テンプレート名
ACS-ECS-UpdateAndCopyImage
テンプレートの説明
Elastic Compute Service (ECS) イメージを更新し、ECS イメージを他のリージョンにクローン作成します。これは、ソフトウェアの更新やシステム構成など、複数のリージョンで ECS イメージを更新および同期する場合に適用されます。このテンプレートを構成する場合は、次のパラメーターを指定する必要があります。regionId: イメージが作成および更新されるリージョン、sourceImageId: 元の ECS イメージ ID、targetImageName: 作成されるイメージの名前。さらに、instanceType: 作成されるイメージのインスタンスタイプ、targetRegionIds: イメージのクローン作成先のリージョン ID も指定する必要があります。テンプレートが実行されると、作成されたイメージの ID が返され、イメージの検証と管理が容易になります。
テンプレートタイプ
自動化
所有者
Alibaba Cloud
入力パラメーター
パラメーター | 説明 | タイプ | 必須 | デフォルト値 | 制限 |
sourceImageId | ソースイメージの ID。 | 文字列 | はい | ||
regionId | リージョン ID。 | 文字列 | いいえ | {{ ACS::RegionId }} | |
zoneId | vSwitch がデプロイされているゾーンの ID。 | 文字列 | いいえ | "" | |
targetImageName | 新しい ECS イメージの名前。 | 文字列 | いいえ | UpdateImage_from_{{sourceImageId}}on{{ACS::ExecutionId}} | |
instanceType | ECS インスタンスのインスタンスタイプ。 | 文字列 | いいえ | ecs.g5.large | 文字列検証の正規表現: ecs.[A-Za-z0-9.-]*. |
whetherCreateVpc | 仮想プライベートクラウド (VPC) を作成するかどうかを指定します。 | ブール値 | いいえ | False | |
vpcCidrBlock | VPC の IPv4 CIDR ブロック。 | 文字列 | いいえ | 192.168.0.0/16 | |
vSwitchCidrBlock | vSwitch の CIDR ブロック。 | 文字列 | いいえ | 192.168.1.0/24 | |
securityGroupId | セキュリティグループ ID。 | 文字列 | いいえ | "" | |
vSwitchId | vSwitch ID。 | 文字列 | いいえ | "" | |
internetMaxBandwidthOut | パブリック帯域幅。 | 数値 | いいえ | 0 | |
ramRoleName | ECS インスタンスにアタッチされている Resource Access Management (RAM) ロール。 | 文字列 | いいえ | "" | |
systemDiskCategory | システムディスクのカテゴリ。 | 文字列 | いいえ | cloud_essd | |
tags | イメージのタグ。 | Json | いいえ | [] | |
commandType | クラウドアシスタントコマンドのタイプ。 | 文字列 | いいえ | RunShellScript | |
commandContent | ECS インスタンスで実行されるクラウドアシスタントコマンド。 | 文字列 | いいえ | echo hello | |
timeout | タイムアウト期間。 | 数値 | いいえ | 600 | |
targetRegionIds | ターゲットリージョンの ID。 | リスト | いいえ | [] | |
accountIds | イメージを共有する Alibaba Cloud アカウントの ID。 | リスト | いいえ | [] | |
scalingConfigurationIds | 変更されるスケーリング設定の ID。 | リスト | いいえ | [] | |
launchTemplateNames | 更新されるインスタンス起動テンプレートの名前。 | リスト | いいえ | [] | |
rateControl | レート制御設定。 | Json | いいえ | {'Mode': 'Concurrency', 'MaxErrors': 0, 'Concurrency': 5} | |
OOSAssumeRole | CloudOps Orchestration Service (OOS) によってアシュームされる RAM ロール。 | 文字列 | いいえ | "" |
出力パラメーター
パラメーター | 説明 | タイプ |
updatedImageId | 文字列 | |
imageIdAndRegion | リスト |
テンプレートを実行するために必要な権限ポリシー
{
"Version": "1",
"Statement": [
{
"Action": [
"ros:CreateStack",
"ros:DeleteStack",
"ros:GetStack"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ecs:CopyImage",
"ecs:CreateImage",
"ecs:CreateLaunchTemplateVersion",
"ecs:DeleteInstance",
"ecs:DeleteLaunchTemplateVersion",
"ecs:DescribeCloudAssistantStatus",
"ecs:DescribeImages",
"ecs:DescribeInstances",
"ecs:DescribeInvocationResults",
"ecs:DescribeInvocations",
"ecs:DescribeLaunchTemplateVersions",
"ecs:DescribeLaunchTemplates",
"ecs:DescribeRegions",
"ecs:InstallCloudAssistant",
"ecs:ModifyImageSharePermission",
"ecs:ModifyLaunchTemplateDefaultVersion",
"ecs:RebootInstance",
"ecs:RunCommand",
"ecs:RunInstances",
"ecs:StopInstance"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ess:ModifyScalingConfiguration"
],
"Resource": "*",
"Effect": "Allow"
}
]
}
参照
詳細については、GitHub のACS-ECS-UpdateAndCopyImage.yml をご参照ください。
テンプレートコンテンツ
FormatVersion: OOS-2019-06-01
