diff --git a/README-CN.md b/README-CN.md index 9e98a274..7c048266 100644 --- a/README-CN.md +++ b/README-CN.md @@ -372,15 +372,17 @@ ROS 模板的示例和最佳实践。模板分类如下: - ecs -| 模板 | 说明 | -|----------------------------------------------------------------------|---------------------------------------------------------------------| +| 模板 | 说明 | +|----------------------------------------------------------------------|------------------------------------------------------------------| | [lnmp-centos7.yml](./documents/help/ecs/lnmp-centos7.yml) | 在 ECS 实例(CentOS 7)上搭建 LNMP 环境,其中 LNMP 分别代表 Linux、Nginx、MySQL 和 PHP。 | -| [ftp-centos7.yml](./documents/help/ecs/ftp-centos7.yml) | 使用Centos7系统创建ECS实例安装部署FTP服务。 | -| [nodejs-centos7.yml](./documents/help/ecs/nodejs-centos7.yml) | 在ECS实例(CentOS 7)上部署Node.js环境。 | -| [wordpress-centos7.yml](./documents/help/ecs/wordpress-centos7.yml) | 在ECS实例(CentOS 7)上搭建WordPress。 | -| [mysql-centos8.yml](./documents/help/ecs/mysql-centos8.yml) | 在ECS实例(CentOS 8)上部署MySQL服务。 | -| [ecs-bind-multi-eip-address.yml](documents/help/eip/ecs-bind-multi-eip-address.yml) | 将弹性公网IP与辅助弹性网卡以普通模式绑定,实现单个ECS实例(CentOS 7)绑定多个EIP。 | -| [docker-alibaba-cloud-linux-2.yml](./documents/help/ecs/docker-alibaba-cloud-linux-2.yml) | 部署并使用Docker(Alibaba Cloud Linux 2)。 | +| [ftp-centos7.yml](./documents/help/ecs/ftp-centos7.yml) | 使用Centos7系统创建ECS实例安装部署FTP服务。 | +| [nodejs-centos7.yml](./documents/help/ecs/nodejs-centos7.yml) | 在ECS实例(CentOS 7)上部署Node.js环境。 | +| [wordpress-centos7.yml](./documents/help/ecs/wordpress-centos7.yml) | 在ECS实例(CentOS 7)上搭建WordPress。 | +| [mysql-centos8.yml](./documents/help/ecs/mysql-centos8.yml) | 在ECS实例(CentOS 8)上部署MySQL服务。 | +| [ecs-bind-multi-eip-address.yml](documents/help/eip/ecs-bind-multi-eip-address.yml) | 将弹性公网IP与辅助弹性网卡以普通模式绑定,实现单个ECS实例(CentOS 7)绑定多个EIP。 | +| [docker-alibaba-cloud-linux-2.yml](./documents/help/ecs/docker-alibaba-cloud-linux-2.yml) | 部署并使用Docker(Alibaba Cloud Linux 2)。 | +| [configure-IPv6-address-for-ecs.yml](./documents/help/ecs/configure-IPv6-address-for-ecs.yml) | 配置ECS实例的IPv6地址。| + - ack diff --git a/README.md b/README.md index 54391769..6db67323 100644 --- a/README.md +++ b/README.md @@ -372,15 +372,17 @@ Examples and best practices of ROS templates. The templates are categorized as f - ecs -| Template | Description | -|---------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------| -| [lnmp-centos7.yml](./documents/help/ecs/lnmp-centos7.yml) | Deploy an LNMP environment on an ECS instance (CentOS 7), where LNMP represents Linux, Nginx, MySQL, and PHP respectively. | -| [ftp-centos7.yml](./documents/help/ecs/ftp-centos7.yml) | Use Centos7 to create an ECS instance and install and deploy the FTP service. | -| [nodejs-centos7.yml](./documents/help/ecs/nodejs-centos7.yml) | Deploy the Node.js environment on an ECS instance (CentOS 7). | -| [wordpress-centos7.yml](./documents/help/ecs/wordpress-centos7.yml) | Manually build a WordPress website on a CentOS 7 ECS instance | -| [mysql-centos8.yml](./documents/help/ecs/mysql-centos8.yml) | Deploy the MySQL service on an ECS instance (CentOS 8). | -| [ecs-bind-multi-eip-address.yml](documents/help/eip/ecs-bind-multi-eip-address.yml) | Bind an EIP to a secondary ENI in normal mode to bind multiple EIPs to a single ECS instance (CentOS 7). | -| [docker-alibaba-cloud-linux-2.yml](./documents/help/ecs/docker-alibaba-cloud-linux-2.yml) | Deploy and use Docker on the ECS instance of Alibaba Cloud Linux 2.1903 LTS 64-bit operating system. | +| Template | Description | +|-------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------| +| [lnmp-centos7.yml](./documents/help/ecs/lnmp-centos7.yml) | Deploy an LNMP environment on an ECS instance (CentOS 7), where LNMP represents Linux, Nginx, MySQL, and PHP respectively. | +| [ftp-centos7.yml](./documents/help/ecs/ftp-centos7.yml) | Use Centos7 to create an ECS instance and install and deploy the FTP service. | +| [nodejs-centos7.yml](./documents/help/ecs/nodejs-centos7.yml) | Deploy the Node.js environment on an ECS instance (CentOS 7). | +| [wordpress-centos7.yml](./documents/help/ecs/wordpress-centos7.yml) | Manually build a WordPress website on a CentOS 7 ECS instance | +| [mysql-centos8.yml](./documents/help/ecs/mysql-centos8.yml) | Deploy the MySQL service on an ECS instance (CentOS 8). | +| [ecs-bind-multi-eip-address.yml](documents/help/eip/ecs-bind-multi-eip-address.yml) | Bind an EIP to a secondary ENI in normal mode to bind multiple EIPs to a single ECS instance (CentOS 7). | +| [docker-alibaba-cloud-linux-2.yml](./documents/help/ecs/docker-alibaba-cloud-linux-2.yml) | Deploy and use Docker on the ECS instance of Alibaba Cloud Linux 2.1903 LTS 64-bit operating system. | +| [configure-IPv6-address-for-ecs.yml](./documents/help/ecs/configure-IPv6-address-for-ecs.yml) | Configure the IPv6 address of the ECS instance. | + - ack diff --git a/documents/help/ecs/configure-IPv6-address-for-ecs.yml b/documents/help/ecs/configure-IPv6-address-for-ecs.yml new file mode 100644 index 00000000..ee3a5325 --- /dev/null +++ b/documents/help/ecs/configure-IPv6-address-for-ecs.yml @@ -0,0 +1,267 @@ +ROSTemplateFormatVersion: '2015-09-01' +Description: + zh-cn: 配置ECS实例的IPv6地址 + en: Configure the IPv6 address of the ECS instance. +Parameters: + EcsInstanceId: + Type: String + Label: + en: ECS Instance ID + zh-cn: ECS实例ID + AssociationProperty: ALIYUN::ECS::Instance::InstanceId +Resources: + DsEni: + Type: DATASOURCE::ECS::NetworkInterfaces + Properties: + InstanceId: + Ref: EcsInstanceId + Type: Primary + DsEcs: + Type: DATASOURCE::ECS::Instances + Properties: + InstanceIds: + - Ref: EcsInstanceId + DsIpv6Gateway: + Type: MODULE::ACS::OOS::ExecuteAPI + Version: default + Properties: + Service: VPC + API: DescribeIpv6Gateways + Method: GET + Parameters: + VpcId: + Fn::Jq: + - First + - .[0].VpcId + - Fn::GetAtt: + - DsEcs + - Instances + SecurityGroupIngress: + Type: ALIYUN::ECS::SecurityGroupIngress + Properties: + SecurityGroupId: + Fn::Jq: + - First + - .[0].SecurityGroupIds[0] + - Fn::GetAtt: + - DsEcs + - Instances + Ipv6SourceCidrIp: ::/0 + IpProtocol: icmpv6 + NicType: intranet + PortRange: "-1/-1" + ConfigureIPv6Address: + Type: ALIYUN::ECS::RunCommand + DependsOn: AssignIpv6Address + Properties: + InstanceIds: + - Ref: EcsInstanceId + Type: RunShellScript + Sync: true + Timeout: 3600 + CommandContent: + Fn::Sub: |- + #!/bin/bash + + # script exit code: + # 0 - success + # 1 - unsupported system + # 2 - network not available + # 3 - failed to run ecs-utils-ipv6 tool + # 4 - failed to modify /etc/eni_utils/eni-function + + function unsupported_system() { + log_fatal 1 "Unsupported System: $1" + } + + function log_info() { + printf "$(date '+%Y-%m-%d %H:%M:%S') [INFO] $1\n" + } + + function log_error() { + printf "$(date '+%Y-%m-%d %H:%M:%S') [ERROR] $1\n" + } + + function log_fatal() { + printf "\n========================================================================\n" + printf "$(date '+%Y-%m-%d %H:%M:%S') [FATAL] $2. Please retry." + printf "\n========================================================================\n" + exit $1 + } + + function debug_exec(){ + local cmd="$@" + log_info "$cmd" + eval "$cmd" + ret=$? + echo "" + log_info "$cmd, exit code: $ret" + return $ret + } + + function check_network_available() { + log_info "ping ecs-image-utils.oss-cn-hangzhou.aliyuncs.com ..." + if ! debug_exec ping -c 4 ecs-image-utils.oss-cn-hangzhou.aliyuncs.com; then + log_fatal 2 "Could not connect to https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com" + fi + } + + function run_ipv6_tool() { + log_info "run ecs-utils-ipv6 tool" + debug_exec chmod +x ./ecs-utils-ipv6 + + if ! debug_exec ./ecs-utils-ipv6; then + log_fatal 3 "Failed to run ecs-utils-ipv6 tool." + fi + } + + function check_multi_eni_util() { + log_info "check multi-nic-util config" + if test -f /sbin/eni-ifscan; then + + if ! debug_exec "sed -i 's/IPV6INIT=no/IPV6INIT=yes\n DHCPV6C=yes/g' /etc/eni_utils/eni-function"; then + log_fatal 4 "Failed to modify /etc/eni_utils/eni-function" + fi + fi + } + + log_info "System Information:" + if ! lsb_release -a; then + unsupported_system + fi; + echo "" + + RHEL=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/rhel/ecs-utils-ipv6 + Debian=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/debian/ecs-utils-ipv6 + SLES=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/sles/ecs-utils-ipv6 + FreeBSD=https://ecs-image-utils.oss-cn-hangzhou.aliyuncs.com/ipv6/freebsd/ecs-utils-ipv6 + + linux=$(lsb_release -a | grep "Distributor ID:" | cut -d':' -f2 | cut -d '(' -f1 | xargs echo -n) + case $linux in + CentOS|RedHat|Fedora|Aliyun|AlibabaCloud|Fedora) wget --timeout=10 -q -O ecs-utils-ipv6 $RHEL ;; + Debian|Ubuntu) wget --timeout=10 -q -O ecs-utils-ipv6 $Debian ;; + SUSE|OpenSUSE) wget --timeout=10 -q -O ecs-utils-ipv6 $SLES ;; + FreeBSD) wget --timeout=10 -q -O ecs-utils-ipv6 $FreeBSD ;; + *) unsupported_system $linux ;; + esac + + run_ipv6_tool + check_multi_eni_util + AssignIpv6Address: + Type: ALIYUN::ROS::Stack + Properties: + Parameters: + VpcId: + Fn::Jq: + - First + - .[0].VpcId + - Fn::GetAtt: + - DsEcs + - Instances + VswId: + Fn::Jq: + - First + - .[0].VswitchId + - Fn::GetAtt: + - DsEcs + - Instances + NetworkInterfaceId: + Fn::Select: + - 0 + - Fn::GetAtt: + - DsEni + - NetworkInterfaceIds + Ipv6GatewayId: + Fn::Jq: + - First + - .[0].Ipv6Gateways.Ipv6Gateway[0].Ipv6GatewayId + - Fn::GetAtt: + - DsIpv6Gateway + - Output + TemplateBody: + ROSTemplateFormatVersion: '2015-09-01' + Parameters: + Ipv6GatewayId: + Type: String + Default: null + VpcId: + Type: String + VswId: + Type: String + NetworkInterfaceId: + Type: String + Conditions: + EnableIpv6ForVpc: + Fn::Equals: + - null + - Ref: Ipv6GatewayId + Resources: + OpenIPv6ForVpc: + Condition: EnableIpv6ForVpc + Type: MODULE::ACS::OOS::ExecuteAPI + Version: default + Properties: + Service: VPC + Prefix: open-ipv6-for-vpc + API: ModifyVpcAttribute + Method: POST + Parameters: + VpcId: + Ref: VpcId + EnableIPv6: true + Ipv6Gateway: + Type: ALIYUN::VPC::Ipv6Gateway + Condition: EnableIpv6ForVpc + DependsOn: OpenIPv6ForVpc + Properties: + VpcId: + Ref: VpcId + OpenIPv6ForVsw: + Type: MODULE::ACS::OOS::ExecuteAPI + Condition: EnableIpv6ForVpc + DependsOn: Ipv6Gateway + Version: default + Properties: + Service: VPC + Prefix: open-ipv6-for-vsw + API: ModifyVSwitchAttribute + Method: POST + Parameters: + Ipv6CidrBlock: 252 + VSwitchId: + Ref: VswId + EnableIPv6: true + Ipv6InternetBandwidth: + Type: ALIYUN::VPC::Ipv6InternetBandwidth + Properties: + Bandwidth: 1 + Ipv6AddressId: + Fn::Select: + - 0 + - Fn::GetAtt: + - IpV6Address + - Ipv6AddressIds + Ipv6GatewayId: + Fn::If: + - EnableIpv6ForVpc + - Ref: Ipv6Gateway + - Ref: Ipv6GatewayId + InternetChargeType: PayByTraffic + IpV6Address: + Type: ALIYUN::ECS::AssignIpv6Addresses + DependsOn: OpenIPv6ForVsw + Properties: + Ipv6AddressCount: 1 + NetworkInterfaceId: + Ref: NetworkInterfaceId +Outputs: + EcsLoginAddress: + Description: + en: Ecs login address. + zh-cn: ECS登陆地址。 + Value: + Fn::Sub: https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs®ionId=${ALIYUN::Region}&instanceId=${EcsInstanceId} +Metadata: + ALIYUN::ROS::Interface: + TemplateTags: + - acs:document-help:ecs:配置ECS实例的IPv6地址