Template name
ACS-ECS-UpdateImage
Template description
Runs a command to create a new Elastic Compute Service (ECS) image by updating an existing ECS image. This applies to scenarios in which you want to update and manage ECS images in batches, such as application installation and system configuration changes. You must provide the following information during the configuration process: regionId: the region where the images are created and updated and sourceImageId: the original ECS image ID. You can modify the following parameters: targetImageName: the name of the ECS image to be created, instanceType: the type of instance image, and updateType: the update type. After a template is executed, the ID of the created image is returned to facilitate image verification and management.
Template type
Automated
Owner
Alibaba Cloud
Input parameters
Parameter | Description | Type | Required | Default value | Limit |
sourceImageId | The ID of the source image. | String | Yes | ||
instanceType | The instance type of the ECS instance. | String | Yes | ||
regionId | The region ID. | String | No | {{ ACS::RegionId }} | |
zoneId | The zone in which the vSwitch is deployed. | String | No | "" | |
targetImageName | The name of the new image. | String | No | UpdateImage_from_{{sourceImageId}}on{{ACS::ExecutionId}} | |
whetherCreateVpc | Specifies whether to create a virtual private cloud (VPC). | Boolean | No | False | |
vpcCidrBlock | The IPv4 CIDR block of the VPC. | String | No | 192.168.0.0/16 | |
vSwitchCidrBlock | The CIDR block of the vSwitch. | String | No | 192.168.1.0/24 | |
securityGroupId | The security group ID. | String | No | "" | |
vSwitchId | The vSwitch ID. | String | No | "" | |
internetMaxBandwidthOut | The public bandwidth. | Number | No | 0 | |
ramRoleName | The Resource Access Management (RAM) role assigned to the ECS instance. | String | No | "" | |
systemDiskCategory | The category of the system disk. | String | No | cloud_essd | |
commandType | The type of the Cloud Assistant command. | String | No | RunShellScript | |
tags | The tags of the image. | Json | No | [] | |
commandContent | The Cloud Assistant command to be run on the ECS instance. | String | No | echo hello | |
timeout | The timeout period. | Number | No | 600 | |
updateType | The method to be used to update the image. | String | No | RunCommand | |
packageName | The name of the software package to be installed. | String | No | "" | |
packageVersion | The version of the software package to be installed. | String | No | "" | |
parameters | The parameters in the command. | Json | No | {} | |
OOSAssumeRole | The RAM role that is assumed by CloudOps Orchestration Service (OOS). | String | No | "" |
Output parameters
Parameter | Description | Type |
imageId | String |
Permission policy that is required to execute the template
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:CreateImage",
"ecs:DeleteInstance",
"ecs:DescribeCloudAssistantStatus",
"ecs:DescribeImages",
"ecs:DescribeInstances",
"ecs:DescribeInvocationResults",
"ecs:DescribeInvocations",
"ecs:InstallCloudAssistant",
"ecs:RebootInstance",
"ecs:RunCommand",
"ecs:RunInstances",
"ecs:StopInstance"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ros:CreateStack",
"ros:DeleteStack",
"ros:GetStack"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"oos:GetTemplate",
"oos:UpdateInstancePackageState"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"oss:GetObject"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
References
For more information, see ACS-ECS-UpdateImage.yml at GitHub.
Template content
FormatVersion: OOS-2019-06-01
Description:
en: en: 'Update an existing ECS image by running commands and create a new ECS image. This is applicable to scenarios requiring batch updates and management of ECS images, such as software installation and system configuration changes. During configuration, users need to provide the following required parameters: Region ID (regionId), which specifies the region where the image update and creation operations occur, and Source Image ID (sourceImageId), which identifies the original ECS image that needs updating. Additional parameters that can be modified from their default values include: Target Image Name (targetImageName) for naming the newly created ECS image, Instance Type (instanceType) for the type of instance to install and configure the new image on, and Update Type (updateType), which can be selected to either run commands or install packages. Upon execution, the template will return the ID of the newly created image, facilitating the verification and management of the created ECS image.'
zh-cn: the description in Chinese
name-en: Update Image
name-zh-cn: the description in Chinese
categories:
- image_manage
- application_manage
Parameters:
regionId:
Type: String
Label:
en: RegionId
zh-cn: the description in Chinese
AssociationProperty: RegionId
Default: '{{ ACS::RegionId }}'
zoneId:
Type: String
Label:
en: VSwitch Availability Zone
zh-cn: the description in Chinese
Default: ''
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
AssociationPropertyMetadata:
RegionId: regionId
targetImageName:
Label:
en: TargetImageName
zh-cn: the description in Chinese
Type: String
Description:
en: <p class="p">Note:</p> <ul class="ul"> <li class="li">Length is 2~128 English or Chinese characters</li> <li class="li"><font color='red'>must start with big or small letters or Chinese, not http:// and https://. </font></li> <li class="li">Can contain numbers, colons (:), underscores (_), or dashes (-). </li> </ul>
zh-cn: the description in Chinese </li> </ul>
Default: 'UpdateImage_from_{{sourceImageId}}_on_{{ACS::ExecutionId}}'
sourceImageId:
Label:
en: SourceImageId
zh-cn: the description in Chinese
Type: String
AssociationProperty: 'ALIYUN::ECS::Image::ImageId'
AssociationPropertyMetadata:
RegionId: regionId
ImageOwnerAlias:
- self
instanceType:
Label:
en: InstanceType
zh-cn: the description in Chinese
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
whetherCreateVpc:
Type: Boolean
Label:
en: WhetherCreateVpc
zh-cn: the description in Chinese
Default: false
vpcCidrBlock:
Type: String
Label:
en: VPC CIDR IPv4 Block
zh-cn: the description in Chinese
Description:
zh-cn: the description in Chinese
en: 'The ip address range of the VPC in the CidrBlock form; <br>You can use the following ip address ranges and their subnets: <br><font color=''green''>[10.0.0.0/8]</font><br><font color=''green''>[172.16.0.0/12]</font><br><font color=''green''>[192.168.0.0/16]</font>'
Default: 192.168.0.0/16
AssociationProperty: ALIYUN::VPC::VPC::CidrBlock
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- true
vSwitchCidrBlock:
Type: String
Label:
en: VSwitch CIDR Block
zh-cn: the description in Chinese
Description:
zh-cn: the description in Chinese
en: Must belong to the subnet segment of VPC
Default: 192.168.1.0/24
AssociationProperty: ALIYUN::VPC::VSwitch::CidrBlock
AssociationPropertyMetadata:
VpcCidrBlock: vpcCidrBlock
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- true
securityGroupId:
Label:
en: SecurityGroupId
zh-cn: the description in Chinese
Type: String
Default: ''
AssociationProperty: 'ALIYUN::ECS::SecurityGroup::SecurityGroupId'
AssociationPropertyMetadata:
RegionId: regionId
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- false
vSwitchId:
Label:
en: VSwitchId
zh-cn: the description in Chinese
Type: String
Default: ''
AssociationProperty: 'ALIYUN::VPC::VSwitch::VSwitchId'
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
Filters:
- SecurityGroupId: securityGroupId
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- false
internetMaxBandwidthOut:
Type: Number
Label:
zh-cn: the description in Chinese
en: Internet Max Bandwidth Out
Description:
zh-cn: the description in Chinese
en: no public ip if zero
Default: 0
MinValue: 0
MaxValue: 100
ramRoleName:
Label:
en: RamRoleName
zh-cn: the description in Chinese
Type: String
AssociationProperty: ALIYUN::ECS::RAM::Role
Default: ''
systemDiskCategory:
Label:
en: SystemDiskCategory
zh-cn: the description in Chinese
Type: String
AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
AssociationPropertyMetadata:
RegionId: regionId
InstanceType: instanceType
Default: cloud_essd
commandType:
Label:
en: CommandType
zh-cn: the description in Chinese
Type: String
AssociationPropertyMetadata:
LocaleKey: PricingCycle
Visible:
Condition:
Fn::Equals:
- ${updateType}
- RunCommand
AllowedValues:
- RunBatScript
- RunPowerShellScript
- RunShellScript
Default: RunShellScript
tags:
Label:
en: Tags
zh-cn: the description in Chinese
Type: Json
AssociationProperty: Tags
AssociationPropertyMetadata:
ShowSystem: false
Default: []
commandContent:
Label:
en: CommandContent
zh-cn: the description in Chinese
Type: String
AssociationProperty: Code
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${updateType}
- RunCommand
Default: 'echo hello'
timeout:
Label:
en: Timeout
zh-cn: the description in Chinese
Type: Number
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${updateType}
- RunCommand
Default: 600
updateType:
Label:
en: UpdateType
zh-cn: the description in Chinese
Type: String
AllowedValues:
- RunCommand
- InstallPackage
Default: RunCommand
AssociationPropertyMetadata:
ValueLabelMapping:
RunCommand:
zh-cn: the description in Chinese
en: RunCommand
InstallPackage:
zh-cn: the description in Chinese
en: InstallPackage
packageName:
Label:
en: packageName
zh-cn: the description in Chinese
Type: String
Default: ''
AssociationProperty: 'ALIYUN::OOS::Package::PackageName'
AssociationPropertyMetadata:
RegionId: regionId
Visible:
Condition:
Fn::Equals:
- ${updateType}
- InstallPackage
packageVersion:
Label:
en: packageVersion
zh-cn: the description in Chinese
Type: String
AssociationProperty: 'ALIYUN::OOS::Package::PackageVersion'
AssociationPropertyMetadata:
TemplateName: ${packageName}
Visible:
Condition:
Fn::Equals:
- ${updateType}
- InstallPackage
Default: ''
parameters:
Label:
en: Parameters
zh-cn: the description in Chinese
Type: Json
Default: {}
AssociationProperty: TemplateParameter
AssociationPropertyMetadata:
TemplateName: packageName
TemplateVersion: packageVersion
TemplateType: Package
Visible:
Condition:
Fn::Equals:
- ${updateType}
- InstallPackage
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: the description in Chinese
Type: String
Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: checkNewImageName
Action: ACS::CheckFor
Description:
en: Check image name is available
zh-cn: the description in Chinese
Properties:
Service: ECS
API: DescribeImages
Parameters:
RegionId: '{{ regionId }}'
ImageName: '{{ targetImageName }}'
DesiredValues:
- 0
PropertySelector: TotalCount
- Name: createStack
Action: 'ACS::ExecuteAPI'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Create a resource stack
zh-cn: the description in Chinese
Properties:
Service: ROS
API: CreateStack
Parameters:
RegionId: '{{ regionId }}'
StackName: 'OOS-{{ACS::ExecutionId}}'
TimeoutInMinutes: 10
DisableRollback: false
Parameters:
- ParameterKey: ZoneId
ParameterValue: '{{ zoneId }}'
- ParameterKey: VpcCidrBlock
ParameterValue: '{{ vpcCidrBlock }}'
- ParameterKey: VSwitchCidrBlock
ParameterValue: '{{ vSwitchCidrBlock }}'
TemplateBody: |
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
ZoneId:
Type: String
VpcCidrBlock:
Type: String
VSwitchCidrBlock:
Type: String
Resources:
EcsVpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock:
Ref: VpcCidrBlock
VpcName:
Ref: ALIYUN::StackName
EcsVSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
ZoneId:
Ref: ZoneId
VpcId:
Ref: EcsVpc
CidrBlock:
Ref: VSwitchCidrBlock
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
VpcId:
Ref: EcsVpc
Outputs:
SecurityGroupId:
Value:
Ref: EcsSecurityGroup
VSwitchId:
Value:
Ref: EcsVSwitch
Outputs:
StackId:
Type: String
ValueSelector: StackId
- Name: untilStackReady
Action: 'ACS::WaitFor'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Wait for the stack status CREATE_COMPLETE
zh-cn: the description in Chinese
OnError: deleteStack
Properties:
Service: ROS
API: GetStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{createStack.StackId}}'
DesiredValues:
- CREATE_COMPLETE
StopRetryValues:
- CREATE_FAILED
- CHECK_FAILED
- ROLLBACK_FAILED
- ROLLBACK_COMPLETE
- CREATE_ROLLBACK_COMPLETE
PropertySelector: Status
Outputs:
securityGroupId:
Type: String
ValueSelector: 'Outputs[0].OutputValue'
vSwitchId:
Type: String
ValueSelector: 'Outputs[1].OutputValue'
- Name: runInstances
Action: ACS::ECS::RunInstances
Description:
en: Create a ECS instance with source image
zh-cn: the description in Chinese
OnError: deleteStack
Properties:
regionId: '{{ regionId }}'
imageId: '{{ sourceImageId }}'
instanceType: '{{ instanceType }}'
securityGroupId:
Fn::If:
- Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
- '{{ untilStackReady.securityGroupId }}'
- '{{ securityGroupId }}'
vSwitchId:
Fn::If:
- Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
- '{{ untilStackReady.vSwitchId }}'
- '{{ vSwitchId }}'
internetMaxBandwidthOut: '{{ internetMaxBandwidthOut }}'
ramRoleName: '{{ ramRoleName }}'
systemDiskCategory: '{{ systemDiskCategory }}'
Outputs:
instanceId:
ValueSelector: instanceIds[0]
Type: String
- Name: installCloudAssistant
Action: ACS::ECS::InstallCloudAssistant
Description:
en: Install cloud assistant for ECS instance
zh-cn: the description in Chinese
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
- Name: runCommand
Action: ACS::ECS::RunCommand
When:
Fn::Equals:
- '{{ updateType }}'
- RunCommand
Description:
en: Run cloud assistant command on ECS instance
zh-cn: the description in Chinese
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
commandContent: '{{ commandContent }}'
commandType: '{{ commandType }}'
instanceId: '{{ runInstances.instanceId }}'
timeout: '{{ timeout }}'
- Name: configurePackage
Action: ACS::ECS::ConfigureOOSPackageWithTemporaryURL
Description:
en: Configure Package
zh-cn: the description in Chinese
When:
Fn::Equals:
- '{{ updateType }}'
- InstallPackage
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
packageName: '{{ packageName }}'
packageVersion: '{{ packageVersion }}'
parameters: '{{ parameters }}'
Outputs:
commandOutput:
Type: String
ValueSelector: .commandOutput
- Name: stopInstance
Action: ACS::ECS::StopInstance
Description:
en: Stops the ECS instance
zh-cn: the description in Chinese
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
- Name: createImage
Action: ACS::ECS::CreateImage
Description:
en: Create new image with the specified image name and instance ID
zh-cn: the description in Chinese
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
imageName: '{{ targetImageName }}'
instanceId: '{{ runInstances.instanceId }}'
tags: '{{tags}}'
Outputs:
imageId:
ValueSelector: imageId
Type: String
- Name: deleteInstance
Action: ACS::ExecuteAPI
Description:
en: Deletes the ECS instance
zh-cn: the description in Chinese
Properties:
Service: ECS
API: DeleteInstance
Risk: Normal
Parameters:
RegionId: '{{ regionId }}'
InstanceId: '{{ runInstances.instanceId }}'
Force: true
- Name: deleteStack
Action: 'ACS::ExecuteApi'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Delete the stack
zh-cn: the description in Chinese
Properties:
Service: ROS
API: DeleteStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{ createStack.StackId }}'
Outputs:
imageId:
Type: String
Value: '{{ createImage.imageId }}'
Metadata:
ALIYUN::OOS::Interface:
ParameterGroups:
- Parameters:
- regionId
- sourceImageId
Label:
default:
zh-cn: the description in Chinese
en: Select Origin Image
- Parameters:
- targetImageName
- tags
Label:
default:
zh-cn: the description in Chinese
en: Image Configure
- Parameters:
- zoneId
- instanceType
- whetherCreateVpc
- vpcCidrBlock
- vSwitchCidrBlock
- securityGroupId
- vSwitchId
- internetMaxBandwidthOut
- systemDiskCategory
- ramRoleName
Label:
default:
zh-cn: the description in Chinese
en: ECS Instance Configure
- Parameters:
- updateType
- packageName
- packageVersion
- parameters
- commandType
- commandContent
- timeout
Label:
default:
zh-cn: the description in Chinese
en: Update Image Configuration
- Parameters:
- OOSAssumeRole
Label:
default:
zh-cn: the description in Chinese
en: Control Options