From bb817f1e2e81147ace64f496f2aafab7ee10c747 Mon Sep 17 00:00:00 2001 From: qitan Date: Fri, 17 Nov 2023 17:25:15 +0800 Subject: [PATCH] fix template issue --- .../opensource/puppet/open-source-puppet.yml | 401 ++++++++++++++++++ .../opensource/puppet/puppet-enterprise.yml | 167 ++++++++ ...aigc-text-generation-3d-model-with-ecs.yml | 5 +- .../ai/lingjun-LLAMA-2-best-practice.yml | 16 +- .../solution/ai/pai-ai-painting-solution.yml | 4 +- ...-speeds-up-distribution-of-file-on-oss.yml | 26 +- .../cdn-and-video-cloud/dcdn-acceleration.yml | 7 + .../database/dts-cache-synchronization.yml | 27 +- ...ighly-available-blog-site-on-the-cloud.yml | 80 ++-- .../Nginx-access-log-data-archive.yml | 29 +- .../video-website-solution.yml | 49 ++- ...end-canary-release-for-ack-application.yml | 13 +- ...egion-account-network-interwork-scheme.yml | 2 +- ...se-cloud-network-architecture-planning.yml | 5 + .../public-network-architecture-design.yml | 5 + ...-region-three-center-high-availability.yml | 4 +- .../deploy-nginx-services-through-ingress.yml | 11 +- 17 files changed, 768 insertions(+), 83 deletions(-) create mode 100644 compute-nest-best-practice/opensource/puppet/open-source-puppet.yml create mode 100644 compute-nest-best-practice/opensource/puppet/puppet-enterprise.yml diff --git a/compute-nest-best-practice/opensource/puppet/open-source-puppet.yml b/compute-nest-best-practice/opensource/puppet/open-source-puppet.yml new file mode 100644 index 00000000..50babc77 --- /dev/null +++ b/compute-nest-best-practice/opensource/puppet/open-source-puppet.yml @@ -0,0 +1,401 @@ +ROSTemplateFormatVersion: '2015-09-01' +Description: + zh-cn: Puppet 社区版 + en: open source puppet +Parameters: + ServerZoneId: + Type: String + Label: + zh-cn: Server 可用区 + en: Server Availability Zone + AssociationProperty: ALIYUN::ECS::Instance:ZoneId + ServerInstanceType: + Type: String + Label: + zh-cn: Server 实例类型 + en: Server Instance Type + AssociationProperty: ALIYUN::ECS::Instance::InstanceType + AssociationPropertyMetadata: + ZoneId: ${ServerZoneId} + AgentNumber: + Type: Number + Label: + zh-cn: 客户端实例数量 + en: Agent Instance Number + Default: 1 + MinValue: 1 + MaxValue: 10 + AgentZoneId: + Type: String + Label: + zh-cn: Agent可用区 + en: Agent Availability Zone + AssociationProperty: ALIYUN::ECS::Instance:ZoneId + AgentInstanceType: + Type: String + Label: + zh-cn: Agent 实例类型 + en: Agent Instance Type + AssociationProperty: ALIYUN::ECS::Instance::InstanceType + AssociationPropertyMetadata: + ZoneId: ${AgentZoneId} + InstancePassword: + Type: String + Label: + zh-cn: 实例密码 + en: Instance Password + Description: + zh-cn: 服务器登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。 + en: Server login password, Length 8-30, must contain three(Capital letters, + lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol + in). + ConstraintDescription: + zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。 + en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, + ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in). + Default: + AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$' + MinLength: 8 + MaxLength: 30 + NoEcho: true + CommonName: + Type: String + Default: puppet +Resources: + Vpc: + Type: ALIYUN::ECS::VPC + Properties: + CidrBlock: 192.168.0.0/16 + VpcName: + Fn::Sub: ${CommonName}-vpc + SecurityGroup: + Type: ALIYUN::ECS::SecurityGroup + Properties: + VpcId: + Ref: Vpc + SecurityGroupName: + Fn::Sub: ${CommonName}-sg + SecurityGroupIngress_22: + Type: ALIYUN::ECS::SecurityGroupIngress + Properties: + SecurityGroupId: + Ref: SecurityGroup + IpProtocol: tcp + NicType: intranet + SourceCidrIp: 0.0.0.0/0 + PortRange: 22/22 + SecurityGroupIngress_80: + Type: ALIYUN::ECS::SecurityGroupIngress + Properties: + SecurityGroupId: + Ref: SecurityGroup + IpProtocol: tcp + NicType: intranet + SourceCidrIp: 0.0.0.0/0 + PortRange: 80/80 + SecurityGroupIngress_8140: + Type: ALIYUN::ECS::SecurityGroupIngress + Properties: + SecurityGroupId: + Ref: SecurityGroup + IpProtocol: tcp + NicType: intranet + SourceCidrIp: 0.0.0.0/0 + PortRange: 8140/8140 + VSwitch1: + Type: ALIYUN::ECS::VSwitch + Properties: + ZoneId: + Ref: ServerZoneId + VpcId: + Ref: Vpc + CidrBlock: 192.168.0.0/24 + VSwitchName: + Fn::Sub: ${CommonName}-${ServerZoneId}-vsw + VSwitch2: + Type: ALIYUN::ECS::VSwitch + Properties: + ZoneId: + Ref: AgentZoneId + VpcId: + Ref: Vpc + CidrBlock: 192.168.2.0/24 + VSwitchName: + Fn::Sub: ${CommonName}-${AgentZoneId}-vsw + PuppetServer: + Type: ALIYUN::ECS::InstanceGroup + Properties: + ZoneId: + Ref: ServerZoneId + VpcId: + Ref: Vpc + VSwitchId: + Ref: VSwitch1 + SecurityGroupId: + Ref: SecurityGroup + ImageId: aliyun_3_x64_20G_alibase_ + SystemDiskCategory: cloud_essd + SystemDiskSize: 40 + AllocatePublicIP: false + IoOptimized: optimized + Password: + Ref: InstancePassword + InstanceType: + Ref: ServerInstanceType + MaxAmount: 1 + HostName: puppet-server + InstanceName: puppet-server + NatEip: + Type: ALIYUN::VPC::EIP + Properties: + Name: + Fn::Sub: ${CommonName}-nat-eip + DeletionProtection: false + Isp: BGP + Bandwidth: 100 + InternetChargeType: PayByTraffic + NatGateway: + Type: ALIYUN::VPC::NatGateway + Properties: + ZoneId: + Ref: ServerZoneId + VpcId: + Ref: Vpc + VSwitchId: + Ref: VSwitch1 + NatGatewayName: + Fn::Sub: ${CommonName}-ngw + InternetChargeType: PayByLcu + EipBindMode: NAT + NatEipAssociation: + Type: ALIYUN::VPC::EIPAssociation + Properties: + InstanceId: + Ref: NatGateway + AllocationId: + Ref: NatEip + SnatEntry: + Type: ALIYUN::VPC::SnatEntry + DependsOn: NatEipAssociation + Properties: + SnatEntryName: public-network-access-in-vpc + SnatTableId: + Fn::GetAtt: + - NatGateway + - SNatTableId + SnatIp: + Fn::GetAtt: + - NatEipAssociation + - EipAddress + SourceCIDR: 0.0.0.0/0 + InstallPuppetServer: + Type: ALIYUN::ECS::RunCommand + Properties: + InstanceIds: + - Ref: PuppetServer + Type: RunShellScript + Sync: true + Timeout: 1800 + CommandContent: + Fn::Sub: |- + #!/bin/bash + echo "###############################" + echo "# SSH configuration " + echo "###############################" + cat >> /etc/ssh/${SshKeyPair.KeyPairName}.pem << EOF + ${SshKeyPair.PrivateKeyBody} + EOF + chmod 400 /etc/ssh/${SshKeyPair.KeyPairName}.pem + echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config + echo "IdentityFile /etc/ssh/${SshKeyPair.KeyPairName}.pem" >> /etc/ssh/ssh_config + + echo "###############################" + echo "# Instance Puppet Server" + echo "###############################" + rpm -Uvh https://yum.puppet.com/puppet8-release-el-8.noarch.rpm + sed -i 's|yum.puppet.com|mirrors.cloud.aliyuncs.com/puppet/yum|g' /etc/yum.repos.d/puppet8-release.repo + yum install -y puppetserver + + # modify /etc/puppetlabs/puppet/puppet.conf + /opt/puppetlabs/bin/puppet config set server puppet-server --section main + /opt/puppetlabs/bin/puppet config set certname puppet-server --section main + + cat /etc/puppetlabs/puppet/puppet.conf + + systemctl enable puppetserver + systemctl start puppetserver + exec bash + /opt/puppetlabs/bin/puppetserver -v + DependsOn: + - SnatEntry + - SecurityGroupIngress_22 + - SecurityGroupIngress_80 + - SecurityGroupIngress_8140 + PuppetAgent: + Type: ALIYUN::ECS::InstanceGroup + Count: + Ref: AgentNumber + Properties: + ZoneId: + Ref: AgentZoneId + VpcId: + Ref: Vpc + VSwitchId: + Ref: VSwitch2 + SecurityGroupId: + Ref: SecurityGroup + ImageId: aliyun_3_x64_20G_alibase_ + SystemDiskCategory: cloud_essd + SystemDiskSize: 40 + AllocatePublicIP: false + IoOptimized: optimized + Password: + Ref: InstancePassword + InstanceType: + Ref: AgentInstanceType + MaxAmount: 1 + HostName: + Fn::Sub: ${CommonName}-agent-${ALIYUN::Index} + InstanceName: + Fn::Sub: ${CommonName}-agent-${ALIYUN::Index} + InstallPuppetAgent: + Type: ALIYUN::ECS::RunCommand + Properties: + InstanceIds: + Ref: PuppetAgent + Type: RunShellScript + Sync: true + Timeout: 1800 + CommandContent: + Fn::Sub: + - |- + #!/bin/bash + echo "###############################" + echo "# SSH configuration " + echo "###############################" + + cat >> /etc/ssh/${SshKeyPair.KeyPairName}.pem << EOF + ${SshKeyPair.PrivateKeyBody} + EOF + + chmod 400 /etc/ssh/${SshKeyPair.KeyPairName}.pem + echo "StrictHostKeyChecking=no" >> /etc/ssh/ssh_config + + echo "###############################" + echo "# Instance Puppet Agent" + echo "###############################" + rpm -Uvh https://yum.puppet.com/puppet8-release-el-8.noarch.rpm + sed -i 's|yum.puppet.com|mirrors.cloud.aliyuncs.com/puppet/yum|g' /etc/yum.repos.d/puppet8-release.repo + yum install -y puppet-agent + + cat >> /etc/hosts << EOF + ${PrivateIp} puppet-server + EOF + + echo "host done" + + source /etc/profile.d/puppet-agent.sh + # modify /etc/puppetlabs/puppet/puppet.conf + /opt/puppetlabs/bin/puppet config set server puppet-server --section main + - PrivateIp: + Fn::Select: + - 0 + - Fn::GetAtt: + - PuppetServer + - PrivateIps + SignCa: + Type: ALIYUN::ECS::RunCommand + DependsOn: + - InstallPuppetAgent + - InstallPuppetServer + Properties: + InstanceIds: + - Ref: PuppetServer + Type: RunShellScript + Sync: true + Timeout: 1200 + CommandContent: + Fn::Sub: + - |- + #!