Description:
name-en: ACS-ECS-UpdateAndCopyImage
name-zh-cn: the description in Chinese
en: 'Updates an existing ECS image via ECS Cloud Assistant then creates an ECS image and copies the new image to other regions. This is applicable to scenarios requiring update and synchronization of ECS images across multiple regions, such as software upgrade and system configuration. During configuration, users need to provide the following required parameter information: Region ID (regionId), which specifies the region of the ECS instances for the update and creation operations, Source Image ID (sourceImageId), which identifies the original ECS image that needs updating, and Target Image Name (targetImageName), for naming the newly created ECS image. Additionally, users need to configure the Instance Type (instanceType) for installing and configuring the new image, and Target Region IDs (targetRegionIds), which specify the other regions to clone the new image to. Upon execution, the template will return the IDs of the newly created and cloned images, facilitating the verification of the image update and cloning status.'
zh-cn: the description in Chinese
categories:
- image_manage
Parameters:
regionId:
Type: String
Label:
en: RegionId
zh-cn: the description in Chinese
AssociationProperty: RegionId
Default: '{{ ACS::RegionId }}'
zoneId:
Type: String
Label:
en: VSwitch Availability Zone
zh-cn: the description in Chinese
Default: ''
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
AssociationPropertyMetadata:
RegionId: regionId
targetImageName:
Label:
en: TargetImageName
zh-cn: the description in Chinese
Type: String
Description:
en: <p class="p">Note:</p> <ul class="ul"> <li class="li">Length is 2~128 English or Chinese characters</li> <li class="li"><font color='red'>must start with big or small letters or Chinese, not http:// and https://. </font></li> <li class="li">Can contain numbers, colons (:), underscores (_), or dashes (-). </li> </ul>
zh-cn: the description in Chinese </li> </ul>
Default: 'UpdateImage_from_{{sourceImageId}}_on_{{ACS::ExecutionId}}'
sourceImageId:
Label:
en: SourceImageId
zh-cn: the description in Chinese
Type: String
AssociationProperty: 'ALIYUN::ECS::Image::ImageId'
AssociationPropertyMetadata:
RegionId: regionId
instanceType:
Label:
en: InstanceType
zh-cn: the description in Chinese
Type: String
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
AllowedPattern: ecs\.[A-Za-z0-9\.\-]*
Default: 'ecs.g5.large'
whetherCreateVpc:
Type: Boolean
Label:
en: WhetherCreateVpc
zh-cn: the description in Chinese
Default: false
vpcCidrBlock:
Type: String
Label:
en: VPC CIDR IPv4 Block
zh-cn: the description in Chinese
Description:
zh-cn: the description in Chinese
en: 'The ip address range of the VPC in the CidrBlock form; <br>You can use the following ip address ranges and their subnets: <br><font color=''green''>[10.0.0.0/8]</font><br><font color=''green''>[172.16.0.0/12]</font><br><font color=''green''>[192.168.0.0/16]</font>'
Default: 192.168.0.0/16
AssociationProperty: ALIYUN::VPC::VPC::CidrBlock
AssociationPropertyMetadata:
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- true
vSwitchCidrBlock:
Type: String
Label:
en: VSwitch CIDR Block
zh-cn: the description in Chinese
Description:
zh-cn: the description in Chinese
en: Must belong to the subnet segment of VPC
Default: 192.168.1.0/24
AssociationProperty: ALIYUN::VPC::VSwitch::CidrBlock
AssociationPropertyMetadata:
VpcCidrBlock: vpcCidrBlock
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- true
securityGroupId:
Label:
en: SecurityGroupId
zh-cn: the description in Chinese
Type: String
Default: ''
AssociationProperty: 'ALIYUN::ECS::SecurityGroup::SecurityGroupId'
AssociationPropertyMetadata:
RegionId: regionId
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- false
vSwitchId:
Label:
en: VSwitchId
zh-cn: the description in Chinese
Type: String
Default: ''
AssociationProperty: 'ALIYUN::VPC::VSwitch::VSwitchId'
AssociationPropertyMetadata:
RegionId: regionId
ZoneId: zoneId
Filters:
- SecurityGroupId: securityGroupId
Visible:
Condition:
Fn::Equals:
- ${whetherCreateVpc}
- false
internetMaxBandwidthOut:
Type: Number
Label:
zh-cn: the description in Chinese
en: Internet Max Bandwidth Out
Description:
zh-cn: the description in Chinese
en: no public ip if zero
Default: 0
MinValue: 0
MaxValue: 100
ramRoleName:
Label:
en: RamRoleName
zh-cn: the description in Chinese
Type: String
AssociationProperty: ALIYUN::ECS::RAM::Role
Default: ''
systemDiskCategory:
Label:
en: SystemDiskCategory
zh-cn: the description in Chinese
Type: String
AssociationProperty: ALIYUN::ECS::Disk::SystemDiskCategory
AssociationPropertyMetadata:
RegionId: regionId
InstanceType: instanceType
Default: cloud_essd
tags:
Label:
en: Tags
zh-cn: the description in Chinese
Type: Json
AssociationProperty: Tags
AssociationPropertyMetadata:
ShowSystem: false
Default: []
commandType:
Label:
en: CommandType
zh-cn: the description in Chinese
Type: String
AllowedValues:
- RunBatScript
- RunPowerShellScript
- RunShellScript
Default: RunShellScript
commandContent:
Label:
en: CommandContent
zh-cn: the description in Chinese
Type: String
AssociationProperty: Code
Default: 'echo hello'
timeout:
Label:
en: Timeout
zh-cn: the description in Chinese
Type: Number
Default: 600
targetRegionIds:
Label:
en: TargetRegionIds
zh-cn: the description in Chinese
Type: List
AllowedValues:
- all-regions
- cn-beijing
- cn-qingdao
- cn-zhangjiakou
- cn-huhehaote
- cn-hangzhou
- cn-shanghai
- cn-shenzhen
- cn-chengdu
- cn-hongkong
- cn-heyuan
- cn-wulanchabu
- ap-northeast-1
- ap-southeast-1
- ap-southeast-2
- ap-southeast-3
- ap-southeast-5
- ap-south-1
- us-east-1
- us-west-1
- eu-west-1
- me-east-1
- eu-central-1
Default: []
accountIds:
Label:
en: AccountIds
zh-cn: the description in Chinese
Type: List
Default: []
scalingConfigurationIds:
Description:
en: <font color='red'><b>Must correspond to the selected region</b></font>
zh-cn: the description in Chinese
Label:
en: ScalingConfigurationIds
zh-cn: the description in Chinese
Type: List
Default: []
launchTemplateNames:
Description:
en: <font color='red'><b>Must correspond to the selected region</b></font>
zh-cn: the description in Chinese
Label:
en: LaunchTemplateNames
zh-cn: the description in Chinese
Type: List
Default: []
rateControl:
Label:
en: RateControl
zh-cn: the description in Chinese
Type: Json
AssociationProperty: RateControl
Default:
Mode: Concurrency
MaxErrors: 0
Concurrency: 5
OOSAssumeRole:
Label:
en: OOSAssumeRole
zh-cn: the description in Chinese
Type: String
Default: ''
RamRole: '{{ OOSAssumeRole }}'
Tasks:
- Name: createStack
Action: 'ACS::ExecuteAPI'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Create a resource stack
zh-cn: the description in Chinese
Properties:
Service: ROS
API: CreateStack
Parameters:
RegionId: '{{ regionId }}'
StackName: 'OOS-{{ACS::ExecutionId}}'
TimeoutInMinutes: 10
DisableRollback: false
Parameters:
- ParameterKey: ZoneId
ParameterValue: '{{ zoneId }}'
- ParameterKey: VpcCidrBlock
ParameterValue: '{{ vpcCidrBlock }}'
- ParameterKey: VSwitchCidrBlock
ParameterValue: '{{ vSwitchCidrBlock }}'
TemplateBody: |
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
ZoneId:
Type: String
VpcCidrBlock:
Type: String
VSwitchCidrBlock:
Type: String
Resources:
EcsVpc:
Type: ALIYUN::ECS::VPC
Properties:
CidrBlock:
Ref: VpcCidrBlock
VpcName:
Ref: ALIYUN::StackName
EcsVSwitch:
Type: ALIYUN::ECS::VSwitch
Properties:
ZoneId:
Ref: ZoneId
VpcId:
Ref: EcsVpc
CidrBlock:
Ref: VSwitchCidrBlock
EcsSecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
VpcId:
Ref: EcsVpc
Outputs:
SecurityGroupId:
Value:
Ref: EcsSecurityGroup
VSwitchId:
Value:
Ref: EcsVSwitch
Outputs:
StackId:
Type: String
ValueSelector: StackId
- Name: untilStackReady
Action: 'ACS::WaitFor'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Wait for the stack status CREATE_COMPLETE
zh-cn: the description in Chinese
OnError: deleteStack
Properties:
Service: ROS
API: GetStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{createStack.StackId}}'
DesiredValues:
- CREATE_COMPLETE
StopRetryValues:
- CREATE_FAILED
- CHECK_FAILED
- ROLLBACK_FAILED
- ROLLBACK_COMPLETE
- CREATE_ROLLBACK_COMPLETE
PropertySelector: Status
Outputs:
securityGroupId:
Type: String
ValueSelector: 'Outputs[0].OutputValue'
vSwitchId:
Type: String
ValueSelector: 'Outputs[1].OutputValue'
- Name: runInstances
Action: ACS::ECS::RunInstances
Description:
en: Create a ECS instance with source image
zh-cn: the description in Chinese
OnError: deleteStack
Properties:
regionId: '{{ regionId }}'
imageId: '{{ sourceImageId }}'
instanceType: '{{ instanceType }}'
securityGroupId:
Fn::If:
- Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
- '{{ untilStackReady.securityGroupId }}'
- '{{ securityGroupId }}'
vSwitchId:
Fn::If:
- Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
- '{{ untilStackReady.vSwitchId }}'
- '{{ vSwitchId }}'
internetMaxBandwidthOut: '{{ internetMaxBandwidthOut }}'
ramRoleName: '{{ ramRoleName }}'
systemDiskCategory: '{{ systemDiskCategory }}'
Outputs:
instanceId:
ValueSelector: instanceIds[0]
Type: String
- Name: installCloudAssistant
Action: ACS::ECS::InstallCloudAssistant
Description:
en: Install cloud assistant for ECS instance
zh-cn: the description in Chinese
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
- Name: runCommand
Action: ACS::ECS::RunCommand
Description:
en: Run cloud assistant command on ECS instance
zh-cn: the description in Chinese
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
commandContent: '{{ commandContent }}'
commandType: '{{ commandType }}'
instanceId: '{{ runInstances.instanceId }}'
timeout: '{{ timeout }}'
- Name: stopInstance
Action: ACS::ECS::StopInstance
Description:
en: Stops the ECS instance
zh-cn: the description in Chinese
Properties:
regionId: '{{ regionId }}'
instanceId: '{{ runInstances.instanceId }}'
- Name: createImage
Action: ACS::ECS::CreateImage
Description:
en: Create new image with the specified image name and instance ID
zh-cn: the description in Chinese
OnError: deleteInstance
Properties:
regionId: '{{ regionId }}'
tags: '{{tags}}'
imageName: '{{ targetImageName }}-{{ ACS::CurrentUTCTime }}'
instanceId: '{{ runInstances.instanceId }}'
Outputs:
imageId:
ValueSelector: imageId
Type: String
- Name: deleteInstanceAfterUpdateImageSuccessfully
Action: ACS::ExecuteAPI
Description:
en: Release the instance after updating the image successfully
zh-cn: the description in Chinese
Properties:
Service: ECS
API: DeleteInstance
Risk: Normal
Parameters:
RegionId: '{{ regionId }}'
InstanceId: '{{ runInstances.instanceId }}'
Force: true
- Name: deleteStack
Action: 'ACS::ExecuteApi'
When:
Fn::Equals:
- '{{ whetherCreateVpc }}'
- true
Description:
en: Delete the stack
zh-cn: the description in Chinese
Properties:
Service: ROS
API: DeleteStack
Parameters:
RegionId: '{{ regionId }}'
StackId: '{{ createStack.StackId }}'
- Name: queryAllAvailableRegions
Action: 'ACS::ExecuteAPI'
Description:
en: View all available regions
zh-cn: the description in Chinese
Properties:
Service: ECS
API: DescribeRegions
Parameters:
RegionId: '{{ regionId }}'
Outputs:
regionIds:
Type: List
ValueSelector: >-
Regions.Region[]|.RegionId|select([scan("{{regionId}}|test")]|length<1)
allRegionsChosen:
Type: String
ValueSelector: '.|{{targetRegionIds}}|sort|.[0]'
- Name: whetherCloneToAllRegions
Action: 'ACS::Choice'
Description:
en: Choose next task by targetRegionIds Chosen
zh-cn: the description in Chinese
Properties:
DefaultTask: copyImage
Choices:
- When:
'Fn::Equals':
- all-regions
- '{{ queryAllAvailableRegions.allRegionsChosen }}'
NextTask: copyImageToAllRegions
- Name: copyImage
Action: 'ACS::ECS::CopyImage'
OnSuccess: whetherToShareImage
OnError: 'ACS::END'
Description:
en: Copy image to regions chosen
zh-cn: the description in Chinese
Properties:
regionId: '{{ regionId }}'
imageId: '{{ createImage.imageId }}'
targetRegionId: '{{ ACS::TaskLoopItem }}'
targetImageName: '{{ targetImageName }}-{{ ACS::CurrentUTCTime }}'
Loop:
Items: '{{ targetRegionIds }}'
RateControl: '{{ rateControl }}'
Outputs:
imageIdsWithRegion:
AggregateType: 'Fn::ListJoin'
AggregateField: imageIdWithRegion
Outputs:
imageIdWithRegion:
ValueSelector: '.|(.imageId),"{{ ACS::TaskLoopItem }}"'
Type: List
- Name: copyImageToAllRegions
Action: 'ACS::ECS::CopyImage'
Description:
en: Copy image to all available regions
zh-cn: the description in Chinese
Properties:
regionId: '{{ regionId }}'
imageId: '{{ createImage.imageId }}'
targetRegionId: '{{ ACS::TaskLoopItem }}'
targetImageName: '{{ targetImageName }}-{{ ACS::CurrentUTCTime }}'
Loop:
Items: '{{ queryAllAvailableRegions.regionIds }}'
RateControl: '{{ rateControl }}'
Outputs:
imageIdsWithRegion:
AggregateType: 'Fn::ListJoin'
AggregateField: imageIdWithRegion
Outputs:
imageIdWithRegion:
ValueSelector: '.|(.imageId),"{{ ACS::TaskLoopItem }}"'
Type: List
- Name: whetherToShareImage
Action: 'ACS::Choice'
Description:
en: Choose next task by accountIds
zh-cn: the description in Chinese
Properties:
DefaultTask: shareImage
Choices:
- When:
'Fn::Equals':
- []
- '{{ accountIds }}'
NextTask: modifyScalingConfiguration
- Name: shareImage
Action: 'ACS::ExecuteAPI'
Description:
en: Shares a custom image to other Alibaba Cloud accounts
zh-cn: the description in Chinese
Properties:
Service: ECS
API: ModifyImageSharePermission
Parameters:
RegionId: '{{ regionId }}'
ImageId: '{{ createImage.imageId }}'
AddAccount: '{{ accountIds }}'
- Name: modifyScalingConfiguration
Action: 'ACS::ExecuteAPI'
OnError: ACS::NEXT
Description:
en: Modify scaling configuration
zh-cn: the description in Chinese
Properties:
Service: ESS
API: ModifyScalingConfiguration
Parameters:
RegionId: '{{ regionId }}'
ScalingConfigurationId: '{{ ACS::TaskLoopItem }}'
ImageId: '{{ createImage.imageId }}'
Loop:
Items: '{{ scalingConfigurationIds }}'
- Name: updateLaunchTemplate
Action: 'ACS::ECS::UpdateLaunchTemplate'
OnSuccess: ACS::END
Description:
en: Update instance launch template
zh-cn: the description in Chinese
Properties:
regionId: '{{ ACS::RegionId }}'
imageId: '{{ createImage.imageId }}'
launchTemplateName: '{{ ACS::TaskLoopItem }}'
Loop:
Items: '{{ launchTemplateNames }}'
- Name: deleteInstance
Action: ACS::ExecuteAPI
Description:
en: Deletes the ECS instance after updating the image failure
zh-cn: the description in Chinese
Properties:
Service: ECS
API: DeleteInstance
Risk: Normal
Parameters:
RegionId: '{{ regionId }}'
InstanceId: '{{ runInstances.instanceId }}'
Force: true
Outputs:
updatedImageId:
Type: String
Value: '{{ createImage.imageId }}'
imageIdAndRegion:
Type: List
Value:
'Fn::If':
- 'Fn::Equals':
- all-regions
- '{{ queryAllAvailableRegions.allRegionsChosen }}'
- '{{ copyImageToAllRegions.imageIdsWithRegion }}'
- '{{ copyImage.imageIdsWithRegion }}'
Metadata:
ALIYUN::OOS::Interface:
ParameterGroups:
- Parameters:
- regionId
- zoneId
- sourceImageId
Label:
default:
zh-cn: the description in Chinese
en: Select Origin Image
- Parameters:
- targetImageName
- tags
Label:
default:
zh-cn: the description in Chinese
en: Image Configure
- Parameters:
- instanceType
- whetherCreateVpc
- vpcCidrBlock
- vSwitchCidrBlock
- securityGroupId
- vSwitchId
- internetMaxBandwidthOut
- systemDiskCategory
- ramRoleName
Label:
default:
zh-cn: the description in Chinese
en: ECS Instance Configure
- Parameters:
- commandType
- commandContent
- timeout
Label:
default:
zh-cn: the description in Chinese
en: Run Command
- Parameters:
- targetRegionIds
- accountIds
Label:
default:
zh-cn: the description in Chinese
en: Copy Image
- Parameters:
- scalingConfigurationIds
- launchTemplateNames
- rateControl
- OOSAssumeRole
Label:
default:
zh-cn: the description in Chinese
en: Control Options