Tipe resource ALIYUN::SAE::Application digunakan untuk membuat aplikasi Serverless App Engine (SAE).
Sintaks
{
"Type": "ALIYUN::SAE::Application",
"Properties": {
"Timezone": String,
"AppDescription": String,
"MountDesc": String,
"NasId": String,
"WarStartOptions": String,
"Liveness": String,
"Memory": Integer,
"WebContainer": String,
"SlsConfigs": String,
"Cpu": Integer,
"Deploy": Boolean,
"PackageVersion": String,
"AppName": String,
"Jdk": String,
"JarStartArgs": String,
"PreStop": String,
"Readiness": String,
"PackageType": String,
"CommandArgs": String,
"Envs": String,
"VSwitchId": String,
"ImageUrl": String,
"PostStart": String,
"JarStartOptions": String,
"MountHost": String,
"Replicas": Integer,
"CustomHostAlias": String,
"VpcId": String,
"Tags": List,
"SecurityGroupId": String,
"Command": String,
"EdasContainerVersion": String,
"PackageUrl": String,
"NamespaceId": String,
"AssociateEip": Boolean,
"AcrInstanceId": String,
"OssAkId": String,
"ProgrammingLanguage": String,
"OssAkSecret": String,
"Python": String,
"BaseAppId": String,
"EnableEbpf": String,
"PhpArmsConfigLocation": String,
"PhpConfig": String,
"MicroRegistrationConfig": String,
"TerminationGracePeriodSeconds": Integer,
"ConfigMapMountDesc": String,
"PvtzDiscoverySvc": String,
"AcrAssumeRoleArn": String,
"TomcatConfig": String,
"AppSource": String,
"PythonModules": String,
"NasConfigs": String,
"MicroRegistration": String,
"ServiceTags": String,
"ImagePullSecrets": String,
"AutoConfig": Boolean,
"KafkaConfigs": String,
"Php": String,
"OssMountDescs": List,
"PhpConfigLocation": String,
"SaeVersion": String,
"NewSaeVersion": String,
"EnableNewArms": Boolean,
"EnableSidecarResourceIsolated": Boolean,
"SidecarContainersConfig": List,
"InitContainersConfig": List
}
}Properti
|
Nama Properti |
Tipe |
Wajib |
Dapat Diperbarui |
Deskripsi |
Batasan |
|
AppName |
String |
Ya |
Tidak |
Nama aplikasi. |
Nama harus terdiri dari 1 hingga 36 karakter. Nama harus dimulai dengan huruf dan hanya boleh berisi huruf, angka, dan tanda hubung (-). |
|
Cpu |
Integer |
Ya |
Tidak |
CPU yang dibutuhkan oleh setiap instans. Hanya spesifikasi tetap yang didukung. |
Nilai yang valid:
Unit: millicore. |
|
Memory |
Integer |
Ya |
Tidak |
Memori yang dibutuhkan oleh setiap instans. Hanya spesifikasi tetap yang didukung. |
Memori dan CPU memiliki pemetaan satu-ke-satu. Kombinasi berikut didukung:
Unit: MB. |
|
Replicas |
Integer |
Ya |
Tidak |
Jumlah awal instans. |
Tidak ada |
|
PackageType |
String |
Ya |
Tidak |
Tipe paket aplikasi. |
Nilai yang valid:
|
|
Timezone |
String |
Tidak |
Ya |
Zona waktu. |
Nilai default: Asia/Shanghai. |
|
AppDescription |
String |
Tidak |
Tidak |
Deskripsi aplikasi. |
Deskripsi maksimal terdiri dari 1024 karakter. |
|
MountDesc |
String |
Tidak |
Ya |
Deskripsi pemasangan. |
Tidak ada |
|
NasId |
String |
Tidak |
Ya |
ID sistem file NAS yang akan dipasang. |
Sistem file NAS harus memiliki kuota titik pemasangan yang tersedia, atau titik pemasangannya sudah ada di vSwitch VPC. Jika Anda tidak menentukan parameter ini tetapi menentukan MountDesc, SAE secara otomatis membeli sistem file NAS dan memasangnya ke vSwitch dalam VPC. |
|
WarStartOptions |
String |
Tidak |
Ya |
Opsi startup untuk paket WAR. |
Perintah startup default: |
|
Liveness |
String |
Tidak |
Ya |
Pemeriksaan kesehatan kontainer. Kontainer yang gagal dalam pemeriksaan kesehatan akan direstart. |
Hanya pemeriksaan kesehatan berbasis perintah di dalam kontainer yang didukung. Contoh: |
|
WebContainer |
String |
Tidak |
Ya |
Versi Tomcat tempat paket penyebaran bergantung. |
Parameter ini tidak didukung untuk image. |
|
SlsConfigs |
String |
Tidak |
Ya |
Konfigurasi untuk pengumpulan log file. |
Tidak ada |
|
Deploy |
Boolean |
Tidak |
Tidak |
Apakah akan langsung melakukan penerapan. |
Nilai yang valid:
|
|
Tags |
List |
Tidak |
Ya |
Tag. |
Anda dapat menentukan hingga 20 tag. Untuk informasi selengkapnya, lihat Sintaks Tags dan Properti Tags. |
|
PackageVersion |
String |
Tidak |
Ya |
Versi paket penyebaran. |
Parameter ini wajib jika PackageType diatur ke War atau FatJar. |
|
Jdk |
String |
Tidak |
Ya |
Versi JDK tempat paket penyebaran bergantung. |
Parameter ini tidak didukung untuk image. |
|
JarStartArgs |
String |
Tidak |
Ya |
Argumen startup untuk paket JAR. |
Perintah startup default: |
|
PreStop |
String |
Tidak |
Ya |
Skrip yang dijalankan sebelum kontainer dihapus. |
Skrip yang dieksekusi sebelum kontainer dihapus, seperti: |
|
Readiness |
String |
Tidak |
Ya |
Skrip untuk memeriksa status startup aplikasi. |
Skrip pemeriksaan status startup aplikasi, seperti: Kontainer yang berulang kali gagal dalam pemeriksaan readiness akan direstart. Lalu lintas dari SLB tidak akan masuk ke kontainer yang gagal dalam pemeriksaan readiness. |
|
CommandArgs |
String |
Tidak |
Ya |
Argumen perintah untuk menjalankan image. |
Tidak ada |
|
Envs |
String |
Tidak |
Ya |
Variabel lingkungan untuk kontainer. |
Format:
|
|
VSwitchId |
String |
Tidak |
Tidak |
vSwitch tempat ENI instans aplikasi berada. |
vSwitch harus berada dalam VPC yang ditentukan. vSwitch terikat ke namespace EDAS. Jika Anda tidak menentukan parameter ini, vSwitch yang terikat ke namespace akan digunakan. |
|
ImageUrl |
String |
Tidak |
Ya |
Alamat image. |
Hanya aplikasi bertipe Image yang mendukung parameter ini. |
|
PostStart |
String |
Tidak |
Ya |
Skrip yang dijalankan setelah kontainer dimulai. |
Anda dapat mengeksekusi skrip setelah kontainer dimulai. Contoh: |
|
JarStartOptions |
String |
Tidak |
Ya |
Opsi startup untuk paket JAR. |
Perintah startup default: |
|
MountHost |
String |
Tidak |
Ya |
Titik pemasangan sistem file NAS dalam VPC. |
Tidak ada |
|
CustomHostAlias |
String |
Tidak |
Ya |
Pemetaan host kustom dalam kontainer. |
Pemetaan host kustom dalam kontainer. Format:
|
|
VpcId |
String |
Tidak |
Tidak |
VPC yang sesuai dengan namespace SAE. |
Di SAE, satu namespace hanya dapat sesuai dengan satu VPC, dan pengikatan ini tidak dapat diubah. Aplikasi pertama yang dibuat dalam namespace menetapkan pengikatan tersebut. Beberapa namespace dapat sesuai dengan satu VPC. Jika Anda tidak menentukan parameter ini, VPC yang terikat ke namespace akan digunakan. |
|
SecurityGroupId |
String |
Tidak |
Tidak |
ID grup keamanan. |
Tidak ada |
|
Command |
String |
Tidak |
Ya |
Perintah untuk menjalankan image. |
Perintah harus merupakan objek yang dapat dieksekusi dalam kontainer. Contoh: sleep. Menentukan perintah ini akan mengganti perintah startup default dari image. |
|
EdasContainerVersion |
String |
Tidak |
Ya |
Lingkungan runtime yang digunakan oleh aplikasi EDAS Pandora. |
Tidak ada |
|
PackageUrl |
String |
Tidak |
Ya |
URL paket penyebaran. |
Parameter ini hanya berlaku ketika PackageType diatur ke War atau FatJar. |
|
NamespaceId |
String |
Ya |
Tidak |
ID namespace EDAS. |
Hanya namespace yang namanya terdiri dari huruf kecil dan tanda hubung (-) yang didukung. Nama harus dimulai dengan huruf kecil. |
|
AssociateEip |
Boolean |
Tidak |
Tidak |
Apakah akan mengaitkan EIP. |
Nilai yang valid:
|
|
AcrInstanceId |
String |
Tidak |
Ya |
ID instans ACR Enterprise. |
Tidak ada |
|
OssAkId |
String |
Tidak |
Tidak |
ID AccessKey untuk operasi baca dan tulis OSS. |
Tidak ada |
|
ProgrammingLanguage |
String |
Tidak |
Tidak |
Bahasa pemrograman aplikasi. |
Nilai yang valid:
|
|
OssAkSecret |
String |
Tidak |
Tidak |
Rahasia AccessKey untuk operasi baca dan tulis OSS. |
Tidak ada |
|
Python |
String |
Tidak |
Tidak |
Lingkungan Python. |
Python 3.9.15 didukung. |
|
BaseAppId |
String |
Tidak |
Tidak |
ID aplikasi dasar. |
Tidak ada |
|
EnableEbpf |
String |
Tidak |
Tidak |
Mengaktifkan pemantauan aplikasi untuk aplikasi non-Java berdasarkan teknologi eBPF. |
Nilai yang valid:
|
|
PhpArmsConfigLocation |
String |
Tidak |
Tidak |
Jalur pemasangan untuk konfigurasi pemantauan aplikasi PHP. Pastikan server PHP memuat file konfigurasi dari jalur ini. |
Anda tidak perlu mengelola konten konfigurasi. SAE secara otomatis merender file konfigurasi yang benar. |
|
PhpConfig |
String |
Tidak |
Tidak |
Konten file konfigurasi PHP. |
Tidak ada |
|
MicroRegistrationConfig |
String |
Tidak |
Tidak |
Konfigurasi pusat registrasi. |
Tidak ada |
|
TerminationGracePeriodSeconds |
Integer |
Tidak |
Tidak |
Periode timeout shutdown yang mulus. |
Nilai default: 30. Nilai yang valid: 1 hingga 300. Unit: detik. |
|
ConfigMapMountDesc |
String |
Tidak |
Tidak |
ConfigMap deskripsi pemasangan. |
Suntikkan informasi konfigurasi ke dalam kontainer menggunakan ConfigMap yang dibuat pada halaman konfigurasi namespace. Parameter:
Catatan
Anda dapat memasang semua kunci dengan meneruskan parameter |
|
PvtzDiscoverySvc |
String |
Tidak |
Tidak |
Mengaktifkan registrasi dan discovery layanan K8s. |
Nilai yang valid adalah sebagai berikut:
|
|
AcrAssumeRoleArn |
String |
Tidak |
Tidak |
ARN role RAM yang diperlukan untuk menarik image lintas akun. |
Untuk informasi selengkapnya, lihat Berikan izin ke role RAM. |
|
TomcatConfig |
String |
Tidak |
Tidak |
Konfigurasi file Tomcat. |
Atur parameter ini ke "" atau "{}" untuk menghapus konfigurasi:
|
|
AppSource |
String |
Tidak |
Tidak |
Aplikasi mikroservis. |
Nilai yang valid:
|
|
PythonModules |
String |
Tidak |
Tidak |
Dependensi modul kustom. |
Secara default, dependensi yang didefinisikan dalam requirements.txt di direktori root akan diinstal. Jika tidak ada konfigurasi atau paket kustom yang ditentukan, Anda dapat menentukan dependensi yang akan diinstal. |
|
NasConfigs |
String |
Tidak |
Tidak |
Konfigurasi untuk memasang NAS. |
Berikut daftar nilai yang valid:
|
|
MicroRegistration |
String |
Tidak |
Tidak |
Memilih registri Nacos. |
Nilai yang valid:
|
|
ServiceTags |
String |
Tidak |
Tidak |
Tag grayscale yang dikonfigurasi untuk aplikasi. |
Tidak ada |
|
ImagePullSecrets |
String |
Tidak |
Tidak |
ID rahasia. |
Tidak ada |
|
AutoConfig |
Boolean |
Tidak |
Tidak |
Apakah akan mengonfigurasi lingkungan jaringan secara otomatis. |
Nilai yang valid:
Catatan
Jika Anda mengatur parameter ini ke true, nilai lain dari NamespaceId diabaikan. |
|
KafkaConfigs |
String |
Tidak |
Tidak |
Konfigurasi agregat untuk pengumpulan log ke Kafka. |
Nilainya adalah sebagai berikut:
|
|
Php |
String |
Tidak |
Tidak |
Versi PHP tempat paket penyebaran PHP bergantung. |
Tidak ada. |
|
OssMountDescs |
List |
Tidak |
Tidak |
Deskripsi pemasangan OSS. |
Parameter:
|
|
PhpConfigLocation |
String |
Tidak |
Tidak |
Jalur pemasangan untuk konfigurasi startup aplikasi PHP. |
Pastikan server PHP menggunakan file konfigurasi ini untuk memulai. |
|
SaeVersion |
String |
Tidak |
Tidak |
Versi SAE. |
Versi yang didukung:
|
|
NewSaeVersion |
String |
Tidak |
Tidak |
Versi SAE baru. |
Nilai yang valid:
|
|
EnableNewArms |
Boolean |
Tidak |
Tidak |
Apakah akan mengaktifkan fitur ARMS baru. |
Nilai yang valid:
|
|
EnableSidecarResourceIsolated |
Boolean |
Tidak |
Ya |
Apakah akan mengaktifkan isolasi resource sidecar. |
Nilai yang valid:
|
|
SidecarContainersConfig |
List |
Tidak |
Ya |
Daftar konfigurasi kontainer. |
Untuk informasi selengkapnya, lihat Properti SidecarContainersConfig. |
|
InitContainersConfig |
List |
Tidak |
Ya |
Daftar konfigurasi init container. |
Untuk informasi selengkapnya, lihat Properti InitContainersConfig. |
Sintaks SidecarContainersConfig
"SidecarContainersConfig": [
{
"CommandArgs": String,
"AcrInstanceId": String,
"Memory": Integer,
"Name": String,
"EmptyDirDesc": String,
"Command": String,
"ImageUrl": String,
"Cpu": Integer,
"Envs": String,
"ConfigMapMountDesc": String
}
] Properti SidecarContainersConfig
|
Nama Properti |
Type |
Wajib |
Dapat Diperbarui |
Deskripsi |
Batasan |
|
CommandArgs |
String |
Tidak |
Ya |
Argumen perintah yang dijalankan di init container. |
Tidak ada |
|
AcrInstanceId |
String |
Tidak |
Ya |
ID instans ACR. |
Tidak ada |
|
Memory |
Integer |
Ya |
Ya |
Jumlah memori yang dialokasikan ke kontainer sidecar. |
Tidak ada |
|
Name |
String |
Ya |
Ya |
Nama kontainer sidecar. |
Tidak ada |
|
EmptyDirDesc |
String |
Tidak |
Ya |
Deskripsi pemasangan EMPTYDIR. |
Tidak ada |
|
Command |
String |
Tidak |
Ya |
Perintah yang dijalankan di init container. |
Tidak ada |
|
ImageUrl |
String |
Tidak |
Ya |
Alamat gambar. |
Anda hanya dapat mengonfigurasi Alamat Registri untuk aplikasi berbasis image. |
|
Cpu |
Integer |
Ya |
Ya |
Jumlah core CPU yang dialokasikan ke kontainer sidecar. |
Tidak ada |
|
Envs |
String |
Tidak |
Ya |
Variabel lingkungan untuk kontainer. |
Contoh: |
|
ConfigMapMountDesc |
String |
Tidak |
Ya |
Deskripsi pemasangan ConfigMap. |
Tidak ada |
Sintaks InitContainersConfig
"InitContainersConfig": [
{
"Command": String,
"ConfigMapMountDesc": String,
"ImageUrl": String,
"CommandArgs": String,
"Envs": String,
"Name": String
}
] Properti InitContainersConfig
|
Nama Properti |
Tipe |
Wajib |
Dapat Diperbarui |
Deskripsi |
Batasan |
|
Command |
String |
Tidak |
Ya |
Perintah yang dijalankan di init container. |
Tidak ada |
|
ConfigMapMountDesc |
String |
Tidak |
Tidak |
Deskripsi pemasangan ConfigMap. |
Tidak ada |
|
ImageUrl |
String |
Tidak |
Ya |
Alamat image. |
Hanya aplikasi bertipe Image yang mendukung parameter ini. |
|
CommandArgs |
String |
Tidak |
Ya |
Argumen perintah yang dijalankan di init container. |
Tidak ada |
|
Envs |
String |
Tidak |
Ya |
Variabel lingkungan untuk kontainer. |
Contoh: |
|
Name |
String |
Ya |
Ya |
Nama init container. |
Tidak ada |
Sintaks Tags
"Tags": [
{
"Key": String,
"Value": String
}
] Properti Tags
|
Nama Properti |
Tipe |
Wajib |
Dapat Diperbarui |
Deskripsi |
Batasan |
|
Key |
String |
Ya |
Tidak |
Kunci tag. |
Kunci harus terdiri dari 1 hingga 128 karakter. Tidak boleh dimulai dengan |
|
Value |
String |
Tidak |
Tidak |
Nilai tag. |
Nilai dapat terdiri dari 0 hingga 128 karakter. Tidak boleh dimulai dengan |
Nilai kembalian
Fn::GetAtt
-
AppId: ID aplikasi.
-
ChangeOrderId: ID pesanan rilis, yang digunakan untuk memeriksa status eksekusi tugas.
Contoh
Skenario 1: Buat aplikasi SAE.
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
NamespaceId:
Type: String
Description: |-
EDAS namespace corresponding to ID. Canada supports only the name of the scribe lowercase namespace must begin with a letter.
Namespace can interface to obtain from DescribeNamespaceList.
VpcId:
Type: String
AssociationProperty: ALIYUN::ECS::VPC::VPCId
VSwitchId:
Type: String
AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
AssociationPropertyMetadata:
VpcId: ${VpcId}
SecurityGroupId:
Type: String
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
VpcId: ${VpcId}
Resources:
Application:
Type: ALIYUN::SAE::Application
Properties:
AppName: TestApp
NamespaceId:
Ref: NamespaceId
VpcId:
Ref: VpcId
VSwitchId:
Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
Cpu: 500
Memory: 1024
Replicas: 2
PackageType: War
Deploy: true
Timezone: Asia/Shanghai
Outputs: {}{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"NamespaceId": {
"Type": "String",
"Description": "EDAS namespace corresponding to ID. Canada supports only the name of the scribe lowercase namespace must begin with a letter.\nNamespace can interface to obtain from DescribeNamespaceList."
},
"VpcId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
},
"VSwitchId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}"
}
},
"SecurityGroupId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}"
}
}
},
"Resources": {
"Application": {
"Type": "ALIYUN::SAE::Application",
"Properties": {
"AppName": "TestApp",
"NamespaceId": {
"Ref": "NamespaceId"
},
"VpcId": {
"Ref": "VpcId"
},
"VSwitchId": {
"Ref": "VSwitchId"
},
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"Cpu": 500,
"Memory": 1024,
"Replicas": 2,
"PackageType": "War",
"Deploy": true,
"Timezone": "Asia/Shanghai"
}
}
},
"Outputs": {
}
}Skenario 2: Buat aplikasi SAE, namespace, dan pengikatan SLB.
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: Create SAE applications, namespaces, and SLB bindings, configure ECS resources with load balancing, and automate the deployment of containerized applications.
en: Create SAE applications, namespaces, and SLB bindings, configure ECS resources with load balancing, and automate the deployment of containerized applications.
Parameters:
ZoneId:
Type: String
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
VpcId:
Type: String
AssociationProperty: ALIYUN::ECS::VPC::VPCId
VSwitchId:
Type: String
AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
AssociationPropertyMetadata:
VpcId: VpcId
ZoneId: ZoneId
SecurityGroupId:
Type: String
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
VpcId: VpcId
NamespaceName:
Type: String
Description: Namespace name
Default: mytest
NamespaceId:
Type: String
Description: Namespace ID
Default: mytest
Description:
Type: String
Description: Description of the namespace
Default: null
AppName:
Type: String
Description: Application name
Default: test
LoadBalancerSpec:
Type: String
Description: The specification of the SLB instance
Default: slb.s2.medium
Resources:
LoadBalancer:
Type: ALIYUN::SLB::LoadBalancer
Properties:
MasterZoneId:
Ref: ZoneId
LoadBalancerSpec:
Ref: LoadBalancerSpec
Namespace:
Type: ALIYUN::SAE::Namespace
Properties:
NamespaceName:
Ref: NamespaceName
NamespaceId:
Fn::Sub: ${ALIYUN::Region}:${NamespaceId}
NamespaceDescription:
Ref: Description
DependsOn: LoadBalancer
SaeApp:
Type: ALIYUN::SAE::Application
Properties:
VpcId:
Ref: VpcId
VSwitchId:
Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
AppName:
Ref: AppName
NamespaceId:
Fn::GetAtt:
- Namespace
- NamespaceId
Cpu: 500
Memory: 1024
Replicas: 2
Deploy: true
Timezone: Asia/Shanghai
SaeVersion: v2
AutoConfig: false
PackageType: Image
Jdk: Dragonwell 21
ImageUrl:
Fn::Sub: registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:web-springboot-hellosae-v1.0
ProgrammingLanguage: java
AppSource: micro_service
DependsOn:
- Namespace
BindSlb:
Type: ALIYUN::SAE::SlbBinding
Properties:
AppId:
Ref: SaeApp
Intranet: '[{"port": 80, "targetPort": 8080, "protocol": "TCP"}]'
InternetSlbId:
Ref: LoadBalancer
DependsOn:
- LoadBalancer
- SaeApp
Outputs:
AppId:
Value:
Fn::GetAtt:
- SaeApp
- AppId
ChangeOrderId:
Value:
Fn::GetAtt:
- SaeApp
- ChangeOrderId
NamespaceId:
Value:
Fn::GetAtt:
- Namespace
- NamespaceId
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "Create SAE applications, namespaces, and SLB bindings, configure ECS resources with load balancing, and automate the deployment of containerized applications.",
"en": "Create SAE applications, namespaces, and SLB bindings, configure ECS resources with load balancing, and automate the deployment of containerized applications."
},
"Parameters": {
"ZoneId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance:ZoneId"
},
"VpcId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
},
"VSwitchId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
"AssociationPropertyMetadata": {
"VpcId": "VpcId",
"ZoneId": "ZoneId"
}
},
"SecurityGroupId": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
"AssociationPropertyMetadata": {
"VpcId": "VpcId"
}
},
"NamespaceName": {
"Type": "String",
"Description": "Namespace name",
"Default": "mytest"
},
"NamespaceId": {
"Type": "String",
"Description": "Namespace ID",
"Default": "mytest"
},
"Description": {
"Type": "String",
"Description": "Description of the namespace",
"Default": null
},
"AppName": {
"Type": "String",
"Description": "Application name",
"Default": "test"
},
"LoadBalancerSpec": {
"Type": "String",
"Description": "The specification of the SLB instance",
"Default": "slb.s2.medium"
}
},
"Resources": {
"LoadBalancer": {
"Type": "ALIYUN::SLB::LoadBalancer",
"Properties": {
"MasterZoneId": {
"Ref": "ZoneId"
},
"LoadBalancerSpec": {
"Ref": "LoadBalancerSpec"
}
}
},
"Namespace": {
"Type": "ALIYUN::SAE::Namespace",
"Properties": {
"NamespaceName": {
"Ref": "NamespaceName"
},
"NamespaceId": {
"Fn::Sub": "${ALIYUN::Region}:${NamespaceId}"
},
"NamespaceDescription": {
"Ref": "Description"
}
},
"DependsOn": "LoadBalancer"
},
"SaeApp": {
"Type": "ALIYUN::SAE::Application",
"Properties": {
"VpcId": {
"Ref": "VpcId"
},
"VSwitchId": {
"Ref": "VSwitchId"
},
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"AppName": {
"Ref": "AppName"
},
"NamespaceId": {
"Fn::GetAtt": [
"Namespace",
"NamespaceId"
]
},
"Cpu": 500,
"Memory": 1024,
"Replicas": 2,
"Deploy": true,
"Timezone": "Asia/Shanghai",
"SaeVersion": "v2",
"AutoConfig": false,
"PackageType": "Image",
"Jdk": "Dragonwell 21",
"ImageUrl": {
"Fn::Sub": "registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:web-springboot-hellosae-v1.0"
},
"ProgrammingLanguage": "java",
"AppSource": "micro_service"
},
"DependsOn": [
"Namespace"
]
},
"BindSlb": {
"Type": "ALIYUN::SAE::SlbBinding",
"Properties": {
"AppId": {
"Ref": "SaeApp"
},
"Intranet": "[{\"port\": 80, \"targetPort\": 8080, \"protocol\": \"TCP\"}]",
"InternetSlbId": {
"Ref": "LoadBalancer"
}
},
"DependsOn": [
"LoadBalancer",
"SaeApp"
]
}
},
"Outputs": {
"AppId": {
"Value": {
"Fn::GetAtt": [
"SaeApp",
"AppId"
]
}
},
"ChangeOrderId": {
"Value": {
"Fn::GetAtt": [
"SaeApp",
"ChangeOrderId"
]
}
},
"NamespaceId": {
"Value": {
"Fn::GetAtt": [
"Namespace",
"NamespaceId"
]
}
}
}
}Skenario 3: Terapkan platform Dify lingkungan produksi melalui Serverless App Engine.
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: Deploy the production environment Dify platform through Serverless App Engine.
en: Deploy a production-ready Dify platform using Serverless App Engine (SAE).
Parameters:
CommonName:
Type: String
Default: Dify
NamespaceName:
Type: String
Label:
en: Namespace name
zh-cn: Namespace name
Description:
zh-cn: Namespace name, only lowercase letters and numbers are supported
en: The name of the namespace. Only lowercase letters and numbers are supported.
AllowedPattern: '^[a-z0-9]+$'
AssociationProperty: AutoCompleteInput
AssociationPropertyMetadata:
Length: 3
Prefix: dify
CharacterClasses:
- Class: lowercase
min: 2
- Class: "number"
min: 1
ZoneId1:
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
AssociationPropertyMetadata:
ExclusiveTo:
- ZoneId2
Label:
en: Availability Zone 1
zh-cn: Availability Zone 1
ZoneId2:
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
AssociationPropertyMetadata:
ExclusiveTo:
- ZoneId1
Label:
en: Availability Zone 2
zh-cn: Availability Zone 2
InstanceType:
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
InstanceChargeType: PostPaid
SystemDiskCategory: cloud_essd
ZoneId: ${ZoneId1}
Label:
en: Instance type
zh-cn: Instance type
ADBPGAccount:
Default: dify
Type: String
Label:
zh-cn: Database account
en: Database account
ADBPGPassword:
NoEcho: true
Type: String
Label:
zh-cn: Database account password
en: Database account password
AssociationProperty: ALIYUN::RDS::Instance::AccountPassword
InstancePassword:
Type: String
Label:
en: Instance login password
zh-cn: Logon password
Description:
en: The login password for the instance. The password must be 8 to 30 characters in length and contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters: ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
zh-cn: Server logon password. Length: 8 to 30 characters. Must contain at least three of the following types: uppercase letters, lowercase letters, digits, and special characters ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
AssociationProperty: ALIYUN::ECS::Instance::Password
RedisInstancePassword:
Type: String
Label:
en: Redis instance password
zh-cn: Instance password
Description:
en: The password for the Redis instance used by Dify. The password must be 8 to 32 characters in length and contain only uppercase letters, lowercase letters, and digits.
zh-cn: The Redis password used by Dify must be 8 to 32 characters long and can contain only uppercase letters, lowercase letters, and digits. Do not use other characters.
ConstraintDescription:
en: The password for the Redis instance used by Dify. The password must be 8 to 32 characters in length and contain only uppercase letters, lowercase letters, and digits.
zh-cn: The Redis password used by Dify must be 8 to 32 characters long and can contain only uppercase letters, lowercase letters, and digits. Do not use other characters.
AllowedPattern: ^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?\d)[A-Za-z0-9]{8,32}$
MinLength: '8'
MaxLength: '32'
NoEcho: true
DBInstanceClass:
Type: String
Label:
en: Instance type
zh-cn: Instance type
Default: pg.n4m.2c.2m
Required: true
AssociationProperty: ALIYUN::RDS::Instance::InstanceType
AssociationPropertyMetadata:
ZoneId: ${ZoneId}
EngineVersion: '17.0'
Engine: PostgreSQL
Category: HighAvailability
InstanceChargeType: Postpaid
DBInstanceStorageType: cloud_essd
CommodityCode: bards
PostgresSQLPassword:
Type: String
NoEcho: true
Label:
en: Database account password
zh-cn: Database account password
AssociationProperty: ALIYUN::RDS::Instance::AccountPassword
PostgresSQLUserName:
Type: String
Label:
en: Database account
zh-cn: Database account
# This rule applies to MySQL 5.7 and 8.0
AllowedPattern: ^(?!dbo\b|login\b|admin\b|administrator\b|adminsys\b|alimail\b|aliyun\b|apache\b|appadmin\b|apsara\b|aurora\b|bulkadmin\b|cangjie\b|cdn\b|client\b|cm\b|dataengine\b|dayu\b|dba\b|dbcreator\b|developer\b|diskadmin\b|distribution\b|dns\b|download\b|eagleye\b|f5\b|faq\b|fuxi\b|galaxy\b|gongcao\b|gongming\b|groupon\b|ha\b|help\b|host\b|hostmaster\b|houyi\b|hr\b|info\b|information_schema\b|kuafu\b|lvs\b|manager\b|master\b|meituan\b|model\b|monitor\b|msdb\b|mssqld\b|mssqlsystemresource\b|mysql\b|nas\b|net\b|netops\b|netweb\b|news\b|no-reply\b|ntp\b|nuwa\b|nvwa\b|operator\b|opr\b|ops\b|opsdb\b|oracle\b|pangu\b|pe\b|post\b|postmaster\b|processadmin\b|public\b|qq\b|replicator\b|reply\b|root\b|sa\b|sales\b|san\b|security\b|securityadmin\b|serveradmin\b|services\b|setupadmin\b|shennong\b|siteops\b|sqlengine\b|sqlonline\b|squid\b|ssladmin\b|support\b|sys\b|sysadmin\b|syslog\b|system\b|taoyun\b|tempdb\b|test\b|tianyun\b|wangwang\b|eb\b|webmaster\b|webnet\b|xtrabak\b|youchao\b|yum\b|yunti\b|zhongkui\b|database\b|add\b|except\b|percent\b|all\b|exec\b|plan\b|alter\b|execute\b|precision\b|and\b|exists\b|primary\b|any\b|exit\b|print\b|as\b|fetch\b|proc\b|asc\b|file\b|procedure\b|authorization\b|fillfactor\b|public\b|backup\b|for\b|raiserror\b|begin\b|foreign\b|read\b|between\b|freetext\b|readtext\b|break\b|freetexttable\b|reconfigure\b|browse\b|from\b|references\b|bulk\b|full\b|replication\b|by\b|function\b|restore\b|cascade\b|goto\b|restrict\b|case\b|grant\b|return\b|check\b|group\b|revoke\b|checkpoint\b|having\b|right\b|close\b|holdlock\b|rollback\b|clustered\b|identity\b|rowcount\b|coalesce\b|identity_insert\b|rowguidcol\b|collate\b|identitycol\b|rule\b|column\b|if\b|save\b|commit\b|in\b|schema\b|compute\b|index\b|select\b|constraint\b|inner\b|session_user\b|contains\b|insert\b|set\b|containstable\b|intersect\b|setuser\b|continue\b|into\b|shutdown\b|convert\b|is\b|some\b|create\b|join\b|statistics\b|cross\b|key\b|system_user\b|current\b|kill\b|table\b|current_date\b|left\b|textsize\b|current_time\b|like\b|then\b|current_timestamp\b|lineno\b|to\b|current_user\b|load\b|top\b|cursor\b|national\b|tran\b|database\b|nocheck\b|transaction\b|dbcc\b|nonclustered\b|trigger\b|deallocate\b|not\b|truncate\b|declare\b|null\b|tsequal\b|default\b|nullif\b|union\b|delete\b|of\b|unique\b|deny\b|off\b|update\b|desc\b|offsets\b|updatetext\b|disk\b|on\b|use\b|distinct\b|open\b|user\b|distributed\b|opendatasource\b|values\b|double\b|openquery\b|varying\b|drop\b|openrowset\b|view\b|dummy\b|openxml\b|waitfor\b|dump\b|option\b|when\b|else\b|or\b|where\b|end\b|order\b|while\b|errlvl\b|outer\b|with\b|escape\b|over\b|writetext\b|add\b|analyze\b|asc\b|between\b|blob\b|call\b|change\b|check\b|condition\b|continue\b|cross\b|current_timestamp\b|database\b|day_microsecond\b|dec\b|default\b|desc\b|distinct\b|double\b|each\b|enclosed\b|exit\b|fetch\b|float8\b|foreign\b|goto\b|having\b|hour_minute\b|ignore\b|infile\b|insensitive\b|int1\b|int4\b|interval\b|iterate\b|keys\b|leading\b|like\b|lines\b|localtimestamp\b|longblob\b|low_priority\b|mediumint\b|minute_microsecond\b|modifies\b|no_write_to_binlog\b|on\b|optionally\b|out\b|precision\b|purge\b|read\b|references\b|rename\b|require\b|revoke\b|schema\b|select\b|set\b|spatial\b|sqlexception\b|sql_big_result\b|ssl\b|table\b|tinyblob\b|to\b|true\b|unique\b|update\b|using\b|utc_timestamp\b|varchar\b|when\b|with\b|xor\b|all\b|and\b|asensitive\b|bigint\b|both\b|cascade\b|char\b|collate\b|connection\b|convert\b|current_date\b|current_user\b|databases\b|day_minute\b|decimal\b|delayed\b|describe\b|distinctrow\b|drop\b|else\b|escaped\b|explain\b|float\b|for\b|from\b|grant\b|high_priority\b|hour_second\b|in\b|inner\b|insert\b|int2\b|int8\b|into\b|join\b|kill\b|leave\b|limit\b|load\b|lock\b|longtext\b|match\b|mediumtext\b|minute_second\b|natural\b|null\b|optimize\b|or\b|outer\b|primary\b|raid0\b|reads\b|regexp\b|repeat\b|restrict\b|right\b|schemas\b|sensitive\b|show\b|specific\b|sqlstate\b|sql_calc_found_rows\b|starting\b|terminated\b|tinyint\b|trailing\b|undo\b|unlock\b|usage\b|utc_date\b|values\b|varcharacter\b|where\b|write\b|year_month\b|alter\b|as\b|before\b|binary\b|by\b|case\b|character\b|column\b|constraint\b|create\b|current_time\b|cursor\b|day_hour\b|day_second\b|declare\b|delete\b|deterministic\b|div\b|dual\b|elseif\b|exists\b|false\b|float4\b|force\b|fulltext\b|group\b|hour_microsecond\b|if\b|index\b|inout\b|int\b|int3\b|integer\b|is\b|key\b|label\b|left\b|linear\b|localtime\b|long\b|loop\b|mediumblob\b|middleint\b|mod\b|not\b|numeric\b|option\b|order\b|outfile\b|procedure\b|range\b|real\b|release\b|replace\b|return\b|rlike\b|second_microsecond\b|separator\b|smallint\b|sql\b|sqlwarning\b|sql_small_result\b|straight_join\b|then\b|tinytext\b|trigger\b|union\b|unsigned\b|use\b|utc_time\b|varbinary\b|varying\b|while\b|x509\b|zerofill)([a-zA-Z][a-zA-Z0-9_]{0,30}[a-zA-Z0-9])$
ConstraintDescription:
en: The account name can contain letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. The name can be up to 32 characters in length. For more information, see <a href="https://www.alibabacloud.com/help/en/rds/developer-reference/forbidden-keywords" target="_blank">Forbidden keywords</a>.
zh-cn: The value can contain lowercase letters, uppercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. The maximum length is 32 characters. For more information about invalid characters, see <a href="https://www.alibabacloud.com/help/zh/rds/developer-reference/forbidden-keywords" target="_blank">Forbidden keywords table</a>.
