4

I am running this template in cloud formation to create auto scaling in ubuntu-18.04 machine and it will rollback the all instances automatically that is created by this template and giving such error like.

Received 0 SUCCESS signal(s) out of 1. Unable to satisfy 100% MinSuccessfulInstancesPercent requirement The following resource(s) failed to create: [WebServerGroup]. . Rollback requested by user.

{
    "AWSTemplateFormatVersion": "2010-09-09",

    "Parameters": {
        "VpcId": {
            "Type": "AWS::EC2::VPC::Id",
            "Description": "VpcId of your existing Virtual Private Cloud (VPC)",
            "ConstraintDescription": "must be the VPC Id of an existing Virtual Private Cloud."
        },
        "Subnets": {
            "Type": "List<AWS::EC2::Subnet::Id>",
            "Description": "The list of SubnetIds in your Virtual Private Cloud (VPC)"
        },
        "InstanceType": {
            "Description": "WebServer EC2 instance type",
            "Type": "String",
            "Default": "t2.small",
            "AllowedValues": [
                "t1.micro",
                "t2.nano",
                "t2.micro",
                "t2.small",
                "t2.medium",
                "t2.large",
                "m1.small",
                "m1.medium",
                "cg1.4xlarge"
            ],
            "ConstraintDescription": "must be a valid EC2 instance type."
        },
"WebServerCapacity": {
      "Default": "2",
      "Description": "The initial number of WebServer instances",
      "Type": "Number",
      "MinValue": "1",
      "MaxValue": "10",
      "ConstraintDescription": "must be between 1 and 10 EC2 instances."
    },
        "KeyName": {
            "Description": "The EC2 Key Pair to allow SSH access to the instances",
            "Type": "AWS::EC2::KeyPair::KeyName",
            "ConstraintDescription": "must be the name of an existing EC2 KeyPair."
        },
        "SSHLocation": {
            "Description": "The IP address range that can be used to SSH to the EC2 instances",
            "Type": "String",
            "MinLength": "9",
            "MaxLength": "18",
            "Default": "0.0.0.0/0",
            "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
            "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
        }
    },

