目前,阿里云资源编排服务(ROS)开始支持弹性网卡功能,ROS的云资源类型增加了3个新成员,
- ALIYUN::ECS::NetworkInterface 创建弹性网卡
- ALIYUN::ECS::NetworkInterfaceAttachment 绑定弹性网卡
-
ALIYUN::ECS::NetworkInterfacePermission 给弹性网卡授权
通过上面的ROS资源类型,灵活地编排弹性网卡,可以将弹性网卡跟其他云资源编写成你的ROS模板,达到你所希望的“一键部署”效果
弹性网卡资源类型介绍
我们先看看阿里云ROS弹性网卡相关的3个资源类型都提供了什么能力和怎么使用。如果你还没接触过阿里云的资源编排服务,请戳这里
创建弹性网卡
资源编排抽象了弹性网卡CreateNetworkInterface接口的能力,一个简单的创建弹性网卡的模板如下:
{
"ROSTemplateFormatVersion" : "2015-09-01",
"Resources" : {
"EniInstance": {
"Type": "ALIYUN::ECS::NetworkInterface",
"Properties": {
'VSwitchId': 'vsw-2zetgeiqlemyok9z5j2em',
'SecurityGroupId': 'sg-2ze3yg7oo90ejudett9j',
'NetworkInterfaceName': 'my-eni-name'
'Description': 'eni-name-description'
}
}
},
"Outputs": {
"NetworkInterfaceId": {
"Value" : {"Fn::GetAtt": ["EniInstance", "NetworkInterfaceId"]}
}
}
}
我们可以看出,只需要定义交换机ID和安全组ID,就可以创建出一块弹性网卡,当然你也可以指定网卡的名称和描述信息。最后通过Outputs标签返回新建弹性网卡的ID。
绑定弹性网卡
资源编排抽象了弹性网卡AttachNetworkInterface接口的能力,一个简单的绑定弹性网卡的模板如下:
{
"ROSTemplateFormatVersion" : "2015-09-01",
"Resources" : {
"EniInstance": {
"Type": "ALIYUN::ECS::NetworkInterfaceAttachment",
"Properties": {
'NetworkInterfaceId': 'eni-2zefnmihs8r13tqdeomr',
'InstanceId': 'i-2ze8m2j71rb2m8saw6g6'
}
}
}
}
只需要指定网卡ID和ECS实例ID即可。
授权弹性网卡
资源编排抽象了弹性网卡CreateNetworkInterfacePermission接口的能力,一个简单的授权弹性网卡的模板如下:
{
"ROSTemplateFormatVersion" : "2015-09-01",
"Resources" : {
"EniPermissionInstance": {
"Type": "ALIYUN::ECS::NetworkInterfacePermission",
"Properties": {
'AccountId': '1754580903499898',
'NetworkInterfaceId': 'eni-2zehcsxovaeso7ivbgzp'
}
}
},
"Outputs": {
"NetworkInterfacePermissionId": {
"Value" : {"Fn::GetAtt": ["EniPermissionInstance", "NetworkInterfacePermissionId"]}
}
}
}
授权网卡需要指定被授权的网卡ID和授权的用户ID,通过Outputs标签返回授权的ID。
综合应用场景:创建ECS实例并绑定一个弹性网卡
资源编排的弹性网卡能力具体怎么使用呢?我们先看一个常见的场景:“我们需要在阿里云上购买一个ECS,然后绑定一个弹性网卡。”
在不用资源编排模板的情况下你需要做如下操作:
1、先在ECS实例控制台创建一个ECS,中间你还需要:创建VPC,VSwitch,SecurityGroup。
2、切换到弹性网卡页面,创建弹性网卡,此时必须正确指定第一步骤创建的VPC、VSwitch和SecurityGroup。如果你的VPC数目比较多,你还得切换页面记下第一步的VPC信息,以便填写。
3、在弹性网卡页面绑定ECS实例
再看看使用ROS的方法
1、编写一个ROS模板(见附录)
2、创建stack,填写创建ECS必要的信息(如镜像ID,实例规格,区域等)
创建说明:
1、ROS Stack在创建过程中,创建了一个VPC、一个VSwitch、一个SecurityGroup、一个ECS实例和一个弹性网卡,并自动地将弹性网卡授权给指定用户,然后绑定到ECS。填写少量信息后,所有操作就不需要人为干预,一键部署。(如图1)
2、如果中间创建失败,整个Stack的资源自动回滚。
3、我们编写的ROS模板可以在保存,下次可以继续使用。(如图2)
整个过程是不是很方便呢!当然,在阿里云资源编排产品中,你可以结合你的业务场景,灵活地使用弹性网卡功能,编排你的业务。期待你的分享!