Default: db_user
Resources:
Vpc:
Type: 'ALIYUN::ECS::VPC'
Properties:
CidrBlock: 192.168.0.0/16
VpcName:
Fn::Sub: ${CommonName}-VPC_HZ
VSwitch1:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VpcId:
Ref: Vpc
CidrBlock: 192.168.1.0/24
ZoneId:
Ref: ZoneId1
VSwitchName:
Fn::Sub: ${CommonName}-vsw_001
VSwitch2:
Type: 'ALIYUN::ECS::VSwitch'
Properties:
VpcId:
Ref: Vpc
CidrBlock: 192.168.2.0/24
ZoneId:
Ref: ZoneId2
VSwitchName:
Fn::Sub: ${CommonName}-vsw_002
Sleep:
DependsOn:
- VSwitch1
- VSwitch2
Type: ALIYUN::ROS::Sleep
Properties:
DeleteDuration: 300
SecurityGroup:
Type: 'ALIYUN::ECS::SecurityGroup'
Properties:
VpcId:
Ref: Vpc
SecurityGroupName:
Fn::Sub: ${CommonName}-SecurityGroup_1
SecurityGroupIngress:
- PortRange: 80/80
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: 3000/3000
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: 5001/5001
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: 5002/5002
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: 5003/5003
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
- PortRange: 8080/8080
Priority: 1
SourceCidrIp: 0.0.0.0/0
IpProtocol: tcp
EcsInstance:
Type: 'ALIYUN::ECS::InstanceGroup'
Properties:
VpcId:
Ref: Vpc
ZoneId:
Ref: ZoneId1
VSwitchId:
Ref: VSwitch1
SecurityGroupId:
Ref: SecurityGroup
ImageId: aliyun_3_x64_20G_alibase_
InstanceName:
Fn::Sub: ${CommonName}-ecs
InstanceType:
Ref: InstanceType
SystemDiskCategory: cloud_essd
MaxAmount: 1
SystemDiskSize: 40
InternetMaxBandwidthOut: 5
Password:
Ref: InstancePassword
RunCommand:
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent:
Fn::Sub:
|
#!/bin/sh
echo "sk-$(openssl rand -hex 16)"
Type: RunShellScript
InstanceIds:
- Ref: EcsInstance
RunCommand2:
DependsOn:
- RunCommand
Type: ALIYUN::ECS::RunCommand
Properties:
CommandContent:
Fn::Sub:
|
#!/bin/sh
export ROS_DEPLOY=true
curl -fsSL https://help-static-aliyun-doc.aliyuncs.com/install-script/dify/sae/install.sh | bash
Type: RunShellScript
InstanceIds:
- Ref: EcsInstance
RedisInstance:
Type: ALIYUN::REDIS::Instance
Properties:
ZoneId:
Ref: ZoneId1
SecondaryZoneId:
Ref: ZoneId2
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch1
InstanceClass: redis.shard.large.y.ee
EvictionPolicy: noeviction
InstanceName:
Fn::Sub: ${CommonName}-Redis
EngineVersion: '7.0'
Password:
Ref: RedisInstancePassword
REDISWhitelist:
Type: ALIYUN::REDIS::Whitelist
Properties:
InstanceId:
Ref: RedisInstance
SecurityIps: 192.168.0.0/16
ADBPGInstance:
Type: ALIYUN::GPDB::DBInstance
Properties:
EngineVersion: '7.0'
VectorConfigurationStatus: True
InstanceSpec: 4C32G
ZoneId:
Ref: ZoneId1
VSwitchId:
Ref: VSwitch1
SegNodeNum: 4
SegStorageType: cloud_essd
SegDiskPerformanceLevel: pl1
StorageSize: 50
VPCId:
Ref: Vpc
SecurityIPList: 192.168.0.0/16
DBInstanceDescription:
Fn::Sub: ${CommonName}
PayType: Postpaid
DBInstanceCategory: HighAvailability
DBInstanceMode: StorageElastic
ProdType: standard
GPDBAccount:
Type: ALIYUN::GPDB::Account
Properties:
DBInstanceId:
Fn::GetAtt:
- ADBPGInstance
- DBInstanceId
AccountPassword:
Ref: ADBPGPassword
AccountName:
Ref: ADBPGAccount
SaeNamespace:
DependsOn:
- PostgreSQLInstance
- RedisInstance
- ADBPGInstance
- PluginNas
- APINas
Type: ALIYUN::SAE::Namespace
Properties:
NamespaceName:
Ref: NamespaceName
NamespaceId:
Fn::Sub: ${ALIYUN::Region}:${NamespaceName}
VpcId:
Ref: Vpc
PostgreSQLInstance:
Type: ALIYUN::RDS::DBInstance
Properties:
ZoneId:
Ref: ZoneId1
SlaveZoneIds:
- Ref: ZoneId2
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch1
DBInstanceClass:
Ref: DBInstanceClass
DBInstanceStorage: 50
Engine: PostgreSQL
EngineVersion: '17.0'
SecurityIPList: 192.168.0.0/16
Category: HighAvailability
MasterUserType: Super
MasterUserPassword:
Ref: PostgresSQLPassword
MasterUsername:
Ref: PostgresSQLUserName
DBInstanceStorageType: cloud_essd
DifyDataBase:
Type: ALIYUN::RDS::Database
Properties:
CharacterSetName: utf8
DBInstanceId:
Fn::GetAtt:
- PostgreSQLInstance
- DBInstanceId
DBName: dify
DifySetUpDataBase:
Type: ALIYUN::RDS::Database
DependsOn: DifyDataBase
Properties:
CharacterSetName: UTF8
DBInstanceId:
Fn::GetAtt:
- PostgreSQLInstance
- DBInstanceId
DBName: dify_setups
RdsAccountPrivilege:
Type: ALIYUN::RDS::AccountPrivilege
DependsOn: DifySetUpDataBase
Properties:
AccountPrivilege: DBOwner
DBInstanceId:
Ref: PostgreSQLInstance
DBName: dify
AccountName:
Ref: PostgresSQLUserName
NatGateway:
Type: ALIYUN::VPC::NatGateway
Properties:
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch1
NatGatewayName:
Fn::Sub: ${CommonName}-nat
InternetChargeType: PayByLcu
EipBindMode: NAT
Eip:
Type: 'ALIYUN::VPC::EIP'
Properties:
DeletionProtection: false
Isp: BGP
Bandwidth: 200
InternetChargeType: PayByTraffic
EipAssociation:
Type: 'ALIYUN::VPC::EIPAssociation'
Properties:
InstanceId:
Ref: NatGateway
AllocationId:
Ref: Eip
SNat:
Type: 'ALIYUN::VPC::SnatEntry'
DependsOn: EipAssociation
Properties:
SnatTableId:
Fn::GetAtt:
- NatGateway
- SNatTableId
SnatEntryName:
Fn::Sub: ${CommonName}-snat
SourceVSwitchIds:
- Ref: VSwitch1
- Ref: VSwitch2
SnatIp:
Fn::GetAtt:
- Eip
- EipAddress
APINas:
Type: ALIYUN::NAS::FileSystem
Properties:
ProtocolType: NFS
FileSystemType: standard
DeletionForce: true
StorageType: Performance
Description:
Fn::Sub: ${CommonName}-API-NAS
APINasMountTarget:
Type: ALIYUN::NAS::MountTarget
Properties:
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch1
NetworkType: Vpc
AccessGroupName: DEFAULT_VPC_GROUP_NAME
FileSystemId:
Ref: APINas
PluginNas:
Type: ALIYUN::NAS::FileSystem
Properties:
ProtocolType: NFS
FileSystemType: standard
DeletionForce: true
StorageType: Performance
Description:
Fn::Sub: ${CommonName}-Plugin-NAS
PluginNasMountTarget:
Type: ALIYUN::NAS::MountTarget
Properties:
VpcId:
Ref: Vpc
VSwitchId:
Ref: VSwitch1
NetworkType: Vpc
AccessGroupName: DEFAULT_VPC_GROUP_NAME
FileSystemId:
Ref: PluginNas
SuperOpsUser:
Type: 'ALIYUN::RAM::User'
Properties:
UserName:
Fn::Sub: SuperOps-${ALIYUN::StackId}
Policies:
- PolicyName:
'Fn::Join':
- '-'
- - DifySuperOpsPolicy
- Ref: 'ALIYUN::StackName'
PolicyDocument:
Version: '1'
Statement:
- Effect: Allow
Action:
- 'gpdb:*'
Resource:
- '*'
PolicyAttachments:
System:
- AliyunSTSAssumeRoleAccess
- AliyunRAMReadOnlyAccess
AccessKey:
Type: 'ALIYUN::RAM::AccessKey'
Properties:
UserName:
'Fn::GetAtt':
- SuperOpsUser
- UserName
DifyApiConfigMap:
Type: ALIYUN::SAE::ConfigMap
Properties:
Data:
MAIL_DEFAULT_SEND_FROM: 'YOUR EMAIL FROM (eg: no-reply <no-reply@dify.ai>)'
SENTRY_PROFILES_SAMPLE_RATE: '1'
MARKETPLACE_ENABLED: 'true'
DB_PORT: '5432'
VECTOR_STORE: analyticdb
LOG_LEVEL: INFO
DB_DATABASE: dify
REDIS_USE_SSL: 'false'
STORAGE_LOCAL_PATH: /app/api/storage
SENTRY_TRACES_SAMPLE_RATE: '1'
MODE: api
WEB_API_CORS_ALLOW_ORIGINS: '*'
RESEND_API_URL: https://api.resend.com
ANALYTICDB_INSTANCE_ID:
Fn::GetAtt:
- ADBPGInstance
- DBInstanceId
CODE_EXECUTION_ENDPOINT: http://dify-sandbox:8194
REDIS_HOST:
Fn::GetAtt:
- RedisInstance
- ConnectionDomain
REDIS_DB: '0'
REDIS_PORT: '6379'
MAIL_TYPE: resend
ANALYTICDB_REGION_ID:
Ref: ALIYUN::Region
MIGRATION_ENABLED: 'true'
CONSOLE_CORS_ALLOW_ORIGINS: '*'
PLUGIN_DAEMON_URL: http://dify-plugin-daemon:5002
STORAGE_TYPE: local
DB_HOST:
Fn::GetAtt:
- PostgreSQLInstance
- InnerConnectionString
NamespaceId:
Ref: SaeNamespace
Name: dify-api
DifyApiSecret:
Type: 'ALIYUN::SAE::Secret'
Properties:
NamespaceId:
Ref: SaeNamespace
SecretName: dify-api
SecretType: Opaque
SecretData:
ANALYTICDB_ACCOUNT:
Ref: ADBPGAccount
ANALYTICDB_KEY_ID:
Fn::GetAtt:
- AccessKey
- AccessKeyId
ANALYTICDB_KEY_SECRET:
Fn::GetAtt:
- AccessKey
- AccessKeySecret
ANALYTICDB_NAMESPACE: difyns
ANALYTICDB_NAMESPACE_PASSWORD:
Ref: ADBPGPassword
ANALYTICDB_PASSWORD:
Ref: ADBPGPassword
CELERY_BROKER_URL:
Fn::Sub:
- redis://:${REDIS_PASSWORD}@${REDIS_HOST}:6379/0
- REDIS_PASSWORD:
Ref: RedisInstancePassword
REDIS_HOST:
Fn::GetAtt:
- RedisInstance
- ConnectionDomain
CODE_EXECUTION_API_KEY: dify-sandbox
DB_PASSWORD:
Ref: PostgresSQLPassword
DB_USERNAME:
Ref: PostgresSQLUserName
INNER_API_KEY_FOR_PLUGIN: QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1
PLUGIN_DAEMON_KEY: lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi
REDIS_PASSWORD:
Ref: RedisInstancePassword
REDIS_USERNAME: default
RESEND_API_KEY: xxxx
SECRET_KEY:
!Base64Decode
Fn::Jq:
- First
- .[0].Output
- Fn::GetAtt:
- RunCommand
- InvokeResults
DifyWorkerConfigMap:
Type: ALIYUN::SAE::ConfigMap
Properties:
Data:
MAIL_DEFAULT_SEND_FROM: 'YOUR EMAIL FROM (eg: no-reply <no-reply@dify.ai>)'
SENTRY_PROFILES_SAMPLE_RATE: '1'
MARKETPLACE_ENABLED: 'true'
DB_PORT: '5432'
VECTOR_STORE: analyticdb
LOG_LEVEL: INFO
DB_DATABASE: dify
REDIS_USE_SSL: 'false'
STORAGE_LOCAL_PATH: /app/api/storage
SENTRY_TRACES_SAMPLE_RATE: '1'
MODE: worker
WEB_API_CORS_ALLOW_ORIGINS: '*'
RESEND_API_URL: https://api.resend.com
ANALYTICDB_INSTANCE_ID:
Fn::GetAtt:
- ADBPGInstance
- DBInstanceId
REDIS_HOST:
Fn::GetAtt:
- RedisInstance
- ConnectionDomain
REDIS_DB: '0'
REDIS_PORT: '6379'
MAIL_TYPE: resend
ANALYTICDB_REGION_ID:
Ref: ALIYUN::Region
MIGRATION_ENABLED: 'true'
CONSOLE_CORS_ALLOW_ORIGINS: '*'
PLUGIN_DAEMON_URL: http://dify-plugin-daemon:5002
STORAGE_TYPE: local
DB_HOST:
Fn::GetAtt:
- PostgreSQLInstance
- InnerConnectionString
NamespaceId:
Ref: SaeNamespace
Name: dify-worker
DifyWorkerSecret:
Type: 'ALIYUN::SAE::Secret'
Properties:
NamespaceId:
Ref: SaeNamespace
SecretName: dify-worker
SecretType: Opaque
SecretData:
ANALYTICDB_ACCOUNT:
Ref: ADBPGAccount
ANALYTICDB_KEY_ID:
Fn::GetAtt:
- AccessKey
- AccessKeyId
ANALYTICDB_KEY_SECRET:
Fn::GetAtt:
- AccessKey
- AccessKeySecret
ANALYTICDB_NAMESPACE: difyns
ANALYTICDB_NAMESPACE_PASSWORD:
Ref: ADBPGPassword
ANALYTICDB_PASSWORD:
Ref: ADBPGPassword
CELERY_BROKER_URL:
Fn::Sub:
- redis://:${REDIS_PASSWORD}@${REDIS_HOST}:6379/0
- REDIS_PASSWORD:
Ref: RedisInstancePassword
REDIS_HOST:
Fn::GetAtt:
- RedisInstance
- ConnectionDomain
DB_PASSWORD:
Ref: PostgresSQLPassword
DB_USERNAME:
Ref: PostgresSQLUserName
INNER_API_KEY_FOR_PLUGIN: QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1
PLUGIN_DAEMON_KEY: lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi
REDIS_PASSWORD:
Ref: RedisInstancePassword
REDIS_USERNAME: default
RESEND_API_KEY: xxxx
SECRET_KEY:
!Base64Decode
Fn::Jq:
- First
- .[0].Output
- Fn::GetAtt:
- RunCommand
- InvokeResults
DifyPluginDaemonConfigMap:
Type: 'ALIYUN::SAE::ConfigMap'
Properties:
NamespaceId:
Ref: SaeNamespace
Name: dify-plugin-daemon
Data:
SERVER_PORT: "5002"
PLUGIN_REMOTE_INSTALLING_HOST: "0.0.0.0"
REDIS_DB: "0"
REDIS_HOST:
Fn::GetAtt:
- RedisInstance
- ConnectionDomain
MARKETPLACE_ENABLED: "true"
DB_PORT: "5432"
REDIS_USE_SSL: "false"
PLUGIN_WORKING_PATH: /app/storage/cwd
DB_HOST:
Fn::GetAtt:
- PostgreSQLInstance
- InnerConnectionString
PIP_MIRROR_URL: http://mirrors.aliyun.com/pypi/simple/
REDIS_PORT: "6379"
PLUGIN_REMOTE_INSTALLING_PORT: "5003"
MAX_PLUGIN_PACKAGE_SIZE: "52428800"
DB_DATABASE: dify_plugin
DIFY_INNER_API_URL: http://dify-api:5001
DifyPluginDaemonSecret:
Type: 'ALIYUN::SAE::Secret'
Properties:
NamespaceId:
Ref: SaeNamespace
SecretName: dify-plugin-daemon
SecretType: Opaque
SecretData:
DB_PASSWORD:
Ref: PostgresSQLPassword
DB_USERNAME:
Ref: PostgresSQLUserName
DIFY_INNER_API_KEY: QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1
REDIS_PASSWORD:
Ref: RedisInstancePassword
REDIS_USERNAME: default
SERVER_KEY: lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi
DifySandboxConfigMap:
Type: 'ALIYUN::SAE::ConfigMap'
Properties:
NamespaceId:
Ref: SaeNamespace
Name: dify-sandbox
Data:
GIN_MODE: release
SANDBOX_PORT: "8194"
DifySandboxSecret:
Type: 'ALIYUN::SAE::Secret'
Properties:
NamespaceId:
Ref: SaeNamespace
SecretName: dify-sandbox
SecretType: Opaque
SecretData:
API_KEY: dify-sandbox
DifyWebConfigMap:
Type: 'ALIYUN::SAE::ConfigMap'
Properties:
NamespaceId:
Ref: SaeNamespace
Name: dify-web
Data:
MARKETPLACE_ENABLED: "true"
MARKETPLACE_URL: https://marketplace.dify.ai
MARKETPLACE_API_URL: https://marketplace.dify.ai
DifyNginxConfigMap:
Type: 'ALIYUN::SAE::ConfigMap'
Properties:
NamespaceId:
Ref: SaeNamespace
Name: dify-nginx
Data:
default.conf: |-
server {
listen 80;
server_name _;
location /console/api {
proxy_pass http://dify-api:5001;
include proxy.conf;
}
location /api {
proxy_pass http://dify-api:5001;
include proxy.conf;
}
location /v1 {
proxy_pass http://dify-api:5001;
include proxy.conf;
}
location /files {
proxy_pass http://dify-api:5001;
include proxy.conf;
}
location /explore {
proxy_pass http://dify-web:3000;
proxy_set_header Dify-Hook-Url $scheme://$host$request_uri;
include proxy.conf;
}
location /e/ {
proxy_pass http://dify-plugin-daemon:5002;
proxy_set_header Dify-Hook-Url $scheme://$host$request_uri;
include proxy.conf;
}
location / {
proxy_pass http://dify-web:3000;
include proxy.conf;
}
}
nginx.conf: |-
user nginx;
worker_processes auto;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
client_max_body_size 15M;
include /etc/nginx/conf.d/*.conf;
}
proxy.conf: |-
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
DifyApiApp:
DependsOn:
- SaeNamespace
- DifyApiConfigMap
- DifyApiSecret
- ADBPGInstance
Type: 'ALIYUN::SAE::Application'
Properties:
AppName: dify-api
SaeVersion: v2
AutoConfig: false
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: SecurityGroup
VSwitchId:
Fn::Sub:
- '${VSwitch1},${VSwitch2}'
- VSwitch1:
Ref: VSwitch1
VSwitch2:
Ref: VSwitch2
Replicas: 1
NamespaceId:
Ref: SaeNamespace
Cpu: 1000
Memory: 2048
PackageType: Image
ImageUrl:
Fn::Sub: registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-api-v1.6.0
ProgrammingLanguage: python
AppSource: micro_service
Timezone: Asia/Shanghai
NasConfigs:
Fn::Sub:
- '[{"mountDomain":"${MOUNT_DOMAIN}","mountPath":"/app/api/storage","nasId":"${NAS_ID}","nasPath":"dify-api","readOnly":false,"volumeName":"nas-1"}]'
- MOUNT_DOMAIN:
Fn::GetAtt:
- APINasMountTarget
- MountTargetDomain
NAS_ID:
Fn::GetAtt:
- APINas
- FileSystemId
PvtzDiscoverySvc:
Fn::Sub:
- '{"enable":"true","namespaceId":"${REGION_ID}:${NAMESPACE}","portAndProtocol":{"5001:TCP":"5001"},"portProtocols":[],"pvtzDiscoveryName":"${REGION_ID}-${USER_ID}","serviceName":"dify-api.${NAMESPACE}"}'
- NAMESPACE:
Ref: NamespaceName
USER_ID:
Ref: ALIYUN::TenantId
REGION_ID:
Ref: ALIYUN::Region
Envs:
Fn::Sub:
- '[{"name":"APP_WEB_URL"},{"name":"FILES_URL"},{"name":"CODE_MAX_DEPTH","value":"5"},{"name":"CODE_MAX_OBJECT_ARRAY_LENGTH","value":"30"},{"name":"CHECK_UPDATE_URL"},{"name":"CODE_MAX_STRING_ARRAY_LENGTH","value":"30"},{"name":"SERVICE_API_URL"},{"name":"sae-sys-secret-all-dify-api","valueFrom":{"secretRef":{"secretId":${SECRET_ID},"key":""}}},{"name":"CODE_MAX_PRECISION","value":"20"},{"name":"CONSOLE_API_URL"},{"name":"TEMPLATE_TRANSFORM_MAX_LENGTH","value":"80000"},{"name":"CODE_MAX_NUMBER","value":"9223372036854775807"},{"name":"CODE_MAX_NUMBER_ARRAY_LENGTH","value":"1000"},{"name":"CONSOLE_WEB_URL"},{"name":"CODE_MIN_NUMBER","value":"-9223372036854775808"},{"name":"CODE_MAX_STRING_LENGTH","value":"80000"},{"name":"SENTRY_DSN"},{"name":"CODE_EXECUTION_API_KEY","valueFrom":{"secretRef":{"secretId":${SANDBOX_SECRET_ID},"key":"API_KEY"}}},{"name":"sae-sys-configmap-all-dify-api","valueFrom":{"configMapRef":{"configMapId":${CONFIGMAP_ID},"key":""}}}]'
- CONFIGMAP_ID:
Fn::GetAtt:
- DifyApiConfigMap
- ConfigMapId
SECRET_ID:
Fn::GetAtt:
- DifyApiSecret
- SecretId
SANDBOX_SECRET_ID:
Fn::GetAtt:
- DifySandboxSecret
- SecretId
DifyWorkerApp:
DependsOn:
- SaeNamespace
- DifyWorkerConfigMap
- DifyWorkerSecret
Type: 'ALIYUN::SAE::Application'
Properties:
AppName: dify-worker
SaeVersion: v2
AutoConfig: false
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: SecurityGroup
VSwitchId:
Fn::Sub:
- '${VSwitch1},${VSwitch2}'
- VSwitch1:
Ref: VSwitch1
VSwitch2:
Ref: VSwitch2
Replicas: 1
NamespaceId:
Ref: SaeNamespace
Cpu: 1000
Memory: 2048
PackageType: Image
ImageUrl:
Fn::Sub: registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-api-v1.6.0
ProgrammingLanguage: python
AppSource: micro_service
Timezone: Asia/Shanghai
NasConfigs:
Fn::Sub:
- '[{"mountDomain":"${MOUNT_DOMAIN}","mountPath":"/app/api/storage","nasId":"${NAS_ID}","nasPath":"dify-api","readOnly":false,"volumeName":"nas-1"}]'
- MOUNT_DOMAIN:
Fn::GetAtt:
- APINasMountTarget
- MountTargetDomain
NAS_ID:
Fn::GetAtt:
- APINas
- FileSystemId
Envs:
Fn::Sub:
- '[{"name":"sae-sys-secret-all-dify-worker","valueFrom":{"secretRef":{"secretId":${SECRET_ID},"key":""}}},{"name":"sae-sys-configmap-all-dify-worker","valueFrom":{"configMapRef":{"configMapId":${CONFIGMAP_ID},"key":""}}},{"name":"CONSOLE_WEB_URL"}]'
- CONFIGMAP_ID:
Fn::GetAtt:
- DifyWorkerConfigMap
- ConfigMapId
SECRET_ID:
Fn::GetAtt:
- DifyWorkerSecret
- SecretId
DifyPluginDaemonApp:
DependsOn:
- SaeNamespace
- DifyPluginDaemonConfigMap
- DifyPluginDaemonSecret
Type: 'ALIYUN::SAE::Application'
Properties:
AppName: dify-plugin-daemon
SaeVersion: v2
AutoConfig: false
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: SecurityGroup
VSwitchId:
Fn::Sub:
- '${VSwitch1},${VSwitch2}'
- VSwitch1:
Ref: VSwitch1
VSwitch2:
Ref: VSwitch2
Replicas: 1
NamespaceId:
Ref: SaeNamespace
Cpu: 1000
Memory: 2048
PackageType: Image
ImageUrl:
Fn::Sub: registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-plugin-daemon-v0.1.3-local
ProgrammingLanguage: golang
AppSource: micro_service
Timezone: Asia/Shanghai
NasConfigs:
Fn::Sub:
- '[{"mountDomain":"${MOUNT_DOMAIN}","mountPath":"/app/storage","nasId":"${NAS_ID}","nasPath":"dify-plugin-daemon","readOnly":false,"volumeName":"nas-1"}]'
- MOUNT_DOMAIN:
Fn::GetAtt:
- PluginNasMountTarget
- MountTargetDomain
NAS_ID:
Fn::GetAtt:
- PluginNas
- FileSystemId
PvtzDiscoverySvc:
Fn::Sub:
- '{"enable":"true","namespaceId":"${REGION_ID}:${NAMESPACE}","portAndProtocol":{"5003:TCP":"5003","5002:TCP":"5002"},"portProtocols":[],"pvtzDiscoveryName":"${REGION_ID}-${USER_ID}","serviceName":"dify-plugin-daemon.${NAMESPACE}"}'
- NAMESPACE:
Ref: NamespaceName
USER_ID:
Ref: ALIYUN::TenantId
REGION_ID:
Ref: ALIYUN::Region
Envs:
Fn::Sub:
- '[{"name":"sae-sys-secret-all-dify-plugin-daemon","valueFrom":{"secretRef":{"secretId":${SECRET_ID},"key":""}}},{"name":"sae-sys-configmap-all-dify-plugin-daemon","valueFrom":{"configMapRef":{"configMapId":${CONFIGMAP_ID},"key":""}}}]'
- CONFIGMAP_ID:
Fn::GetAtt:
- DifyPluginDaemonConfigMap
- ConfigMapId
SECRET_ID:
Fn::GetAtt:
- DifyPluginDaemonSecret
- SecretId
DifySandboxApp:
DependsOn:
- SaeNamespace
- DifySandboxConfigMap
- DifySandboxSecret
Type: 'ALIYUN::SAE::Application'
Properties:
AppName: dify-sandbox
SaeVersion: v2
AutoConfig: false
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: SecurityGroup
VSwitchId:
Fn::Sub:
- '${VSwitch1},${VSwitch2}'
- VSwitch1:
Ref: VSwitch1
VSwitch2:
Ref: VSwitch2
Replicas: 1
NamespaceId:
Ref: SaeNamespace
Cpu: 1000
Memory: 2048
PackageType: Image
ImageUrl:
Fn::Sub: registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-sandbox-v0.2.12
ProgrammingLanguage: golang
AppSource: micro_service
Timezone: Asia/Shanghai
PvtzDiscoverySvc:
Fn::Sub:
- '{"enable":"true","namespaceId":"${REGION_ID}:${NAMESPACE}","portAndProtocol":{"8194:TCP":"8194"},"portProtocols":[],"pvtzDiscoveryName":"${REGION_ID}-${USER_ID}","serviceName":"dify-sandbox.${NAMESPACE}"}'
- NAMESPACE:
Ref: NamespaceName
USER_ID:
Ref: ALIYUN::TenantId
REGION_ID:
Ref: ALIYUN::Region
Envs:
Fn::Sub:
- '[{"name":"sae-sys-secret-all-dify-sandbox","valueFrom":{"secretRef":{"secretId":${SECRET_ID},"key":""}}},{"name":"WORKER_TIMEOUT","value":"15"},{"name":"sae-sys-configmap-all-dify-sandbox","valueFrom":{"configMapRef":{"configMapId":${CONFIGMAP_ID},"key":""}}}]'
- CONFIGMAP_ID:
Fn::GetAtt:
- DifySandboxConfigMap
- ConfigMapId
SECRET_ID:
Fn::GetAtt:
- DifySandboxSecret
- SecretId
DifyWebApp:
DependsOn:
- SaeNamespace
- DifyWebConfigMap
Type: 'ALIYUN::SAE::Application'
Properties:
AppName: dify-web
SaeVersion: v2
AutoConfig: false
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: SecurityGroup
VSwitchId:
Fn::Sub:
- '${VSwitch1},${VSwitch2}'
- VSwitch1:
Ref: VSwitch1
VSwitch2:
Ref: VSwitch2
Replicas: 1
NamespaceId:
Ref: SaeNamespace
Cpu: 1000
Memory: 2048
PackageType: Image
ImageUrl:
Fn::Sub: registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-web-v1.6.0
ProgrammingLanguage: other
AppSource: micro_service
Timezone: Asia/Shanghai
PvtzDiscoverySvc:
Fn::Sub:
- '{"enable":"true","namespaceId":"${REGION_ID}:${NAMESPACE}","portAndProtocol":{"3000:TCP":"3000"},"portProtocols":[],"pvtzDiscoveryName":"${REGION_ID}-${USER_ID}","serviceName":"dify-web.${NAMESPACE}"}'
- NAMESPACE:
Ref: NamespaceName
USER_ID:
Ref: ALIYUN::TenantId
REGION_ID:
Ref: ALIYUN::Region
Envs:
Fn::Sub:
- '[{"name":"sae-sys-configmap-all-dify-web","valueFrom":{"configMapRef":{"configMapId":${CONFIGMAP_ID},"key":""}}},{"name":"APP_API_URL"},{"name":"CONSOLE_API_URL"},{"name":"EDITION","value":"SELF_HOSTED"}]'
- CONFIGMAP_ID:
Fn::GetAtt:
- DifyWebConfigMap
- ConfigMapId
DifyNginxApp:
DependsOn:
- SaeNamespace
- DifyNginxConfigMap
Type: 'ALIYUN::SAE::Application'
Properties:
AppName: dify-nginx
SaeVersion: v2
AutoConfig: false
VpcId:
Ref: Vpc
SecurityGroupId:
Ref: SecurityGroup
VSwitchId:
Fn::Sub:
- '${VSwitch1},${VSwitch2}'
- VSwitch1:
Ref: VSwitch1
VSwitch2:
Ref: VSwitch2
Replicas: 1
NamespaceId:
Ref: SaeNamespace
Cpu: 1000
Memory: 2048
PackageType: Image
ImageUrl:
Fn::Sub: registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:nginx-v1.23.4
ProgrammingLanguage: other
AppSource: micro_service
Timezone: Asia/Shanghai
ConfigMapMountDesc:
Fn::Sub:
- '[{"MountPath":"/etc/nginx/conf.d/default.conf","ConfigMapId":${CONFIGMAP_ID},"ConfigMapName":"dify-nginx","Key":"default.conf"},{"MountPath":"/etc/nginx/nginx.conf","ConfigMapId":${CONFIGMAP_ID},"ConfigMapName":"dify-nginx","Key":"nginx.conf"},{"MountPath":"/etc/nginx/proxy.conf","ConfigMapId":${CONFIGMAP_ID},"ConfigMapName":"dify-nginx","Key":"proxy.conf"}]'
- CONFIGMAP_ID:
Fn::GetAtt:
- DifyNginxConfigMap
- ConfigMapId
InternetClb:
Type: ALIYUN::SLB::LoadBalancer
Properties:
LoadBalancerName:
Ref: ALIYUN::StackName
LoadBalancerSpec: slb.s2.medium
AddressType: internet
BackendAppBindClb:
Type: 'ALIYUN::SAE::SlbBinding'
DependsOn:
- DifyNginxApp
- InternetClb
Properties:
InternetSlbId:
Fn::GetAtt:
- InternetClb
- LoadBalancerId
Internet: '[{"port": 80, "targetPort": 80, "protocol": "TCP"}]'
AppId:
Fn::GetAtt:
- DifyNginxApp
- AppId
Outputs:
DifyAddress:
Label:
zh-cn: Dify service address.
en: Dify service address
Description:
zh-cn: Dify service address.
en: The service address of the Dify platform.
Value:
Fn::Sub:
- http://${ServerAddress}:80
- ServerAddress:
Fn::GetAtt:
- InternetClb
- IpAddress
PostgresName:
Label:
zh-cn: Postgres username
en: Postgres username
Description:
zh-cn: The username of AnalyticDB for PostgreSQL.
en: The username for the AnalyticDB for PostgreSQL database.
Value:
Ref: ADBPGAccount
PostgresPassword:
Label:
zh-cn: Postgres password
en: Postgres password
Description:
zh-cn: The password of AnalyticDB for PostgreSQL.
en: The password for the AnalyticDB for PostgreSQL database.
NoEcho: true
Value:
Ref: ADBPGPassword
PostgresConnectionString:
Label:
zh-cn: Postgres database address
en: Postgres database address
Description:
zh-cn: The internal endpoint of AnalyticDB for PostgreSQL.
en: The internal endpoint of the AnalyticDB for PostgreSQL database.
Value:
Fn::GetAtt:
- ADBPGInstance
- ConnectionString
APINasFileSystemId:
Label:
zh-cn: API NAS file system
en: API NAS file system
Description:
zh-cn: The NAS file system.
en: The ID of the NAS file system for the API.
Value:
Ref: APINas
APINasMountTarget:
Label:
zh-cn: API NAS mount target
en: API NAS mount target
Description:
zh-cn: The NAS mount target.
en: The mount target of the NAS file system for the API.
Value:
Ref: APINasMountTarget
PluginNasFileSystemId:
Label:
zh-cn: Plugin NAS file system
en: Plugin NAS file system
Description:
zh-cn: The NAS file system.
en: The ID of the NAS file system for plugins.
Value:
Ref: PluginNas
PluginNasMountTarget:
Label:
zh-cn: Plugin NAS mount target
en: Plugin NAS mount target
Description:
zh-cn: The NAS mount target.
en: The mount target of the NAS file system for plugins.
Value:
Ref: PluginNasMountTarget
RedisConnectionString:
Label:
zh-cn: Redis connection address
en: Redis connection address
Description:
zh-cn: The Redis connection address.
en: The connection endpoint of the Redis instance.
Value:
Fn::GetAtt:
- RedisInstance
- ConnectionDomain
RedisName:
Label:
zh-cn: Redis username
en: Redis username
Description:
zh-cn: The Redis username.
en: The username for the Redis instance.
Value: default
RedisInstancePassword:
Label:
zh-cn: Redis password
en: Redis password
Description:
zh-cn: The Redis password.
en: The password for the Redis instance.
NoEcho: true
Value:
Ref: RedisInstancePassword
PostgreSQLDBName:
Label:
zh-cn: Database name
en: Database name
Description:
zh-cn: The database name of ApsaraDB RDS for PostgreSQL.
en: The database name of the ApsaraDB RDS for PostgreSQL instance.
Value: dify
PostgreSQLConnectionString:
Label:
zh-cn: RDS database address
en: RDS database address
Description:
zh-cn: The internal endpoint of ApsaraDB RDS for PostgreSQL.
en: The internal endpoint of the ApsaraDB RDS for PostgreSQL instance.
Value:
Fn::GetAtt:
- PostgreSQLInstance
- InnerConnectionString
PostgreSQLAccount:
Label:
zh-cn: RDS username
en: RDS username
Description:
zh-cn: The username of ApsaraDB RDS for PostgreSQL.
en: The username for the ApsaraDB RDS for PostgreSQL instance.
Value:
Ref: PostgresSQLUserName
PostgreSQLPassword:
Label:
zh-cn: RDS password
en: RDS password
Description:
zh-cn: The password of ApsaraDB RDS for PostgreSQL.
en: The password for the ApsaraDB RDS for PostgreSQL instance.
NoEcho: true
Value:
Ref: PostgresSQLPassword
NameSpace:
Label:
zh-cn: Namespace
en: Namespace
Description:
zh-cn: The namespace.
en: The ID of the SAE namespace.
Value:
Fn::Sub: ${ALIYUN::Region}:${NamespaceName}
Vpc:
Label:
zh-cn: VPC ID
en: VPC ID
Description:
zh-cn: The VPC ID.
en: The ID of the VPC.
Value:
Ref: Vpc
Vsw:
Label:
zh-cn: vSwitch ID
en: vSwitch ID
Description:
zh-cn: The vSwitch ID.
en: The ID of the vSwitch.
Value:
Ref: VSwitch1
Sg:
Label:
zh-cn: Security group ID
en: Security group ID
Description:
zh-cn: The security group ID.
en: The ID of the security group.
Value:
Ref: SecurityGroup
SecretKey:
Label:
zh-cn: Secret key
en: Secret key
Description:
zh-cn: Used for secure signatures and encrypting sensitive information in the database.
en: The key used for secure signatures and for encrypting sensitive information in the database.
NoEcho: true
Value:
!Base64Decode
Fn::Jq:
- First
- .[0].Output
- Fn::GetAtt:
- RunCommand
- InvokeResults
dify-nginx:
Label:
zh-cn: Application address of dify-nginx
en: dify-nginx application address
Description:
zh-cn: The application address of dify-nginx. In the application access settings, view the public endpoint based on CLB access.
en: The address of the dify-nginx application. To view the public endpoint for SLB access, go to the application access settings.
Value:
Fn::Sub: https://sae.console.alibabacloud.com/${ALIYUN::Region}/app-list/${DifyNginxApp.AppId}/micro-app/base?name=dify-nginx
ECSInstanceId:
Label:
zh-cn: ECS instance ID
en: ECS instance ID
Description:
zh-cn: The ECS instance ID. This instance deploys the sample e-commerce system.
en: The ID of the ECS instance. This instance is used to run the installation script.
Value:
Fn::Select:
- 0
- Fn::GetAtt:
- EcsInstance
- InstanceIds
Console@DemoUrl:
Description:
zh-cn: The application access domain name, which is the address of the e-commerce system in this solution.
en: The public IP address of the ECS instance.
Value:
Fn::Sub:
- http://${PublicIp}
- PublicIp:
Fn::Select:
- 0
- Fn::GetAtt:
- EcsInstance
- PublicIps
Metadata:
'ALIYUN::ROS::Interface':
Outputs:
- DifyAddress
- ECSInstanceId
- Console@DemoUrl
- dify-nginx
- NameSpace
- Vpc
- Vsw
- Sg
- PostgreSQLDBName
- PostgreSQLConnectionString
- PostgreSQLAccount
- PostgreSQLPassword
- PostgresName
- PostgresPassword
- PostgresConnectionString
- APINasFileSystemId
- APINasMountTarget
- PluginNasFileSystemId
- PluginNasMountTarget
- RedisConnectionString
- RedisName
- RedisInstancePassword
- SecretKey
ParameterGroups:
- Parameters:
- ZoneId1
- ZoneId2
Label:
default:
en: Availability Zone
zh-cn: Availability zone
- Parameters:
- InstanceType
- InstancePassword
Label:
default:
en: Elastic Compute Service
zh-cn: Elastic Compute Service
- Parameters:
- RedisInstancePassword
Label:
default:
en: ApsaraDB for Redis
zh-cn: ApsaraDB for Redis
- Parameters:
- ADBPGAccount
- ADBPGPassword
Label:
default:
en: AnalyticDB for PostgreSQL
zh-cn: AnalyticDB for PostgreSQL
- Parameters:
- DBInstanceClass
- RdsDatabaseName
- PostgresSQLUserName
- PostgresSQLPassword
Label:
default:
en: ApsaraDB RDS for PostgreSQL
zh-cn: ApsaraDB RDS for PostgreSQL
- Parameters:
- NamespaceName
Label:
default:
en: Serverless App Engine
zh-cn: Serverless App Engine
TemplateTags:
- acs:technical-solution:internet-application-development:Deploy a production-ready Dify platform using Serverless App Engine-tech_solu_251
Hidden:
- CommonName
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": {
"zh-cn": "Deploy the production environment Dify platform through Serverless App Engine.",
"en": "Deploy a production-ready Dify platform using Serverless App Engine (SAE)."
},
"Parameters": {
"CommonName": {
"Type": "String",
"Default": "Dify"
},
"NamespaceName": {
"Type": "String",
"Label": {
"en": "Namespace name",
"zh-cn": "Namespace name"
},
"Description": {
"zh-cn": "Namespace name, only lowercase letters and numbers are supported",
"en": "The name of the namespace. Only lowercase letters and numbers are supported."
},
"AllowedPattern": "^[a-z0-9]+$",
"AssociationProperty": "AutoCompleteInput",
"AssociationPropertyMetadata": {
"Length": 3,
"Prefix": "dify",
"CharacterClasses": [
{
"Class": "lowercase",
"min": 2
},
{
"Class": "number",
"min": 1
}
]
}
},
"ZoneId1": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"AssociationPropertyMetadata": {
"ExclusiveTo": [
"ZoneId2"
]
},
"Label": {
"en": "Availability Zone 1",
"zh-cn": "Availability Zone 1"
}
},
"ZoneId2": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId",
"AssociationPropertyMetadata": {
"ExclusiveTo": [
"ZoneId1"
]
},
"Label": {
"en": "Availability Zone 2",
"zh-cn": "Availability Zone 2"
}
},
"InstanceType": {
"Type": "String",
"AssociationProperty": "ALIYUN::ECS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"InstanceChargeType": "PostPaid",
"SystemDiskCategory": "cloud_essd",
"ZoneId": "${ZoneId1}"
},
"Label": {
"en": "Instance type",
"zh-cn": "Instance type"
}
},
"ADBPGAccount": {
"Default": "dify",
"Type": "String",
"Label": {
"zh-cn": "Database account",
"en": "Database account"
}
},
"ADBPGPassword": {
"NoEcho": true,
"Type": "String",
"Label": {
"zh-cn": "Database account password",
"en": "Database account password"
},
"AssociationProperty": "ALIYUN::RDS::Instance::AccountPassword"
},
"InstancePassword": {
"Type": "String",
"Label": {
"en": "Instance login password",
"zh-cn": "Logon password"
},
"Description": {
"en": "The login password for the instance. The password must be 8 to 30 characters in length and contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters: ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/",
"zh-cn": "Server logon password. Length: 8 to 30 characters. Must contain at least three of the following types: uppercase letters, lowercase letters, digits, and special characters ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/"
},
"AssociationProperty": "ALIYUN::ECS::Instance::Password"
},
"RedisInstancePassword": {
"Type": "String",
"Label": {
"en": "Redis instance password",
"zh-cn": "Instance password"
},
"Description": {
"en": "The password for the Redis instance used by Dify. The password must be 8 to 32 characters in length and contain only uppercase letters, lowercase letters, and digits.",
"zh-cn": "The Redis password used by Dify must be 8 to 32 characters long and can contain only uppercase letters, lowercase letters, and digits. Do not use other characters."
},
"ConstraintDescription": {
"en": "The password for the Redis instance used by Dify. The password must be 8 to 32 characters in length and contain only uppercase letters, lowercase letters, and digits.",
"zh-cn": "The Redis password used by Dify must be 8 to 32 characters long and can contain only uppercase letters, lowercase letters, and digits. Do not use other characters."
},
"AllowedPattern": "^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?\\d)[A-Za-z0-9]{8,32}$",
"MinLength": "8",
"MaxLength": "32",
"NoEcho": true
},
"DBInstanceClass": {
"Type": "String",
"Label": {
"en": "Instance type",
"zh-cn": "Instance type"
},
"Default": "pg.n4m.2c.2m",
"Required": true,
"AssociationProperty": "ALIYUN::RDS::Instance::InstanceType",
"AssociationPropertyMetadata": {
"ZoneId": "${ZoneId}",
"EngineVersion": "17.0",
"Engine": "PostgreSQL",
"Category": "HighAvailability",
"InstanceChargeType": "Postpaid",
"DBInstanceStorageType": "cloud_essd",
"CommodityCode": "bards"
}
},
"PostgresSQLPassword": {
"Type": "String",
"NoEcho": true,
"Label": {
"en": "Database account password",
"zh-cn": "Database account password"
},
"AssociationProperty": "ALIYUN::RDS::Instance::AccountPassword"
},
"PostgresSQLUserName": {
"Type": "String",
"Label": {
"en": "Database account",
"zh-cn": "Database account"
},
"AllowedPattern": "^(?!dbo\\b|login\\b|admin\\b|administrator\\b|adminsys\\b|alimail\\b|aliyun\\b|apache\\b|appadmin\\b|apsara\\b|aurora\\b|bulkadmin\\b|cangjie\\b|cdn\\b|client\\b|cm\\b|dataengine\\b|dayu\\b|dba\\b|dbcreator\\b|developer\\b|diskadmin\\b|distribution\\b|dns\\b|download\\b|eagleye\\b|f5\\b|faq\\b|fuxi\\b|galaxy\\b|gongcao\\b|gongming\\b|groupon\\b|ha\\b|help\\b|host\\b|hostmaster\\b|houyi\\b|hr\\b|info\\b|information_schema\\b|kuafu\\b|lvs\\b|manager\\b|master\\b|meituan\\b|model\\b|monitor\\b|msdb\\b|mssqld\\b|mssqlsystemresource\\b|mysql\\b|nas\\b|net\\b|netops\\b|netweb\\b|news\\b|no-reply\\b|ntp\\b|nuwa\\b|nvwa\\b|operator\\b|opr\\b|ops\\b|opsdb\\b|oracle\\b|pangu\\b|pe\\b|post\\b|postmaster\\b|processadmin\\b|public\\b|qq\\b|replicator\\b|reply\\b|root\\b|sa\\b|sales\\b|san\\b|security\\b|securityadmin\\b|serveradmin\\b|services\\b|setupadmin\\b|shennong\\b|siteops\\b|sqlengine\\b|sqlonline\\b|squid\\b|ssladmin\\b|support\\b|sys\\b|sysadmin\\b|syslog\\b|system\\b|taoyun\\b|tempdb\\b|test\\b|tianyun\\b|wangwang\\b|eb\\b|webmaster\\b|webnet\\b|xtrabak\\b|youchao\\b|yum\\b|yunti\\b|zhongkui\\b|database\\b|add\\b|except\\b|percent\\b|all\\b|exec\\b|plan\\b|alter\\b|execute\\b|precision\\b|and\\b|exists\\b|primary\\b|any\\b|exit\\b|print\\b|as\\b|fetch\\b|proc\\b|asc\\b|file\\b|procedure\\b|authorization\\b|fillfactor\\b|public\\b|backup\\b|for\\b|raiserror\\b|begin\\b|foreign\\b|read\\b|between\\b|freetext\\b|readtext\\b|break\\b|freetexttable\\b|reconfigure\\b|browse\\b|from\\b|references\\b|bulk\\b|full\\b|replication\\b|by\\b|function\\b|restore\\b|cascade\\b|goto\\b|restrict\\b|case\\b|grant\\b|return\\b|check\\b|group\\b|revoke\\b|checkpoint\\b|having\\b|right\\b|close\\b|holdlock\\b|rollback\\b|clustered\\b|identity\\b|rowcount\\b|coalesce\\b|identity_insert\\b|rowguidcol\\b|collate\\b|identitycol\\b|rule\\b|column\\b|if\\b|save\\b|commit\\b|in\\b|schema\\b|compute\\b|index\\b|select\\b|constraint\\b|inner\\b|session_user\\b|contains\\b|insert\\b|set\\b|containstable\\b|intersect\\b|setuser\\b|continue\\b|into\\b|shutdown\\b|convert\\b|is\\b|some\\b|create\\b|join\\b|statistics\\b|cross\\b|key\\b|system_user\\b|current\\b|kill\\b|table\\b|current_date\\b|left\\b|textsize\\b|current_time\\b|like\\b|then\\b|current_timestamp\\b|lineno\\b|to\\b|current_user\\b|load\\b|top\\b|cursor\\b|national\\b|tran\\b|database\\b|nocheck\\b|transaction\\b|dbcc\\b|nonclustered\\b|trigger\\b|deallocate\\b|not\\b|truncate\\b|declare\\b|null\\b|tsequal\\b|default\\b|nullif\\b|union\\b|delete\\b|of\\b|unique\\b|deny\\b|off\\b|update\\b|desc\\b|offsets\\b|updatetext\\b|disk\\b|on\\b|use\\b|distinct\\b|open\\b|user\\b|distributed\\b|opendatasource\\b|values\\b|double\\b|openquery\\b|varying\\b|drop\\b|openrowset\\b|view\\b|dummy\\b|openxml\\b|waitfor\\b|dump\\b|option\\b|when\\b|else\\b|or\\b|where\\b|end\\b|order\\b|while\\b|errlvl\\b|outer\\b|with\\b|escape\\b|over\\b|writetext\\b|add\\b|analyze\\b|asc\\b|between\\b|blob\\b|call\\b|change\\b|check\\b|condition\\b|continue\\b|cross\\b|current_timestamp\\b|database\\b|day_microsecond\\b|dec\\b|default\\b|desc\\b|distinct\\b|double\\b|each\\b|enclosed\\b|exit\\b|fetch\\b|float8\\b|foreign\\b|goto\\b|having\\b|hour_minute\\b|ignore\\b|infile\\b|insensitive\\b|int1\\b|int4\\b|interval\\b|iterate\\b|keys\\b|leading\\b|like\\b|lines\\b|localtimestamp\\b|longblob\\b|low_priority\\b|mediumint\\b|minute_microsecond\\b|modifies\\b|no_write_to_binlog\\b|on\\b|optionally\\b|out\\b|precision\\b|purge\\b|read\\b|references\\b|rename\\b|require\\b|revoke\\b|schema\\b|select\\b|set\\b|spatial\\b|sqlexception\\b|sql_big_result\\b|ssl\\b|table\\b|tinyblob\\b|to\\b|true\\b|unique\\b|update\\b|using\\b|utc_timestamp\\b|varchar\\b|when\\b|with\\b|xor\\b|all\\b|and\\b|asensitive\\b|bigint\\b|both\\b|cascade\\b|char\\b|collate\\b|connection\\b|convert\\b|current_date\\b|current_user\\b|databases\\b|day_minute\\b|decimal\\b|delayed\\b|describe\\b|distinctrow\\b|drop\\b|else\\b|escaped\\b|explain\\b|float\\b|for\\b|from\\b|grant\\b|high_priority\\b|hour_second\\b|in\\b|inner\\b|insert\\b|int2\\b|int8\\b|into\\b|join\\b|kill\\b|leave\\b|limit\\b|load\\b|lock\\b|longtext\\b|match\\b|mediumtext\\b|minute_second\\b|natural\\b|null\\b|optimize\\b|or\\b|outer\\b|primary\\b|raid0\\b|reads\\b|regexp\\b|repeat\\b|restrict\\b|right\\b|schemas\\b|sensitive\\b|show\\b|specific\\b|sqlstate\\b|sql_calc_found_rows\\b|starting\\b|terminated\\b|tinyint\\b|trailing\\b|undo\\b|unlock\\b|usage\\b|utc_date\\b|values\\b|varcharacter\\b|where\\b|write\\b|year_month\\b|alter\\b|as\\b|before\\b|binary\\b|by\\b|case\\b|character\\b|column\\b|constraint\\b|create\\b|current_time\\b|cursor\\b|day_hour\\b|day_second\\b|declare\\b|delete\\b|deterministic\\b|div\\b|dual\\b|elseif\\b|exists\\b|false\\b|float4\\b|force\\b|fulltext\\b|group\\b|hour_microsecond\\b|if\\b|index\\b|inout\\b|int\\b|int3\\b|integer\\b|is\\b|key\\b|label\\b|left\\b|linear\\b|localtime\\b|long\\b|loop\\b|mediumblob\\b|middleint\\b|mod\\b|not\\b|numeric\\b|option\\b|order\\b|outfile\\b|procedure\\b|range\\b|real\\b|release\\b|replace\\b|return\\b|rlike\\b|second_microsecond\\b|separator\\b|smallint\\b|sql\\b|sqlwarning\\b|sql_small_result\\b|straight_join\\b|then\\b|tinytext\\b|trigger\\b|union\\b|unsigned\\b|use\\b|utc_time\\b|varbinary\\b|varying\\b|while\\b|x509\\b|zerofill)([a-zA-Z][a-zA-Z0-9_]{0,30}[a-zA-Z0-9])$",
"ConstraintDescription": {
"en": "The account name can contain letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. The name can be up to 32 characters in length. For more information, see <a href=\"https://www.alibabacloud.com/help/en/rds/developer-reference/forbidden-keywords\" target=\"_blank\">Forbidden keywords</a>.",
"zh-cn": "The value can contain lowercase letters, uppercase letters, digits, and underscores (_). It must start with a letter and end with a letter or digit. The maximum length is 32 characters. For more information about invalid characters, see <a href=\"https://www.alibabacloud.com/help/zh/rds/developer-reference/forbidden-keywords\" target=\"_blank\">Forbidden keywords table</a>."
