无法通过 CloudFormation 启动 Elastic Beanstalk 应用程序答案

【问题标题】：Can't launch Elastic Beanstalk application through CloudFormation无法通过 CloudFormation 启动 Elastic Beanstalk 应用程序
【发布时间】：2019-06-18 17:06:51
【问题描述】：

我正在尝试通过 CloudFormation 模板启动 Elastic Beanstalk 应用程序，但我一直收到错误 The EC2 instances failed to communicate with AWS Elastic Beanstalk, either because of configuration problems with the VPC or a failed EC2 instance. Check your VPC configuration and try launching the environment again. 我已经尝试了所有我能找到的解决方案，但似乎没有任何效果。此外，我无法通过 ssh 进入已启动的 EC2 实例，因此我必须假设它们是相关的。这与无法通过公共互联网访问有关吗？我是 Elastic Beanstalk（和 EC2）的新手，因此不胜感激。这是我的 CloudFormation 模板的相关部分：

Resources:

  # VPC and Subnets
  Vpc:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      EnableDnsSupport: true
      EnableDnsHostnames: true
      InstanceTenancy: default
      Tags:
      - Key: Name
        Value: !Sub "ClimbAssistVpc${ResourceNameSuffix}"
  InternetGateway:
    Type: AWS::EC2::InternetGateway
  VpcGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      InternetGatewayId: !Ref InternetGateway
      VpcId: !Ref Vpc
  SubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: us-west-2a
      CidrBlock: 10.0.0.0/17
      MapPublicIpOnLaunch: true
      VpcId: !Ref Vpc
  SubnetB:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: us-west-2b
      CidrBlock: 10.0.128.0/18
      MapPublicIpOnLaunch: true
      VpcId: !Ref Vpc
  SubnetC:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: us-west-2c
      CidrBlock: 10.0.192.0/18
      MapPublicIpOnLaunch: true
      VpcId: !Ref Vpc
  SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: 'Security group for Climb Assist Elastic Beanstalk application'
      SecurityGroupIngress:
      - CidrIp: '0.0.0.0/0'
        IpProtocol: tcp
        FromPort: 80
        ToPort: 80
      - CidrIp: '0.0.0.0/0'
        IpProtocol: tcp
        FromPort: 22
        ToPort: 22
      SecurityGroupEgress:
      - CidrIp: '0.0.0.0/0'
        IpProtocol: -1 # all protocols
        ToPort: 0
        FromPort: 65535
      VpcId: !Ref Vpc

  # Elastic Beanstalk environments
  EBApplication:
    Description: The AWS Elastic Beanstalk application, which is a container used to deploy the correct application configuration.
    Type: AWS::ElasticBeanstalk::Application
    Properties:
      ApplicationName: !Sub '${ProjectId}app${ResourceNameSuffix}'
      Description: The name of the AWS Elastic Beanstalk application to be created for this project.
  EBApplicationVersion:
    Description: The version of the AWS Elastic Beanstalk application to be created for this project.
    Type: AWS::ElasticBeanstalk::ApplicationVersion
    Properties:
      ApplicationName: !Ref 'EBApplication'
      Description: The application version number.
      SourceBundle: 'target/ROOT'
  EBConfigurationTemplate:
    Description: The AWS Elastic Beanstalk configuration template to be created for this project, which defines configuration settings used to deploy different versions of an application.
    Type: AWS::ElasticBeanstalk::ConfigurationTemplate
    Properties:
      ApplicationName: !Ref 'EBApplication'
      Description: The name of the sample configuration template.
      OptionSettings:
      - Namespace: aws:elasticbeanstalk:environment
        OptionName: EnvironmentType
        Value: LoadBalanced
      - Namespace: aws:elasticbeanstalk:environment
        OptionName: ServiceRole
        Value: !Ref 'EBTrustRole'
      - Namespace: aws:elasticbeanstalk:healthreporting:system
        OptionName: SystemType
        Value: enhanced
      SolutionStackName: !Ref 'SolutionStackName'
  EBEnvironment:
    Description: The AWS Elastic Beanstalk deployment group where the application is deployed, which is made up of the Amazon EC2 Linux instances launched for this project.
    Type: AWS::ElasticBeanstalk::Environment
    Properties:
      ApplicationName: !Ref 'EBApplication'
      EnvironmentName: !Ref 'EBApplication'
      Description: The application to be deployed to the environment.
      TemplateName: !Ref 'EBConfigurationTemplate'
      VersionLabel: !Ref 'EBApplicationVersion'
      OptionSettings:
      - Namespace: aws:autoscaling:launchconfiguration
        OptionName: IamInstanceProfile
        Value: !Ref 'EBInstanceProfile'
      - Namespace: aws:autoscaling:launchconfiguration
        OptionName: InstanceType
        Value: !Ref 'InstanceType'
      - Namespace: aws:autoscaling:launchconfiguration
        OptionName: EC2KeyName
        Value: !Ref 'KeyPairName'
      - Namespace: aws:ec2:vpc
        OptionName: VPCId
        Value: !Ref Vpc
      - Namespace: 'aws:ec2:vpc'
        OptionName: Subnets
        Value:
          Fn::Join:
          - ','
          - - !Ref SubnetA
            - !Ref SubnetB
            - !Ref SubnetC
      - Namespace: 'aws:autoscaling:launchconfiguration'
        OptionName: SecurityGroups
        Value: !Ref SecurityGroup
      - Namespace: 'aws:ec2:vpc'
        OptionName: AssociatePublicIpAddress
        Value: 'true'

【问题讨论】：

标签： amazon-web-services amazon-cloudformation amazon-elastic-beanstalk

【解决方案1】：

你能把你的模板分成两部分吗

运行VPC模板
启动 t2.micro 并测试连接性
然后运行 Elasticbeanstalk 模板

似乎您缺少到 Internet 的路由（公共端点）

另外请禁用回滚并排除故障。很可能是它的连接私有子网和 elasticbeanstalk 服务或 s3 端点。

【讨论】：

好建议！我创建了所有 VPC 的东西并启动了一个 EC2 实例，但我根本无法通过 ssh 访问它。在 EC2 控制台中，我可以看到有一个公共 DNS 和一个 IPv4 公共 IP，但由于某种原因，公共 IP 没有像可点击链接那样带下划线。我在默认 VPC 中运行的其他实例具有可单击的公共 IP 作为链接，我可以通过 ssh 访问这些。您对我的 VPC 配置有什么问题有什么建议吗？
请关注此docs.aws.amazon.com/codebuild/latest/userguide/… .. 您缺少路由
你是对的，添加路由解决了问题！非常感谢！