Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

(aws-ec2): cfn-init and cfn-signal are missing required options in some regions #16004

Closed
tiefps opened this issue Aug 11, 2021 · 1 comment · Fixed by #16121
Closed

(aws-ec2): cfn-init and cfn-signal are missing required options in some regions #16004

tiefps opened this issue Aug 11, 2021 · 1 comment · Fixed by #16121
Assignees
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud bug This issue is a bug. p1

Comments

@tiefps
Copy link
Contributor

tiefps commented Aug 11, 2021

cfn-init and cfn-signal are missing the --role and --url options which are required in us-iso-east-1 and us-isob-east-1 regions.

// To identify the resources that have the metadata and where the signal
// needs to be sent, we need { region, stackName, logicalId }
const resourceLocator = `--region ${Aws.REGION} --stack ${Aws.STACK_NAME} --resource ${attachedResource.logicalId}`;
const configSets = (attachOptions.configSets ?? ['default']).join(',');
const printLog = attachOptions.printLog ?? true;
if (attachOptions.embedFingerprint ?? true) {
// It just so happens that the comment char is '#' for both bash and PowerShell
attachOptions.userData.addCommands(`# fingerprint: ${fingerprint}`);
}
if (attachOptions.platform === OperatingSystemType.WINDOWS) {
const errCode = attachOptions.ignoreFailures ? '0' : '$LASTEXITCODE';
attachOptions.userData.addCommands(...[
`cfn-init.exe -v ${resourceLocator} -c ${configSets}`,
`cfn-signal.exe -e ${errCode} ${resourceLocator}`,
...printLog ? ['type C:\\cfn\\log\\cfn-init.log'] : [],
]);
} else {
const errCode = attachOptions.ignoreFailures ? '0' : '$?';
attachOptions.userData.addCommands(...[
// Run a subshell without 'errexit', so we can signal using the exit code of cfn-init
'(',
' set +e',
` /opt/aws/bin/cfn-init -v ${resourceLocator} -c ${configSets}`,
` /opt/aws/bin/cfn-signal -e ${errCode} ${resourceLocator}`,

Reproduction Steps

Generated CloudFormation template snippet:

"UserData": {
          "Fn::Base64": {
            "Fn::Join": [
              "",
              [
                "#!/bin/bash\n# fingerprint: c94217d36a051c4c\n(\n  set +e\n  /opt/aws/bin/cfn-init -v --region ",
                {
                  "Ref": "AWS::Region"
                },
                " --stack ",
                {
                  "Ref": "AWS::StackName"
                },
                " --resource ASG46ED3070 -c default\n  /opt/aws/bin/cfn-signal -e $? --region ",
                {
                  "Ref": "AWS::Region"
                },
                " --stack ",
                {
                  "Ref": "AWS::StackName"
                },
                " --resource ASG46ED3070\n  cat /var/log/cfn-init.log >&2

What did you expect to happen?

cfn-init command that is automatically injected into the user data will work in all regions.

What actually happened?

Received 0 SUCCESS signal(s) out of X. Unable to satisfy Y% MinSuccessfulInstancesPercent requirement

Environment

  • CDK CLI Version : 1.116.0
  • Framework Version: monocdk 1.102.0
  • Node.js Version: v14.17.4
  • OS : macOS Big Sur 11.5.1
  • Language (Version): TypeScript (4.0.7)

Other


This is 🐛 Bug Report

@tiefps tiefps added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 11, 2021
@github-actions github-actions bot added the @aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud label Aug 11, 2021
@peterwoodworth peterwoodworth added p1 and removed needs-triage This issue or PR still needs to be triaged. labels Aug 13, 2021
@mergify mergify bot closed this as completed in #16121 Sep 3, 2021
mergify bot pushed a commit that referenced this issue Sep 3, 2021
… params (#16121)

Resolves #16004 

When using CloudformationInit, can opt to include the `--role` and `--url` argument to `cfn-init` and `cfn-signal` ([ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-init.html#cfn-init-Syntax)).

User can do this by including [InitOptions](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.ApplyCloudFormationInitOptions.html) that include `includeUrl` and `includeRole`

```typescript
ec2.Instance(this, 'MyInstance', {
  init: // init config,
  initOptions: {
    includeUrl: true,
    includeRole: true,
  }
}
```

It's possible to _always_ include these added arguments, but not sure whether that would cause regressions.

Open to any suggestions on a better way to implement

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

github-actions bot commented Sep 3, 2021

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

TikiTDO pushed a commit to TikiTDO/aws-cdk that referenced this issue Sep 6, 2021
… params (aws#16121)

Resolves aws#16004 

When using CloudformationInit, can opt to include the `--role` and `--url` argument to `cfn-init` and `cfn-signal` ([ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-init.html#cfn-init-Syntax)).

User can do this by including [InitOptions](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.ApplyCloudFormationInitOptions.html) that include `includeUrl` and `includeRole`

```typescript
ec2.Instance(this, 'MyInstance', {
  init: // init config,
  initOptions: {
    includeUrl: true,
    includeRole: true,
  }
}
```

It's possible to _always_ include these added arguments, but not sure whether that would cause regressions.

Open to any suggestions on a better way to implement

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
david-doyle-as24 pushed a commit to david-doyle-as24/aws-cdk that referenced this issue Sep 7, 2021
… params (aws#16121)

Resolves aws#16004 

When using CloudformationInit, can opt to include the `--role` and `--url` argument to `cfn-init` and `cfn-signal` ([ref](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-init.html#cfn-init-Syntax)).

User can do this by including [InitOptions](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.ApplyCloudFormationInitOptions.html) that include `includeUrl` and `includeRole`

```typescript
ec2.Instance(this, 'MyInstance', {
  init: // init config,
  initOptions: {
    includeUrl: true,
    includeRole: true,
  }
}
```

It's possible to _always_ include these added arguments, but not sure whether that would cause regressions.

Open to any suggestions on a better way to implement

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
@aws-cdk/aws-ec2 Related to Amazon Elastic Compute Cloud bug This issue is a bug. p1
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants