diff --git a/README-CN.md b/README-CN.md
index 5ea22d94..69a3d325 100644
--- a/README-CN.md
+++ b/README-CN.md
@@ -454,19 +454,20 @@ ROS 模板的示例和最佳实践。模板分类如下:
- database
-| 模板 | 说明 |
-|------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------|
+| 模板 | 说明 |
+|-----------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------|
| [automatic-database-scaling-and-SQL-optimization.yml](documents/solution/database/automatic-database-scaling-and-SQL-optimization.yml) | 数据库自动扩缩容和自动SQL优化。 | [解决方案](https://aliyun.com/solution/tech-solution/adsa_sql) |
| [wordpress-website-database-on-the-cloud.yml](documents/solution/database/wordpress-website-database-on-the-cloud.yml) | WordPress网站数据库上云。 |
| [dts-cache-synchronization.yml](documents/solution/database/dts-cache-synchronization.yml) | 通过DTS实现MySQL与Redis缓存同步一致性方案。 | [解决方案](https://aliyun.com/solution/tech-solution/rtsorarctebcc) |
-| [migrate-rds-mysql-to-polardb-mysql.yml](documents/solution/database/migrate-rds-mysql-to-polardb-mysql.yml) | 在不修改应用程序任何代码和配置的情况下,将RDS MySQL在线一键升级至PolarDB MySQL版。 | [解决方案](https://www.aliyun.com/solution/tech-solution/rds_polardb) |
+| [migrate-rds-mysql-to-polardb-mysql.yml](documents/solution/database/migrate-rds-mysql-to-polardb-mysql.yml) | 在不修改应用程序任何代码和配置的情况下,将RDS MySQL在线一键升级至PolarDB MySQL版。 | [解决方案](https://www.aliyun.com/solution/tech-solution/rds_polardb) |
| [one-stop-htap-service.yml](documents/solution/database/one-stop-htap-service.yml) | RDS+ClickHouse构建一站式HTAP。 | [解决方案](https://aliyun.com/solution/tech-solution/rdsclickhouse_htap) |
+| [data-transmission-from-ECS-to-RDS.yml](documents/solution/database/data-transmission-from-ECS-to-RDS.yml) | 网站数据库平滑迁移上云。 | [解决方案](https://www.aliyun.com/solution/tech-solution/smowdttc) |
- micro
| 模板 | 说明 |
|--------------------------------------------------------------------------------------------------------------------------|-------------------|
-| [mse-end-to-end-canary-release-for-ack-application.yml](./documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml) | 基于MSE实现ACK应用的全链路灰度。 | [解决方案](https://aliyun.com/solution/tech-solution/iflgbomse) |
+| [mse-end-to-end-canary-release-for-ack-application.yml](./documents/solution/micro/mse-realizes-full-link-grayscale.yml) | 基于MSE实现ACK应用的全链路灰度。 | [解决方案](https://aliyun.com/solution/tech-solution/iflgbomse) |
- network
@@ -480,11 +481,12 @@ ROS 模板的示例和最佳实践。模板分类如下:
- storage
-| 模板 | 说明 |
-|-----------------------------------------------------------------------------------------------------------------------------|---------------------|
+| 模板 | 说明 |
+|---------------------------------------------------------------------------------------------------------------------------|---------------------|
| [collect-logs-across-alibaba-cloud-accounts.yml](documents/solution/storage/collect-logs-across-alibaba-cloud-accounts.yml) | 跨阿里云账号采集日志。 | [解决方案](https://aliyun.com/solution/tech-solution/cacac_logs) |
-| [collect-cross-account-logs-by-auditing.yml](documents/solution/storage/collect-cross-account-logs-by-auditing.yml) | 通过日志审计服务跨账号采集OSS日志。 |
-| [cloud-native-observable-operation-and-maintenance.yml](documents/solution/storage/cloud-native-observable-operation-and-maintenance.yml) | 云原生可观测运维。 |
+| [collect-cross-account-logs-by-auditing.yml](documents/solution/storage/collect-cross-account-logs-by-auditing.yml) | 通过日志审计服务跨账号采集OSS日志。 |
+| [cloud-native-observable-operation-and-maintenance.yml](documents/solution/storage/cloud-native-observable-operation-and-maintenance.yml) | 云原生可观测运维。 |
+| [snapshot-optimize.yml](documents/solution/storage/snapshot-optimize.yml) | 基于EBS部署高性能的MySQL服务。 |
- cdn-and-video-cloud
diff --git a/README.md b/README.md
index acfa5e84..f5a145cf 100644
--- a/README.md
+++ b/README.md
@@ -458,19 +458,20 @@ Examples and best practices of ROS templates. The templates are categorized as f
- database
-| Template | Description |
-|------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------|
+| Template | Description |
+|------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------|
| [automatic-database-scaling-and-SQL-optimization.yml](documents/solution/database/automatic-database-scaling-and-SQL-optimization.yml) | Automatic database scaling and SQL optimization|
| [wordpress-website-database-on-the-cloud.yml](documents/solution/database/wordpress-website-database-on-the-cloud.yml) | WordPress website database on the cloud. |
| [dts-cache-synchronization.yml](documents/solution/database/dts-cache-synchronization.yml) | The consistency scheme of cache synchronization between MySQL and Redis is implemented by DTS . |
| [migrate-rds-mysql-to-polardb-mysql.yml](documents/solution/database/migrate-rds-mysql-to-polardb-mysql.yml) | Online one-click upgrade of RDS MySQL to PolarDB MySQL version without modifying any code and configuration of the application. |
| [one-stop-htap-service.yml](documents/solution/database/one-stop-htap-service.yml) | Build a one-stop HTAP service based on RDS and ClickHouse. |
+| [data-transmission-from-ECS-to-RDS.yml](documents/solution/database/data-transmission-from-ECS-to-RDS.yml) | Data transmission from ECS self-built database to RDS database. |
- micro
| Template | Description |
|------------------------------------------------------------------------------------------------------------------------|-----------------|
-| [mse-end-to-end-canary-release-for-ack-application.yml](./documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml) | MSE end-to-end canary release for ACK application. |
+| [mse-end-to-end-canary-release-for-ack-application.yml](./documents/solution/micro/mse-realizes-full-link-grayscale.yml) | MSE end-to-end canary release for ACK application. |
- network
@@ -489,6 +490,7 @@ Examples and best practices of ROS templates. The templates are categorized as f
| [collect-logs-across-alibaba-cloud-accounts.yml](documents/solution/storage/collect-logs-across-alibaba-cloud-accounts.yml) | Collect logs across Alibaba cloud accounts. |
| [collect-cross-account-logs-by-auditing.yml](documents/solution/storage/collect-cross-account-logs-by-auditing.yml) | Collect logs of OSS across accounts with log audit service. |
| [cloud-native-observable-operation-and-maintenance.yml](documents/solution/storage/cloud-native-observable-operation-and-maintenance.yml) | Cloud-native observable operation and maintenance. |
+| [snapshot-optimize.yml](documents/solution/storage/snapshot-optimize.yml) | Deploy high-performance MySQL services based on EBS ESSD. |
- cdn-and-video-cloud
diff --git a/compute-nest-best-practice/opensource/puppet/open-source-puppet.yml b/compute-nest-best-practice/opensource/puppet/open-source-puppet.yml
new file mode 100644
index 00000000..50babc77
--- /dev/null
+++ b/compute-nest-best-practice/opensource/puppet/open-source-puppet.yml
@@ -0,0 +1,401 @@
+ROSTemplateFormatVersion: '2015-09-01'
+Description:
+ zh-cn: Puppet 社区版
+ en: open source puppet
+Parameters:
+ ServerZoneId:
+ Type: String
+ Label:
+ zh-cn: Server 可用区
+ en: Server Availability Zone
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ ServerInstanceType:
+ Type: String
+ Label:
+ zh-cn: Server 实例类型
+ en: Server Instance Type
+ AssociationProperty: ALIYUN::ECS::Instance::InstanceType
+ AssociationPropertyMetadata:
+ ZoneId: ${ServerZoneId}
+ AgentNumber:
+ Type: Number
+ Label:
+ zh-cn: 客户端实例数量
+ en: Agent Instance Number
+ Default: 1
+ MinValue: 1
+ MaxValue: 10
+ AgentZoneId:
+ Type: String
+ Label:
+ zh-cn: Agent可用区
+ en: Agent Availability Zone
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ AgentInstanceType:
+ Type: String
+ Label:
+ zh-cn: Agent 实例类型
+ en: Agent Instance Type
+ AssociationProperty: ALIYUN::ECS::Instance::InstanceType
+ AssociationPropertyMetadata:
+ ZoneId: ${AgentZoneId}
+ InstancePassword:
+ Type: String
+ Label:
+ zh-cn: 实例密码
+ en: Instance Password
+ Description:
+ zh-cn: 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ en: Server login password, Length 8-30, must contain three(Capital letters,
+ lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol
+ in).