},
"Default": "db_user"
}
},
"Resources": {
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"CidrBlock": "192.168.0.0/16",
"VpcName": {
"Fn::Sub": "${CommonName}-VPC_HZ"
}
}
},
"VSwitch1": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "192.168.1.0/24",
"ZoneId": {
"Ref": "ZoneId1"
},
"VSwitchName": {
"Fn::Sub": "${CommonName}-vsw_001"
}
}
},
"VSwitch2": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"CidrBlock": "192.168.2.0/24",
"ZoneId": {
"Ref": "ZoneId2"
},
"VSwitchName": {
"Fn::Sub": "${CommonName}-vsw_002"
}
}
},
"Sleep": {
"DependsOn": [
"VSwitch1",
"VSwitch2"
],
"Type": "ALIYUN::ROS::Sleep",
"Properties": {
"DeleteDuration": 300
}
},
"SecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupName": {
"Fn::Sub": "${CommonName}-SecurityGroup_1"
},
"SecurityGroupIngress": [
{
"PortRange": "80/80",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "3000/3000",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "5001/5001",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "5002/5002",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "5003/5003",
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
},
{
"PortRange": "8080/8080",
"Priority": 1,
"SourceCidrIp": "0.0.0.0/0",
"IpProtocol": "tcp"
}
]
}
},
"EcsInstance": {
"Type": "ALIYUN::ECS::InstanceGroup",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"ZoneId": {
"Ref": "ZoneId1"
},
"VSwitchId": {
"Ref": "VSwitch1"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"ImageId": "aliyun_3_x64_20G_alibase_",
"InstanceName": {
"Fn::Sub": "${CommonName}-ecs"
},
"InstanceType": {
"Ref": "InstanceType"
},
"SystemDiskCategory": "cloud_essd",
"MaxAmount": 1,
"SystemDiskSize": 40,
"InternetMaxBandwidthOut": 5,
"Password": {
"Ref": "InstancePassword"
}
}
},
"RunCommand": {
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": {
"Fn::Sub": "#!/bin/sh\necho \"sk-$(openssl rand -hex 16)\"\n"
},
"Type": "RunShellScript",
"InstanceIds": [
{
"Ref": "EcsInstance"
}
]
}
},
"RunCommand2": {
"DependsOn": [
"RunCommand"
],
"Type": "ALIYUN::ECS::RunCommand",
"Properties": {
"CommandContent": {
"Fn::Sub": "#!/bin/sh\nexport ROS_DEPLOY=true\ncurl -fsSL https://help-static-aliyun-doc.aliyuncs.com/install-script/dify/sae/install.sh | bash\n"
},
"Type": "RunShellScript",
"InstanceIds": [
{
"Ref": "EcsInstance"
}
]
}
},
"RedisInstance": {
"Type": "ALIYUN::REDIS::Instance",
"Properties": {
"ZoneId": {
"Ref": "ZoneId1"
},
"SecondaryZoneId": {
"Ref": "ZoneId2"
},
"VpcId": {
"Ref": "Vpc"
},
"VSwitchId": {
"Ref": "VSwitch1"
},
"InstanceClass": "redis.shard.large.y.ee",
"EvictionPolicy": "noeviction",
"InstanceName": {
"Fn::Sub": "${CommonName}-Redis"
},
"EngineVersion": "7.0",
"Password": {
"Ref": "RedisInstancePassword"
}
}
},
"REDISWhitelist": {
"Type": "ALIYUN::REDIS::Whitelist",
"Properties": {
"InstanceId": {
"Ref": "RedisInstance"
},
"SecurityIps": "192.168.0.0/16"
}
},
"ADBPGInstance": {
"Type": "ALIYUN::GPDB::DBInstance",
"Properties": {
"EngineVersion": "7.0",
"VectorConfigurationStatus": true,
"InstanceSpec": "4C32G",
"ZoneId": {
"Ref": "ZoneId1"
},
"VSwitchId": {
"Ref": "VSwitch1"
},
"SegNodeNum": 4,
"SegStorageType": "cloud_essd",
"SegDiskPerformanceLevel": "pl1",
"StorageSize": 50,
"VPCId": {
"Ref": "Vpc"
},
"SecurityIPList": "192.168.0.0/16",
"DBInstanceDescription": {
"Fn::Sub": "${CommonName}"
},
"PayType": "Postpaid",
"DBInstanceCategory": "HighAvailability",
"DBInstanceMode": "StorageElastic",
"ProdType": "standard"
}
},
"GPDBAccount": {
"Type": "ALIYUN::GPDB::Account",
"Properties": {
"DBInstanceId": {
"Fn::GetAtt": [
"ADBPGInstance",
"DBInstanceId"
]
},
"AccountPassword": {
"Ref": "ADBPGPassword"
},
"AccountName": {
"Ref": "ADBPGAccount"
}
}
},
"SaeNamespace": {
"DependsOn": [
"PostgreSQLInstance",
"RedisInstance",
"ADBPGInstance",
"PluginNas",
"APINas"
],
"Type": "ALIYUN::SAE::Namespace",
"Properties": {
"NamespaceName": {
"Ref": "NamespaceName"
},
"NamespaceId": {
"Fn::Sub": "${ALIYUN::Region}:${NamespaceName}"
},
"VpcId": {
"Ref": "Vpc"
}
}
},
"PostgreSQLInstance": {
"Type": "ALIYUN::RDS::DBInstance",
"Properties": {
"ZoneId": {
"Ref": "ZoneId1"
},
"SlaveZoneIds": [
{
"Ref": "ZoneId2"
}
],
"VpcId": {
"Ref": "Vpc"
},
"VSwitchId": {
"Ref": "VSwitch1"
},
"DBInstanceClass": {
"Ref": "DBInstanceClass"
},
"DBInstanceStorage": 50,
"Engine": "PostgreSQL",
"EngineVersion": "17.0",
"SecurityIPList": "192.168.0.0/16",
"Category": "HighAvailability",
"MasterUserType": "Super",
"MasterUserPassword": {
"Ref": "PostgresSQLPassword"
},
"MasterUsername": {
"Ref": "PostgresSQLUserName"
},
"DBInstanceStorageType": "cloud_essd"
}
},
"DifyDataBase": {
"Type": "ALIYUN::RDS::Database",
"Properties": {
"CharacterSetName": "utf8",
"DBInstanceId": {
"Fn::GetAtt": [
"PostgreSQLInstance",
"DBInstanceId"
]
},
"DBName": "dify"
}
},
"DifySetUpDataBase": {
"Type": "ALIYUN::RDS::Database",
"DependsOn": "DifyDataBase",
"Properties": {
"CharacterSetName": "UTF8",
"DBInstanceId": {
"Fn::GetAtt": [
"PostgreSQLInstance",
"DBInstanceId"
]
},
"DBName": "dify_setups"
}
},
"RdsAccountPrivilege": {
"Type": "ALIYUN::RDS::AccountPrivilege",
"DependsOn": "DifySetUpDataBase",
"Properties": {
"AccountPrivilege": "DBOwner",
"DBInstanceId": {
"Ref": "PostgreSQLInstance"
},
"DBName": "dify",
"AccountName": {
"Ref": "PostgresSQLUserName"
}
}
},
"NatGateway": {
"Type": "ALIYUN::VPC::NatGateway",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"VSwitchId": {
"Ref": "VSwitch1"
},
"NatGatewayName": {
"Fn::Sub": "${CommonName}-nat"
},
"InternetChargeType": "PayByLcu",
"EipBindMode": "NAT"
}
},
"Eip": {
"Type": "ALIYUN::VPC::EIP",
"Properties": {
"DeletionProtection": false,
"Isp": "BGP",
"Bandwidth": 200,
"InternetChargeType": "PayByTraffic"
}
},
"EipAssociation": {
"Type": "ALIYUN::VPC::EIPAssociation",
"Properties": {
"InstanceId": {
"Ref": "NatGateway"
},
"AllocationId": {
"Ref": "Eip"
}
}
},
"SNat": {
"Type": "ALIYUN::VPC::SnatEntry",
"DependsOn": "EipAssociation",
"Properties": {
"SnatTableId": {
"Fn::GetAtt": [
"NatGateway",
"SNatTableId"
]
},
"SnatEntryName": {
"Fn::Sub": "${CommonName}-snat"
},
"SourceVSwitchIds": [
{
"Ref": "VSwitch1"
},
{
"Ref": "VSwitch2"
}
],
"SnatIp": {
"Fn::GetAtt": [
"Eip",
"EipAddress"
]
}
}
},
"APINas": {
"Type": "ALIYUN::NAS::FileSystem",
"Properties": {
"ProtocolType": "NFS",
"FileSystemType": "standard",
"DeletionForce": true,
"StorageType": "Performance",
"Description": {
"Fn::Sub": "${CommonName}-API-NAS"
}
}
},
"APINasMountTarget": {
"Type": "ALIYUN::NAS::MountTarget",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"VSwitchId": {
"Ref": "VSwitch1"
},
"NetworkType": "Vpc",
"AccessGroupName": "DEFAULT_VPC_GROUP_NAME",
"FileSystemId": {
"Ref": "APINas"
}
}
},
"PluginNas": {
"Type": "ALIYUN::NAS::FileSystem",
"Properties": {
"ProtocolType": "NFS",
"FileSystemType": "standard",
"DeletionForce": true,
"StorageType": "Performance",
"Description": {
"Fn::Sub": "${CommonName}-Plugin-NAS"
}
}
},
"PluginNasMountTarget": {
"Type": "ALIYUN::NAS::MountTarget",
"Properties": {
"VpcId": {
"Ref": "Vpc"
},
"VSwitchId": {
"Ref": "VSwitch1"
},
"NetworkType": "Vpc",
"AccessGroupName": "DEFAULT_VPC_GROUP_NAME",
"FileSystemId": {
"Ref": "PluginNas"
}
}
},
"SuperOpsUser": {
"Type": "ALIYUN::RAM::User",
"Properties": {
"UserName": {
"Fn::Sub": "SuperOps-${ALIYUN::StackId}"
},
"Policies": [
{
"PolicyName": {
"Fn::Join": [
"-",
[
"DifySuperOpsPolicy",
{
"Ref": "ALIYUN::StackName"
}
]
]
},
"PolicyDocument": {
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"gpdb:*"
],
"Resource": [
"*"
]
}
]
}
}
],
"PolicyAttachments": {
"System": [
"AliyunSTSAssumeRoleAccess",
"AliyunRAMReadOnlyAccess"
]
}
}
},
"AccessKey": {
"Type": "ALIYUN::RAM::AccessKey",
"Properties": {
"UserName": {
"Fn::GetAtt": [
"SuperOpsUser",
"UserName"
]
}
}
},
"DifyApiConfigMap": {
"Type": "ALIYUN::SAE::ConfigMap",
"Properties": {
"Data": {
"MAIL_DEFAULT_SEND_FROM": "YOUR EMAIL FROM (eg: no-reply <no-reply@dify.ai>)",
"SENTRY_PROFILES_SAMPLE_RATE": "1",
"MARKETPLACE_ENABLED": "true",
"DB_PORT": "5432",
"VECTOR_STORE": "analyticdb",
"LOG_LEVEL": "INFO",
"DB_DATABASE": "dify",
"REDIS_USE_SSL": "false",
"STORAGE_LOCAL_PATH": "/app/api/storage",
"SENTRY_TRACES_SAMPLE_RATE": "1",
"MODE": "api",
"WEB_API_CORS_ALLOW_ORIGINS": "*",
"RESEND_API_URL": "https://api.resend.com",
"ANALYTICDB_INSTANCE_ID": {
"Fn::GetAtt": [
"ADBPGInstance",
"DBInstanceId"
]
},
"CODE_EXECUTION_ENDPOINT": "http://dify-sandbox:8194",
"REDIS_HOST": {
"Fn::GetAtt": [
"RedisInstance",
"ConnectionDomain"
]
},
"REDIS_DB": "0",
"REDIS_PORT": "6379",
"MAIL_TYPE": "resend",
"ANALYTICDB_REGION_ID": {
"Ref": "ALIYUN::Region"
},
"MIGRATION_ENABLED": "true",
"CONSOLE_CORS_ALLOW_ORIGINS": "*",
"PLUGIN_DAEMON_URL": "http://dify-plugin-daemon:5002",
"STORAGE_TYPE": "local",
"DB_HOST": {
"Fn::GetAtt": [
"PostgreSQLInstance",
"InnerConnectionString"
]
}
},
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Name": "dify-api"
}
},
"DifyApiSecret": {
"Type": "ALIYUN::SAE::Secret",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"SecretName": "dify-api",
"SecretType": "Opaque",
"SecretData": {
"ANALYTICDB_ACCOUNT": {
"Ref": "ADBPGAccount"
},
"ANALYTICDB_KEY_ID": {
"Fn::GetAtt": [
"AccessKey",
"AccessKeyId"
]
},
"ANALYTICDB_KEY_SECRET": {
"Fn::GetAtt": [
"AccessKey",
"AccessKeySecret"
]
},
"ANALYTICDB_NAMESPACE": "difyns",
"ANALYTICDB_NAMESPACE_PASSWORD": {
"Ref": "ADBPGPassword"
},
"ANALYTICDB_PASSWORD": {
"Ref": "ADBPGPassword"
},
"CELERY_BROKER_URL": {
"Fn::Sub": [
"redis://:${REDIS_PASSWORD}@${REDIS_HOST}:6379/0",
{
"REDIS_PASSWORD": {
"Ref": "RedisInstancePassword"
},
"REDIS_HOST": {
"Fn::GetAtt": [
"RedisInstance",
"ConnectionDomain"
]
}
}
]
},
"CODE_EXECUTION_API_KEY": "dify-sandbox",
"DB_PASSWORD": {
"Ref": "PostgresSQLPassword"
},
"DB_USERNAME": {
"Ref": "PostgresSQLUserName"
},
"INNER_API_KEY_FOR_PLUGIN": "QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1",
"PLUGIN_DAEMON_KEY": "lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi",
"REDIS_PASSWORD": {
"Ref": "RedisInstancePassword"
},
"REDIS_USERNAME": "default",
"RESEND_API_KEY": "xxxx",
"SECRET_KEY": {
"Fn::Base64Decode": {
"Fn::Jq": [
"First",
".[0].Output",
{
"Fn::GetAtt": [
"RunCommand",
"InvokeResults"
]
}
]
}
}
}
}
},
"DifyWorkerConfigMap": {
"Type": "ALIYUN::SAE::ConfigMap",
"Properties": {
"Data": {
"MAIL_DEFAULT_SEND_FROM": "YOUR EMAIL FROM (eg: no-reply <no-reply@dify.ai>)",
"SENTRY_PROFILES_SAMPLE_RATE": "1",
"MARKETPLACE_ENABLED": "true",
"DB_PORT": "5432",
"VECTOR_STORE": "analyticdb",
"LOG_LEVEL": "INFO",
"DB_DATABASE": "dify",
"REDIS_USE_SSL": "false",
"STORAGE_LOCAL_PATH": "/app/api/storage",
"SENTRY_TRACES_SAMPLE_RATE": "1",
"MODE": "worker",
"WEB_API_CORS_ALLOW_ORIGINS": "*",
"RESEND_API_URL": "https://api.resend.com",
"ANALYTICDB_INSTANCE_ID": {
"Fn::GetAtt": [
"ADBPGInstance",
"DBInstanceId"
]
},
"REDIS_HOST": {
"Fn::GetAtt": [
"RedisInstance",
"ConnectionDomain"
]
},
"REDIS_DB": "0",
"REDIS_PORT": "6379",
"MAIL_TYPE": "resend",
"ANALYTICDB_REGION_ID": {
"Ref": "ALIYUN::Region"
},
"MIGRATION_ENABLED": "true",
"CONSOLE_CORS_ALLOW_ORIGINS": "*",
"PLUGIN_DAEMON_URL": "http://dify-plugin-daemon:5002",
"STORAGE_TYPE": "local",
"DB_HOST": {
"Fn::GetAtt": [
"PostgreSQLInstance",
"InnerConnectionString"
]
}
},
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Name": "dify-worker"
}
},
"DifyWorkerSecret": {
"Type": "ALIYUN::SAE::Secret",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"SecretName": "dify-worker",
"SecretType": "Opaque",
"SecretData": {
"ANALYTICDB_ACCOUNT": {
"Ref": "ADBPGAccount"
},
"ANALYTICDB_KEY_ID": {
"Fn::GetAtt": [
"AccessKey",
"AccessKeyId"
]
},
"ANALYTICDB_KEY_SECRET": {
"Fn::GetAtt": [
"AccessKey",
"AccessKeySecret"
]
},
"ANALYTICDB_NAMESPACE": "difyns",
"ANALYTICDB_NAMESPACE_PASSWORD": {
"Ref": "ADBPGPassword"
},
"ANALYTICDB_PASSWORD": {
"Ref": "ADBPGPassword"
},
"CELERY_BROKER_URL": {
"Fn::Sub": [
"redis://:${REDIS_PASSWORD}@${REDIS_HOST}:6379/0",
{
"REDIS_PASSWORD": {
"Ref": "RedisInstancePassword"
},
"REDIS_HOST": {
"Fn::GetAtt": [
"RedisInstance",
"ConnectionDomain"
]
}
}
]
},
"DB_PASSWORD": {
"Ref": "PostgresSQLPassword"
},
"DB_USERNAME": {
"Ref": "PostgresSQLUserName"
},
"INNER_API_KEY_FOR_PLUGIN": "QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1",
"PLUGIN_DAEMON_KEY": "lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi",
"REDIS_PASSWORD": {
"Ref": "RedisInstancePassword"
},
"REDIS_USERNAME": "default",
"RESEND_API_KEY": "xxxx",
"SECRET_KEY": {
"Fn::Base64Decode": {
"Fn::Jq": [
"First",
".[0].Output",
{
"Fn::GetAtt": [
"RunCommand",
"InvokeResults"
]
}
]
}
}
}
}
},
"DifyPluginDaemonConfigMap": {
"Type": "ALIYUN::SAE::ConfigMap",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Name": "dify-plugin-daemon",
"Data": {
"SERVER_PORT": "5002",
"PLUGIN_REMOTE_INSTALLING_HOST": "0.0.0.0",
"REDIS_DB": "0",
"REDIS_HOST": {
"Fn::GetAtt": [
"RedisInstance",
"ConnectionDomain"
]
},
"MARKETPLACE_ENABLED": "true",
"DB_PORT": "5432",
"REDIS_USE_SSL": "false",
"PLUGIN_WORKING_PATH": "/app/storage/cwd",
"DB_HOST": {
"Fn::GetAtt": [
"PostgreSQLInstance",
"InnerConnectionString"
]
},
"PIP_MIRROR_URL": "http://mirrors.aliyun.com/pypi/simple/",
"REDIS_PORT": "6379",
"PLUGIN_REMOTE_INSTALLING_PORT": "5003",
"MAX_PLUGIN_PACKAGE_SIZE": "52428800",
"DB_DATABASE": "dify_plugin",
"DIFY_INNER_API_URL": "http://dify-api:5001"
}
}
},
"DifyPluginDaemonSecret": {
"Type": "ALIYUN::SAE::Secret",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"SecretName": "dify-plugin-daemon",
"SecretType": "Opaque",
"SecretData": {
"DB_PASSWORD": {
"Ref": "PostgresSQLPassword"
},
"DB_USERNAME": {
"Ref": "PostgresSQLUserName"
},
"DIFY_INNER_API_KEY": "QaHbTe77CtuXmsfyhR7+vRjI/+XbV1AaFy691iy+kGDv2Jvy0/eAh8Y1",
"REDIS_PASSWORD": {
"Ref": "RedisInstancePassword"
},
"REDIS_USERNAME": "default",
"SERVER_KEY": "lYkiYYT6owG+71oLerGzA7GXCgOT++6ovaezWAjpCjf+Sjc3ZtU+qUEi"
}
}
},
"DifySandboxConfigMap": {
"Type": "ALIYUN::SAE::ConfigMap",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Name": "dify-sandbox",
"Data": {
"GIN_MODE": "release",
"SANDBOX_PORT": "8194"
}
}
},
"DifySandboxSecret": {
"Type": "ALIYUN::SAE::Secret",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"SecretName": "dify-sandbox",
"SecretType": "Opaque",
"SecretData": {
"API_KEY": "dify-sandbox"
}
}
},
"DifyWebConfigMap": {
"Type": "ALIYUN::SAE::ConfigMap",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Name": "dify-web",
"Data": {
"MARKETPLACE_ENABLED": "true",
"MARKETPLACE_URL": "https://marketplace.dify.ai",
"MARKETPLACE_API_URL": "https://marketplace.dify.ai"
}
}
},
"DifyNginxConfigMap": {
"Type": "ALIYUN::SAE::ConfigMap",
"Properties": {
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Name": "dify-nginx",
"Data": {
"default.conf": "server {\n listen 80;\n server_name _;\n\n location /console/api {\n proxy_pass http://dify-api:5001;\n include proxy.conf;\n }\n\n location /api {\n proxy_pass http://dify-api:5001;\n include proxy.conf;\n }\n\n location /v1 {\n proxy_pass http://dify-api:5001;\n include proxy.conf;\n }\n\n location /files {\n proxy_pass http://dify-api:5001;\n include proxy.conf;\n }\n\n location /explore {\n proxy_pass http://dify-web:3000;\n proxy_set_header Dify-Hook-Url $scheme://$host$request_uri;\n include proxy.conf;\n }\n\n location /e/ {\n proxy_pass http://dify-plugin-daemon:5002;\n proxy_set_header Dify-Hook-Url $scheme://$host$request_uri;\n include proxy.conf;\n }\n\n location / {\n proxy_pass http://dify-web:3000;\n include proxy.conf;\n }\n }",
"nginx.conf": "user nginx;\n worker_processes auto;\n pid /var/run/nginx.pid;\n\n\n events {\n worker_connections 1024;\n }\n\n\n http {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n\n log_format main '$remote_addr - $remote_user [$time_local] \"$request\" '\n '$status $body_bytes_sent \"$http_referer\" '\n '\"$http_user_agent\" \"$http_x_forwarded_for\"';\n\n sendfile on;\n #tcp_nopush on;\n\n keepalive_timeout 65;\n\n #gzip on;\n client_max_body_size 15M;\n\n include /etc/nginx/conf.d/*.conf;\n }",
"proxy.conf": "proxy_set_header Host $host;\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\nproxy_set_header X-Forwarded-Proto $scheme;\nproxy_set_header X-Forwarded-Port $server_port;\nproxy_http_version 1.1;\nproxy_set_header Connection \"\";\nproxy_buffering off;\nproxy_read_timeout 3600s;\nproxy_send_timeout 3600s;"
}
}
},
"DifyApiApp": {
"DependsOn": [
"SaeNamespace",
"DifyApiConfigMap",
"DifyApiSecret",
"ADBPGInstance"
],
"Type": "ALIYUN::SAE::Application",
"Properties": {
"AppName": "dify-api",
"SaeVersion": "v2",
"AutoConfig": false,
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"VSwitchId": {
"Fn::Sub": [
"${VSwitch1},${VSwitch2}",
{
"VSwitch1": {
"Ref": "VSwitch1"
},
"VSwitch2": {
"Ref": "VSwitch2"
}
}
]
},
"Replicas": 1,
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Cpu": 1000,
"Memory": 2048,
"PackageType": "Image",
"ImageUrl": {
"Fn::Sub": "registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-api-v1.6.0"
},
"ProgrammingLanguage": "python",
"AppSource": "micro_service",
"Timezone": "Asia/Shanghai",
"NasConfigs": {
"Fn::Sub": [
"[{\"mountDomain\":\"${MOUNT_DOMAIN}\",\"mountPath\":\"/app/api/storage\",\"nasId\":\"${NAS_ID}\",\"nasPath\":\"dify-api\",\"readOnly\":false,\"volumeName\":\"nas-1\"}]",
{
"MOUNT_DOMAIN": {
"Fn::GetAtt": [
"APINasMountTarget",
"MountTargetDomain"
]
},
"NAS_ID": {
"Fn::GetAtt": [
"APINas",
"FileSystemId"
]
}
}
]
},
"PvtzDiscoverySvc": {
"Fn::Sub": [
"{\"enable\":\"true\",\"namespaceId\":\"${REGION_ID}:${NAMESPACE}\",\"portAndProtocol\":{\"5001:TCP\":\"5001\"},\"portProtocols\":[],\"pvtzDiscoveryName\":\"${REGION_ID}-${USER_ID}\",\"serviceName\":\"dify-api.${NAMESPACE}\"}",
{
"NAMESPACE": {
"Ref": "NamespaceName"
},
"USER_ID": {
"Ref": "ALIYUN::TenantId"
},
"REGION_ID": {
"Ref": "ALIYUN::Region"
}
}
]
},
"Envs": {
"Fn::Sub": [
"[{\"name\":\"APP_WEB_URL\"},{\"name\":\"FILES_URL\"},{\"name\":\"CODE_MAX_DEPTH\",\"value\":\"5\"},{\"name\":\"CODE_MAX_OBJECT_ARRAY_LENGTH\",\"value\":\"30\"},{\"name\":\"CHECK_UPDATE_URL\"},{\"name\":\"CODE_MAX_STRING_ARRAY_LENGTH\",\"value\":\"30\"},{\"name\":\"SERVICE_API_URL\"},{\"name\":\"sae-sys-secret-all-dify-api\",\"valueFrom\":{\"secretRef\":{\"secretId\":${SECRET_ID},\"key\":\"\"}}},{\"name\":\"CODE_MAX_PRECISION\",\"value\":\"20\"},{\"name\":\"CONSOLE_API_URL\"},{\"name\":\"TEMPLATE_TRANSFORM_MAX_LENGTH\",\"value\":\"80000\"},{\"name\":\"CODE_MAX_NUMBER\",\"value\":\"9223372036854775807\"},{\"name\":\"CODE_MAX_NUMBER_ARRAY_LENGTH\",\"value\":\"1000\"},{\"name\":\"CONSOLE_WEB_URL\"},{\"name\":\"CODE_MIN_NUMBER\",\"value\":\"-9223372036854775808\"},{\"name\":\"CODE_MAX_STRING_LENGTH\",\"value\":\"80000\"},{\"name\":\"SENTRY_DSN\"},{\"name\":\"CODE_EXECUTION_API_KEY\",\"valueFrom\":{\"secretRef\":{\"secretId\":${SANDBOX_SECRET_ID},\"key\":\"API_KEY\"}}},{\"name\":\"sae-sys-configmap-all-dify-api\",\"valueFrom\":{\"configMapRef\":{\"configMapId\":${CONFIGMAP_ID},\"key\":\"\"}}}]",
{
"CONFIGMAP_ID": {
"Fn::GetAtt": [
"DifyApiConfigMap",
"ConfigMapId"
]
},
"SECRET_ID": {
"Fn::GetAtt": [
"DifyApiSecret",
"SecretId"
]
},
"SANDBOX_SECRET_ID": {
"Fn::GetAtt": [
"DifySandboxSecret",
"SecretId"
]
}
}
]
}
}
},
"DifyWorkerApp": {
"DependsOn": [
"SaeNamespace",
"DifyWorkerConfigMap",
"DifyWorkerSecret"
],
"Type": "ALIYUN::SAE::Application",
"Properties": {
"AppName": "dify-worker",
"SaeVersion": "v2",
"AutoConfig": false,
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"VSwitchId": {
"Fn::Sub": [
"${VSwitch1},${VSwitch2}",
{
"VSwitch1": {
"Ref": "VSwitch1"
},
"VSwitch2": {
"Ref": "VSwitch2"
}
}
]
},
"Replicas": 1,
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Cpu": 1000,
"Memory": 2048,
"PackageType": "Image",
"ImageUrl": {
"Fn::Sub": "registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-api-v1.6.0"
},
"ProgrammingLanguage": "python",
"AppSource": "micro_service",
"Timezone": "Asia/Shanghai",
"NasConfigs": {
"Fn::Sub": [
"[{\"mountDomain\":\"${MOUNT_DOMAIN}\",\"mountPath\":\"/app/api/storage\",\"nasId\":\"${NAS_ID}\",\"nasPath\":\"dify-api\",\"readOnly\":false,\"volumeName\":\"nas-1\"}]",
{
"MOUNT_DOMAIN": {
"Fn::GetAtt": [
"APINasMountTarget",
"MountTargetDomain"
]
},
"NAS_ID": {
"Fn::GetAtt": [
"APINas",
"FileSystemId"
]
}
}
]
},
"Envs": {
"Fn::Sub": [
"[{\"name\":\"sae-sys-secret-all-dify-worker\",\"valueFrom\":{\"secretRef\":{\"secretId\":${SECRET_ID},\"key\":\"\"}}},{\"name\":\"sae-sys-configmap-all-dify-worker\",\"valueFrom\":{\"configMapRef\":{\"configMapId\":${CONFIGMAP_ID},\"key\":\"\"}}},{\"name\":\"CONSOLE_WEB_URL\"}]",
{
"CONFIGMAP_ID": {
"Fn::GetAtt": [
"DifyWorkerConfigMap",
"ConfigMapId"
]
},
"SECRET_ID": {
"Fn::GetAtt": [
"DifyWorkerSecret",
"SecretId"
]
}
}
]
}
}
},
"DifyPluginDaemonApp": {
"DependsOn": [
"SaeNamespace",
"DifyPluginDaemonConfigMap",
"DifyPluginDaemonSecret"
],
"Type": "ALIYUN::SAE::Application",
"Properties": {
"AppName": "dify-plugin-daemon",
"SaeVersion": "v2",
"AutoConfig": false,
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"VSwitchId": {
"Fn::Sub": [
"${VSwitch1},${VSwitch2}",
{
"VSwitch1": {
"Ref": "VSwitch1"
},
"VSwitch2": {
"Ref": "VSwitch2"
}
}
]
},
"Replicas": 1,
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Cpu": 1000,
"Memory": 2048,
"PackageType": "Image",
"ImageUrl": {
"Fn::Sub": "registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-plugin-daemon-v0.1.3-local"
},
"ProgrammingLanguage": "golang",
"AppSource": "micro_service",
"Timezone": "Asia/Shanghai",
"NasConfigs": {
"Fn::Sub": [
"[{\"mountDomain\":\"${MOUNT_DOMAIN}\",\"mountPath\":\"/app/storage\",\"nasId\":\"${NAS_ID}\",\"nasPath\":\"dify-plugin-daemon\",\"readOnly\":false,\"volumeName\":\"nas-1\"}]",
{
"MOUNT_DOMAIN": {
"Fn::GetAtt": [
"PluginNasMountTarget",
"MountTargetDomain"
]
},
"NAS_ID": {
"Fn::GetAtt": [
"PluginNas",
"FileSystemId"
]
}
}
]
},
"PvtzDiscoverySvc": {
"Fn::Sub": [
"{\"enable\":\"true\",\"namespaceId\":\"${REGION_ID}:${NAMESPACE}\",\"portAndProtocol\":{\"5003:TCP\":\"5003\",\"5002:TCP\":\"5002\"},\"portProtocols\":[],\"pvtzDiscoveryName\":\"${REGION_ID}-${USER_ID}\",\"serviceName\":\"dify-plugin-daemon.${NAMESPACE}\"}",
{
"NAMESPACE": {
"Ref": "NamespaceName"
},
"USER_ID": {
"Ref": "ALIYUN::TenantId"
},
"REGION_ID": {
"Ref": "ALIYUN::Region"
}
}
]
},
"Envs": {
"Fn::Sub": [
"[{\"name\":\"sae-sys-secret-all-dify-plugin-daemon\",\"valueFrom\":{\"secretRef\":{\"secretId\":${SECRET_ID},\"key\":\"\"}}},{\"name\":\"sae-sys-configmap-all-dify-plugin-daemon\",\"valueFrom\":{\"configMapRef\":{\"configMapId\":${CONFIGMAP_ID},\"key\":\"\"}}}]",
{
"CONFIGMAP_ID": {
"Fn::GetAtt": [
"DifyPluginDaemonConfigMap",
"ConfigMapId"
]
},
"SECRET_ID": {
"Fn::GetAtt": [
"DifyPluginDaemonSecret",
"SecretId"
]
}
}
]
}
}
},
"DifySandboxApp": {
"DependsOn": [
"SaeNamespace",
"DifySandboxConfigMap",
"DifySandboxSecret"
],
"Type": "ALIYUN::SAE::Application",
"Properties": {
"AppName": "dify-sandbox",
"SaeVersion": "v2",
"AutoConfig": false,
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"VSwitchId": {
"Fn::Sub": [
"${VSwitch1},${VSwitch2}",
{
"VSwitch1": {
"Ref": "VSwitch1"
},
"VSwitch2": {
"Ref": "VSwitch2"
}
}
]
},
"Replicas": 1,
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Cpu": 1000,
"Memory": 2048,
"PackageType": "Image",
"ImageUrl": {
"Fn::Sub": "registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-sandbox-v0.2.12"
},
"ProgrammingLanguage": "golang",
"AppSource": "micro_service",
"Timezone": "Asia/Shanghai",
"PvtzDiscoverySvc": {
"Fn::Sub": [
"{\"enable\":\"true\",\"namespaceId\":\"${REGION_ID}:${NAMESPACE}\",\"portAndProtocol\":{\"8194:TCP\":\"8194\"},\"portProtocols\":[],\"pvtzDiscoveryName\":\"${REGION_ID}-${USER_ID}\",\"serviceName\":\"dify-sandbox.${NAMESPACE}\"}",
{
"NAMESPACE": {
"Ref": "NamespaceName"
},
"USER_ID": {
"Ref": "ALIYUN::TenantId"
},
"REGION_ID": {
"Ref": "ALIYUN::Region"
}
}
]
},
"Envs": {
"Fn::Sub": [
"[{\"name\":\"sae-sys-secret-all-dify-sandbox\",\"valueFrom\":{\"secretRef\":{\"secretId\":${SECRET_ID},\"key\":\"\"}}},{\"name\":\"WORKER_TIMEOUT\",\"value\":\"15\"},{\"name\":\"sae-sys-configmap-all-dify-sandbox\",\"valueFrom\":{\"configMapRef\":{\"configMapId\":${CONFIGMAP_ID},\"key\":\"\"}}}]",
{
"CONFIGMAP_ID": {
"Fn::GetAtt": [
"DifySandboxConfigMap",
"ConfigMapId"
]
},
"SECRET_ID": {
"Fn::GetAtt": [
"DifySandboxSecret",
"SecretId"
]
}
}
]
}
}
},
"DifyWebApp": {
"DependsOn": [
"SaeNamespace",
"DifyWebConfigMap"
],
"Type": "ALIYUN::SAE::Application",
"Properties": {
"AppName": "dify-web",
"SaeVersion": "v2",
"AutoConfig": false,
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"VSwitchId": {
"Fn::Sub": [
"${VSwitch1},${VSwitch2}",
{
"VSwitch1": {
"Ref": "VSwitch1"
},
"VSwitch2": {
"Ref": "VSwitch2"
}
}
]
},
"Replicas": 1,
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Cpu": 1000,
"Memory": 2048,
"PackageType": "Image",
"ImageUrl": {
"Fn::Sub": "registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:dify-web-v1.6.0"
},
"ProgrammingLanguage": "other",
"AppSource": "micro_service",
"Timezone": "Asia/Shanghai",
"PvtzDiscoverySvc": {
"Fn::Sub": [
"{\"enable\":\"true\",\"namespaceId\":\"${REGION_ID}:${NAMESPACE}\",\"portAndProtocol\":{\"3000:TCP\":\"3000\"},\"portProtocols\":[],\"pvtzDiscoveryName\":\"${REGION_ID}-${USER_ID}\",\"serviceName\":\"dify-web.${NAMESPACE}\"}",
{
"NAMESPACE": {
"Ref": "NamespaceName"
},
"USER_ID": {
"Ref": "ALIYUN::TenantId"
},
"REGION_ID": {
"Ref": "ALIYUN::Region"
}
}
]
},
"Envs": {
"Fn::Sub": [
"[{\"name\":\"sae-sys-configmap-all-dify-web\",\"valueFrom\":{\"configMapRef\":{\"configMapId\":${CONFIGMAP_ID},\"key\":\"\"}}},{\"name\":\"APP_API_URL\"},{\"name\":\"CONSOLE_API_URL\"},{\"name\":\"EDITION\",\"value\":\"SELF_HOSTED\"}]",
{
"CONFIGMAP_ID": {
"Fn::GetAtt": [
"DifyWebConfigMap",
"ConfigMapId"
]
}
}
]
}
}
},
"DifyNginxApp": {
"DependsOn": [
"SaeNamespace",
"DifyNginxConfigMap"
],
"Type": "ALIYUN::SAE::Application",
"Properties": {
"AppName": "dify-nginx",
"SaeVersion": "v2",
"AutoConfig": false,
"VpcId": {
"Ref": "Vpc"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"VSwitchId": {
"Fn::Sub": [
"${VSwitch1},${VSwitch2}",
{
"VSwitch1": {
"Ref": "VSwitch1"
},
"VSwitch2": {
"Ref": "VSwitch2"
}
}
]
},
"Replicas": 1,
"NamespaceId": {
"Ref": "SaeNamespace"
},
"Cpu": 1000,
"Memory": 2048,
"PackageType": "Image",
"ImageUrl": {
"Fn::Sub": "registry.${ALIYUN::Region}.aliyuncs.com/sae-serverless-demo/sae-demo:nginx-v1.23.4"
},
"ProgrammingLanguage": "other",
"AppSource": "micro_service",
"Timezone": "Asia/Shanghai",
"ConfigMapMountDesc": {
"Fn::Sub": [
"[{\"MountPath\":\"/etc/nginx/conf.d/default.conf\",\"ConfigMapId\":${CONFIGMAP_ID},\"ConfigMapName\":\"dify-nginx\",\"Key\":\"default.conf\"},{\"MountPath\":\"/etc/nginx/nginx.conf\",\"ConfigMapId\":${CONFIGMAP_ID},\"ConfigMapName\":\"dify-nginx\",\"Key\":\"nginx.conf\"},{\"MountPath\":\"/etc/nginx/proxy.conf\",\"ConfigMapId\":${CONFIGMAP_ID},\"ConfigMapName\":\"dify-nginx\",\"Key\":\"proxy.conf\"}]",
{
"CONFIGMAP_ID": {
"Fn::GetAtt": [
"DifyNginxConfigMap",
"ConfigMapId"
]
}
}
]
}
}
},
"InternetClb": {
"Type": "ALIYUN::SLB::LoadBalancer",
"Properties": {
"LoadBalancerName": {
"Ref": "ALIYUN::StackName"
},
"LoadBalancerSpec": "slb.s2.medium",
"AddressType": "internet"
}
},
"BackendAppBindClb": {
"Type": "ALIYUN::SAE::SlbBinding",
"DependsOn": [
"DifyNginxApp",
"InternetClb"
],
"Properties": {
"InternetSlbId": {
"Fn::GetAtt": [
"InternetClb",
"LoadBalancerId"
]
},
"Internet": "[{\"port\": 80, \"targetPort\": 80, \"protocol\": \"TCP\"}]",
"AppId": {
"Fn::GetAtt": [
"DifyNginxApp",
"AppId"
]
}
}
}
},
"Outputs": {
"DifyAddress": {
"Label": {
"zh-cn": "Dify service address.",
"en": "Dify service address"
},
"Description": {
"zh-cn": "Dify service address.",
"en": "The service address of the Dify platform."
},
"Value": {
"Fn::Sub": [
"http://${ServerAddress}:80",
{
"ServerAddress": {
"Fn::GetAtt": [
"InternetClb",
"IpAddress"
]
}
}
]
}
},
"PostgresName": {
"Label": {
"zh-cn": "Postgres username",
"en": "Postgres username"
},
"Description": {
"zh-cn": "The username of AnalyticDB for PostgreSQL.",
"en": "The username for the AnalyticDB for PostgreSQL database."
},
"Value": {
"Ref": "ADBPGAccount"
}
},
"PostgresPassword": {
"Label": {
"zh-cn": "Postgres password",
"en": "Postgres password"
},
"Description": {
"zh-cn": "The password of AnalyticDB for PostgreSQL.",
"en": "The password for the AnalyticDB for PostgreSQL database."
},
"NoEcho": true,
"Value": {
"Ref": "ADBPGPassword"
}
},
"PostgresConnectionString": {
"Label": {
"zh-cn": "Postgres database address",
"en": "Postgres database address"
},
"Description": {
"zh-cn": "The internal endpoint of AnalyticDB for PostgreSQL.",
"en": "The internal endpoint of the AnalyticDB for PostgreSQL database."
},
"Value": {
"Fn::GetAtt": [
"ADBPGInstance",
"ConnectionString"
]
}
},
"APINasFileSystemId": {
"Label": {
"zh-cn": "API NAS file system",
"en": "API NAS file system"
},
"Description": {
"zh-cn": "The NAS file system.",
"en": "The ID of the NAS file system for the API."
},
"Value": {
"Ref": "APINas"
}
},
"APINasMountTarget": {
"Label": {
"zh-cn": "API NAS mount target",
"en": "API NAS mount target"
},
"Description": {
"zh-cn": "The NAS mount target.",
"en": "The mount target of the NAS file system for the API."
},
"Value": {
"Ref": "APINasMountTarget"
}
},
"PluginNasFileSystemId": {
"Label": {
"zh-cn": "Plugin NAS file system",
"en": "Plugin NAS file system"
},
"Description": {
"zh-cn": "The NAS file system.",
"en": "The ID of the NAS file system for plugins."
},
"Value": {
"Ref": "PluginNas"
}
},
"PluginNasMountTarget": {
"Label": {
"zh-cn": "Plugin NAS mount target",
"en": "Plugin NAS mount target"
},
"Description": {
"zh-cn": "The NAS mount target.",
"en": "The mount target of the NAS file system for plugins."
},
"Value": {
"Ref": "PluginNasMountTarget"
}
},
"RedisConnectionString": {
"Label": {
"zh-cn": "Redis connection address",
"en": "Redis connection address"
},
"Description": {
"zh-cn": "The Redis connection address.",
"en": "The connection endpoint of the Redis instance."
},
"Value": {
"Fn::GetAtt": [
"RedisInstance",
"ConnectionDomain"
]
}
},
"RedisName": {
"Label": {
"zh-cn": "Redis username",
"en": "Redis username"
},
"Description": {
"zh-cn": "The Redis username.",
"en": "The username for the Redis instance."
},
"Value": "default"
},
"RedisInstancePassword": {
"Label": {
"zh-cn": "Redis password",
"en": "Redis password"
},
"Description": {
"zh-cn": "The Redis password.",
"en": "The password for the Redis instance."
},
"NoEcho": true,
"Value": {
"Ref": "RedisInstancePassword"
}
},
"PostgreSQLDBName": {
"Label": {
"zh-cn": "Database name",
"en": "Database name"
},
"Description": {
"zh-cn": "The database name of ApsaraDB RDS for PostgreSQL.",
"en": "The database name of the ApsaraDB RDS for PostgreSQL instance."
},
"Value": "dify"
},
"PostgreSQLConnectionString": {
"Label": {
"zh-cn": "RDS database address",
"en": "RDS database address"
},
"Description": {
"zh-cn": "The internal endpoint of ApsaraDB RDS for PostgreSQL.",
"en": "The internal endpoint of the ApsaraDB RDS for PostgreSQL instance."
},
"Value": {
"Fn::GetAtt": [
"PostgreSQLInstance",
"InnerConnectionString"
]
}
},
"PostgreSQLAccount": {
"Label": {
"zh-cn": "RDS username",
"en": "RDS username"
},
"Description": {
"zh-cn": "The username of ApsaraDB RDS for PostgreSQL.",
"en": "The username for the ApsaraDB RDS for PostgreSQL instance."
},
"Value": {
"Ref": "PostgresSQLUserName"
}
},
"PostgreSQLPassword": {
"Label": {
"zh-cn": "RDS password",
"en": "RDS password"
},
"Description": {
"zh-cn": "The password of ApsaraDB RDS for PostgreSQL.",
"en": "The password for the ApsaraDB RDS for PostgreSQL instance."
},
"NoEcho": true,
"Value": {
"Ref": "PostgresSQLPassword"
}
},
"NameSpace": {
"Label": {
"zh-cn": "Namespace",
"en": "Namespace"
},
"Description": {
"zh-cn": "The namespace.",
"en": "The ID of the SAE namespace."
},
"Value": {
"Fn::Sub": "${ALIYUN::Region}:${NamespaceName}"
}
},
"Vpc": {
"Label": {
"zh-cn": "VPC ID",
"en": "VPC ID"
},
"Description": {
"zh-cn": "The VPC ID.",
"en": "The ID of the VPC."
},
"Value": {
"Ref": "Vpc"
}
},
"Vsw": {
"Label": {
"zh-cn": "vSwitch ID",
"en": "vSwitch ID"
},
"Description": {
"zh-cn": "The vSwitch ID.",
"en": "The ID of the vSwitch."
},
"Value": {
"Ref": "VSwitch1"
}
},
"Sg": {
"Label": {
"zh-cn": "Security group ID",
"en": "Security group ID"
},
"Description": {
"zh-cn": "The security group ID.",
"en": "The ID of the security group."
},
"Value": {
"Ref": "SecurityGroup"
}
},
"SecretKey": {
"Label": {
"zh-cn": "Secret key",
"en": "Secret key"
},
"Description": {
"zh-cn": "Used for secure signatures and encrypting sensitive information in the database.",
"en": "The key used for secure signatures and for encrypting sensitive information in the database."
},
"NoEcho": true,
"Value": {
"Fn::Base64Decode": {
"Fn::Jq": [
"First",
".[0].Output",
{
"Fn::GetAtt": [
"RunCommand",
"InvokeResults"
]
}
]
}
}
},
"dify-nginx": {
"Label": {
"zh-cn": "Application address of dify-nginx",
"en": "dify-nginx application address"
},
"Description": {
"zh-cn": "The application address of dify-nginx. In the application access settings, view the public endpoint based on CLB access.",
"en": "The address of the dify-nginx application. To view the public endpoint for SLB access, go to the application access settings."
},
"Value": {
"Fn::Sub": "https://sae.console.alibabacloud.com/${ALIYUN::Region}/app-list/${DifyNginxApp.AppId}/micro-app/base?name=dify-nginx"
}
},
"ECSInstanceId": {
"Label": {
"zh-cn": "ECS instance ID",
"en": "ECS instance ID"
},
"Description": {
"zh-cn": "The ECS instance ID. This instance deploys the sample e-commerce system.",
"en": "The ID of the ECS instance. This instance is used to run the installation script."
},
"Value": {
"Fn::Select": [
0,
{
"Fn::GetAtt": [
"EcsInstance",
"InstanceIds"
]
}
]
}
},
"Console@DemoUrl": {
"Description": {
"zh-cn": "The application access domain name, which is the address of the e-commerce system in this solution.",
"en": "The public IP address of the ECS instance."
},
"Value": {
"Fn::Sub": [
"http://${PublicIp}",
{
"PublicIp": {
"Fn::Select": [
0,
{
"Fn::GetAtt": [
"EcsInstance",
"PublicIps"
]
}
]
}
}
]
}
}
},
"Metadata": {
"ALIYUN::ROS::Interface": {
"Outputs": [
"DifyAddress",
"ECSInstanceId",
"Console@DemoUrl",
"dify-nginx",
"NameSpace",
"Vpc",
"Vsw",
"Sg",
"PostgreSQLDBName",
"PostgreSQLConnectionString",
"PostgreSQLAccount",
"PostgreSQLPassword",
"PostgresName",
"PostgresPassword",
"PostgresConnectionString",
"APINasFileSystemId",
"APINasMountTarget",
"PluginNasFileSystemId",
"PluginNasMountTarget",
"RedisConnectionString",
"RedisName",
"RedisInstancePassword",
"SecretKey"
],
"ParameterGroups": [
{
"Parameters": [
"ZoneId1",
"ZoneId2"
],
"Label": {
"default": {
"en": "Availability Zone",
"zh-cn": "Availability zone"
}
}
},
{
"Parameters": [
"InstanceType",
"InstancePassword"
],
"Label": {
"default": {
"en": "Elastic Compute Service",
"zh-cn": "Elastic Compute Service"
}
}
},
{
"Parameters": [
"RedisInstancePassword"
],
"Label": {
"default": {
"en": "ApsaraDB for Redis",
"zh-cn": "ApsaraDB for Redis"
}
}
},
{
"Parameters": [
"ADBPGAccount",
"ADBPGPassword"
],
"Label": {
"default": {
"en": "AnalyticDB for PostgreSQL",
"zh-cn": "AnalyticDB for PostgreSQL"
}
}
},
{
"Parameters": [
"DBInstanceClass",
"RdsDatabaseName",
"PostgresSQLUserName",
"PostgresSQLPassword"
],
"Label": {
"default": {
"en": "ApsaraDB RDS for PostgreSQL",
"zh-cn": "ApsaraDB RDS for PostgreSQL"
}
}
},
{
"Parameters": [
"NamespaceName"
],
"Label": {
"default": {
"en": "Serverless App Engine",
"zh-cn": "Serverless App Engine"
}
}
}
],
"TemplateTags": [
"acs:technical-solution:internet-application-development:Deploy a production-ready Dify platform using Serverless App Engine-tech_solu_251"
],
"Hidden": [
"CommonName"
]
}
}
}Untuk contoh lainnya, lihat Templat publik yang berisi resource ini.