    "Resources": {
      "WebServerScaleUpPolicy": {
            "Type": "AWS::AutoScaling::ScalingPolicy",
            "Properties": {
                "AdjustmentType": "ChangeInCapacity",
                "AutoScalingGroupName": {
                    "Ref": "WebServerGroup"
                },
                "Cooldown": "60",
                "ScalingAdjustment": 1
            }
        },
        "WebServerScaleDownPolicy": {
            "Type": "AWS::AutoScaling::ScalingPolicy",
            "Properties": {
                "AdjustmentType": "ChangeInCapacity",
                "AutoScalingGroupName": {
                    "Ref": "WebServerGroup"
                },
                "Cooldown": "60",
                "ScalingAdjustment": -1
            }
        },
        "CPUAlarmHigh": {
            "Type": "AWS::CloudWatch::Alarm",
            "Properties": {
                "AlarmDescription": "Scale-up if CPU > 70% for 5 minutes",
                "MetricName": "CPUUtilization",
                "Namespace": "AWS/EC2",
                "Statistic": "Average",
                "Period": 300,
                "EvaluationPeriods": 2,
                "Threshold": 70,
                "AlarmActions": [{
                    "Ref": "WebServerScaleUpPolicy"
                }],
                "Dimensions": [{
                    "Name": "AutoScalingGroupName",
                    "Value": {
                        "Ref": "WebServerGroup"
                    }
                }],
                "ComparisonOperator": "GreaterThanThreshold"
            }
        },
        "CPUAlarmLow": {
            "Type": "AWS::CloudWatch::Alarm",
            "Properties": {
                "AlarmDescription": "Scale-down if CPU < 40% for 5 minutes",
                "MetricName": "CPUUtilization",
                "Namespace": "AWS/EC2",
                "Statistic": "Average",
                "Period": 300,
                "EvaluationPeriods": 2,
                "Threshold": 40,
                "AlarmActions": [{
                    "Ref": "WebServerScaleDownPolicy"
                }],
                "Dimensions": [{
                    "Name": "AutoScalingGroupName",
                    "Value": {
                        "Ref": "WebServerGroup"
                    }
                }],
                "ComparisonOperator": "LessThanThreshold"
            }
        },
           "ApplicationLoadBalancer": {
            "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
            "Properties": {
            "Name": "elb-test",
            "Scheme": "internet-facing",
            "IpAddressType": "ipv4",
            "Type": "application",
                "Subnets": {
                    "Ref": "Subnets"
                }
            }
        },
        "ALBListener": {
            "Type": "AWS::ElasticLoadBalancingV2::Listener",
            "Properties": {
                "DefaultActions": [{
                    "Type": "forward",
                    "TargetGroupArn": {
                        "Ref": "ALBTargetGroup"
                    }
                }],
                "LoadBalancerArn": {
                    "Ref": "ApplicationLoadBalancer"
                },
                "Port": 80,
                "Protocol": "HTTP"
            }
        },
        "ALBTargetGroup": {
            "Type": "AWS::ElasticLoadBalancingV2::TargetGroup",
            "Properties": {
                "Name": "ELB-Group",
                "HealthCheckIntervalSeconds": 30,
                "HealthCheckTimeoutSeconds": 5,
                "HealthyThresholdCount": 3,
                "Port": 80,
                "Protocol": "HTTP",
                "TargetType": "instance",
                "UnhealthyThresholdCount": 5,
                "VpcId": {
                    "Ref": "VpcId"
                }
            }
        },
        "WebServerGroup": {
            "Type": "AWS::AutoScaling::AutoScalingGroup",
            "Properties": {
                "VPCZoneIdentifier": {
                    "Ref": "Subnets"
                },
                "HealthCheckGracePeriod": 300,
                "LaunchConfigurationName": {
                    "Ref": "LaunchConfig"
                },
                "MinSize": "1",
                "MaxSize": "8",
                    "DesiredCapacity": {
                  "Ref": "WebServerCapacity"
                },
                "TargetGroupARNs": [{
                    "Ref": "ALBTargetGroup"
                }]
            },
      "CreationPolicy": {
        "ResourceSignal": {
          "Timeout": "PT5M",
          "Count": {
            "Ref": "WebServerCapacity"
          }
        }
      },
      "UpdatePolicy": {
        "AutoScalingRollingUpdate": {
          "MinInstancesInService": 1,
          "MaxBatchSize": 1,
          "PauseTime": "PT5M",
          "WaitOnResourceSignals": true
        }
      }
        },
        "LaunchConfig": {
            "Type": "AWS::AutoScaling::LaunchConfiguration",
            "Metadata" : {
            "Comment" : "Install a simple application",
            "AWS::CloudFormation::Init" : {
              "full_install" : [ "install_and_enable_cfn_hup" ]
          },
          "install_and_enable_cfn_hup" : {
            "files" : {
                        "/etc/cfn/cfn-hup.conf" : {
                          "content" : { "Fn::Join" : ["", [
                            "[main]\n",
                            "stack=", { "Ref" : "AWS::StackId" }, "\n",
                            "region=", { "Ref" : "AWS::Region" }, "\n"
                          ]]},
                          "mode"    : "000400",
                          "owner"   : "root",
                          "group"   : "root"
                        },
                        "/etc/cfn/hooks.d/cfn-auto-reloader.conf" : {
                          "content": { "Fn::Join" : ["", [
                            "[cfn-auto-reloader-hook]\n",
                            "triggers=post.update\n",
                            "path=Resources.EC2Instance.Metadata.AWS::CloudFormation::Init\n",
                            "action=/opt/aws/bin/cfn-init -v ",
                            "         --stack ", { "Ref" : "AWS::StackName" },
                            "         --resource LaunchConfig",
                            "         --configsets full_install ",
                            "         --region ", { "Ref" : "AWS::Region" }, "\n",
                            "runas=root\n"
                          ]]}
                        },
                       "/lib/systemd/system/cfn-hup.service": {
                            "content": { "Fn::Join" : ["", [
                            "[Unit]\n",
                            "Description=cfn-hup daemon\n\n",
                            "[Service]\n",
                            "Type=simple\n",
                            "ExecStart=/opt/aws/bin/cfn-hup\n", 
                            "Restart=always\n\n",
                            "[Install]\n",
                            "WantedBy=multi-user.target"]]}
                             }
                  },  
            "commands" : {
                  "01enable_cfn_hup" : {
                      "command" : "systemctl enable cfn-hup.service"
                  },
                  "02start_cfn_hup" : {
                      "command" : "systemctl start cfn-hup.service"
                  }
              }
           }
        },
            "Properties": {
                "KeyName": {
                    "Ref": "KeyName"
                },
                "ImageId": "ami-00932e4c143f3fdf0",
                "SecurityGroups": [{
                    "Ref": "InstanceSecurityGroup"
                }],
                "InstanceType": {
                    "Ref": "InstanceType"
                },
                "UserData"       : { "Fn::Base64" : { "Fn::Join" : ["", [
             "#!/bin/bash -xe\n",
             "apt-get update -y\n",
             "apt-get install -y python-setuptools\n",
             "mkdir -p /opt/aws/bin\n",
             "python /usr/lib/python2.7/dist-packages/easy_install.py --script-dir /opt/aws/bin https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
              "/opt/aws/bin/cfn-init -v ",
             "         --stack ", { "Ref" : "AWS::StackName" },
             "         --resource LaunchConfig",
             "         --configsets full_install ",
             "         --region ", { "Ref" : "AWS::Region" }, "\n",

             "/opt/aws/bin/cfn-signal -e $? ",
             "         --stack ", { "Ref" : "AWS::StackName" },
             "         --resource WebServerGroup",
             "         --region ", { "Ref" : "AWS::Region" }, "\n"
            ]]}}}
            },
        
        
        "InstanceSecurityGroup": {
            "Type": "AWS::EC2::SecurityGroup",
            "Properties": {
                "GroupDescription": "Enable SSH access and HTTP from the load balancer only",
                "SecurityGroupIngress": [{
                        "IpProtocol": "tcp",
                        "FromPort": 22,
                        "ToPort": 22,
                        "CidrIp": {
                            "Ref": "SSHLocation"
                        }
                    },
                    {
                        "IpProtocol": "tcp",
                        "FromPort": 80,
                        "ToPort": 80,
                        "SourceSecurityGroupId": {
                            "Fn::Select": [
                                0,
                                {
                                    "Fn::GetAtt": [
                                        "ApplicationLoadBalancer",
                                        "SecurityGroups"
                                    ]
                                }
                            ]
                        }
                    }
                ],
                "VpcId": {
                    "Ref": "VpcId"
                }
            }
        }
    },
    "Outputs": {
        "URL": {
            "Description": "The URL of the website",
            "Value": {
                "Fn::Join": [
                    "",
                    [
                        "http://",
                        {
                            "Fn::GetAtt": [
                                "ApplicationLoadBalancer",
                                "DNSName"
                            ]
                        }
                    ]
                ]
            }
        }
    }
}

So please let me know if there is any issue with this template or this CFN command that i am running with this

MLu
  • 23,798
  • 5
  • 54
  • 81

1 Answers1

2
  1. Simplify it. Remove all the ALB and CloudWatch scaling stuff for start.
  2. Disable (remove) CreationPolicy and UpdatePolicy to prevent the error you're seeing. With that removed ASG won't expect the signal. With that the instance should boot up and stay up.
  3. SSH to the instance and check out what errors you see in /var/log/cloud-init.log and /var/log/cloud-init-output.log - that will give you a clue what's failing and why it can't send the cfn-signal success back to AWS.
  4. Fix the problem and revert #1 and #2 above and try again.

Hope that helps :)

MLu
  • 23,798
  • 5
  • 54
  • 81
  • Try but still getting same error PLease let me know the alternative on CFN for ubuntu-18-04 – Shubham Kamboj Jul 02 '20 at 08:05
  • What have you tried and what have you found in `/var/log/cloud-init*.log`. Also keep in mind that running Auto Scaling Groups is not as trivial as you may hope. The instance should fully auto-configure itself upon boot. – MLu Jul 02 '20 at 08:29