/bin/bash + echo "###############################" + echo "# Sign Ca for Agent" + echo "###############################" + + agent_ips="${AgentIps}" + for ip in $agent_ips + do + sleep 5 + ssh -f -n $ip "/opt/puppetlabs/bin/puppet ssl bootstrap &" + sleep 10 + host_name=`ssh $ip "hostname"` + echo "ip: $ip hostname: $host_name" + echo $ip $host_name >> /etc/hosts + /opt/puppetlabs/bin/puppetserver ca sign --certname $host_name 2>&1 + sleep 5 + ssh $ip "systemctl enable puppet" + done + - AgentIps: + Fn::Join: + - ' ' + - Fn::Add: + Fn::GetAtt: + - PuppetAgent + - PrivateIps + SshKeyPair: + Type: ALIYUN::ECS::SSHKeyPair + Properties: + KeyPairName: + Fn::Sub: ${CommonName}-ssh-key-pair + ServerKeyPairAttachment: + Type: ALIYUN::ECS::SSHKeyPairAttachment + Properties: + InstanceIds: + - Ref: PuppetServer + KeyPairName: + Ref: SshKeyPair + AutoReboot: true + AgentKeyPairAttachment: + Type: ALIYUN::ECS::SSHKeyPairAttachment + Properties: + InstanceIds: + Ref: PuppetAgent + KeyPairName: + Ref: SshKeyPair + AutoReboot: true +Outputs: + ServerEcsLoginAddress: + Description: + zh-cn: Server Ecs登陆地址。 + en: Server Ecs login address. + Value: + Fn::Sub: + https://ecs-workbench.aliyun.com/?from=EcsConsole&instanceType=ecs®ionId=${ALIYUN::Region}&instanceId=${PuppetServer} +Metadata: + ALIYUN::ROS::Interface: + ParameterGroups: + - Parameters: + - ServerZoneId + - ServerInstanceType + Label: + default: + zh-cn: Puppet Server 实例配置 + en: Puppet server configuration + - Parameters: + - AgentNumber + - AgentZoneId + - AgentInstanceType + Label: + default: + zh-cn: Puppet Agent 实例配置 + en: Instance Configuration + - Parameters: + - InstancePassword + Label: + default: + zh-cn: 实例密码配置 + en: Instance Password Configuration + Hidden: + - CommonName + TemplateTags: + - acs:integrate:computenest:open-source-puppet diff --git a/compute-nest-best-practice/opensource/puppet/puppet-enterprise.yml b/compute-nest-best-practice/opensource/puppet/puppet-enterprise.yml new file mode 100644 index 00000000..b7491ed2 --- /dev/null +++ b/compute-nest-best-practice/opensource/puppet/puppet-enterprise.yml @@ -0,0 +1,167 @@ +ROSTemplateFormatVersion: '2015-09-01' +Description: + zh-cn: Puppet 企业版 + en: Puppet Enterprise +Parameters: + ZoneId: + Type: String + Label: + zh-cn: 可用区 + en: Availability Zone + AssociationProperty: ALIYUN::ECS::Instance:ZoneId + InstanceType: + Type: String + Label: + zh-cn: Server 实例类型 + en: Server Instance Type + AssociationProperty: ALIYUN::ECS::Instance::InstanceType + AssociationPropertyMetadata: + ZoneId: ${ZoneId} + PuppetPassword: + Type: String + Label: + zh-cn: Puppet 密码 + en: Puppet Password + Description: + zh-cn: Puppet登录密码,长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。 + en: Puppet login password, Length 8-30, must contain three(Capital letters, + lowercase letters, numbers, ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol + in). + ConstraintDescription: + zh-cn: 长度8-30,必须包含三项(大写字母、小写字母、数字、 ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ 中的特殊符号)。 + en: Length 8-30, must contain three(Capital letters, lowercase letters, numbers, + ()`~!@#$%^&*_-+=|{}[]:;'<>,.?/ Special symbol in). + AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$' + MinLength: 8 + MaxLength: 30 + NoEcho: true + CommonName: + Type: String + Default: puppet-enterprise +Resources: + Vpc: + Type: ALIYUN::ECS::VPC + Properties: + CidrBlock: 192.168.0.0/16 + VpcName: + Fn::Sub: ${CommonName}-vpc + SecurityGroup: + Type: ALIYUN::ECS::SecurityGroup + Properties: + VpcId: + Ref: Vpc + SecurityGroupName: + Fn::Sub: ${CommonName}-sg + SecurityGroupIngress: + - Priority: 1 + PortRange: "-1/-1" + NicType: intranet + SourceCidrIp: 0.0.0.0/0 + IpProtocol: all + SecurityGroupEgress: + - Priority: 1 + PortRange: "-1/-1" + DestCidrIp: 0.0.0.0/0 + NicType: intranet + IpProtocol: all + VSwitch: + Type: ALIYUN::ECS::VSwitch + Properties: + ZoneId: + Ref: ZoneId + VpcId: + Ref: Vpc + CidrBlock: 192.168.0.0/24 + VSwitchName: + Fn::Sub: ${CommonName}-${ZoneId}-vsw + PuppetServer: + Type: ALIYUN::ECS::InstanceGroup + Properties: + ZoneId: + Ref: ZoneId + VpcId: + Ref: Vpc + VSwitchId: + Ref: VSwitch + SecurityGroupId: + Ref: SecurityGroup + ImageId: centos_7_9_x64_20G_alibase_ + SystemDiskCategory: cloud_essd + SystemDiskSize: 120 + AllocatePublicIP: true + IoOptimized: optimized + Password: + Ref: PuppetPassword + InstanceType: + Ref: InstanceType + MaxAmount: 1 + HostName: puppet-primary-server + InstanceName: puppet-primary-server + InstallPuppetServer: + Type: ALIYUN::ECS::RunCommand + Properties: + InstanceIds: + - Ref: PuppetServer + Type: RunShellScript + Sync: true + Timeout: 1800 + CommandContent: + Fn::Sub: + - | + #!/bin/bash + + wget 'https://image-test3.oss-cn-shenzhen.aliyuncs.com/puppet-enterprise-2023.5.0-el-7-x86_64.tar.gz' >/dev/null 2>&1 + echo "`date +'%Y-%m-%dT%H:%M:%S'` download complete" + tar -xzf puppet-enterprise-2023.5.0-el-7-x86_64.tar.gz + echo "`date +'%Y-%m-%dT%H:%M:%S'` tar complete" + + echo y | ./puppet-enterprise-2023.5.0-el-7-x86_64/puppet-enterprise-installer > /tmp/puppet-installer.log + echo "installer: $?" >> /tmp/puppet-installer.log + echo "`date +'%Y-%m-%dT%H:%M:%S'` puppet enterprise install complete" >> /tmp/puppet-installer.log + + puppet infrastructure console_password --password=${PuppetPassword} + echo "`date +'%Y-%m-%dT%H:%M:%S'` console password set complete" >> /tmp/puppet-installer.log + + sed -i '34i "puppet_enterprise::profile::console::proxy::http_redirect::server_name": "${ServerAddress}"' /etc/puppetlabs/enterprise/conf.d/pe.conf + puppet agent -t >> /tmp/puppet-installer.log + echo "agent1: $?" >> /tmp/puppet-installer.log + sleep 60 + puppet agent -t >> /tmp/puppet-installer.log + echo "agent2: $?" >> /tmp/puppet-installer.log + - ServerAddress: + Fn::Select: + - 0 + - Fn::GetAtt: + - PuppetServer + - PublicIps +Outputs: + ServerEcsLoginAddress: + Description: + zh-cn: Server Ecs登陆地址。 + en: Server Ecs login address. + Value: + Fn::Sub: https://ecs-workbench.aliyun.com/?instanceType=ecs®ionId=${ALIYUN::Region}&instanceId=${PuppetServer} + PuppetEnterpriseConsoleURL: + Description: + zh-cn: Puppet Enterprise 登录地址 + en: Puppet Enterprise Login URL + Value: + Fn::Sub: + - https://${ServerAddress}/ + - ServerAddress: + Fn::Select: + - 0 + - Fn::GetAtt: + - PuppetServer + - PublicIps +Metadata: + ALIYUN::ROS::Interface: + ParameterGroups: + - Parameters: + - ZoneId + - InstanceType + - PuppetPassword + Hidden: + - CommonName + TemplateTags: + - acs:integrate:computenest:puppet-enterprise diff --git a/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml b/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml index 2cdb01b3..84085e1b 100644 --- a/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml +++ b/documents/solution/ai/aigc-text-generation-3d-model-with-ecs.yml @@ -35,6 +35,9 @@ Parameters: - ecs.gn7i-c16g1.4xlarge - ecs.gn7i-c32g1.8xlarge - ecs.gn7i-c48g1.12xlarge + Description: + en: This solution requires GPU computing type gn7i series servers. If there are no instance specifications that meet the conditions, please change the region. + zh-cn: 此方案需要 GPU 计算型 gn7i 系列服务器,如果没有满足条件的实例规格,请更换地域。 InstancePassword: NoEcho: true Type: String @@ -196,7 +199,7 @@ Outputs: Metadata: ALIYUN::ROS::Interface: TemplateTags: - - 'acs:technical-solution:ai:AIGC文本生成3D模型' + - 'acs:technical-solution:ai:文本生成3D模型' ParameterGroups: - Parameters: - ImageId diff --git a/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml b/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml index dcd482de..73189cd2 100644 --- a/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml +++ b/documents/solution/ai/lingjun-LLAMA-2-best-practice.yml @@ -21,14 +21,26 @@ Parameters: Description: en: custom OSS bucket name. Default:bucket-llm. zh-cn: 自定义对象存储桶的名称。 默认为bucket-llm - Default: bucket-llm + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 5 + Prefix: bucket-llm- + CharacterClasses: + - Class: lowercase + min: 1 Resources: ModuleVpcAndVswitch: + DependsOn: + - AutoEnableOSS Type: MODULE::ACS::VPC::OptionalVpcAndVSwitch Properties: ZoneId: Ref: ZoneId Version: default + AutoEnableOSS: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: OSS SecurityGroup: Type: ALIYUN::ECS::SecurityGroup Properties: @@ -89,4 +101,4 @@ Metadata: - ZoneId - BucketName TemplateTags: - - acs:technical-solution:ai:LLAMA-2全托管灵骏最佳实践 + - acs:technical-solution:ai:通过PAI-灵骏分布式训练和部署Llama2模型方案 diff --git a/documents/solution/ai/pai-ai-painting-solution.yml b/documents/solution/ai/pai-ai-painting-solution.yml index b7146fcb..9f2cbbc2 100644 --- a/documents/solution/ai/pai-ai-painting-solution.yml +++ b/documents/solution/ai/pai-ai-painting-solution.yml @@ -164,12 +164,12 @@ Resources: - MountTargetDomain properties: resource_type: model - mount_path: /data-nas + mount_path: /code/stable-diffusion-webui/data-nas containers: - image: eas-registry-vpc.ap-southeast-1.cr.aliyuncs.com/pai-eas/stable-diffusion-webui:4.1 script: ./webui.sh --listen --port 8000 --skip-version-check --no-hashing --no-download-sd-model --skip-install --api --filebrowser --cluster-status - --sd-dynamic-cache --data-dir /data-nas + --sd-dynamic-cache --data-dir /code/stable-diffusion-webui/data-nas port: 8000 meta: type: SDCluster diff --git a/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml b/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml index f02a40ca..2c9d903e 100644 --- a/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml +++ b/documents/solution/cdn-and-video-cloud/cdn-speeds-up-distribution-of-file-on-oss.yml @@ -23,9 +23,8 @@ Parameters: zh-cn: 加速域名 en: Accelerated domain name Description: - zh-cn: 加速域名是指接入CDN,用于加速源站的域名。该示例为image.example.com。 - en: Accelerated domain name refers to the domain name of the access CDN used to accelerate the source site. The example is image.example.com. - Default: image.example.com + zh-cn: 加速域名是指接入CDN,用于加速源站的域名。请填写您账号下的域名。 + en: Accelerated domain name refers to the domain name of the access CDN used to accelerate the source site. Please fill in the domain name under your account. BucketName: Type: String Label: @@ -34,18 +33,29 @@ Parameters: Description: en: The name must be 3 to 63 bytes in length, The name must start and end with a lowercase letter or digit.The name can contain only lowercase letters, digits, and hyphens (-).;