+ ConstraintDescription:
+ zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers,
+ ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
+ Default:
+ AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
+ MinLength: 8
+ MaxLength: 30
+ NoEcho: true
+ CommonName:
+ Type: String
+ Default: puppet
+Resources:
+ Vpc:
+ Type: ALIYUN::ECS::VPC
+ Properties:
+ CidrBlock: 192.168.0.0/16
+ VpcName:
+ Fn::Sub: ${CommonName}-vpc
+ SecurityGroup:
+ Type: ALIYUN::ECS::SecurityGroup
+ Properties:
+ VpcId:
+ Ref: Vpc
+ SecurityGroupName:
+ Fn::Sub: ${CommonName}-sg
+ SecurityGroupIngress_22:
+ Type: ALIYUN::ECS::SecurityGroupIngress
+ Properties:
+ SecurityGroupId:
+ Ref: SecurityGroup
+ IpProtocol: tcp
+ NicType: intranet
+ SourceCidrIp: 0.0.0.0/0
+ PortRange: 22/22
+ SecurityGroupIngress_80:
+ Type: ALIYUN::ECS::SecurityGroupIngress
+ Properties:
+ SecurityGroupId:
+ Ref: SecurityGroup
+ IpProtocol: tcp
+ NicType: intranet
+ SourceCidrIp: 0.0.0.0/0
+ PortRange: 80/80
+ SecurityGroupIngress_8140:
+ Type: ALIYUN::ECS::SecurityGroupIngress
+ Properties:
+ SecurityGroupId:
+ Ref: SecurityGroup
+ IpProtocol: tcp
+ NicType: intranet
+ SourceCidrIp: 0.0.0.0/0
+ PortRange: 8140/8140
+ VSwitch1:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ ZoneId:
+ Ref: ServerZoneId
+ VpcId:
+ Ref: Vpc
+ CidrBlock: 192.168.0.0/24
+ VSwitchName:
+ Fn::Sub: ${CommonName}-${ServerZoneId}-vsw
+ VSwitch2:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ ZoneId:
+ Ref: AgentZoneId
+ VpcId:
+ Ref: Vpc
+ CidrBlock: 192.168.2.0/24
+ VSwitchName:
+ Fn::Sub: ${CommonName}-${AgentZoneId}-vsw
+ PuppetServer:
+ Type: ALIYUN::ECS::InstanceGroup
+ Properties:
+ ZoneId:
+ Ref: ServerZoneId
+ VpcId:
+ Ref: Vpc
+ VSwitchId:
+ Ref: VSwitch1
+ SecurityGroupId:
+ Ref: SecurityGroup
+ ImageId: aliyun_3_x64_20G_alibase_
+ SystemDiskCategory: cloud_essd
+ SystemDiskSize: 40
+ AllocatePublicIP: false
+ IoOptimized: optimized
+ Password:
+ Ref: InstancePassword
+ InstanceType:
+ Ref: ServerInstanceType
+ MaxAmount: 1
+ HostName: puppet-server
+ InstanceName: puppet-server
+ NatEip:
+ Type: ALIYUN::VPC::EIP
+ Properties:
+ Name:
+ Fn::Sub: ${CommonName}-nat-eip
+ DeletionProtection: false
+ Isp: BGP
+ Bandwidth: 100
+ InternetChargeType: PayByTraffic
+ NatGateway:
+ Type: ALIYUN::VPC::NatGateway
+ Properties:
+ ZoneId:
+ Ref: ServerZoneId
+ VpcId:
+ Ref: Vpc
+ VSwitchId:
+ Ref: VSwitch1
+ NatGatewayName:
+ Fn::Sub: ${CommonName}-ngw
+ InternetChargeType: PayByLcu
+ EipBindMode: NAT
+ NatEipAssociation:
+ Type: ALIYUN::VPC::EIPAssociation
+ Properties:
+ InstanceId:
+ Ref: NatGateway
+ AllocationId:
+ Ref: NatEip
+ SnatEntry:
+ Type: ALIYUN::VPC::SnatEntry
+ DependsOn: NatEipAssociation
+ Properties:
+ SnatEntryName: public-network-access-in-vpc
+ SnatTableId:
+ Fn::GetAtt:
+ - NatGateway
+ - SNatTableId
+ SnatIp:
+ Fn::GetAtt:
+ - NatEipAssociation
+ - EipAddress
+ SourceCIDR: 0.0.0.0/0
+ InstallPuppetServer:
+ Type: ALIYUN::ECS::RunCommand
+ Properties:
+ InstanceIds:
+ - Ref: PuppetServer
+ Type: RunShellScript
+ Sync: true
+ Timeout: 1800
+ CommandContent:
+ Fn::Sub: |-
+ #!/bin/bash
+ echo "###############################"
+ echo "# SSH configuration "
+ echo "###############################"
+ cat >> /etc/ssh/${SshKeyPair.KeyPairName}.pem << EOF
+ ${SshKeyPair.PrivateKeyBody}
+ EOF
+ chmod 400 /etc/ssh/${SshKeyPair.KeyPairName}.pem
+ echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config
+ echo "IdentityFile /etc/ssh/${SshKeyPair.KeyPairName}.pem" >> /etc/ssh/ssh_config
+
+ echo "###############################"
+ echo "# Instance Puppet Server"
+ echo "###############################"
+ rpm -Uvh https://yum.puppet.com/puppet8-release-el-8.noarch.rpm
+ sed -i 's|yum.puppet.com|mirrors.cloud.aliyuncs.com/puppet/yum|g' /etc/yum.repos.d/puppet8-release.repo
+ yum install -y puppetserver
+
+ # modify /etc/puppetlabs/puppet/puppet.conf
+ /opt/puppetlabs/bin/puppet config set server puppet-server --section main
+ /opt/puppetlabs/bin/puppet config set certname puppet-server --section main
+
+ cat /etc/puppetlabs/puppet/puppet.conf
+
+ systemctl enable puppetserver
+ systemctl start puppetserver
+ exec bash
+ /opt/puppetlabs/bin/puppetserver -v
+ DependsOn:
+ - SnatEntry
+ - SecurityGroupIngress_22
+ - SecurityGroupIngress_80
+ - SecurityGroupIngress_8140
+ PuppetAgent:
+ Type: ALIYUN::ECS::InstanceGroup
+ Count:
+ Ref: AgentNumber
+ Properties:
+ ZoneId:
+ Ref: AgentZoneId
+ VpcId:
+ Ref: Vpc
+ VSwitchId:
+ Ref: VSwitch2
+ SecurityGroupId:
+ Ref: SecurityGroup
+ ImageId: aliyun_3_x64_20G_alibase_
+ SystemDiskCategory: cloud_essd
+ SystemDiskSize: 40
+ AllocatePublicIP: false
+ IoOptimized: optimized
+ Password:
+ Ref: InstancePassword
+ InstanceType:
+ Ref: AgentInstanceType
+ MaxAmount: 1
+ HostName:
+ Fn::Sub: ${CommonName}-agent-${ALIYUN::Index}
+ InstanceName:
+ Fn::Sub: ${CommonName}-agent-${ALIYUN::Index}
+ InstallPuppetAgent:
+ Type: ALIYUN::ECS::RunCommand
+ Properties:
+ InstanceIds:
+ Ref: PuppetAgent
+ Type: RunShellScript
+ Sync: true
+ Timeout: 1800
+ CommandContent:
+ Fn::Sub:
+ - |-
+ #!/bin/bash
+ echo "###############################"
+ echo "# SSH configuration "
+ echo "###############################"
+
+ cat >> /etc/ssh/${SshKeyPair.KeyPairName}.pem << EOF
+ ${SshKeyPair.PrivateKeyBody}
+ EOF
+
+ chmod 400 /etc/ssh/${SshKeyPair.KeyPairName}.pem
+ echo "StrictHostKeyChecking=no" >> /etc/ssh/ssh_config
+
+ echo "###############################"
+ echo "# Instance Puppet Agent"
+ echo "###############################"
+ rpm -Uvh https://yum.puppet.com/puppet8-release-el-8.noarch.rpm
+ sed -i 's|yum.puppet.com|mirrors.cloud.aliyuncs.com/puppet/yum|g' /etc/yum.repos.d/puppet8-release.repo
+ yum install -y puppet-agent
+
+ cat >> /etc/hosts << EOF
+ ${PrivateIp} puppet-server
+ EOF
+
+ echo "host done"
+
+ source /etc/profile.d/puppet-agent.sh
+ # modify /etc/puppetlabs/puppet/puppet.conf
+ /opt/puppetlabs/bin/puppet config set server puppet-server --section main
+ - PrivateIp:
+ Fn::Select:
+ - 0
+ - Fn::GetAtt:
+ - PuppetServer
+ - PrivateIps
+ SignCa:
+ Type: ALIYUN::ECS::RunCommand
+ DependsOn:
+ - InstallPuppetAgent
+ - InstallPuppetServer
+ Properties:
+ InstanceIds:
+ - Ref: PuppetServer
+ Type: RunShellScript
+ Sync: true
+ Timeout: 1200
+ CommandContent:
+ Fn::Sub:
+ - |-
+ #!/bin/bash
+ echo "###############################"
+ echo "# Sign Ca for Agent"
+ echo "###############################"
+
+ agent_ips="${AgentIps}"
+ for ip in $agent_ips
+ do
+ sleep 5
+ ssh -f -n $ip "/opt/puppetlabs/bin/puppet ssl bootstrap &"
+ sleep 10
+ host_name=`ssh $ip "hostname"`
+ echo "ip: $ip hostname: $host_name"
+ echo $ip $host_name >> /etc/hosts
+ /opt/puppetlabs/bin/puppetserver ca sign --certname $host_name 2>&1
+ sleep 5
+ ssh $ip "systemctl enable puppet"
+ done
+ - AgentIps:
+ Fn::Join:
+ - ' '
+ - Fn::Add:
+ Fn::GetAtt:
+ - PuppetAgent
+ - PrivateIps
+ SshKeyPair:
+ Type: ALIYUN::ECS::SSHKeyPair
+ Properties:
+ KeyPairName:
+ Fn::Sub: ${CommonName}-ssh-key-pair
+ ServerKeyPairAttachment:
+ Type: ALIYUN::ECS::SSHKeyPairAttachment
+ Properties:
+ InstanceIds:
+ - Ref: PuppetServer
+ KeyPairName:
+ Ref: SshKeyPair
+ AutoReboot: true
+ AgentKeyPairAttachment:
+ Type: ALIYUN::ECS::SSHKeyPairAttachment
+ Properties:
+ InstanceIds:
+ Ref: PuppetAgent
+ KeyPairName:
+ Ref: SshKeyPair
+ AutoReboot: true
+Outputs:
+ ServerEcsLoginAddress:
+ Description:
+ zh-cn: Server Ecs登陆地址。
+ en: Server Ecs login address.
+ Value:
+ Fn::Sub:
+ https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs®ionId=${ALIYUN::Region}&instanceId=${PuppetServer}
+Metadata:
+ ALIYUN::ROS::Interface:
+ ParameterGroups:
+ - Parameters:
+ - ServerZoneId
+ - ServerInstanceType
+ Label:
+ default:
+ zh-cn: Puppet Server 实例配置
+ en: Puppet server configuration
+ - Parameters:
+ - AgentNumber
+ - AgentZoneId
+ - AgentInstanceType
+ Label:
+ default:
+ zh-cn: Puppet Agent 实例配置
+ en: Instance Configuration
+ - Parameters:
+ - InstancePassword
+ Label:
+ default:
+ zh-cn: 实例密码配置
+ en: Instance Password Configuration
+ Hidden:
+ - CommonName
+ TemplateTags:
+ - acs:integrate:computenest:open-source-puppet
diff --git a/compute-nest-best-practice/opensource/puppet/puppet-enterprise.yml b/compute-nest-best-practice/opensource/puppet/puppet-enterprise.yml
new file mode 100644
index 00000000..b7491ed2
--- /dev/null
+++ b/compute-nest-best-practice/opensource/puppet/puppet-enterprise.yml
@@ -0,0 +1,167 @@
+ROSTemplateFormatVersion: '2015-09-01'
+Description:
+ zh-cn: Puppet 企业版
+ en: Puppet Enterprise
+Parameters:
+ ZoneId:
+ Type: String
+ Label:
+ zh-cn: 可用区
+ en: Availability Zone
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ InstanceType:
+ Type: String
+ Label:
+ zh-cn: Server 实例类型
+ en: Server Instance Type
+ AssociationProperty: ALIYUN::ECS::Instance::InstanceType
+ AssociationPropertyMetadata:
+ ZoneId: ${ZoneId}
+ PuppetPassword:
+ Type: String
+ Label:
+ zh-cn: Puppet 密码
+ en: Puppet Password
+ Description:
+ zh-cn: Puppet登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ en: Puppet login password, Length 8-30, must contain three(Capital letters,
+ lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol
+ in).
+ ConstraintDescription:
+ zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers,
+ ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
+ AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
+ MinLength: 8
+ MaxLength: 30
+ NoEcho: true
+ CommonName:
+ Type: String
+ Default: puppet-enterprise
+Resources:
+ Vpc:
+ Type: ALIYUN::ECS::VPC
+ Properties:
+ CidrBlock: 192.168.0.0/16
+ VpcName:
+ Fn::Sub: ${CommonName}-vpc
+ SecurityGroup:
+ Type: ALIYUN::ECS::SecurityGroup
+ Properties:
+ VpcId:
+ Ref: Vpc
+ SecurityGroupName:
+ Fn::Sub: ${CommonName}-sg
+ SecurityGroupIngress:
+ - Priority: 1
+ PortRange: "-1/-1"
+ NicType: intranet
+ SourceCidrIp: 0.0.0.0/0
+ IpProtocol: all
+ SecurityGroupEgress:
+ - Priority: 1
+ PortRange: "-1/-1"
+ DestCidrIp: 0.0.0.0/0
+ NicType: intranet
+ IpProtocol: all
+ VSwitch:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ ZoneId:
+ Ref: ZoneId
+ VpcId:
+ Ref: Vpc
+ CidrBlock: 192.168.0.0/24
+ VSwitchName:
+ Fn::Sub: ${CommonName}-${ZoneId}-vsw
+ PuppetServer:
+ Type: ALIYUN::ECS::InstanceGroup
+ Properties:
+ ZoneId:
+ Ref: ZoneId
+ VpcId:
+ Ref: Vpc
+ VSwitchId:
+ Ref: VSwitch
+ SecurityGroupId:
+ Ref: SecurityGroup
+ ImageId: centos_7_9_x64_20G_alibase_
+ SystemDiskCategory: cloud_essd
+ SystemDiskSize: 120
+ AllocatePublicIP: true
+ IoOptimized: optimized
+ Password:
+ Ref: PuppetPassword
+ InstanceType:
+ Ref: InstanceType
+ MaxAmount: 1
+ HostName: puppet-primary-server
+ InstanceName: puppet-primary-server
+ InstallPuppetServer:
+ Type: ALIYUN::ECS::RunCommand
+ Properties:
+ InstanceIds:
+ - Ref: PuppetServer
+ Type: RunShellScript
+ Sync: true
+ Timeout: 1800
+ CommandContent:
+ Fn::Sub:
+ - |
+ #!/bin/bash
+
+ wget 'https://image-test3.oss-cn-shenzhen.aliyuncs.com/puppet-enterprise-2023.5.0-el-7-x86_64.tar.gz' >/dev/null 2>&1
+ echo "`date +'%Y-%m-%dT%H:%M:%S'` download complete"
+ tar -xzf puppet-enterprise-2023.5.0-el-7-x86_64.tar.gz
+ echo "`date +'%Y-%m-%dT%H:%M:%S'` tar complete"
+
+ echo y | ./puppet-enterprise-2023.5.0-el-7-x86_64/puppet-enterprise-installer > /tmp/puppet-installer.log
+ echo "installer: $?" >> /tmp/puppet-installer.log
+ echo "`date +'%Y-%m-%dT%H:%M:%S'` puppet enterprise install complete" >> /tmp/puppet-installer.log
+
+ puppet infrastructure console_password --password=${PuppetPassword}
+ echo "`date +'%Y-%m-%dT%H:%M:%S'` console password set complete" >> /tmp/puppet-installer.log
+
+ sed -i '34i "puppet_enterprise::profile::console::proxy::http_redirect::server_name": "${ServerAddress}"' /etc/puppetlabs/enterprise/conf.d/pe.conf
+ puppet agent -t >> /tmp/puppet-installer.log
+ echo "agent1: $?" >> /tmp/puppet-installer.log
+ sleep 60
+ puppet agent -t >> /tmp/puppet-installer.log
+ echo "agent2: $?" >> /tmp/puppet-installer.log
+ - ServerAddress:
+ Fn::Select:
+ - 0
+ - Fn::GetAtt:
+ - PuppetServer
+ - PublicIps
+Outputs:
+ ServerEcsLoginAddress:
+ Description:
+ zh-cn: Server Ecs登陆地址。
+ en: Server Ecs login address.
+ Value:
+ Fn::Sub: https://ecs-workbench.aliyun.com/?instanceType=ecs®ionId=${ALIYUN::Region}&instanceId=${PuppetServer}
+ PuppetEnterpriseConsoleURL:
+ Description:
+ zh-cn: Puppet Enterprise 登录地址
+ en: Puppet Enterprise Login URL
+ Value:
+ Fn::Sub:
+ - https://${ServerAddress}/
+ - ServerAddress:
+ Fn::Select:
+ - 0
+ - Fn::GetAtt:
+ - PuppetServer
+ - PublicIps
+Metadata:
+ ALIYUN::ROS::Interface:
+ ParameterGroups:
+ - Parameters:
+ - ZoneId
+ - InstanceType
+ - PuppetPassword
+ Hidden:
+ - CommonName
+ TemplateTags:
+ - acs:integrate:computenest:puppet-enterprise
diff --git a/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml b/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml
index 2cdb01b3..84085e1b 100644
--- a/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml
+++ b/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml
@@ -35,6 +35,9 @@ Parameters:
- ecs.gn7i-c16g1.4xlarge
- ecs.gn7i-c32g1.8xlarge
- ecs.gn7i-c48g1.12xlarge
+ Description:
+ en: This solution requires GPU computing type gn7i series servers. If there are no instance specifications that meet the conditions, please change the region.
+ zh-cn: 此方案需要 GPU 计算型 gn7i 系列服务器,如果没有满足条件的实例规格,请更换地域。
InstancePassword:
NoEcho: true
Type: String
@@ -196,7 +199,7 @@ Outputs:
Metadata:
ALIYUN::ROS::Interface:
TemplateTags:
- - 'acs:technical-solution:ai:AIGC文本生成3D模型'
+ - 'acs:technical-solution:ai:文本生成3D模型'
ParameterGroups:
- Parameters:
- ImageId
diff --git a/documents/solution/ai/build-a-dialogue-model-based-on-ChatGLM-and-LangChain.yml b/documents/solution/ai/build-a-dialogue-model-based-on-ChatGLM-and-LangChain.yml
index c05a99fb..22c16fbd 100644
--- a/documents/solution/ai/build-a-dialogue-model-based-on-ChatGLM-and-LangChain.yml
+++ b/documents/solution/ai/build-a-dialogue-model-based-on-ChatGLM-and-LangChain.yml
@@ -55,9 +55,33 @@ Parameters:
MinLength: 8
MaxLength: 30
NoEcho: true
+ PAIEASInstanceType:
+ Type: String
+ Label:
+ en: PAI-EAS instance type.
+ zh-cn: PAI-EAS实例规格
+ Description:
+ en: PAI-EAS instance type.
+ zh-cn: PAI-EAS 使用的实例规格。
+ Default: ml.gu7i.c16m60.1-gu30
Resources:
+ RandomString:
+ Type: ALIYUN::RandomString
+ Properties:
+ length: 8
+ character_classes:
+ - class: lowercase
+ min: 1
+ - class: digits
+ min: 1
+ EnablePAI:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: PAI
Vpc:
Type: ALIYUN::ECS::VPC
+ DependsOn:
+ - EnablePAI
Properties:
CidrBlock: 192.168.0.0/16
VSwitch:
@@ -126,41 +150,28 @@ Resources:
Ref: VSwitch
Workspace:
Type: ALIYUN::PAI::Workspace
+ DependsOn:
+ - EnablePAI
Properties:
EnvTypes:
- dev
- prod
Description: Build a dialogue model based on ChatGLM and LangChain.
WorkspaceName:
- Fn::Sub:
- - 'chatglm_demo_${StackId}'
- - StackId:
- Fn::Jq:
- - First
- - .[0]
- - Fn::Split:
- - '-'
- - Ref: ALIYUN::StackId
+ Fn::Sub: chatglm_demo_${RandomString.value}
EAS:
Type: ALIYUN::PAI::Service
Properties:
ServiceConfig:
metadata:
name:
- Fn::Sub:
- - 'chatglm_demo_${StackId}'
- - StackId:
- Fn::Jq:
- - First
- - .[0]
- - Fn::Split:
- - '-'
- - Ref: ALIYUN::StackId
+ Fn::Sub: chatglm_demo_${RandomString.value}
instance: 1
enable_webservice: true
cloud:
computing:
- instance_type: ml.gu7i.c16m60.1-gu30
+ instance_type:
+ Ref: PAIEASInstanceType
instances: Null
networking:
vswitch_id:
@@ -200,5 +211,11 @@ Metadata:
default:
en: ECS
zh-cn: 云服务器
+ - Parameters:
+ - PAIEASInstanceType
+ Label:
+ default:
+ en: PAI-EAS
+ zh-cn: PAI服务
TemplateTags:
- - acs:technical-solution:AI:基于ChatGLM和LangChain搭建对话模型
\ No newline at end of file
+ - acs:technical-solution:AI:ChatGLM和LangChain搭建对话模型
\ No newline at end of file
diff --git a/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml b/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml
index dcd482de..73189cd2 100644
--- a/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml
+++ b/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml
@@ -21,14 +21,26 @@ Parameters:
Description:
en: custom OSS bucket name. Default:bucket-llm.
zh-cn: 自定义对象存储桶的名称。 默认为bucket-llm
- Default: bucket-llm
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 5
+ Prefix: bucket-llm-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
Resources:
ModuleVpcAndVswitch:
+ DependsOn:
+ - AutoEnableOSS
Type: MODULE::ACS::VPC::OptionalVpcAndVSwitch
Properties:
ZoneId:
Ref: ZoneId
Version: default
+ AutoEnableOSS:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: OSS
SecurityGroup:
Type: ALIYUN::ECS::SecurityGroup
Properties:
@@ -89,4 +101,4 @@ Metadata:
- ZoneId
- BucketName
TemplateTags:
- - acs:technical-solution:ai:LLAMA-2全托管灵骏最佳实践
+ - acs:technical-solution:ai:通过PAI-灵骏分布式训练和部署Llama2模型方案
diff --git a/documents/solution/ai/pai-ai-painting-solution.yml b/documents/solution/ai/pai-ai-painting-solution.yml
index b7146fcb..9f2cbbc2 100644
--- a/documents/solution/ai/pai-ai-painting-solution.yml
+++ b/documents/solution/ai/pai-ai-painting-solution.yml
@@ -164,12 +164,12 @@ Resources:
- MountTargetDomain
properties:
resource_type: model
- mount_path: /data-nas
+ mount_path: /code/stable-diffusion-webui/data-nas
containers:
- image: eas-registry-vpc.ap-southeast-1.cr.aliyuncs.com/pai-eas/stable-diffusion-webui:4.1
script: ./webui.sh --listen --port 8000 --skip-version-check --no-hashing
--no-download-sd-model --skip-install --api --filebrowser --cluster-status
- --sd-dynamic-cache --data-dir /data-nas
+ --sd-dynamic-cache --data-dir /code/stable-diffusion-webui/data-nas
port: 8000
meta:
type: SDCluster
diff --git a/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml b/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml
index f02a40ca..2c9d903e 100644
--- a/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml
+++ b/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml
@@ -23,9 +23,8 @@ Parameters:
zh-cn: 加速域名
en: Accelerated domain name
Description:
- zh-cn: 加速域名是指接入CDN,用于加速源站的域名。该示例为image.example.com。
- en: Accelerated domain name refers to the domain name of the access CDN used to accelerate the source site. The example is image.example.com.
- Default: image.example.com
+ zh-cn: 加速域名是指接入CDN,用于加速源站的域名。请填写您账号下的域名。
+ en: Accelerated domain name refers to the domain name of the access CDN used to accelerate the source site. Please fill in the domain name under your account.
BucketName:
Type: String
Label:
@@ -34,18 +33,29 @@ Parameters:
Description:
en: The name must be 3 to 63 bytes in length, The name must start and end with a lowercase letter or digit.The name can contain only lowercase letters, digits, and hyphens (-).;
note:A bucket name must be globally unique within OSS. Bucket names cannot be changed after the bucket is created.
zh-cn: 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。
- Default: image-example-test
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 6
+ Prefix: image-example-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
Resources:
OssBucket:
Type: ALIYUN::OSS::Bucket
+ DependsOn: AutoEnableOSS
Properties:
BucketName:
Ref: BucketName
DeletionForce: true
- OpenCdnService:
+ AutoEnableCDN:
Type: ALIYUN::ROS::AutoEnableService
Properties:
- ServiceName: DCDN
+ ServiceName: CDN
+ AutoEnableOSS:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: OSS
Domain:
Type: ALIYUN::CDN::Domain
Properties:
@@ -61,7 +71,7 @@ Resources:
Ref: Scope
DomainName:
Ref: DomainName
- DependsOn: OpenCdnService
+ DependsOn: AutoEnableCDN
DomainRecord:
Type: ALIYUN::DNS::DomainRecord
Properties:
@@ -111,4 +121,4 @@ Metadata:
- DomainName
- BucketName
TemplateTags:
- - acs:technical-solution:cdn-and-video-cloud:使用CDN加速OSS上存储的文件资源分发
+ - acs:technical-solution:cdn-and-video-cloud:文件下载加速及成本优化
diff --git a/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml b/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml
index 24b4ccf5..1a5737e4 100644
--- a/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml
+++ b/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml
@@ -83,9 +83,12 @@ Parameters:
AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
MinLength: 8
MaxLength: 30
+ NoEcho: true
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
+ DependsOn:
+ - AutoEnableDCDN
Properties:
CidrBlock: 192.168.0.0/16
VSwitch:
@@ -150,6 +153,10 @@ Resources:
Ref: DomainName
Scope:
Ref: Scope
+ AutoEnableDCDN:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: DCDN
Outputs:
Cname:
Description: CNAME
diff --git a/documents/solution/data-analysis/cloud-native-enterprise-data-lake.yml b/documents/solution/data-analysis/cloud-native-enterprise-data-lake.yml
index 8bf6dbf4..a76bdda4 100644
--- a/documents/solution/data-analysis/cloud-native-enterprise-data-lake.yml
+++ b/documents/solution/data-analysis/cloud-native-enterprise-data-lake.yml
@@ -58,19 +58,43 @@ Parameters:
Description:
zh-cn: >-
3到63个字符,不以连字符(-)开头和结尾,可以包含小写字母、数字和连字符(-);
备注:需要保证整个网络的唯一性,已经存在的无法创建
+ color='blue'>需要保证整个网络的唯一性,已经存在的无法创建。
en: >-
3 to 63 characters, not beginning and ending with a hyphen (-), can
contain lowercase letters, Numbers and hyphens (-);
Note: need whole network uniqueness, already existing can not
be created.
- Default: example-bucket-data-lake
- MinLength: 3
Label:
zh-cn: 存储空间名称
en: Bucket Name
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 3
+ Prefix: example-bucket-data-lake
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
AllowedPattern: '^[a-z0-9]+[a-z0-9\-]*[a-z0-9]+$'
MaxLength: 63
+ MinLength: 3
+ Type: String
+ WorkspaceName:
+ Label:
+ zh-cn: 工作空间名称。
+ en: The name of the dataset.
