>\,\.\?\/]*$
    MinLength: 8
    MaxLength: 30
    Default: computenest*12345
  WorkerInstanceType:
    Type: String
    Label:
      en: Worker Nodes Types
      zh-cn: Worker节点规格
    AssociationProperty: ALIYUN::ECS::Instance::InstanceType
    AssociationPropertyMetadata:
      ZoneId: ${ZoneId}
    Default: ecs.g6.large
  WorkerSystemDiskCategory:
    Type: String
    AllowedValues:
      - cloud_efficiency
      - cloud_ssd
      - cloud_essd
    AssociationPropertyMetadata:
      LocaleKey: DiskCategory
      InstanceType: ${WorkerInstanceType}
    Label:
      en: Worker System Disk Category
      zh-cn: Worker 系统盘磁盘类型
    Default: cloud_essd
  WorkerSystemDiskSize:
    Type: Number
    Label:
      en: Worker System Disk Size(GB)
      zh-cn: Worker节点系统盘大小(GB)
    MinValue: 1
    Default: 120
  PodCidr:
    Type: String
    Description:
      zh-cn: 请填写有效的私有网段，即以下网段及其子网：10.0.0.0/8，172.16-31.0.0/12-16，192.168.0.0/16<br>不能与 VPC 及 VPC 内已有 Kubernetes 集群使用的网段重复。 <font color='blue'><b>创建成功后不能修改</b></font>
      en: 'Please fill in a valid private segment, i.e. the following segments and their subnets: 10.0.0.0/8, 172.16-31.0.0/12-16, 192.168.0.0/16<br> which cannot duplicate the network segments already used by clusters in VPC and VPC Kunetberes. <font color=''blue''><b>Cannot be modified after successful creation</b></font>'
    Label:
      zh-cn: Pod 网络 CIDR
      en: Pod Network CIDR
    AssociationProperty: ALIYUN::CS::ManagedKubernetesCluster::PodCidr
    Default: 10.0.0.0/16
  ServiceCidr:
    Type: String
    Description:
      zh-cn: 可选范围：10.0.0.0/16-24，172.16-31.0.0/16-24，192.168.0.0/16-24<br>不能与 VPC 及 VPC 内已有 Kubernetes 集群使用的网段重复。 <font color='blue'><b>创建成功后不能修改</b></font>
      en: 'Optional range: 10.0.0.0/16-24, 172.16-31.0.0/16-24, 192.168.0.0/16-24<br> cannot duplicate segments already used by existing Kubernetes clusters in VPC and VPC.<font color=''blue''><b>Cannot be modified after successful creation</b></font>'
    Label:
      zh-cn: Service CIDR
      en: Service CIDR
    AssociationProperty: ALIYUN::CS::ManagedKubernetesCluster::ServiceCidr
    Default: 172.16.0.0/16
Resources:
  EcsVpc:
    Type: ALIYUN::ECS::VPC
    Properties:
      VpcName:
        Ref: ALIYUN::StackName
      CidrBlock:
        Ref: VpcCidrBlock
  EcsVSwitch:
    Type: ALIYUN::ECS::VSwitch
    Properties:
      VSwitchName:
        Ref: ALIYUN::StackName
      VpcId:
        Ref: EcsVpc
      ZoneId:
        Ref: ZoneId
      CidrBlock:
        Ref: VSwitchCidrBlock
  EcsSecurityGroup:
    Type: ALIYUN::ECS::SecurityGroup
    Properties:
      SecurityGroupName:
        Ref: ALIYUN::StackName
      VpcId:
        Ref: EcsVpc
      SecurityGroupEgress:
        - PortRange: '-1/-1'
          Priority: 1
          IpProtocol: all
          DestCidrIp: 0.0.0.0/0
          NicType: intranet
      SecurityGroupIngress:
        - PortRange: '-1/-1'
          Priority: 1
          IpProtocol: all
          SourceCidrIp:
            Ref: PodCidr
          Description: access to the pod network
          NicType: intranet
        - PortRange: '-1/-1'
          Priority: 1
          IpProtocol: all
          SourceCidrIp:
            Ref: VpcCidrBlock
          Description: access to the VPC
          NicType: intranet
        - PortRange: '-1/-1'
          Priority: 1
          IpProtocol: icmp
          SourceCidrIp: 0.0.0.0/0
          Description: access to the ICMP port
          NicType: intranet
  ManagedKubernetesCluster:
    Type: ALIYUN::CS::ManagedKubernetesCluster
    Properties:
      Name:
        Ref: ALIYUN::StackName
      ChargeType:
        Ref: PayType
      Period:
        Ref: PayPeriod
      PeriodUnit:
        Ref: PayPeriodUnit
      VSwitchIds:
        - Ref: EcsVSwitch
      VpcId:
        Ref: EcsVpc
      WorkerInstanceTypes:
        - Ref: WorkerInstanceType
      NumOfNodes: 3
      ClusterSpec: ack.pro.small
      ContainerCidr:
        Ref: PodCidr
      ServiceCidr:
        Ref: ServiceCidr
      ZoneIds:
        - Ref: ZoneId
      SecurityGroupId:
        Ref: EcsSecurityGroup
      WorkerSystemDiskCategory:
        Ref: WorkerSystemDiskCategory
      WorkerSystemDiskSize:
        Ref: WorkerSystemDiskSize
      LoginPassword:
        Ref: LoginPassword
      SnatEntry: true
      Addons:
        - Name: flannel
          Config: ''
  ComputenestHelmApplication:
    Type: MODULE::SHARE::1563457855438522::HelmDeploy
    Version: v5
    DependsOn:
      - ManagedKubernetesCluster
    Properties:
      ClusterId:
        Fn::GetAtt:
          - ManagedKubernetesCluster
          - ClusterId
      ChartIdentifier: '{{ computenest::helmpull::springBoot }}'
      ChartValues:
        image:
          fullname: '{{ computenest::acrimage::springBootDemo }}'
        dockerConfigJson: '{{ computenest::acr::dockerconfigjson }}'
        service:
          type: LoadBalancer
          port: 8080
      Namespace:
        Ref: ALIYUN::StackName
      ReleaseName: spring-boot-chart
  # Sleep for 1 minute to wait for the resources to be ready.
  HelmSleep:
    Type: ALIYUN::ROS::Sleep
    DependsOn:
      - ComputenestHelmApplication
    Properties:
      CreateDuration: 60
  # Query the service information and display the information in the output.
  ClusterApplicationResources:
    Type: DATASOURCE::CS::ClusterApplicationResources
    DependsOn:
      - HelmSleep
    Properties:
      ClusterId:
       Fn::GetAtt:
        - ManagedKubernetesCluster
        - ClusterId
      Kind: Service
      Name: spring-boot-chart
      Namespace:
        Ref: ALIYUN::StackName
      JsonPath: $.status.loadBalancer.ingress[0].ip
      FirstMatch: true
Outputs:
  # Display the public IP address as the returned HTTP URL in the console.
  Endpoint:
    Description:
      zh-cn: 对外暴露的公网IP地址
      en: Public IP Addresses
    Value:
      Fn::Sub:
        - "http://${ServerAddress}:8080"
        - ServerAddress:
            Fn::GetAtt:
              - ClusterApplicationResources
              - Response
Metadata:
  ALIYUN::ROS::Interface:
    ParameterGroups:
      - Parameters:
          - PayType
          - PayPeriodUnit
          - PayPeriod
        Label:
          en: PayType Configuration
          zh-cn: 付费类型配置
      - Parameters:
          - ZoneId
          - VpcCidrBlock
          - VSwitchCidrBlock
          - LoginPassword
        Label:
          en: Basic Configuration
          zh-cn: 基础配置
      - Parameters:
          - WorkerInstanceType
          - WorkerSystemDiskCategory
          - WorkerSystemDiskSize
          - ServiceCidr
          - PodCidr
        Label:
          en: Kubernetes
          zh-cn: Kubernetes配置