note:A bucket name must be globally unique within OSS. Bucket names cannot be changed after the bucket is created. zh-cn: 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。 - Default: image-example-test + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 6 + Prefix: image-example- + CharacterClasses: + - Class: lowercase + min: 1 Resources: OssBucket: Type: ALIYUN::OSS::Bucket + DependsOn: AutoEnableOSS Properties: BucketName: Ref: BucketName DeletionForce: true - OpenCdnService: + AutoEnableCDN: Type: ALIYUN::ROS::AutoEnableService Properties: - ServiceName: DCDN + ServiceName: CDN + AutoEnableOSS: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: OSS Domain: Type: ALIYUN::CDN::Domain Properties: @@ -61,7 +71,7 @@ Resources: Ref: Scope DomainName: Ref: DomainName - DependsOn: OpenCdnService + DependsOn: AutoEnableCDN DomainRecord: Type: ALIYUN::DNS::DomainRecord Properties: @@ -111,4 +121,4 @@ Metadata: - DomainName - BucketName TemplateTags: - - acs:technical-solution:cdn-and-video-cloud:使用CDN加速OSS上存储的文件资源分发 + - acs:technical-solution:cdn-and-video-cloud:文件下载加速及成本优化 diff --git a/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml b/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml index 24b4ccf5..1a5737e4 100644 --- a/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml +++ b/documents/solution/cdn-and-video-cloud/dcdn-acceleration.yml @@ -83,9 +83,12 @@ Parameters: AllowedPattern: '[0-9A-Za-z\_\-\&:;''<>,=%`~!@#\(\)\$\^\*\+\|\{\}\[\]\.\?\/]+$' MinLength: 8 MaxLength: 30 + NoEcho: true Resources: Vpc: Type: ALIYUN::ECS::VPC + DependsOn: + - AutoEnableDCDN Properties: CidrBlock: 192.168.0.0/16 VSwitch: @@ -150,6 +153,10 @@ Resources: Ref: DomainName Scope: Ref: Scope + AutoEnableDCDN: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: DCDN Outputs: Cname: Description: CNAME diff --git a/documents/solution/database/dts-cache-synchronization.yml b/documents/solution/database/dts-cache-synchronization.yml index 756438fe..ec0bdfda 100644 --- a/documents/solution/database/dts-cache-synchronization.yml +++ b/documents/solution/database/dts-cache-synchronization.yml @@ -25,7 +25,6 @@ Parameters: AssociationProperty: ALIYUN::ECS::Instance::InstanceType AssociationPropertyMetadata: ZoneId: ${ZoneId} - Default: ecs.c5.large SystemDiskCategory: Type: String Label: @@ -39,7 +38,6 @@ Parameters: LocaleKey: DiskCategory InstanceType: ${InstanceType} ZoneId: ${ZoneId} - Default: cloud_efficiency InstancePassword: Type: String Label: @@ -116,7 +114,6 @@ Parameters: Engine: MySQL Category: HighAvailability DBInstanceStorageType: cloud_essd - Default: 'rds.mysql.t1.small' RedisInstanceClass: Type: String Label: @@ -170,6 +167,7 @@ Parameters: Resources: Vpc: Type: ALIYUN::ECS::VPC + DependsOn: AliyunDTSDefaultRole Properties: CidrBlock: 192.168.0.0/16 VSwitch: @@ -254,6 +252,8 @@ Resources: DBInstanceStorageType: cloud_essd SecurityIPList: 0.0.0.0/0 AllocatePublicConnection: true + SlaveZoneIds: + - Ref: ZoneId RedisInstance: Type: ALIYUN::REDIS::Instance Properties: @@ -352,6 +352,25 @@ Resources: - Whitelist - SecurityGroupIngress_22 - SecurityGroupIngress_3306 + AliyunDTSDefaultRole: + Type: 'ALIYUN::RAM::Role' + Properties: + RoleName: AliyunDTSDefaultRole + Description: DTS默认使用此角色来访问您在其他云产品中的资源。 + AssumeRolePolicyDocument: + Version: '1' + Statement: + - Action: 'sts:AssumeRole' + Effect: Allow + Principal: + Service: + - dts.aliyuncs.com + MaxSessionDuration: 3600 + IgnoreExisting: true + DeletionForce: true + PolicyAttachments: + System: + - AliyunDTSRolePolicy Outputs: RdsInstanceInnerConnectionString: Description: @@ -389,4 +408,4 @@ Metadata: Label: default: Dts TemplateTags: - - acs:technical-solution:database:通过DTS实现MySQL与Redis缓存同步一致性方案 \ No newline at end of file + - acs:technical-solution:database:实时同步RDS与Redis构建缓存一致性 \ No newline at end of file diff --git a/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml b/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml index 124970ee..fd6b46d5 100644 --- a/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml +++ b/documents/solution/high-availability-architecture/highly-available-blog-site-on-the-cloud.yml @@ -11,7 +11,13 @@ Parameters: AssociationProperty: 'ALIYUN::ECS::Instance::InstanceType' AssociationPropertyMetadata: InstanceChargeType: PostPaid - SystemDiskCategory: cloud_essd + SpotStrategy: SpotAsPriceGo + Description: + en: >- + If no available specifications are displayed, please select Modify + Availability Zone and try again. + zh-cn: 如果没有可用规格显示,请选择修改可用区后重试。 + Default: ecs.s6-c1m1.small Zone1: Type: String Label: @@ -24,6 +30,9 @@ Parameters: en: VSwitch Availability Zone2 zh-cn: 交换机可用区2 AssociationProperty: 'ALIYUN::ECS::Instance::ZoneId' + Description: + en: Please select an availability zone different from Availability Zone1. + zh-cn: 请选择与可用区1不同的可用区。 InstancePassword: Type: String Label: @@ -58,7 +67,7 @@ Parameters: Label: en: DBNodeClass zh-cn: PolarDB集群规格 - Default: polar.mysql.x4.large + Default: polar.mysql.g2.medium PolarDBAccountName: Type: String Label: @@ -86,22 +95,6 @@ Parameters: MinLength: 8 MaxLength: 30 NoEcho: true - BucketName: - Type: String - Label: - en: OSS Bucket Name - zh-cn: Oss存储空间名称 - Description: - en: >- - The name must be 3 to 63 bytes in length, The name must start and end - with a lowercase letter or digit.The name can contain only lowercase - letters, digits, and hyphens (-).;
note:A - bucket name must be globally unique within OSS. Bucket names cannot be - changed after the bucket is created. - zh-cn: >- - 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。 - Default: image-example-test CommonName: Type: String Default: high-availability @@ -172,7 +165,7 @@ Resources: DestCidrIp: 0.0.0.0/0 NicType: intranet EcsInstanceGroup1: - Type: 'ALIYUN::ECS::InstanceGroup' + Type: 'ALIYUN::ECS::Instance' Properties: ZoneId: Ref: Zone1 @@ -184,17 +177,17 @@ Resources: Ref: EcsSecurityGroup ImageId: centos_7_6 IoOptimized: optimized - SystemDiskCategory: cloud_essd - SystemDiskSize: 40 - MaxAmount: 1 + SystemDiskSize: 20 InstanceType: Ref: EcsInstanceType Password: Ref: InstancePassword InstanceName: 'Fn::Sub': '${CommonName}_ecs1' + SpotStrategy: SpotAsPriceGo + SystemDiskCategory: cloud_essd EcsInstanceGroup2: - Type: 'ALIYUN::ECS::InstanceGroup' + Type: 'ALIYUN::ECS::Instance' Properties: ZoneId: Ref: Zone2 @@ -206,15 +199,15 @@ Resources: Ref: EcsSecurityGroup ImageId: centos_7_6 IoOptimized: optimized - SystemDiskCategory: cloud_essd - SystemDiskSize: 40 - MaxAmount: 1 + SystemDiskSize: 20 InstanceType: Ref: EcsInstanceType Password: Ref: InstancePassword InstanceName: 'Fn::Sub': '${CommonName}_ecs2' + SpotStrategy: SpotAsPriceGo + SystemDiskCategory: cloud_essd InstanceRunCommand: Type: 'ALIYUN::ECS::RunCommand' Properties: @@ -248,11 +241,11 @@ Resources: Type: 'ALIYUN::POLARDB::DBCluster' Properties: ZoneId: - Ref: Zone1 + Ref: Zone2 VpcId: Ref: EcsVpc VSwitchId: - Ref: EcsVSwitch1 + Ref: EcsVSwitch2 SecurityGroupIds: - Ref: EcsSecurityGroup DBType: MySQL @@ -350,17 +343,6 @@ Resources: LoadBalancerId: Ref: AlbLoadBalancer ListenerProtocol: HTTP - OssBucket: - Type: 'ALIYUN::OSS::Bucket' - Properties: - BucketName: - Ref: BucketName - AccessControl: public-read - StorageClass: Standard - OpenCdnService: - Type: 'ALIYUN::ROS::AutoEnableService' - Properties: - ServiceName: DCDN Outputs: WordPressUrl: Description: @@ -376,6 +358,13 @@ Outputs: Metadata: 'ALIYUN::ROS::Interface': ParameterGroups: + - Parameters: + - Zone1 + - Zone2 + Label: + default: + en: Availability Zone + zh-cn: 可用区配置 - Parameters: - EcsInstanceType - InstancePassword @@ -392,19 +381,6 @@ Metadata: default: en: PolarDB Information zh-cn: PolarDB配置 - - Parameters: - - BucketName - Label: - default: - en: OSS - zh-cn: OSS 配置 - - Parameters: - - Zone1 - - Zone2 - Label: - default: - en: Availability Zone - zh-cn: 可用区配置 TemplateTags: - 'acs:technical-solution:high-availability-architecture:云上高可用博客网站' Hidden: diff --git a/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml b/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml index 7f305f2f..a75cfda8 100644 --- a/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml +++ b/documents/solution/internet-application-development/Nginx-access-log-data-archive.yml @@ -17,7 +17,6 @@ Parameters: zh-cn: 可用区ID, 查看可用区信息。 AssociationProperty: ALIYUN::ECS::Instance:ZoneId - Default: cn-hangzhou-h EcsInstanceType: Type: String Label: @@ -46,7 +45,13 @@ Parameters: Description: en: The name contains 3 to 36 characters. It must start and end with a lowercase letter or number. The value can contain lowercase letters, digits, and hyphens (-). zh-cn: 长度为3~36个字符。必须以小写英文字母或数字开头和结尾。可包含小写英文字母、数字和短划线(-)。 - Default: sls-project-app01 + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 6 + Prefix: sls-project-app01- + CharacterClasses: + - Class: lowercase + min: 1 SlsLogstoreName: Type: String Label: @@ -68,7 +73,13 @@ Parameters: Description: en: The name contains 3 to 36 characters. It must start and end with a lowercase letter or number. The value can contain lowercase letters, digits, and hyphens (-). zh-cn: 长度为3~36个字符。必须以小写英文字母或数字开头和结尾。可包含小写英文字母、数字和短划线(-)。 - Default: bucket-app01 + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 6 + Prefix: bucket-app01- + CharacterClasses: + - Class: lowercase + min: 1 Resources: EcsVpc: Type: ALIYUN::ECS::VPC @@ -131,6 +142,7 @@ Resources: VSwitchId: Ref: EcsVSwitch SlsProject: + DependsOn: AutoEnableSLS Type: ALIYUN::SLS::Project Properties: Name: @@ -157,6 +169,7 @@ Resources: - SlsLogStore OssBucket: Type: ALIYUN::OSS::Bucket + DependsOn: AutoEnableOSS Properties: BucketName: Ref: OssBucketName @@ -419,6 +432,14 @@ Resources: - SlsLogStore - OssBucket - ApplyConfigToMachineGroup + AutoEnableSLS: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: SLS + AutoEnableOSS: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: OSS Metadata: ALIYUN::ROS::Interface: ParameterGroups: @@ -445,7 +466,7 @@ Metadata: en: OSS bucket zh-cn: 对象存储OSS配置 TemplateTags: - - acs:technical-solution:internet-application-development:Nginx访问日志数据归档 + - acs:technical-solution:internet-application-development:应用日志数据归档 Hidden: - CommonName Outputs: diff --git a/documents/solution/internet-application-development/video-website-solution.yml b/documents/solution/internet-application-development/video-website-solution.yml index e8476592..e94c944c 100644 --- a/documents/solution/internet-application-development/video-website-solution.yml +++ b/documents/solution/internet-application-development/video-website-solution.yml @@ -14,7 +14,13 @@ Parameters: and hyphens (-).;
note:A bucket name must be globally unique within OSS. Bucket names cannot be changed after the bucket is created. zh-cn: 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。 - Default: vod-bucket-src + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 5 + Prefix: vod-bucket-src- + CharacterClasses: + - Class: lowercase + min: 1 BucketNameTarget: Type: String Label: @@ -26,7 +32,13 @@ Parameters: and hyphens (-).;
note:A bucket name must be globally unique within OSS. Bucket names cannot be changed after the bucket is created. zh-cn: 长度为3~63个字符,必须以小写字母或数字开头和结尾,可以包含小写字母、数字和连字符(-);
注:需要全网唯一性,已经存在的不能在创建。 - Default: vod-bucket-target + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 5 + Prefix: vod-bucket-target- + CharacterClasses: + - Class: lowercase + min: 1 Zone1: Type: String Label: @@ -71,6 +83,14 @@ Parameters: Type: String Default: video-website Resources: + AutoEnableOSS: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: OSS + AutoEnableMNS: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: MNS EcsVpc: Type: ALIYUN::ECS::VPC Properties: @@ -273,6 +293,7 @@ Resources: ListenerProtocol: HTTP OssBucketScr: Type: ALIYUN::OSS::Bucket + DependsOn: AutoEnableOSS Properties: BucketName: Ref: BucketNameScr @@ -280,6 +301,7 @@ Resources: DeletionForce: true OssBucketTarget: Type: ALIYUN::OSS::Bucket + DependsOn: AutoEnableOSS Properties: BucketName: Ref: BucketNameTarget @@ -298,7 +320,7 @@ Resources: Fn::Sub: | #!/bin/bash - wget https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/file-manage-files/zh-CN/20230620/xpnk/server.zip + wget https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/file-manage-files/zh-CN/20230830/qhwb/server.zip yum install unzip -y unzip server.zip cd server @@ -309,11 +331,13 @@ Resources: uwsgi uwsgi.ini Queue: Type: ALIYUN::MNS::Queue + DependsOn: AutoEnableMNS Properties: QueueName: Fn::Sub: ${CommonName}-mns-queue VodStorage: Type: ALIYUN::VOD::Storage + DependsOn: AliyunVODDefaultRole Properties: StorageType: user_oss_bucket StorageLocation: @@ -429,6 +453,25 @@ Resources: - Application - MessageCallback - VodStorage + AliyunVODDefaultRole: + Type: ALIYUN::RAM::Role + Properties: + RoleName: AliyunVODDefaultRole + Description: VOD默认使用此角色来访问您在其他云产品中的资源。 + AssumeRolePolicyDocument: + Version: '1' + Statement: + - Action: 'sts:AssumeRole' + Effect: Allow + Principal: + Service: + - vod.aliyuncs.com + MaxSessionDuration: 3600 + IgnoreExisting: true + DeletionForce: true + PolicyAttachments: + System: + - AliyunVODRolePolicy Outputs: VideoUrl: Description: diff --git a/documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml b/documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml index 4faeda08..aed3d3d4 100644 --- a/documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml +++ b/documents/solution/micro/mse-end-to-end-canary-release-for-ack-application.yml @@ -28,7 +28,13 @@ Parameters: Label: en: Managed Kubernetes Cluster Name zh-cn: ACK托管版集群名称 - Default: testcluster + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 5 + Prefix: cluster-for-mse- + CharacterClasses: + - Class: lowercase + min: 1 WorkerInstanceType: Type: String Label: @@ -37,7 +43,8 @@ Parameters: AssociationProperty: ALIYUN::ECS::Instance::InstanceType AssociationPropertyMetadata: ZoneId: ${ZoneId} - AllowedPattern: ^(ecs\.