我在下面的链接中查看了教程并尝试了。 http://docs.aws.amazon.com/lambda/latest/dg/automating-deployment.html
它对我有用,但是如何部署与该 lambda 相关的环境变量和配置更改。从教程中我可以了解如何部署代码更改,但我不确定如何部署配置更改。
2 回答
0
为了让 Lambda 拉取配置信息,有许多选项:
- 对于非常基本的配置,您可以简单地使用可以在 CLI 调用期间根据文档设置的环境变量(rep 阻止我添加两个以上的链接,因此您必须使用谷歌搜索“lambda 环境变量”来获取它)
- Lambda 可以从SSM Parameter Store读取,尽管这通常用于提取 EC2 实例的配置信息(数据库字符串等等)。但是,如果您主要使用无服务器,那是一种方法
- 您可以使用选择的数据库 (RDS/DynamoDB) 来提取/存储数据。请记住,如果您通过免费套餐限制,您将获得按小时收费。
- 您可以使用存储在 S3 存储桶中的选择格式(JSON、YAML、CSV 等)并让 python 加载(这将违背您的呼叫分配)
- 对于 Lambda 函数的复杂链接,您可能需要考虑Step Functions
至于如何实现上述自动化,这实际上取决于您现有的自动化是什么。要么使用 CLI 来编排整个事情,要么使用您选择的脚本语言和适当的 AWS 开发工具包。
于 2017-06-26T23:01:10.780 回答
0
我没有手动执行http://docs.aws.amazon.com/lambda/latest/dg/automating-deployment.html中描述的步骤,而是编写了一个执行相同功能的 CloudFormation 模板。换句话说,您可以部署我的模板,结果是一个新创建的 Code Commit 存储库和关联的 Code Pipeline,它构建并将您定义的任何 SAM 模板部署到新的 CloudFormation 堆栈。您需要做的就是将 buildspec.yml 和 samTemplate.yaml 添加到新创建的 Code Commit 存储库并推送您的更改。
我的模板可在下面的链接中找到。请注意,这是一个早期的草案,还有很大的改进空间......但它确实与上面链接的 AWS 指南非常相似:https ://github.com/matwerber1/cloudformation-pipeline-template
这是模板代码 samTemplate.yaml:
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates Private Code Commit repo and Deployment Pipeline to CloudFormation
Parameters:
ProjectNameParameter:
Type: String
Default: myProject
Description: "the name to assign to your newly-created code repo, build project, pipeline, and IAM resources."
CodeBuildS3BucketParameter:
Type: String
Default: "myCodeBuildS3Bucket"
Description: "a pre-existing S3 bucket in which to store Code Build artifacts."
CodePipelineS3BucketParameter:
Type: String
Default: "myCodePipelineS3Bucket"
Description: "a pre-existing S3 bucket in which to store Code Pipeline resources."
Resources:
MyRepo:
Type: "AWS::CodeCommit::Repository"
Properties:
RepositoryName: !Sub '${ProjectNameParameter}'
CloudFormationRole:
Type: "AWS::IAM::Role"
Properties:
RoleName: !Sub "${AWS::Region}-${ProjectNameParameter}-cloudformation"
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- cloudformation.amazonaws.com
Action:
- "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: cloudformation-service
PolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "*"
Resource: "*"
Effect: Allow
CodePipelineRole:
Type: "AWS::IAM::Role"
Properties:
RoleName: !Sub "${AWS::Region}-${ProjectNameParameter}-codepipeline"
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- codepipeline.amazonaws.com
Action:
- "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: codepipeline-service
PolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "codecommit:GetBranch"
- "codecommit:GetCommit"
- "codecommit:UploadArchive"
- "codecommit:GetUploadArchiveStatus"
- "codecommit:CancelUploadArchive"
Resource: "*"
Effect: Allow
- Action:
- "s3:GetObject"
- "s3:GetObjectVersion"
- "s3:GetBucketVersioning"
Resource: "*"
Effect: Allow
- Action:
- "s3:PutObject"
Resource:
- "arn:aws:s3:::codepipeline*"
- "arn:aws:s3:::elasticbeanstalk*"
Effect: Allow
- Action:
- "codedeploy:CreateDeployment"
- "codedeploy:GetApplicationRevision"
- "codedeploy:GetDeployment"
- "codedeploy:GetDeploymentConfig"
- "codedeploy:RegisterApplicationRevision"
Resource: "*"
Effect: Allow
- Action:
- "elasticbeanstalk:*"
- "ec2:*"
- "elasticloadbalancing:*"
- "autoscaling:*"
- "cloudwatch:*"
- "s3:*"
- "sns:*"
- "cloudformation:*"
- "rds:*"
- "sqs:*"
- "ecs:*"
- "iam:PassRole"
Resource: "*"
Effect: Allow
- Action:
- "lambda:InvokeFunction"
- "lambda:ListFunctions"
Resource: "*"
Effect: Allow
- Action:
- "opsworks:CreateDeployment"
- "opsworks:DescribeApps"
- "opsworks:DescribeCommands"
- "opsworks:DescribeDeployments"
- "opsworks:DescribeInstances"
- "opsworks:DescribeStacks"
- "opsworks:UpdateApp"
- "opsworks:UpdateStack"
Resource: "*"
Effect: Allow
- Action:
- "cloudformation:CreateStack"
- "cloudformation:DeleteStack"
- "cloudformation:DescribeStacks"
- "cloudformation:UpdateStack"
- "cloudformation:CreateChangeSet"
- "cloudformation:DeleteChangeSet"
- "cloudformation:DescribeChangeSet"
- "cloudformation:ExecuteChangeSet"
- "cloudformation:SetStackPolicy"
- "cloudformation:ValidateTemplate"
- "iam:PassRole"
Resource: "*"
Effect: Allow
- Action:
- "codebuild:BatchGetBuilds"
- "codebuild:StartBuild"
Resource: "*"
Effect: Allow
CodeBuildRole:
Type: "AWS::IAM::Role"
Properties:
RoleName: !Sub "${AWS::Region}-${ProjectNameParameter}-codebuild"
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service:
- codebuild.amazonaws.com
Action:
- "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: codebuild-service
PolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "logs:CreateLogGroup"
- "logs:CreateLogStream"
- "logs:PutLogEvents"
Resource:
- !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/codebuild/${ProjectNameParameter}"
- !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/codebuild/${ProjectNameParameter}:*"
Effect: Allow
- Action:
- "s3:PutObject"
- "s3:GetObject"
- "s3:GetObjectVersion"
Resource: !Sub "arn:aws:s3:::codepipeline-${AWS::Region}-*"
Effect: Allow
- Action: "ssm:GetParameters"
Resource: !Sub "arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/CodeBuild/*"
Effect: Allow
- Action: "s3:PutObject"
Resource: !Sub "arn:aws:s3:::${CodeBuildS3BucketParameter}*"
Effect: Allow
MyBuild:
Type: "AWS::CodeBuild::Project"
Properties:
Artifacts:
Type: CODEPIPELINE
BadgeEnabled: false
Environment:
ComputeType: BUILD_GENERAL1_SMALL
Image: "aws/codebuild/python:3.5.2"
Type: LINUX_CONTAINER
Name: !Sub '${ProjectNameParameter}'
ServiceRole: !Ref CodeBuildRole
Source:
Type: CODEPIPELINE
TimeoutInMinutes: 60
MyPipeline:
Type: "AWS::CodePipeline::Pipeline"
Properties:
ArtifactStore:
Location: !Ref CodePipelineS3BucketParameter
Type: S3
Name: !Sub "${ProjectNameParameter}"
RestartExecutionOnUpdate: false
RoleArn: !GetAtt CodePipelineRole.Arn
Stages:
- Name: "Source"
Actions:
- ActionTypeId:
Category: Source
Owner: AWS
Provider: CodeCommit
Version: "1"
Configuration:
RepositoryName: !GetAtt MyRepo.Name
BranchName: master
PollForSourceChanges: true
Name: Source
OutputArtifacts:
- Name: MyApp
RunOrder: 1
- Name: "Build"
Actions:
- ActionTypeId:
Category: Build
Owner: AWS
Provider: CodeBuild
Version: "1"
Configuration:
ProjectName: !Ref MyBuild
InputArtifacts:
- Name: MyApp
Name: "Build"
OutputArtifacts:
- Name: MyAppBuild
RunOrder: 2
- Name: "Staging"
Actions:
- ActionTypeId:
Category: Deploy
Owner: AWS
Provider: CloudFormation
Version: "1"
Configuration:
ActionMode: CHANGE_SET_REPLACE
StackName: !Ref ProjectNameParameter
Capabilities: CAPABILITY_NAMED_IAM
ChangeSetName: MyChangeSet
RoleArn: !GetAtt CloudFormationRole.Arn
TemplatePath: MyAppBuild::NewSamTemplate.yaml
InputArtifacts:
- Name: MyAppBuild
Name: "build_changeset"
RunOrder: 3
- ActionTypeId:
Category: Deploy
Owner: AWS
Provider: CloudFormation
Version: "1"
Configuration:
ActionMode: CHANGE_SET_EXECUTE
StackName: !Ref ProjectNameParameter
Capabilities: CAPABILITY_NAMED_IAM
ChangeSetName: MyChangeSet
Name: "execute_changeset"
RunOrder: 4
于 2017-12-19T01:19:46.777 回答