附录:ROS模板(创建一个ECS并绑定一个弹性网卡)
{
"ROSTemplateFormatVersion": "2015-09-01",
"Description": "One VPC, VSwitch, security group, ECS instance, and route. The user needs to specify the image ID.",
"Parameters": {
"ImageId": {
"Default": "centos_7",
"Type": "String",
"Description": "Image Id, represents the image resource to startup the ECS instance, <a href='#/product/cn-shenzhen/list/imageList' target='_blank'>View image resources</a>"
},
"InstanceType": {
"Type": "String",
"Description": "The ECS instance type, <a href='#/product/cn-shenzhen/list/typeList' target='_blank'>View instance types</a>",
"Default": "ecs.sn1ne.large"
},
"AccountId":{
"Type": "String",
"Description": "The account id"
},
"ZoneId": {
"Type": "String",
"Description": "The available zone, <a href='#/product/cn-shenzhen/list/zoneList' target='_blank'>View available zones</a>"
},
"SecurityGroupName": {
"Type": "String",
"Description": "The security group name",
"Default": "my-sg-name"
},
"NetworkInterfaceName": {
"Type": "String",
"Description": "The Network interface name",
"Default": "my-eni-name"
},
"VpcName": {
"Type": "String",
"Description": "The VPC name",
"MinLength": 2,
"MaxLength": 128,
"ConstraintDescription": "[2, 128] English or Chinese letters",
"Default": "my-vpc-name"
},
"IoOptimized": {
"AllowedValues": [
"none",
"optimized"
],
"Description": "IO optimized, optimized is for the IO optimized instance type",
"Type": "String",
"Default": "optimized"
},
"SystemDiskCategory": {
"AllowedValues": [
"cloud",
"cloud_efficiency",
"cloud_ssd"
],
"Description": "System disk category: average cloud disk(cloud), efficient cloud disk(cloud_efficiency) or SSD cloud disk(cloud_ssd)",
"Type": "String",
"Default": "cloud_ssd"
},
"VpcCidrBlock": {
"Type": "String",
"AllowedValues": [
"192.168.0.0/16",
"172.16.0.0/12",
"10.0.0.0/8"
],
"Default": "10.0.0.0/8"
},
"VSwitchCidrBlock": {
"Type": "String",
"Description": "The VSwitch subnet which must be within VPC",
"Default": "10.0.10.0/24"
}
},
"Resources": {
"Vpc": {
"Type": "ALIYUN::ECS::VPC",
"Properties": {
"CidrBlock": {
"Ref": "VpcCidrBlock"
},
"VpcName": {
"Ref": "VpcName"
}
}
},
"VSwitch": {
"Type": "ALIYUN::ECS::VSwitch",
"Properties": {
"CidrBlock": {
"Ref": "VSwitchCidrBlock"
},
"ZoneId": {
"Ref": "ZoneId"
},
"VpcId": {
"Fn::GetAtt": [
"Vpc",
"VpcId"
]
}
}
},
"WebServer": {
"Type": "ALIYUN::ECS::Instance",
"Properties": {
"ImageId": {
"Ref": "ImageId"
},
"InstanceType": {
"Ref": "InstanceType"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"VpcId": {
"Fn::GetAtt": [
"Vpc",
"VpcId"
]
},
"VSwitchId": {
"Ref": "VSwitch"
},
"IoOptimized": {
"Ref": "IoOptimized"
},
"SystemDisk_Category": {
"Ref": "SystemDiskCategory"
}
}
},
"SecurityGroup": {
"Type": "ALIYUN::ECS::SecurityGroup",
"Properties": {
"SecurityGroupName": {
"Ref": "SecurityGroupName"
},
"VpcId": {
"Ref": "Vpc"
}
}
},
"ENI": {
"Type": "ALIYUN::ECS::NetworkInterface",
"Properties": {
"VSwitchId": {
"Ref": "VSwitch"
},
"SecurityGroupId": {
"Ref": "SecurityGroup"
},
"NetworkInterfaceName": {
"Ref": "NetworkInterfaceName"
}
}
},
"EniAttach": {
"Type": "ALIYUN::ECS::NetworkInterfaceAttachment",
"Properties": {
"NetworkInterfaceId": {
"Ref": "ENI"
},
"InstanceId": {
"Ref": "WebServer"
}
}
},
"EniPermissionInstance": {
"Type": "ALIYUN::ECS::NetworkInterfacePermission",
"Properties": {
"AccountId": {
"Ref":"AccountId"
},
"NetworkInterfaceId": {
"Ref": "ENI"
},
"Permission": "InstanceAttach"
}
}
},
"Outputs": {
"InstanceId": {
"Value": {
"Fn::GetAtt": [
"WebServer",
"InstanceId"
]
}
},
"PublicIp": {
"Value": {
"Fn::GetAtt": [
"WebServer",
"PublicIp"
]
}
},
"SecurityGroupId": {
"Value": {
"Fn::GetAtt": [
"SecurityGroup",
"SecurityGroupId"
]
}
},
"VpcId": {
"Value": {
"Fn::GetAtt": [
"Vpc",
"VpcId"
]
}
},
"VSwitchId": {
"Value": {
"Fn::GetAtt": [
"VSwitch",
"VSwitchId"
]
}
},
"NetworkInterfaceId": {
"Value": {
"Fn::GetAtt": [
"ENI",
"NetworkInterfaceId"
]
}
},
"NetworkInterfacePermissionId": {
"Value": {
"Fn::GetAtt": [
"EniPermissionInstance",
"NetworkInterfacePermissionId"
]
}
}
}
}