jsonload-balancingautoscalingaws-opsworksaws-cloudformation
Some resources are not getting created by cloudformation
I am creating a cloudformation template that creates a stack, a layer, an application, 2 instances for the layer and a load balancer and an auto scaling group. Here is the FULL template:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "AWS CloudFormation Template : Building the opsworks stack",
"Mappings": {
"Region2Principal": {
"us-east-1": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
},
"us-west-2": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
},
"us-west-1": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
},
"eu-west-1": {
"EC2Principal": "ec2.amazonaws.com",
"OpsWorksPrincipal": "opsworks.amazonaws.com"
}
},
"RegionMap" : {
"us-east-1" : { "64" : "ami-5ac2cd4d" },
"us-west-1" : { "64" : "ami-7790c617" },
"eu-west-1" : { "64" : "ami-b9b394ca" },
"us-west-2" : { "64" : "ami-30e65350" }
}
},
"Parameters": {
"OpsWorksStackColor": {
"Description": "RGB Color to use for OpsWorks Stack",
"Type": "String",
"Default": "rgb(38, 146, 168)"
},
"Region" : {
"Type":"String",
"Description": "Region location of the template resources",
"Default": "eu-west-1",
"AllowedValues" : [ "us-east-1", "us-west-1", "us-west-2", "eu-west-1" ]
},
"EnvironnementParam" : {
"Type" : "String",
"Description" : "Environnement variable for the stack benchmark layer",
"Default" : "dev"
},
"SecurityGroupIds": {
"Description": "Security groups that can be used to access the EC2 instances, do not select more than 5 SG",
"Type": "List<AWS::EC2::SecurityGroup::Id>",
"ConstraintDescription": "must be list of EC2 security group ids"
},
"VpcId": {
"Type": "AWS::EC2::VPC::Id",
"Description": "VPC associated with the provided subnets",
"ConstraintDescription": "must be an existing VPC ID"
},
"SubnetId": {
"Type": "String",
"ConstraintDescription": "must be an existing subnet ID"
},
"InstanceType" : {
"Type" : "String",
"Default" : "t2.medium",
"AllowedValues" : ["t2.micro","t2.medium", "m1.small", "m1.large","m4.large","m4.xlarge","m4.2xlarge","m4.4xlarge","m4.10xlarge","m4.16xlarge","c4.large" , "c4.xlarge" ,"c4.2xlarge" , "c4.4xlarge","c4.8xlarge" , "c3.large" , "c3.xlarge", "c3.2xlarge", "c3.4xlarge" ,"c3.8xlarge"],
"ConstraintDescription": "must be a valid EC2 instance type"
},
"SSLCertificateIdForELB": {
"Description" : "Choose the ID of an existing certificate from AWS Certificate Manager to configure the ELB Listeners. If no certificate is available, leave an empty string. The certificate will be created by CloudFormation",
"Type" : "String"
},
"KeyPairName": {
"Type": "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription": "must be the name of an existing EC2 KeyPair"
},
"Instance1AZ": {
"Description": "Select the Availablity zone of the instance silo import 1, must be the same AZ as the volume of the instance, insert 0,1 or 2",
"Type" : "String",
"Default": "0"
},
"Instance2AZ": {
"Description": "Select the Availablity zone of the instance silo import 2, must be the same AZ as the volume of the instance, insert 0,1 or 2",
"Type" : "String",
"Default": "0"
}
},
"Conditions" : {
"CreateCertificateSSL": { "Fn::Equals" :[ {"Ref" : "SSLCertificateIdForELB" }, ""] }
},
"Resources": {
"OpsWorksInstanceRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service" : [ {"Fn::FindInMap": [ "Region2Principal", { "Ref": "AWS::Region" },"EC2Principal" ] } ] },
"Action" : [ "sts:AssumeRole" ]
}]
},
"Path": "/",
"Policies":
[{
"PolicyName": {"Fn::Join" : ["",[{"Ref" : "AWS::StackName"},"Instance"] ] },
"PolicyDocument": {
"Statement": [{
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}]
}
}]
}
},
"OpsWorksServiceRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Principal": {
"Service": [ { "Fn::FindInMap": [ "Region2Principal",{ "Ref": "AWS::Region" },"OpsWorksPrincipal" ] } ] },
"Action" : [ "sts:AssumeRole" ]
}]
},
"Path": "/",
"Policies": [ {
"PolicyName": "OpsworksService",
"PolicyDocument": {
"Version" : "2012-10-17",
"Statement": [ {
"Effect": "Allow",
"Action": "*",
"Resource": "*"
}]
}
}]
}
},
"myStack": {
"Type": "AWS::OpsWorks::Stack",
"Properties": {
"AgentVersion" : "LATEST",
"Name": { "Ref": "AWS::StackName" },
"Attributes": { "Color": { "Ref": "OpsWorksStackColor" } },
"ChefConfiguration": { "BerkshelfVersion" : "3.2.0", "ManageBerkshelf" : true },
"ConfigurationManager": { "Name": "Chef", "Version": "11.10" },
"CustomCookbooksSource": {
"Type": "git",
"Url": "git://github.com/amazonwebservices/opsworks-example-cookbooks.git"
},
"DefaultInstanceProfileArn": { "Fn::GetAtt": [ "InstanceProfile","Arn" ] },
"DefaultOs": "Ubuntu 14.04 LTS",
"DefaultRootDeviceType": "ebs",
"DefaultSshKeyName": { "Ref": "KeyPairName" },
"DefaultSubnetId" : {"Ref" : "SubnetId" },
"ServiceRoleArn": { "Fn::GetAtt": ["OpsWorksServiceRole", "Arn"] },
"UseCustomCookbooks": true,
"UseOpsworksSecurityGroups" : true,
"VpcId" : { "Ref" : "VpcId" }
}
},
"InstanceProfile": {
"Type": "AWS::IAM::InstanceProfile",
"Properties": {
"Path": "/",
"Roles": [ { "Ref": "OpsWorksInstanceRole" } ]
}
},
"myLayer": {
"Type": "AWS::OpsWorks::Layer",
"DependsOn" : "OpsWorksServiceRole",
"Properties": {
"AutoAssignElasticIps" : false,
"AutoAssignPublicIps" : true,
"CustomSecurityGroupIds" : { "Ref" : "SecurityGroupIds" },
"EnableAutoHealing" : true,
"InstallUpdatesOnBoot": false,
"LifecycleEventConfiguration": {
"ShutdownEventConfiguration": {
"DelayUntilElbConnectionsDrained": false,
"ExecutionTimeout": 120 }
},
"Name": "layer",
"Shortname" : "layer",
"StackId": { "Ref": "myStack" },
"Type": "custom",
"UseEbsOptimizedInstances": false,
"VolumeConfigurations": [ {
"Iops": 10000,
"MountPoint": "/mountp",
"NumberOfDisks": 1,
"Size": 20,
"VolumeType": "gp2"
}]
}
},
"ELBSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "api-elb",
"VpcId" : {"Ref" : "VpcId" },
"SecurityGroupIngress" : [
{
"IpProtocol" : "tcp",
"FromPort" : "80",
"ToPort" : "80",
"CidrIp" : "0.0.0.0/0"
}],
"SecurityGroupEgress" : [{
"IpProtocol" : "-1",
"FromPort" : "-1",
"ToPort" : "-1",
"CidrIp" : "0.0.0.0/0"
}]
}
},
"ELB": {
"Type": "AWS::ElasticLoadBalancing::LoadBalancer",
"Properties": {
"ConnectionDrainingPolicy" : {
"Enabled" : true,
"Timeout" : 300
},
"ConnectionSettings" : {
"IdleTimeout" : 60
},
"CrossZone" : true,
"HealthCheck" : {
"HealthyThreshold" : "3",
"Interval" : "30",
"Target" : "HTTP:80/ping",
"Timeout" : "5",
"UnhealthyThreshold" : "2"
},
"Instances" : [ {"Ref" : "Instance1" }, {"Ref" : "Instance2"}],
"LoadBalancerName" : "api-ELB",
"Listeners" : [
{
"InstancePort" : "443",
"InstanceProtocol" : "HTTPS",
"LoadBalancerPort" : "443",
"Protocol" : "HTTPS"
},
{
"InstancePort" : "80",
"InstanceProtocol" : "HTTP",
"LoadBalancerPort" : "80",
"Protocol" : "HTTP",
"PolicyNames" :[ "ELBSecurityPolicy-2015-05" ],
"SSLCertificateId" : {"Fn::If": ["CreateCertificateSSL", {"Ref" : "ELBCertificate" }, { "Ref" : "SSLCertificateIdForELB" } ] }
}
],
"Scheme" : "internal",
"SecurityGroups" : { "Ref" : "ELBSecurityGroup" },
"Subnets" : [ {"Ref" : "SubnetId" } ]
}
},
"ELBAttachment" :{
"Type": "AWS::OpsWorks::ElasticLoadBalancerAttachment",
"Properties": {
"ElasticLoadBalancerName" : {"Ref" : "ELB" },
"LayerId" : { "Ref" : "myLayer"}
}
},
"LaunchConfig" : {
"Type" : "AWS::AutoScaling::LaunchConfiguration",
"Properties" : {
"AssociatePublicIpAddress" : true,
"BlockDeviceMappings" : [{
"DeviceName" : "/dev/sdi",
"Ebs":{
"VolumeType" : "gp2",
"Iops" : "10000",
"DeleteOnTermination" : "false",
"VolumeSize" : "20"
}
}],
"EbsOptimized" : false,
"IamInstanceProfile" : { "Fn::GetAtt" :[ "InstanceProfile", "Arn" ] },
"ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "64"]},
"InstanceType" : {"Ref" : "InstanceType" },
"SecurityGroups" : [{ "Ref" : "ELBSecurityGroup" }]
}
},
"ASG" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"AvailabilityZones" : { "Fn::GetAZs" : { "Ref" : "AWS::Region" } },
"Cooldown" : "1",
"HealthCheckGracePeriod" : 3,
"HealthCheckType" : "ELB",
"LaunchConfigurationName" : {"Ref" : "LaunchConfig" },
"LoadBalancerNames" : [{ "Ref" : "ELB" }],
"MaxSize" : "5",
"MetricsCollection" : [ { "Granularity" : "5Minute" } ],
"MinSize" : "2",
"Tags" : [
{
"PropagateAtLaunch": true,
"Value": {"Ref" : "EnvironnementParam" },
"Key": "environment"
},
{
"PropagateAtLaunch": true,
"Value": {"Ref" : "myLayer" },
"Key": "my layer"
}],
"VPCZoneIdentifier" : [ {"Ref" : "VpcId" } ]
}
},
"ELBCertificate" :{
"Type" : "AWS::CertificateManager::Certificate",
"Condition" : "CreateCertificateSSL",
"Properties" : {
"DomainName" : "example.com",
"SubjectAlternativeNames" : [ "example.net" ]
}
},
"Instance1": {
"Type": "AWS::OpsWorks::Instance",
"Properties": {
"Hostname": "silo-import1",
"AvailabilityZone" : { "Fn::Select" : [ {"Ref" : "Instance1AZ"}, { "Fn::GetAZs" : {"Ref" : "Region"} } ] },
"RootDeviceType": "ebs",
"StackId": {"Ref": "myStack"},
"LayerIds": [{"Ref": "myLayer"}],
"InstanceType": {"Ref" : "InstanceType"}
}
},
"Instance2": {
"Type": "AWS::OpsWorks::Instance",
"Properties": {
"Hostname": "silo-import2",
"AvailabilityZone" : { "Fn::Select" : [ {"Ref" : "Instance2AZ"}, { "Fn::GetAZs" : {"Ref" : "Region"} } ] },
"RootDeviceType": "ebs",
"StackId": {"Ref": "myStack"},
"LayerIds": [{"Ref": "myLayer"}],
"InstanceType": {"Ref" : "InstanceType"}
}
},
"AdminApiApp": {
"Type": "AWS::OpsWorks::App",
"Properties": {
"AppSource" : {
"Type" : "git",
"Url" : "git://github.com:fap/adminphp.git",
"Revision" : "develop"
},
"Name" : "admin",
"Shortname" : "admin",
"StackId" : {"Ref": "myStack"},
"Type" : "php"
}
}
}
}
My problem is I don't know why the autoscaling group does not get created nor the elastic load balancer. When I test the template, all the resources are created except these. Any explaination ? I'm ready to try all your suggestions. Thank you
Solution
From the screenshot above, it looks like your stack's state is still in CREATE_IN_PROGRESS. One of your resources (probably your AWS::OpsWorks::Instance?) did not get created correctly. To troubleshoot, you can try logging into the instance, checking the OpsWorks Chef Logs, or looking at output logs on the instance (/var/log/cfn-init.log and /var/log/cloud-init-output.log) to find the underlying cause/error.
More generally, refer to the AWS Knowledge Center article, How do I troubleshoot an AWS CloudFormation stack that is stuck with a status of CREATE_IN_PROGRESS or UPDATE_IN_PROGRESS?:
Short Description
This condition typically occurs when there are problems with the resource that is being created or updated, causing the stack to eventually fail. If there is no timeout parameter specified for the stack, it will take longer for the stack to reach the
CREATE_FAILEDorUPDATE_FAILEDstate.Resolution
- If possible, check the exact resource that CloudFormation is stuck creating. Auto Scaling often provides clear error messages to describe events that prevent instances from launching.
- Ensure that you are not exceeding the AWS limits for the resources that you want to create. For example, if the CloudFormation template specifies two EC2 instances but your instance count is currently at 19 with an upper limit of 20, the stack creation fails.
See also Monitoring the Progress of a Stack Update section of the documentation.
- Json Object Parsing using shell script
- How to read body as any valid json?
- How do you JSON.stringify an ES6 Map?
- how to improve this perl/bash one-liner to deserialize json data
- What is the convention in JSON for empty vs. null?
- Using jq how can I replace the name of a key with something else
- Merge multiple JSON files (more than two)
- C#, how to validate JSON using Regex
- How to filter filter data after extracted data in Json form
- Using jq or alternative command line tools to compare JSON files
- Transposing jq array elements (building x*y key/value pairs from x arrays of y items)
- How to write and read an array of objects to a file
- How to best validate JSON on the server-side
- Multiple level nesting in JSON schema validation with sub-folders
- check if the json file string is empty in bash script
- Load local JSON file into variable
- Need jolt spec for dynamic colum
- C++ JSON Serialization
- Jolt spec to lookup keys of an array
- Helm convert data for nginx template
- jqGrid not rendering data - Headers visible
- Performance parsing JSON on Android emulator vs physical device
- jsonpath in bigquery doesn't support @ for filter. Suggestions for alternatives?
- Create product in printful using API - Python
- Set string variable to dynamic list column value gives error: Input parameter of operation Set Variable contains invalid expression. PowerAutomate
- How to examine api without documentation?
- add JSON objects to specific index - Python
- What is the difference between a .JSON file and .JL file?
- How to get the POST values from serializeArray?
- How to parse JSON data with jQuery / JavaScript?