+ Description:
+ zh-cn: 工作空间名称,长度为3~23 个字符,可以包含字母、下划线或数字。必须以大小字母开头。
备注:需要保证当前地域内唯一,已经存在的无法创建。
+ en: The workspace name contains 3 to 23 characters and can contain letters, underscores (_), or digits. Must start with a small or large letter.
Note: Must be unique in the current locale. An existing one cannot be created.
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 2
+ Prefix: hymenoptera_workspace
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
+ MaxLength: 23
+ MinLength: 3
Type: String
Resources:
Vpc:
@@ -203,6 +227,15 @@ Resources:
BucketName:
Ref: BucketName
DeletionForce: true
+ Workspace:
+ Type: ALIYUN::PAI::Workspace
+ Properties:
+ EnvTypes:
+ - prod
+ - dev
+ Description: Workspace
+ WorkspaceName:
+ Ref: WorkspaceName
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
@@ -217,6 +250,10 @@ Metadata:
- BucketName
Label:
default: OSS
+ - Parameters:
+ - WorkspaceName
+ Label:
+ default: PAI
TemplateTags:
- acs:technical-solution:data-analysis:云原生企业级数据湖
Hidden:
diff --git a/documents/solution/database/data-transmission-from-ECS-to-RDS.yml b/documents/solution/database/data-transmission-from-ECS-to-RDS.yml
new file mode 100644
index 00000000..e7e215dc
--- /dev/null
+++ b/documents/solution/database/data-transmission-from-ECS-to-RDS.yml
@@ -0,0 +1,325 @@
+ROSTemplateFormatVersion: '2015-09-01'
+Description:
+ zh-cn: ECS自建数据库迁移至RDS数据库
+ en: Data transmission from ECS self-built database to RDS database
+Metadata:
+ ALIYUN::ROS::Interface:
+ ParameterGroups:
+ - Parameters:
+ - InstancePassword
+ Label:
+ default: ECS
+ - Parameters:
+ - DBInstanceEngineAndVersion
+ - DBInstanceClass
+ - DBUserName
+ - DBPassword
+ Label:
+ default: RDS
+ TemplateTags:
+ - acs:technical-solution:database:网站数据库平滑迁移上云
+Parameters:
+ InstancePassword:
+ NoEcho: true
+ Type: String
+ Description:
+ en: Server login password, Length 8-30, must contain three(Capital letters, lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in).
+ zh-cn: 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ Label:
+ zh-cn: 实例密码
+ en: Instance Password
+ ConstraintDescription: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。
+ AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$'
+ DBInstanceEngineAndVersion:
+ Type: String
+ Description:
+ zh-cn: 数据库引擎类型及版本,默认为MySQL 8.0
+ en: 'Database instance engine type and version, default: MySQL 8.0'
+ Label:
+ zh-cn: 引擎类型及版本
+ en: Engine And Version
+ Default: MySQL 8.0
+ AllowedValues:
+ - MySQL 5.7
+ - MySQL 8.0
+ DBInstanceClass:
+ Type: String
+ Label:
+ en: RDS Instance Class
+ zh-cn: RDS实例规格
+ AssociationProperty: ALIYUN::RDS::Instance::InstanceType
+ AssociationPropertyMetadata:
+ ZoneId: ${ZoneId}
+ EngineVersion: '8.0'
+ DBInstanceStorageType: cloud_essd
+ Engine: MySQL
+ Category: HighAvailability
+ DBUserName:
+ Type: String
+ Description:
+ en: Username of RDS database
+ zh-cn: RDS数据库账号
+ ConstraintDescription:
+ en: Consist of 2 to 16 characters of lowercase letters, underline. Must begin with a letter and be end with an alphanumeric character
+ zh-cn: 由 2 到 16 个小写字母组成,下划线。必须以字母开头,以字母数字字符结尾
+ Label:
+ zh-cn: RDS数据库账号
+ en: RDS DB Username
+ Default: dbuser
+ MaxLength: 16
+ MinLength: 2
+ DBPassword:
+ Type: String
+ Description:
+ en: RDS database password, consisting of letters, numbers, and underline(_), is 8 to 32 characters long
+ zh-cn: RDS数据库密码,由字母、数字、下划线(_)组成,长度为8~32个字符
+ ConstraintDescription:
+ en: '[8, 32] characters consist of alphanumeric characters, hyphen and underline'
+ zh-cn: '[8, 32] 个字符由字母数字字符、连字符和下划线组成'
+ Label:
+ zh-cn: RDS数据库密码
+ en: RDS DB Password
+ MaxLength: 32
+ MinLength: 8
+ NoEcho: true
+Resources:
+ RosWaitCondition:
+ Type: ALIYUN::ROS::WaitCondition
+ Properties:
+ Count: 1
+ Handle:
+ Ref: RosWaitConditionHandle
+ Timeout: 3600
+ RosWaitConditionHandle:
+ Type: ALIYUN::ROS::WaitConditionHandle
+ VSwitch:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ CidrBlock: 192.168.0.0/24
+ ZoneId: cn-hangzhou-j
+ VpcId:
+ Fn::GetAtt:
+ - Vpc
+ - VpcId
+ VswitchSlave1:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ CidrBlock: 192.168.1.0/24
+ ZoneId: cn-hangzhou-k
+ VpcId:
+ Fn::GetAtt:
+ - Vpc
+ - VpcId
+ Vpc:
+ Type: ALIYUN::ECS::VPC
+ Properties:
+ CidrBlock: 192.168.0.0/16
+ VpcName: wordpress_vpc
+ SecurityGroup:
+ Type: ALIYUN::ECS::SecurityGroup
+ Properties:
+ SecurityGroupName: SG-DTS-GROUP-20220101
+ VpcId:
+ Fn::GetAtt:
+ - Vpc
+ - VpcId
+ Database:
+ Type: ALIYUN::RDS::DBInstance
+ Properties:
+ DBInstanceClass: mysql.n2m.small.2c
+ ZoneId: cn-hangzhou-k
+ SlaveZoneIds:
+ - cn-hangzhou-k
+ DBInstanceDescription: RDS-DB
+ DBInstanceStorage: 20
+ Category: HighAvailability
+ DBInstanceStorageType: cloud_essd
+ VSwitchId:
+ Ref: VSwitch
+ Engine:
+ Fn::Select:
+ - '0'
+ - Fn::Split:
+ - ' '
+ - Ref: DBInstanceEngineAndVersion
+ VpcId:
+ Ref: Vpc
+ EngineVersion:
+ Fn::Select:
+ - '1'
+ - Fn::Split:
+ - ' '
+ - Ref: DBInstanceEngineAndVersion
+ SecurityIPList:
+ Fn::Join:
+ - ','
+ - - Fn::GetAtt:
+ - WebServer
+ - PrivateIp
+ - Fn::GetAtt:
+ - EIP
+ - EipAddress
+ MasterUsername:
+ Ref: DBUserName
+ MasterUserPassword:
+ Ref: DBPassword
+ MasterUserType: Super
+ SecurityGroupIngress:
+ Type: ALIYUN::ECS::SecurityGroupIngress
+ Properties:
+ SourceCidrIp: 0.0.0.0/0
+ SecurityGroupId:
+ Ref: SecurityGroup
+ IpProtocol: all
+ PortRange: '-1/-1'
+ WebServer:
+ Type: ALIYUN::ECS::Instance
+ Properties:
+ IoOptimized: optimized
+ ImageId: aliyun_3_x64_20G_alibase_20230629.vhd
+ SecurityGroupId:
+ Ref: SecurityGroup
+ Password:
+ Ref: InstancePassword
+ InternetMaxBandwidthOut: 80
+ UserData:
+ Fn::Replace:
+ - ros-notify:
+ Fn::GetAtt:
+ - RosWaitConditionHandle
+ - CurlCli
+ - Fn::Join:
+ - ''
+ - - '#!/bin/sh'
+ - |+
+
+ - |
+ DatabaseUser='wordpressuser'
+ - |
+ DatabasePwd='password'
+ - |
+ DatabaseName='wordpressdb'
+ - |
+ DatabaseHost='localhost'
+ - |
+ yum update -y
+ - |
+ yum install -y unzip zip
+ - |
+ yum install -y mysql-server
+ - |
+ systemctl start mysqld
+ - |
+ systemctl enable mysqld
+ - |
+ mysql -e "CREATE DATABASE wordpressdb;"
+ - |
+ mysql -e "CREATE USER 'wordpressuser'@'localhost' IDENTIFIED BY 'password';"
+ - |
+ mysql -e "GRANT ALL PRIVILEGES ON wordpressdb.* TO 'wordpressuser'@'localhost';"
+ - |
+ mysql -e "FLUSH PRIVILEGES;"
+ - |
+ mysql -e "CREATE USER dtssync1 IDENTIFIED BY 'P@ssw0rd';"
+ - |
+ mysql -e "GRANT ALL ON *.* TO 'dtssync1'@'%';"
+ - |
+ mysql -e "FLUSH PRIVILEGES;"
+ - |
+ mysql -e "SET GLOBAL binlog_format = 'ROW';"
+ - |
+ yum install -y nginx
+ - |
+ systemctl start nginx
+ - |
+ systemctl enable nginx
+ - |
+ yum install -y php php-fpm php-mysqlnd
+ - |
+ systemctl start php-fpm
+ - |
+ systemctl enable php-fpm
+ - |
+ cd /usr/share/nginx/html
+ - |
+ wget http://wordpress.org/latest.tar.gz
+ - |
+ tar xzvf latest.tar.gz
+ - |
+ cp -R wordpress/* .
+ - |
+ rm -R wordpress
+ - |
+ rm -R wordpress
+ - |
+ cp wp-config-sample.php wp-config.php
+ - |
+ sed -i "s/database_name_here/$DatabaseName/" wp-config.php
+ - |
+ sed -i "s/username_here/$DatabaseUser/" wp-config.php
+ - |
+ sed -i "s/password_here/${DatabasePwd:-$DatabasePwdDef}/" wp-config.php
+ - |
+ sed -i "s/localhost/$DatabaseHost/" wp-config.php
+ - |
+ systemctl restart nginx
+ - |
+ systemctl restart php-fpm
+ - |
+ ros-notify
+ VSwitchId:
+ Ref: VSwitch
+ VpcId:
+ Ref: Vpc
+ InstanceType: ecs.g6.large
+ SystemDiskCategory: cloud_efficiency
+ AllocatePublicIP: false
+ EIP:
+ Type: ALIYUN::VPC::EIP
+ Properties:
+ Bandwidth: 50
+ InstanceChargeType: Postpaid
+ InternetChargeType: PayByTraffic
+ EIPAssociation:
+ Type: ALIYUN::VPC::EIPAssociation
+ Properties:
+ InstanceId:
+ Ref: WebServer
+ AllocationId:
+ Ref: EIP
+ DependsOn:
+ - WebServer
+ - EIP
+Outputs:
+ ECSWordPressUrl:
+ Description: WordPress default address.
+ Value:
+ Fn::Join:
+ - ''
+ - - http://
+ - Fn::GetAtt:
+ - EIP
+ - EipAddress
+ ECSInstanceUser:
+ Description: Username and password for logging in to ECS instance
+ Value:
+ Fn::Join:
+ - ''
+ - - 'USERNAME: root ; PASSWORD: '
+ - Ref: InstancePassword
+ WPUserForSQL:
+ Description: ECS-hosted database username and password for executing SQL
+ Value: 'USERNAME: wordpressuser ; PASSWORD: password'
+ WPUserForDTS:
+ Description: ECS-hosted database username and password for connecting to DTS
+ Value: 'USERNAME: dtssync1 ; PASSWORD: P@ssw0rd'
+ RDSUserDTS:
+ Description: RDS username and password for connecting to DTS
+ Value:
+ Fn::Join:
+ - ''
+ - - 'USERNAME: '
+ - Ref: DBUserName
+ - ' '
+ - 'PASSWORD: '
+ - Ref: DBPassword
diff --git a/documents/solution/database/dts-cache-synchronization.yml b/documents/solution/database/dts-cache-synchronization.yml
index 756438fe..ec0bdfda 100644
--- a/documents/solution/database/dts-cache-synchronization.yml
+++ b/documents/solution/database/dts-cache-synchronization.yml
@@ -25,7 +25,6 @@ Parameters:
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
ZoneId: ${ZoneId}
- Default: ecs.c5.large
SystemDiskCategory:
Type: String
Label:
@@ -39,7 +38,6 @@ Parameters:
LocaleKey: DiskCategory
InstanceType: ${InstanceType}
ZoneId: ${ZoneId}
- Default: cloud_efficiency
InstancePassword:
Type: String
Label:
@@ -116,7 +114,6 @@ Parameters:
Engine: MySQL
Category: HighAvailability
DBInstanceStorageType: cloud_essd
- Default: 'rds.mysql.t1.small'
RedisInstanceClass:
Type: String
Label:
@@ -170,6 +167,7 @@ Parameters:
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
+ DependsOn: AliyunDTSDefaultRole
Properties:
CidrBlock: 192.168.0.0/16
VSwitch:
@@ -254,6 +252,8 @@ Resources:
DBInstanceStorageType: cloud_essd
SecurityIPList: 0.0.0.0/0
AllocatePublicConnection: true
+ SlaveZoneIds:
+ - Ref: ZoneId
RedisInstance:
Type: ALIYUN::REDIS::Instance
Properties:
@@ -352,6 +352,25 @@ Resources:
- Whitelist
- SecurityGroupIngress_22
- SecurityGroupIngress_3306
+ AliyunDTSDefaultRole:
+ Type: 'ALIYUN::RAM::Role'
+ Properties:
+ RoleName: AliyunDTSDefaultRole
+ Description: DTS默认使用此角色来访问您在其他云产品中的资源。
+ AssumeRolePolicyDocument:
+ Version: '1'
+ Statement:
+ - Action: 'sts:AssumeRole'
+ Effect: Allow
+ Principal:
+ Service:
+ - dts.aliyuncs.com
+ MaxSessionDuration: 3600
+ IgnoreExisting: true
+ DeletionForce: true
+ PolicyAttachments:
+ System:
+ - AliyunDTSRolePolicy
Outputs:
RdsInstanceInnerConnectionString:
Description:
@@ -389,4 +408,4 @@ Metadata:
Label:
default: Dts
TemplateTags:
- - acs:technical-solution:database:通过DTS实现MySQL与Redis缓存同步一致性方案
\ No newline at end of file
+ - acs:technical-solution:database:实时同步RDS与Redis构建缓存一致性
\ No newline at end of file
diff --git a/documents/solution/database/migrate-rds-mysql-to-polardb-mysql.yml b/documents/solution/database/migrate-rds-mysql-to-polardb-mysql.yml
index d8b66cba..bb7b3648 100644
--- a/documents/solution/database/migrate-rds-mysql-to-polardb-mysql.yml
+++ b/documents/solution/database/migrate-rds-mysql-to-polardb-mysql.yml
@@ -129,6 +129,8 @@ Resources:
Ref: DBInstanceClass
DBInstanceNetType: Intranet
Category: HighAvailability
+ SlaveZoneIds:
+ - Ref: ZoneId
DBInstanceStorageType: cloud_essd
DBInstanceStorage:
Ref: DBInstanceStorage
@@ -180,7 +182,6 @@ Resources:
SystemDiskCategory:
Ref: SystemDiskCategory
SystemDiskSize: 40
- SystemDiskPerformanceLevel: PL0
Password:
Ref: Password
IoOptimized: optimized
diff --git a/documents/solution/high-availability-architecture/alb-cross-region-load-balance.yml b/documents/solution/high-availability-architecture/alb-cross-region-load-balance.yml
index be8a7b30..537dd371 100644
--- a/documents/solution/high-availability-architecture/alb-cross-region-load-balance.yml
+++ b/documents/solution/high-availability-architecture/alb-cross-region-load-balance.yml
@@ -31,7 +31,7 @@ Metadata:
zh-cn: ECS实例密码配置
en: Ecs Password Configuration
TemplateTags:
- - acs:technical-solution:network:ALB实现跨地域负载均衡方案
+ - acs:technical-solution:network:ALB实现跨地域负载均衡
Workspace:
main.tf: |+
locals {
@@ -480,7 +480,7 @@ Workspace:
}
],
"TemplateTags": [
- "acs:technical-solution:network:ALB实现跨地域负载均衡方案"
+ "acs:technical-solution:network:ALB实现跨地域负载均衡"
]
}
}
@@ -611,7 +611,7 @@ Workspace:
security_groups = alicloud_security_group.group[0].*.id
instance_type = var.instance_type
system_disk_category = var.system_disk_category
- image_id = "centos_7_9_x64_20G_alibase_20220824.vhd"
+ image_id = "aliyun_3_x64_20G_alibase_20230727.vhd"
instance_name = var.instance_name
vswitch_id = var.vsw_id
password = var.ecs_password
diff --git a/documents/solution/high-availability-architecture/elastic-highly-available-service.yml b/documents/solution/high-availability-architecture/elastic-highly-available-service.yml
index 507cf28d..146c6b04 100644
--- a/documents/solution/high-availability-architecture/elastic-highly-available-service.yml
+++ b/documents/solution/high-availability-architecture/elastic-highly-available-service.yml
@@ -1,6 +1,6 @@
ROSTemplateFormatVersion: '2015-09-01'
Description:
- en: Build elastic and highly available services by CLB, ESS, NAT, and EIP. This
+ en: Build elastic and highly available services by CLB, ESS, NAT, EIP, RDS and OOS. This
solution takes WordPress as an example. Two ECS instances are deployed in two
zones through ESS, and are automatically bound to the default server group of
CLB to provide external services. Among them, the ECS instance uses the RDS high-availability
@@ -10,7 +10,7 @@ Description:
CPU value exceeds or falls below a certain threshold, the capacity will be automatically
scaled.
zh-cn:
- 基于CLB、ESS、NAT、EIP构建弹性高可用服务。本方案以WordPress为例,通过ESS在2个可用区分别部署2台ECS实例,并自动绑定到CLB的默认服务器组,从而对外提供服务。其中,ECS实例使用RDS高可用版实例作为数据库,通过绑定了EIP的NAT网关具备公网访问能力,CLB监听WordPress
+ 基于CLB、ESS、NAT、EIP、RDS、OOS构建弹性高可用服务。本方案以WordPress为例,通过ESS在2个可用区分别部署2台ECS实例,并自动绑定到CLB的默认服务器组,从而对外提供服务。其中,ECS实例使用RDS高可用版实例作为数据库,通过绑定了EIP的NAT网关具备公网访问能力,CLB监听WordPress
80端口并进行健康检查。此外,ESS中配置了伸缩规则,当CPU平均值超过或低于特定阈值时,会自动扩缩容。
Parameters:
LoadBalancerSpec:
@@ -367,7 +367,6 @@ Resources:
Statement:
- Action:
- ecs:DescribeInvocationResults
- - "ecs:DescribeInvocationResults"
- ecs:DescribeInvocations
- ecs:RunCommand
Resource:
diff --git a/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml b/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml
index 124970ee..fd6b46d5 100644
--- a/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml
+++ b/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml
@@ -11,7 +11,13 @@ Parameters:
AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
AssociationPropertyMetadata:
InstanceChargeType: PostPaid
- SystemDiskCategory: cloud_essd
+ SpotStrategy: SpotAsPriceGo
+ Description:
+ en: >-
+ If no available specifications are displayed, please select Modify
+ Availability Zone and try again.
+ zh-cn: 如果没有可用规格显示,请选择修改可用区后重试。
+ Default: ecs.s6-c1m1.small
Zone1:
Type: String
Label:
@@ -24,6 +30,9 @@ Parameters:
en: VSwitch Availability Zone2
zh-cn: 交换机可用区2
AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
+ Description:
+ en: Please select an availability zone different from Availability Zone1.
+ zh-cn: 请选择与可用区1不同的可用区。
InstancePassword:
Type: String
Label:
@@ -58,7 +67,7 @@ Parameters:
Label:
en: DBNodeClass
zh-cn: PolarDB集群规格
- Default: polar.mysql.x4.large
+ Default: polar.mysql.g2.medium
PolarDBAccountName:
Type: String
Label:
@@ -86,22 +95,6 @@ Parameters:
MinLength: 8
MaxLength: 30
NoEcho: true
- BucketName:
- Type: String
- Label:
- en: OSS Bucket Name
- zh-cn: Oss存储空间名称
- Description:
- en: >-
- The name must be 3 to 63 bytes in length, The name must start and end
- with a lowercase letter or digit.The name can contain only lowercase
- letters, digits, and hyphens (-).;
note:A
- bucket name must be globally unique within OSS. Bucket names cannot be
- changed after the bucket is created.
- zh-cn: >-
- 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。
- Default: image-example-test
CommonName:
Type: String
Default: high-availability
@@ -172,7 +165,7 @@ Resources:
DestCidrIp: 0.0.0.0/0
NicType: intranet
EcsInstanceGroup1:
- Type: 'ALIYUN::ECS::InstanceGroup'
+ Type: 'ALIYUN::ECS::Instance'
Properties:
ZoneId:
Ref: Zone1
@@ -184,17 +177,17 @@ Resources:
Ref: EcsSecurityGroup
ImageId: centos_7_6
IoOptimized: optimized
- SystemDiskCategory: cloud_essd
- SystemDiskSize: 40
- MaxAmount: 1
+ SystemDiskSize: 20
InstanceType:
Ref: EcsInstanceType
Password:
Ref: InstancePassword
InstanceName:
'Fn::Sub': '${CommonName}_ecs1'
+ SpotStrategy: SpotAsPriceGo
+ SystemDiskCategory: cloud_essd
EcsInstanceGroup2:
- Type: 'ALIYUN::ECS::InstanceGroup'
+ Type: 'ALIYUN::ECS::Instance'
Properties:
ZoneId:
Ref: Zone2
@@ -206,15 +199,15 @@ Resources:
Ref: EcsSecurityGroup
ImageId: centos_7_6
IoOptimized: optimized
- SystemDiskCategory: cloud_essd
- SystemDiskSize: 40
- MaxAmount: 1
+ SystemDiskSize: 20
InstanceType:
Ref: EcsInstanceType
Password:
Ref: InstancePassword
InstanceName:
'Fn::Sub': '${CommonName}_ecs2'
+ SpotStrategy: SpotAsPriceGo
+ SystemDiskCategory: cloud_essd
InstanceRunCommand:
Type: 'ALIYUN::ECS::RunCommand'
Properties:
@@ -248,11 +241,11 @@ Resources:
Type: 'ALIYUN::POLARDB::DBCluster'
Properties:
ZoneId:
- Ref: Zone1
+ Ref: Zone2
VpcId:
Ref: EcsVpc
VSwitchId:
- Ref: EcsVSwitch1
+ Ref: EcsVSwitch2
SecurityGroupIds:
- Ref: EcsSecurityGroup
DBType: MySQL
@@ -350,17 +343,6 @@ Resources:
LoadBalancerId:
Ref: AlbLoadBalancer
ListenerProtocol: HTTP
- OssBucket:
- Type: 'ALIYUN::OSS::Bucket'
- Properties:
- BucketName:
- Ref: BucketName
- AccessControl: public-read
- StorageClass: Standard
- OpenCdnService:
- Type: 'ALIYUN::ROS::AutoEnableService'
- Properties:
- ServiceName: DCDN
Outputs:
WordPressUrl:
Description:
@@ -376,6 +358,13 @@ Outputs:
Metadata:
'ALIYUN::ROS::Interface':
ParameterGroups:
+ - Parameters:
+ - Zone1
+ - Zone2
+ Label:
+ default:
+ en: Availability Zone
+ zh-cn: 可用区配置
- Parameters:
- EcsInstanceType
- InstancePassword
@@ -392,19 +381,6 @@ Metadata:
default:
en: PolarDB Information
zh-cn: PolarDB配置
- - Parameters:
- - BucketName
- Label:
- default:
- en: OSS
- zh-cn: OSS 配置
- - Parameters:
- - Zone1
- - Zone2
- Label:
- default:
- en: Availability Zone
- zh-cn: 可用区配置
TemplateTags:
- 'acs:technical-solution:high-availability-architecture:云上高可用博客网站'
Hidden:
diff --git a/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml b/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml
index 7f305f2f..a75cfda8 100644
--- a/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml
+++ b/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml
@@ -17,7 +17,6 @@ Parameters:
zh-cn: 可用区ID, 查看可用区信息。
AssociationProperty: ALIYUN::ECS::Instance:ZoneId
- Default: cn-hangzhou-h
EcsInstanceType:
Type: String
Label:
@@ -46,7 +45,13 @@ Parameters:
Description:
en: The name contains 3 to 36 characters. It must start and end with a lowercase letter or number. The value can contain lowercase letters, digits, and hyphens (-).