Click Deployment Package Association in the Associate Software Package section. In the dialog box that appears, select a deployment package and a version and click OK.
After the service is created and passes the test, check whether the service meets the review criteria of Compute Nest and submit the service for review. For more information, see Review criteria.
After the service is approved, publish the service. For more information, see Publish a service.
When a customer creates a service instance, Compute Nest automatically replaces the content in the template with the file URL in the region in which the service instance is deployed to use the file deployment package.
- The following figures show the results after the file identifiers in a common template are replaced.
  - The following figure shows the replacement result of private file URLs.
  - The following figure shows the replacement result of a public file URL.
- For a file identifier defined in a MigrateTask template, Compute Nest converts the file URL of a file deployment package to the format specified for the OssObjectPositions parameter.
  The value of the OssObjectPositions parameter is composed of the OSS endpoint, OSS bucket name, and backup file key in OSS. The three segments are separated by colons (:). Example: oss-ap-southeast-1.aliyuncs.com:rdsmssqlsingapore:autotest_2008R2_TestMigration_FULL.bak. For more information, see ALIYUN::RDS::MigrateTask. The following figure shows the replacement result of a file URL in a MigrateTask template.

References

For more information about how to create a service in Compute Nest, see Create a service.
If you no longer need a deployment package or deployment package version, you can delete it. For more information, see Delete a deployment package.
If you need to modify a deployment package such as the distribution regions and content, you can create a new version. For more information, see Create a version.