背景
SLB + ECS + RDS 是企业级应用的基础搭配,在小型应用场景下这三款产品成为了架构的核心组件。
基本结构如上图所示,创建一组ECS实例并挂在到SLB下面,然后创建一个ECS实例,同时把ECS的IP加入到访问白名单。作为应用方,您只需要根据业务类型和特点预估一下ECS的数量即可,其余的事情阿里云资源编排服务ROS可以帮您一键完成。
创建的资源包括
-
ALIYUN::ECS::InstanceGroup
- 创建一组相同配置的ECS.
注意:如果每台ECS的转发权重一样的话,可以采用本文的方式挂载到SLB,否则您可以参考手动的方式挂载并设置不同的权重值。
-
ALIYUN::SLB::LoadBalancer
- 创建一个负载均衡
-
ALIYUN::SLB::Listener
- 配置监听
-
ALIYUN::SLB::BackendServerAttachment
- 挂载ECS到负载均衡
-
ALIYUN::RDS::DBInstance
- 创建RDS实例
有关RDS更多配置请参考利用ROS创建RDS实例
步骤详解
- step1: 创建一组ECS实例,配置为2核4G(ecs.s2.large), 选择非IO优化的普通云盘,选择公共镜像,同时创建一个安全组。ECS数量的上线根据具体的业务场景来设置,本例设置默认值为2。
"ecsInstanceGroup": {
"Properties": {
"ImageId": "centos7u2_64_40G_cloudinit_20160520.raw",
"InstanceType": "ecs.s2.large",
"MaxAmount": {
"Ref": "EcsMaxAmount"
},
"MinAmount": 2,
"SecurityGroupId": {
"Fn::GetAtt": [
"securityGroup",
"SecurityGroupId"
]
}
},
"Type": "ALIYUN::ECS::InstanceGroup"
},
"securityGroup": {
"Properties": {
"SecurityGroupEgress": [
{
"DestCidrIp": "0.0.0.0/0",
"IpProtocol": "all",
"NicType": "internet",
"PortRange": "-1/-1",
"Priority": 1
}
],
"SecurityGroupIngress": [
{
"IpProtocol": "all",
"NicType": "internet",
"PortRange": "-1/-1",
"Priority": 1,
"SourceCidrIp": "0.0.0.0/0"
}
],
"SecurityGroupName": {
"Ref": "SecurityGroupName"
}
},
"Type": "ALIYUN::ECS::SecurityGroup"
}- step2: 创建负载均衡,设置端口映射为80 -> 8080
"LoadBalancer": {
"Properties": {
"AddressType": "internet",
"InternetChargeType": "paybytraffic",
"LoadBalancerName": "createByRos"
},
"Type": "ALIYUN::SLB::LoadBalancer"
},
"CreateListener": {
"Type": "ALIYUN::SLB::Listener",
"Properties": {
"LoadBalancerId": {"Ref": "LoadBalancer"},
"ListenerPort": "80",
"BackendServerPort": 8080,
"Bandwidth": 1,
"Protocol": "http",
"HealthCheck": {
"HealthyThreshold": 3,
"UnhealthyThreshold": 3,
"Interval": 2,
"Timeout": 5,
"HttpCode": "http_2xx,http_3xx,http_4xx,http_5xx"
},
"Scheduler": "wrr"
}
}- step3: 挂载ECS到SLB, 设置相同的权重
"Attachment": {
"Properties": {
"BackendServerList":
{
"Fn::GetAtt": [
"ecsInstanceGroup",
"InstanceIds"
]
},
"LoadBalancerId": {
"Ref": "LoadBalancer"
}
},
"Type": "ALIYUN::SLB::BackendServerAttachment"
}- step4: 创建RDS实例,同时设置访问白名单
"RDSInstance": {
"Properties": {
"ConnectionMode": "Safty",
"DBInstanceClass": "rds.mys2.large",
"DBInstanceDescription": "createByRos",
"DBInstanceNetType": "Intranet",
"DBInstanceStorage": "100",
"Engine": "MySQL",
"EngineVersion": "5.6",
"SecurityIPList": {
"Fn::GetAtt": [
"ecsInstanceGroup",
"PrivateIps"
]
}
},
"Type": "ALIYUN::RDS::DBInstance"
}