zh-cn: 长度为3~36个字符。必须以小写英文字母或数字开头和结尾。可包含小写英文字母、数字和短划线(-)。
- Default: sls-project-app01
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 6
+ Prefix: sls-project-app01-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
SlsLogstoreName:
Type: String
Label:
@@ -68,7 +73,13 @@ Parameters:
Description:
en: The name contains 3 to 36 characters. It must start and end with a lowercase letter or number. The value can contain lowercase letters, digits, and hyphens (-).
zh-cn: 长度为3~36个字符。必须以小写英文字母或数字开头和结尾。可包含小写英文字母、数字和短划线(-)。
- Default: bucket-app01
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 6
+ Prefix: bucket-app01-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
Resources:
EcsVpc:
Type: ALIYUN::ECS::VPC
@@ -131,6 +142,7 @@ Resources:
VSwitchId:
Ref: EcsVSwitch
SlsProject:
+ DependsOn: AutoEnableSLS
Type: ALIYUN::SLS::Project
Properties:
Name:
@@ -157,6 +169,7 @@ Resources:
- SlsLogStore
OssBucket:
Type: ALIYUN::OSS::Bucket
+ DependsOn: AutoEnableOSS
Properties:
BucketName:
Ref: OssBucketName
@@ -419,6 +432,14 @@ Resources:
- SlsLogStore
- OssBucket
- ApplyConfigToMachineGroup
+ AutoEnableSLS:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: SLS
+ AutoEnableOSS:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: OSS
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
@@ -445,7 +466,7 @@ Metadata:
en: OSS bucket
zh-cn: 对象存储OSS配置
TemplateTags:
- - acs:technical-solution:internet-application-development:Nginx访问日志数据归档
+ - acs:technical-solution:internet-application-development:应用日志数据归档
Hidden:
- CommonName
Outputs:
diff --git a/documents/solution/internet-application-development/video-website-solution.yml b/documents/solution/internet-application-development/video-website-solution.yml
index e8476592..e94c944c 100644
--- a/documents/solution/internet-application-development/video-website-solution.yml
+++ b/documents/solution/internet-application-development/video-website-solution.yml
@@ -14,7 +14,13 @@ Parameters:
and hyphens (-).;
note:A bucket name must be globally
unique within OSS. Bucket names cannot be changed after the bucket is created.
zh-cn: 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。
- Default: vod-bucket-src
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 5
+ Prefix: vod-bucket-src-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
BucketNameTarget:
Type: String
Label:
@@ -26,7 +32,13 @@ Parameters:
and hyphens (-).;
note:A bucket name must be globally
unique within OSS. Bucket names cannot be changed after the bucket is created.
zh-cn: 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。
- Default: vod-bucket-target
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 5
+ Prefix: vod-bucket-target-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
Zone1:
Type: String
Label:
@@ -71,6 +83,14 @@ Parameters:
Type: String
Default: video-website
Resources:
+ AutoEnableOSS:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: OSS
+ AutoEnableMNS:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: MNS
EcsVpc:
Type: ALIYUN::ECS::VPC
Properties:
@@ -273,6 +293,7 @@ Resources:
ListenerProtocol: HTTP
OssBucketScr:
Type: ALIYUN::OSS::Bucket
+ DependsOn: AutoEnableOSS
Properties:
BucketName:
Ref: BucketNameScr
@@ -280,6 +301,7 @@ Resources:
DeletionForce: true
OssBucketTarget:
Type: ALIYUN::OSS::Bucket
+ DependsOn: AutoEnableOSS
Properties:
BucketName:
Ref: BucketNameTarget
@@ -298,7 +320,7 @@ Resources:
Fn::Sub: |
#!/bin/bash
- wget https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/file-manage-files/zh-CN/20230620/xpnk/server.zip
+ wget https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/file-manage-files/zh-CN/20230830/qhwb/server.zip
yum install unzip -y
unzip server.zip
cd server
@@ -309,11 +331,13 @@ Resources:
uwsgi uwsgi.ini
Queue:
Type: ALIYUN::MNS::Queue
+ DependsOn: AutoEnableMNS
Properties:
QueueName:
Fn::Sub: ${CommonName}-mns-queue
VodStorage:
Type: ALIYUN::VOD::Storage
+ DependsOn: AliyunVODDefaultRole
Properties:
StorageType: user_oss_bucket
StorageLocation:
@@ -429,6 +453,25 @@ Resources:
- Application
- MessageCallback
- VodStorage
+ AliyunVODDefaultRole:
+ Type: ALIYUN::RAM::Role
+ Properties:
+ RoleName: AliyunVODDefaultRole
+ Description: VOD默认使用此角色来访问您在其他云产品中的资源。
+ AssumeRolePolicyDocument:
+ Version: '1'
+ Statement:
+ - Action: 'sts:AssumeRole'
+ Effect: Allow
+ Principal:
+ Service:
+ - vod.aliyuncs.com
+ MaxSessionDuration: 3600
+ IgnoreExisting: true
+ DeletionForce: true
+ PolicyAttachments:
+ System:
+ - AliyunVODRolePolicy
Outputs:
VideoUrl:
Description:
diff --git a/documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml b/documents/solution/micro/mse-realizes-full-link-grayscale.yml
similarity index 92%
rename from documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml
rename to documents/solution/micro/mse-realizes-full-link-grayscale.yml
index 4faeda08..223d05d2 100644
--- a/documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml
+++ b/documents/solution/micro/mse-realizes-full-link-grayscale.yml
@@ -28,7 +28,13 @@ Parameters:
Label:
en: Managed Kubernetes Cluster Name
zh-cn: ACK托管版集群名称
- Default: testcluster
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 5
+ Prefix: cluster-for-mse-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
WorkerInstanceType:
Type: String
Label:
@@ -37,7 +43,8 @@ Parameters:
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
ZoneId: ${ZoneId}
- AllowedPattern: ^(ecs\.[a-z6-9]+\.)[1-9]?xlarge$
+ CreateACKClusterParams:
+ NetworkPlugin: terway-eniip
Description:
en: It is recommended to use a new generation of ecs instances. If the instance
specification cannot be selected, please change the availability zone again.
@@ -133,8 +140,18 @@ Resources:
Name:
Ref: MseMicroRegistryInstance
Source: MSE
+ NatGateway:
+ Type: ALIYUN::VPC::NatGateway
+ Properties:
+ ZoneId:
+ Ref: ZoneId
+ VpcId:
+ Ref: Vpc
+ VSwitchId:
+ Ref: VSwitch
ManagedKubernetesCluster:
Type: ALIYUN::CS::ManagedKubernetesCluster
+ DependsOn: NatGateway
Properties:
VpcId:
Ref: Vpc
@@ -210,3 +227,5 @@ Metadata:
Label:
en: MSE Configuration
zh-cn: MSE配置
+ TemplateTags:
+ - acs:technical-solution:micro:MSE实现全链路灰度
diff --git a/documents/solution/network/cross-region-account-network-interwork-scheme.yml b/documents/solution/network/cross-region-account-network-interwork-scheme.yml
index 1a9be232..0a745499 100644
--- a/documents/solution/network/cross-region-account-network-interwork-scheme.yml
+++ b/documents/solution/network/cross-region-account-network-interwork-scheme.yml
@@ -419,7 +419,7 @@ Workspace:
}
],
"TemplateTags": [
- "acs:integrate:landing_zone:cen_tr"
+ "acs:technical-solution:network:跨地域跨账号网络互通方案"
]
}
}
diff --git a/documents/solution/network/enterprise-cloud-network-architecture-planning.yml b/documents/solution/network/enterprise-cloud-network-architecture-planning.yml
index beb9e2b8..65503842 100644
--- a/documents/solution/network/enterprise-cloud-network-architecture-planning.yml
+++ b/documents/solution/network/enterprise-cloud-network-architecture-planning.yml
@@ -428,6 +428,7 @@ Resources:
Sync: true
CenInstance:
Type: ALIYUN::CEN::CenInstance
+ DependsOn: AutoEnableTransitRouter
Properties:
Name:
Fn::Sub: ${CommonName}_cen
@@ -614,6 +615,10 @@ Resources:
RouteTableId:
Ref: VpcSecCustomRouteTable
DependsOn: RouteForwardToEcs
+ AutoEnableTransitRouter:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: TransitRouter
Outputs:
EcsInstances:
Description:
diff --git a/documents/solution/network/public-network-architecture-design.yml b/documents/solution/network/public-network-architecture-design.yml
index e43cdf44..5de3cb2b 100644
--- a/documents/solution/network/public-network-architecture-design.yml
+++ b/documents/solution/network/public-network-architecture-design.yml
@@ -123,6 +123,7 @@ Resources:
CidrBlock: 192.168.2.128/25
CenInstance:
Type: ALIYUN::CEN::CenInstance
+ DependsOn: AutoEnableTR
Properties:
Name: DmzCen
CenTransitRouter:
@@ -748,6 +749,10 @@ Resources:
Fn::GetAtt:
- DmzNlbLoadBalancer
- LoadBalancerId
+ AutoEnableTR:
+ Type: ALIYUN::ROS::AutoEnableService
+ Properties:
+ ServiceName: TransitRouter
Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
diff --git a/documents/solution/network/two-region-three-center-high-availability.yml b/documents/solution/network/two-region-three-center-high-availability.yml
index 62c0e1c0..09d94aa4 100644
--- a/documents/solution/network/two-region-three-center-high-availability.yml
+++ b/documents/solution/network/two-region-three-center-high-availability.yml
@@ -41,7 +41,7 @@ Metadata:
zh-cn: PolarDB配置
en: PolarDB Configuration
TemplateTags:
- - acs:technical-solution:network:两地三中心异地多活
+ - acs:technical-solution:network:两地三中心异地多活网络
ResourcesForParameterConstraints:
polardb1:
Type: ALIYUN::POLARDB::DBCluster
@@ -608,7 +608,7 @@ Workspace:
}
],
"TemplateTags": [
- "acs:technical-solution:network:两地三中心异地多活"
+ "acs:technical-solution:network:两地三中心异地多活网络"
],
"ResourcesForParameterConstraints": {
"polardb1": {
@@ -686,7 +686,7 @@ Workspace:
security_groups = alicloud_security_group.group.*.id
instance_type = var.instance_type
system_disk_category = var.system_disk_category
- image_id = "centos_7_9_x64_20G_alibase_20220824.vhd"
+ image_id = "aliyun_3_x64_20G_alibase_20230727.vhd"
instance_name = var.instance_name
vswitch_id = var.vsw_id
password = var.ecs_password
diff --git a/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml b/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml
index 05aa9fe6..fe22347c 100644
--- a/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml
+++ b/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml
@@ -12,8 +12,14 @@ Parameters:
en: The name must be 1 to 63 characters in length and can contain letters, Chinese
characters, digits, and hyphens (-).
zh-cn: 名称为1~63个字符,可包含数字、汉字、英文字符或中划线(-)。
- Default: cluster-for-nginx
AllowedPattern: ^[a-zA-Z0-9\u4e00-\u9fa5][-a-zA-Z0-9\u4e00-\u9fa5]{0,62}$
+ AssociationProperty: AutoCompleteInput
+ AssociationPropertyMetadata:
+ Length: 5
+ Prefix: cluster-for-nginx-
+ CharacterClasses:
+ - Class: lowercase
+ min: 1
ZoneId:
Type: String
Label:
@@ -35,7 +41,8 @@ Parameters:
AssociationProperty: ALIYUN::ECS::Instance::InstanceType
AssociationPropertyMetadata:
ZoneId: ${ZoneId}
- AllowedPattern: ^(ecs\.[a-z6-9]+\.)[1-9]?xlarge$
+ CreateACKClusterParams:
+ NetworkPlugin: terway-eniip
CommonName:
Type: String
Default: ack-for-nginx
diff --git a/documents/solution/product-details-page/classic-architecture-of-cloud-website.yml b/documents/solution/product-details-page/classic-architecture-of-cloud-website.yml
index edb6e0b9..97173312 100644
--- a/documents/solution/product-details-page/classic-architecture-of-cloud-website.yml
+++ b/documents/solution/product-details-page/classic-architecture-of-cloud-website.yml
@@ -365,6 +365,7 @@ Resources:
DBName: appdb
RdsAccountPrivilege:
Type: ALIYUN::RDS::AccountPrivilege
+ DependsOn: RdsDatabase
Properties:
AccountPrivilege: ReadWrite
DBInstanceId:
diff --git a/documents/solution/product-details-page/e-commerce-business-and-database.yml b/documents/solution/product-details-page/e-commerce-business-and-database.yml
index 252f88e0..b0352e75 100644
--- a/documents/solution/product-details-page/e-commerce-business-and-database.yml
+++ b/documents/solution/product-details-page/e-commerce-business-and-database.yml
@@ -6,41 +6,73 @@ Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- - ZoneId_0
- - ZoneId_1
- InstanceType
- SystemDiskCategory
+ - ECS_ZoneId_1
+ - ECS_ZoneId_2
- Password
Label:
default: ECS
- Parameters:
- DBInstanceClass
+ - RDS_ZoneId_1
+ - RDS_ZoneId_2
- DBPassword
Label:
default: RDS
+ - Parameters:
+ - LoadBalancerSpec
+ - SLB_ZoneId_1
+ - SLB_ZoneId_2
+ Label:
+ default: SLB
TemplateTags:
- acs:technical-solution:network:ECS:电商行业业务及数据库上云
Parameters:
- ZoneId_0:
+ ECS_ZoneId_1:
Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Label:
- zh-cn: 可用区A
- en: Availability Zone A
+ zh-cn: ECS可用区A
+ en: Availability Zone A of ECS
Description:
- en: To create an availability zone for the instance, ensure that the current region has
- at least two different availability zones to choose from.