[a-z6-9]+\.)[1-9]?xlarge$ + CreateACKClusterParams: + NetworkPlugin: terway-eniip Description: en: It is recommended to use a new generation of ecs instances. If the instance specification cannot be selected, please change the availability zone again. @@ -210,3 +217,5 @@ Metadata: Label: en: MSE Configuration zh-cn: MSE配置 + TemplateTags: + - acs:technical-solution:micro:MSE实现全链路灰度 diff --git a/documents/solution/network/cross-region-account-network-interwork-scheme.yml b/documents/solution/network/cross-region-account-network-interwork-scheme.yml index 1a9be232..0a745499 100644 --- a/documents/solution/network/cross-region-account-network-interwork-scheme.yml +++ b/documents/solution/network/cross-region-account-network-interwork-scheme.yml @@ -419,7 +419,7 @@ Workspace: } ], "TemplateTags": [ - "acs:integrate:landing_zone:cen_tr" + "acs:technical-solution:network:跨地域跨账号网络互通方案" ] } } diff --git a/documents/solution/network/enterprise-cloud-network-architecture-planning.yml b/documents/solution/network/enterprise-cloud-network-architecture-planning.yml index beb9e2b8..65503842 100644 --- a/documents/solution/network/enterprise-cloud-network-architecture-planning.yml +++ b/documents/solution/network/enterprise-cloud-network-architecture-planning.yml @@ -428,6 +428,7 @@ Resources: Sync: true CenInstance: Type: ALIYUN::CEN::CenInstance + DependsOn: AutoEnableTransitRouter Properties: Name: Fn::Sub: ${CommonName}_cen @@ -614,6 +615,10 @@ Resources: RouteTableId: Ref: VpcSecCustomRouteTable DependsOn: RouteForwardToEcs + AutoEnableTransitRouter: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: TransitRouter Outputs: EcsInstances: Description: diff --git a/documents/solution/network/public-network-architecture-design.yml b/documents/solution/network/public-network-architecture-design.yml index e43cdf44..5de3cb2b 100644 --- a/documents/solution/network/public-network-architecture-design.yml +++ b/documents/solution/network/public-network-architecture-design.yml @@ -123,6 +123,7 @@ Resources: CidrBlock: 192.168.2.128/25 CenInstance: Type: ALIYUN::CEN::CenInstance + DependsOn: AutoEnableTR Properties: Name: DmzCen CenTransitRouter: @@ -748,6 +749,10 @@ Resources: Fn::GetAtt: - DmzNlbLoadBalancer - LoadBalancerId + AutoEnableTR: + Type: ALIYUN::ROS::AutoEnableService + Properties: + ServiceName: TransitRouter Metadata: ALIYUN::ROS::Interface: ParameterGroups: diff --git a/documents/solution/network/two-region-three-center-high-availability.yml b/documents/solution/network/two-region-three-center-high-availability.yml index 62c0e1c0..a6f3603f 100644 --- a/documents/solution/network/two-region-three-center-high-availability.yml +++ b/documents/solution/network/two-region-three-center-high-availability.yml @@ -41,7 +41,7 @@ Metadata: zh-cn: PolarDB配置 en: PolarDB Configuration TemplateTags: - - acs:technical-solution:network:两地三中心异地多活 + - acs:technical-solution:network:两地三中心异地多活网络 ResourcesForParameterConstraints: polardb1: Type: ALIYUN::POLARDB::DBCluster @@ -608,7 +608,7 @@ Workspace: } ], "TemplateTags": [ - "acs:technical-solution:network:两地三中心异地多活" + "acs:technical-solution:network:两地三中心异地多活网络" ], "ResourcesForParameterConstraints": { "polardb1": { diff --git a/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml b/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml index 05aa9fe6..fe22347c 100644 --- a/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml +++ b/documents/solution/ops-on-cloud/deploy-nginx-services-through-ingress.yml @@ -12,8 +12,14 @@ Parameters: en: The name must be 1 to 63 characters in length and can contain letters, Chinese characters, digits, and hyphens (-). zh-cn: 名称为1~63个字符,可包含数字、汉字、英文字符或中划线(-)。 - Default: cluster-for-nginx AllowedPattern: ^[a-zA-Z0-9\u4e00-\u9fa5][-a-zA-Z0-9\u4e00-\u9fa5]{0,62}$ + AssociationProperty: AutoCompleteInput + AssociationPropertyMetadata: + Length: 5 + Prefix: cluster-for-nginx- + CharacterClasses: + - Class: lowercase + min: 1 ZoneId: Type: String Label: @@ -35,7 +41,8 @@ Parameters: AssociationProperty: ALIYUN::ECS::Instance::InstanceType AssociationPropertyMetadata: ZoneId: ${ZoneId} - AllowedPattern: ^(ecs\.[a-z6-9]+\.)[1-9]?xlarge$ + CreateACKClusterParams: + NetworkPlugin: terway-eniip CommonName: Type: String Default: ack-for-nginx