- zh-cn: 创建实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。
- AssociationProperty: ALIYUN::NLB::Zone::ZoneId
- ZoneId_1:
+ en: An availability zone to create for the ECS instance, ensure that the current region has
+ at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建ECS实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ ECS_ZoneId_2:
Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Label:
- zh-cn: 可用区B
- en: Availability Zone B
+ zh-cn: ECS可用区B
+ en: Availability Zone B of ECS
Description:
- en: To create an availability zone for the instance, ensure that the current region has
- at least two different availability zones to choose from.
- zh-cn: 创建实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。
- AssociationProperty: ALIYUN::NLB::Zone::ZoneId
+ en: An availability zone to create for the ECS instance, ensure that the current region has
+ at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建ECS实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ RDS_ZoneId_1:
+ Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ Label:
+ zh-cn: RDS主可用区
+ en: Master availability zone
+ Description:
+ en: The master availability zone to create for the RDS instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建RDS实例的主可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ RDS_ZoneId_2:
+ Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ Label:
+ zh-cn: RDS备可用区
+ en: Slave availability zone
+ Description:
+ en: The slave availability zone to create for the RDS instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建RDS实例的备可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
InstanceType:
Type: String
Label:
@@ -96,28 +128,80 @@ Parameters:
MinLength: 8
MaxLength: 32
NoEcho: true
+ LoadBalancerSpec:
+ Type: String
+ Label:
+ en: Load balancer instance specification
+ zh-cn: 负载均衡实例规格
+ Default: slb.s1.small
+ SLB_ZoneId_1:
+ Type: String
+ AssociationProperty: ALIYUN::NLB::Zone::ZoneId
+ Label:
+ zh-cn: SLB主可用区
+ en: Master availability zone
+ Description:
+ en: The master availability zone to create for the SLB instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建SLB实例的主可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ SLB_ZoneId_2:
+ Type: String
+ AssociationProperty: ALIYUN::NLB::Zone::ZoneId
+ Label:
+ zh-cn: SLB备可用区
+ en: Slave availability zone
+ Description:
+ en: The slave availability zone to create for the SLB instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建SLB实例的备可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
VpcName: E_Commerce_Vpc
CidrBlock: 192.168.0.0/16
- Vsw_0:
+ ECS_Vsw_1:
Type: ALIYUN::ECS::VSwitch
Properties:
VpcId:
Ref: Vpc
ZoneId:
- Ref: ZoneId_0
+ Ref: ECS_ZoneId_1
CidrBlock: 192.168.0.0/24
- Vsw_1:
+ ECS_Vsw_2:
Type: ALIYUN::ECS::VSwitch
Properties:
VpcId:
Ref: Vpc
ZoneId:
- Ref: ZoneId_1
+ Ref: ECS_ZoneId_2
CidrBlock: 192.168.1.0/24
+ SLB_Vsw_1:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ VpcId:
+ Ref: Vpc
+ ZoneId:
+ Ref: SLB_ZoneId_1
+ CidrBlock: 192.168.2.0/24
+ RDS_Vsw_1:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ VpcId:
+ Ref: Vpc
+ ZoneId:
+ Ref: RDS_ZoneId_1
+ CidrBlock: 192.168.3.0/24
+ RDS_Vsw_2:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ VpcId:
+ Ref: Vpc
+ ZoneId:
+ Ref: RDS_ZoneId_2
+ CidrBlock: 192.168.4.0/24
ECommerceSg:
Type: ALIYUN::ECS::SecurityGroup
Properties:
@@ -188,10 +272,10 @@ Resources:
SecurityGroupId:
Ref: ECommerceSg
VSwitchId:
- Ref: Vsw_0
+ Ref: ECS_Vsw_1
InstanceName: ecs-ds-demo-01
ZoneId:
- Ref: ZoneId_0
+ Ref: ECS_ZoneId_1
InstanceChargeType: PostPaid
InstanceType:
Ref: InstanceType
@@ -210,10 +294,10 @@ Resources:
SecurityGroupId:
Ref: ECommerceSg
VSwitchId:
- Ref: Vsw_1
+ Ref: ECS_Vsw_2
InstanceName: ecs-ds-demo-02
ZoneId:
- Ref: ZoneId_1
+ Ref: ECS_ZoneId_2
InstanceChargeType: PostPaid
InstanceType:
Ref: InstanceType
@@ -227,16 +311,17 @@ Resources:
Slb:
Type: ALIYUN::SLB::LoadBalancer
Properties:
- LoadBalancerSpec: slb.s1.small
+ LoadBalancerSpec:
+ Ref: LoadBalancerSpec
VpcId:
Ref: Vpc
VSwitchId:
- Ref: Vsw_0
+ Ref: SLB_Vsw_1
LoadBalancerName: slb-ds-demo
MasterZoneId:
- Ref: ZoneId_0
+ Ref: SLB_ZoneId_1
SlaveZoneId:
- Ref: ZoneId_1
+ Ref: SLB_ZoneId_2
SlbListener:
Type: ALIYUN::SLB::Listener
Properties:
@@ -289,10 +374,10 @@ Resources:
SecurityGroupId:
Ref: WordpressSg
VSwitchId:
- Ref: Vsw_1
+ Ref: ECS_Vsw_2
InstanceName: ecs-demo-wordpress
ZoneId:
- Ref: ZoneId_1
+ Ref: ECS_ZoneId_2
InstanceChargeType: PostPaid
InstanceType:
Ref: InstanceType
@@ -410,16 +495,16 @@ Resources:
Category: HighAvailability
DBInstanceStorageType: local_ssd
ZoneId:
- Ref: ZoneId_0
+ Ref: RDS_ZoneId_1
SlaveZoneIds:
- - Ref: ZoneId_1
+ - Ref: RDS_ZoneId_2
VpcId:
Ref: Vpc
VSwitchId:
Fn::Join:
- ','
- - - Ref: Vsw_0
- - Ref: Vsw_1
+ - - Ref: RDS_Vsw_1
+ - Ref: RDS_Vsw_2
DBInstanceClass:
Ref: DBInstanceClass
DBInstanceStorage: 100
diff --git a/documents/solution/storage/snapshot-optimize.yml b/documents/solution/storage/snapshot-optimize.yml
new file mode 100644
index 00000000..f2e42057
--- /dev/null
+++ b/documents/solution/storage/snapshot-optimize.yml
@@ -0,0 +1,305 @@
+ROSTemplateFormatVersion: '2015-09-01'
+Description:
+ zh-cn: 无代理ECS备份高效环境搭建
+ en: Deploy high-performance MySQL services based on EBS ESSD.
+Parameters:
+ ecsType:
+ Default: ecs.g6.large
+ AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType'
+ AssociationPropertyMetadata:
+ SystemDiskCategory: cloud_essd
+ InstanceChargeType: PostPaid
+ ZoneId: '${zoneId}'
+ Type: String
+ Label:
+ zh-cn: ECS 实例规格
+ en: InstanceType
+ ecsPassword:
+ Type: String
+ Description:
+ zh-cn: >-
+ 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/
+ 中的特殊符号)
+ en: >-
+ Server login password, Length 8-30, must contain three(Capital letters,
+ lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special
+ symbol in)
+ Default: null
+ MinLength: 8
+ Label:
+ zh-cn: 实例密码
+ en: Instance Password
+ AllowedPattern: '^[a-zA-Z0-9-\(\)\`\~\!\@\#\$\%\^\&\*\_\-\+\=\|\{\}\[\]\:\;\<\>\,\.\?\/]*$'
+ MaxLength: 30
+ AssociationProperty: 'ALIYUN::ECS::Instance::Password'
+ ConstraintDescription:
+ zh-cn: '长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;''<>,.?/ 中的特殊符号)'
+ en: >-
+ Length 8-30, must contain three(Capital letters, lowercase letters,
+ numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in)
+ zoneId:
+ Default: ''
+ AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId'
+ Type: String
+ Label:
+ zh-cn: 可用区
+ en: Availability Zone
+Outputs:
+ EcsLoginAddress:
+ Description:
+ zh-cn: Ecs登陆地址。
+ en: Ecs login address.
+ Value:
+ 'Fn::Sub':
+ - >-
+ https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs®ionId=${Region}&instanceId=${InstanceId}
+ - InstanceId:
+ Ref: EcsInstance
+ Region:
+ Ref: 'ALIYUN::Region'
+ EcsCloneLoginAddress:
+ Description:
+ zh-cn: Ecs(克隆)登陆地址。
+ en: Ecs clone login address.
+ Value:
+ 'Fn::Sub':
+ - >-
+ https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs®ionId=${Region}&instanceId=${InstanceId}
+ - InstanceId:
+ Ref: EcsInstanceClone
+ Region:
+ Ref: 'ALIYUN::Region'
+ EcsInstanceId:
+ Description: ECS实例ID
+ Value:
+ 'Fn::GetAtt':
+ - EcsInstance
+ - InstanceId
+ EcsInstanceUser:
+ Description: ECS实例初始用户
+ Value: root
+ EcsInstancePublicIp:
+ Description: ECS实例公网IP
+ Value:
+ 'Fn::GetAtt':
+ - EcsInstance
+ - PublicIp
+ MysqlUser:
+ Description: MySQL初始用户
+ Value: root
+ MysqlPassword:
+ Description: MySQL初始密码
+ Value: 请登录ECS执行以下命令获取初始密码:sudo grep 'temporary password' /var/log/mysqld.log
+ SystemDiskId:
+ Description: 系统盘ID
+ Value:
+ 'Fn::GetAtt':
+ - SysTemDisk
+ - DiskIds
+Resources:
+ SecurityGroup:
+ Type: 'ALIYUN::ECS::SecurityGroup'
+ Properties:
+ SecurityGroupIngress:
+ - Priority: 1
+ PortRange: '-1/-1'
+ NicType: intranet
+ SourceCidrIp: 0.0.0.0/0
+ IpProtocol: all
+ VpcId:
+ Ref: VPC
+ SecurityGroupEgress:
+ - Priority: 1
+ PortRange: '-1/-1'
+ DestCidrIp: 0.0.0.0/0
+ NicType: intranet
+ IpProtocol: all
+ VPC:
+ Type: 'ALIYUN::ECS::VPC'
+ Properties:
+ VpcName:
+ 'Fn::Join':
+ - '-'
+ - - StackId
+ - Ref: 'ALIYUN::StackId'
+ CidrBlock: 192.168.0.0/16
+ VSwitch:
+ Type: 'ALIYUN::ECS::VSwitch'
+ Properties:
+ VSwitchName:
+ Ref: 'ALIYUN::StackName'
+ VpcId:
+ Ref: VPC
+ CidrBlock: 192.168.0.0/24
+ ZoneId:
+ Ref: zoneId
+ EcsInstance:
+ Type: 'ALIYUN::ECS::Instance'
+ Properties:
+ SystemDiskCategory: cloud_essd
+ VpcId:
+ Ref: VPC
+ InternetMaxBandwidthOut: 100
+ SecurityGroupId:
+ Ref: SecurityGroup
+ SystemDiskSize: 40
+ ImageId: centos_7_9_x64_20G_alibase_
+ AllocatePublicIP: true
+ IoOptimized: optimized
+ InternetChargeType: PayByTraffic
+ VSwitchId:
+ Ref: VSwitch
+ Password:
+ Ref: ecsPassword
+ InstanceType:
+ Ref: ecsType
+ ZoneId:
+ Ref: zoneId
+ InstanceName:
+ Fn::Sub: ECS_Instance-${ALIYUN::StackId}
+ RunCommand:
+ Type: 'ALIYUN::ECS::RunCommand'
+ Properties:
+ Type: RunShellScript
+ CommandContent:
+ 'Fn::Sub':
+ - >
+ #!/bin/sh
+
+ cd /tmp/
+
+ if wget -N
+ http://mirrors.cloud.aliyuncs.com/mysql/MySQL-8.0/mysql-8.0.27-1.el7.x86_64.rpm-bundle.tar
+ -O mysql.tar ; then
+
+ echo "[INFO] Download mysql rpm bundle.tar successfully."
+
+ tar -xf mysql.tar
+
+ echo "[INFO] Extract mysql rpm bundle.tar successfully."
+
+ if yum install -y mysql-community-{server,client,common,libs,devel}-*; then
+
+ echo "[INFO] Install mysql successfully."
+
+ else
+
+ echo "[ERROR] Failed to install mysql."
+
+ exit
+
+ fi
+
+ else
+
+ echo "[ERROR] Failed to download mysql rpm bundle."
+
+ echo "[INFO] Install from [dev.mysql.com rpm repository]"
+
+ rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-7.noarch.rpm
+
+ if yum -y install mysql-community-server --enablerepo=mysql80-community --nogpgcheck; then
+
+ echo "[INFO] Install mysql successfully."
+
+ else
+
+ echo "[ERROR] Failed to install mysql."
+
+ exit
+
+ fi
+
+ fi
+
+ sudo systemctl start mysqld
+
+ sudo systemctl enable mysqld
+
+ sync
+ - {}
+ Sync: true
+ InstanceIds:
+ - Ref: EcsInstance
+ Timeout: 600
+ DependsOn:
+ - EcsInstance
+ SysTemDisk:
+ Type: 'DATASOURCE::ECS::Disks'
+ Properties:
+ InstanceId:
+ Ref: EcsInstance
+ DiskType: system
+ DependsOn:
+ - RunCommand
+ SnaptshotPolicy:
+ Type: 'ALIYUN::ECS::AutoSnapshotPolicy'
+ Properties:
+ TimePoints:
+ - 20
+ - 23
+ RetentionDays: 1
+ RepeatWeekdays:
+ - 1
+ - 2
+ DiskIds:
+ 'Fn::GetAtt':
+ - SysTemDisk
+ - DiskIds
+ AutoSnapshotPolicyName:
+ Fn::Sub: AutoSnapshotPolicy-${ALIYUN::StackId}
+ MysqlImage:
+ Type: 'ALIYUN::ECS::CustomImage'
+ Properties:
+ Description: MySQL实例镜像
+ InstanceId:
+ Ref: EcsInstance
+ ImageName:
+ Fn::Sub: MySQLImage-${ALIYUN::StackId}
+ Platform: CentOS
+ Architecture: x86_64
+ DependsOn:
+ - SnaptshotPolicy
+ - RunCommand
+ EcsInstanceClone:
+ Type: 'ALIYUN::ECS::Instance'
+ Properties:
+ SystemDiskCategory: cloud_essd
+ VpcId:
+ Ref: VPC
+ InternetMaxBandwidthOut: 100
+ SecurityGroupId:
+ Ref: SecurityGroup
+ SystemDiskSize: 40
+ ImageId:
+ 'Fn::GetAtt':
+ - MysqlImage
+ - ImageId
+ AllocatePublicIP: true
+ IoOptimized: optimized
+ InternetChargeType: PayByTraffic
+ VSwitchId:
+ Ref: VSwitch
+ Password:
+ Ref: ecsPassword
+ InstanceType:
+ Ref: ecsType
+ ZoneId:
+ Ref: zoneId
+ InstanceName:
+ Fn::Sub: ECS_Instance_Clone-${ALIYUN::StackId}
+ DependsOn:
+ - MysqlImage
+Metadata:
+ 'ALIYUN::ROS::Interface':
+ ParameterGroups:
+ - Parameters:
+ - zoneId
+ - ecsType
+ - ecsPassword
+ - ecsImageId
+ Label:
+ zh-cn: 基础配置
+ en: Basic Configuration
+ TemplateTags:
+ - 'acs:technical-solution:ebs:基于EBS部署高性能的MySQL服务'
diff --git a/solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml b/solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml
index 252f88e0..b0352e75 100644
--- a/solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml
+++ b/solutions/enterprise-on-cloud/e-commerce-business-and-db-on-the-cloud.yml
@@ -6,41 +6,73 @@ Metadata:
ALIYUN::ROS::Interface:
ParameterGroups:
- Parameters:
- - ZoneId_0
- - ZoneId_1
- InstanceType
- SystemDiskCategory
+ - ECS_ZoneId_1
+ - ECS_ZoneId_2
- Password
Label:
default: ECS
- Parameters:
- DBInstanceClass
+ - RDS_ZoneId_1
+ - RDS_ZoneId_2
- DBPassword
Label:
default: RDS
+ - Parameters:
+ - LoadBalancerSpec
+ - SLB_ZoneId_1
+ - SLB_ZoneId_2
+ Label:
+ default: SLB
TemplateTags:
- acs:technical-solution:network:ECS:电商行业业务及数据库上云
Parameters:
- ZoneId_0:
+ ECS_ZoneId_1:
Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Label:
- zh-cn: 可用区A
- en: Availability Zone A
+ zh-cn: ECS可用区A
+ en: Availability Zone A of ECS
Description:
- en: To create an availability zone for the instance, ensure that the current region has
- at least two different availability zones to choose from.
- zh-cn: 创建实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。
- AssociationProperty: ALIYUN::NLB::Zone::ZoneId
- ZoneId_1:
+ en: An availability zone to create for the ECS instance, ensure that the current region has
+ at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建ECS实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ ECS_ZoneId_2:
Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
Label:
- zh-cn: 可用区B
- en: Availability Zone B
+ zh-cn: ECS可用区B
+ en: Availability Zone B of ECS
Description:
- en: To create an availability zone for the instance, ensure that the current region has
- at least two different availability zones to choose from.
- zh-cn: 创建实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。
- AssociationProperty: ALIYUN::NLB::Zone::ZoneId
+ en: An availability zone to create for the ECS instance, ensure that the current region has
+ at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建ECS实例的可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ RDS_ZoneId_1:
+ Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ Label:
+ zh-cn: RDS主可用区
+ en: Master availability zone
+ Description:
+ en: The master availability zone to create for the RDS instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建RDS实例的主可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ RDS_ZoneId_2:
+ Type: String
+ AssociationProperty: ALIYUN::ECS::Instance:ZoneId
+ Label:
+ zh-cn: RDS备可用区
+ en: Slave availability zone
+ Description:
+ en: The slave availability zone to create for the RDS instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建RDS实例的备可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
InstanceType:
Type: String
Label:
@@ -96,28 +128,80 @@ Parameters:
MinLength: 8
MaxLength: 32
NoEcho: true
+ LoadBalancerSpec:
+ Type: String
+ Label:
+ en: Load balancer instance specification
+ zh-cn: 负载均衡实例规格
+ Default: slb.s1.small
+ SLB_ZoneId_1:
+ Type: String
+ AssociationProperty: ALIYUN::NLB::Zone::ZoneId
+ Label:
+ zh-cn: SLB主可用区
+ en: Master availability zone
+ Description:
+ en: The master availability zone to create for the SLB instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建SLB实例的主可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
+ SLB_ZoneId_2:
+ Type: String
+ AssociationProperty: ALIYUN::NLB::Zone::ZoneId
+ Label:
+ zh-cn: SLB备可用区
+ en: Slave availability zone
+ Description:
+ en: The slave availability zone to create for the SLB instance, ensure that the current
+ region has at least two different availability zones to choose from. If there are no two availability zones,
+ please change other parameters or switch to another region and check again.
+ zh-cn: 创建SLB实例的备可用区,请确保当前地域有至少两个不同的可用区可供选择。若无双可用区,请修改其他参数或切换至其他地域后重新查看。
Resources:
Vpc:
Type: ALIYUN::ECS::VPC
Properties:
VpcName: E_Commerce_Vpc
CidrBlock: 192.168.0.0/16
- Vsw_0:
+ ECS_Vsw_1:
Type: ALIYUN::ECS::VSwitch
Properties:
VpcId:
Ref: Vpc
ZoneId:
- Ref: ZoneId_0
+ Ref: ECS_ZoneId_1
CidrBlock: 192.168.0.0/24
- Vsw_1:
+ ECS_Vsw_2:
Type: ALIYUN::ECS::VSwitch
Properties:
VpcId:
Ref: Vpc
ZoneId:
- Ref: ZoneId_1
+ Ref: ECS_ZoneId_2
CidrBlock: 192.168.1.0/24
+ SLB_Vsw_1:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ VpcId:
+ Ref: Vpc
+ ZoneId:
+ Ref: SLB_ZoneId_1
+ CidrBlock: 192.168.2.0/24
+ RDS_Vsw_1:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ VpcId:
+ Ref: Vpc
+ ZoneId:
+ Ref: RDS_ZoneId_1
+ CidrBlock: 192.168.3.0/24
+ RDS_Vsw_2:
+ Type: ALIYUN::ECS::VSwitch
+ Properties:
+ VpcId:
+ Ref: Vpc
+ ZoneId:
+ Ref: RDS_ZoneId_2
+ CidrBlock: 192.168.4.0/24
ECommerceSg:
Type: ALIYUN::ECS::SecurityGroup
Properties:
@@ -188,10 +272,10 @@ Resources:
SecurityGroupId:
Ref: ECommerceSg
VSwitchId:
- Ref: Vsw_0
+ Ref: ECS_Vsw_1
InstanceName: ecs-ds-demo-01
ZoneId:
- Ref: ZoneId_0
+ Ref: ECS_ZoneId_1
InstanceChargeType: PostPaid
InstanceType:
Ref: InstanceType
@@ -210,10 +294,10 @@ Resources:
SecurityGroupId:
Ref: ECommerceSg
VSwitchId:
- Ref: Vsw_1
+ Ref: ECS_Vsw_2
InstanceName: ecs-ds-demo-02
ZoneId:
- Ref: ZoneId_1
+ Ref: ECS_ZoneId_2
InstanceChargeType: PostPaid
InstanceType:
Ref: InstanceType
@@ -227,16 +311,17 @@ Resources:
Slb:
Type: ALIYUN::SLB::LoadBalancer
Properties:
- LoadBalancerSpec: slb.s1.small
+ LoadBalancerSpec:
+ Ref: LoadBalancerSpec
VpcId:
Ref: Vpc
VSwitchId:
- Ref: Vsw_0
+ Ref: SLB_Vsw_1
LoadBalancerName: slb-ds-demo
MasterZoneId:
- Ref: ZoneId_0
+ Ref: SLB_ZoneId_1
SlaveZoneId:
- Ref: ZoneId_1
+ Ref: SLB_ZoneId_2
SlbListener:
Type: ALIYUN::SLB::Listener
Properties:
@@ -289,10 +374,10 @@ Resources:
SecurityGroupId:
Ref: WordpressSg
VSwitchId:
- Ref: Vsw_1
+ Ref: ECS_Vsw_2
InstanceName: ecs-demo-wordpress
ZoneId:
- Ref: ZoneId_1
+ Ref: ECS_ZoneId_2
InstanceChargeType: PostPaid
InstanceType:
Ref: InstanceType
@@ -410,16 +495,16 @@ Resources:
Category: HighAvailability
DBInstanceStorageType: local_ssd
ZoneId:
- Ref: ZoneId_0
+ Ref: RDS_ZoneId_1
SlaveZoneIds:
- - Ref: ZoneId_1
+ - Ref: RDS_ZoneId_2
VpcId:
Ref: Vpc
VSwitchId:
Fn::Join:
- ','
- - - Ref: Vsw_0
- - Ref: Vsw_1
+ - - Ref: RDS_Vsw_1
+ - Ref: RDS_Vsw_2
DBInstanceClass:
Ref: DBInstanceClass
DBInstanceStorage: 100