#amazon-web-services #amazon-cloudformation #amazon-vpc
#amazon-web-services #aws-cloudformation #amazon-vpc
Вопрос:
Я только изучаю AWS, супер новый, так что потерпите меня. Я некоторое время пытался возиться с кодом, и я просто понятия не имею. Пытаюсь написать простой шаблон Cloudformation для VPC.
Я продолжаю получать сообщение об ошибке «CIDR ‘10.30.1.0 / 24’ конфликтует с другой подсетью (Сервис: AmazonEC2; Код состояния: 400; Код ошибки: InvalidSubnet.Конфликт; Идентификатор запроса: ea17de71-6dc2-46d2-bda4-dda6ff9e0980; Прокси: null)»
Вот мой код:
Parameters:
Environment:
Description: Environment Name
Type: String
VpcName:
Type: String
VpcCIDR:
Description: VPC CIDR
Type: String
Default: 10.30.0.0/16
NumberOfSubnets:
Description: Number of Subnets to be created
Type: String
Default: 4
SubnetOffset:
Description: Offest of Subnet from CIDR
Type: String
Default: 8
Outputs:
VPC:
Description: VPC
Value: !Ref VPC
VpcCIDR:
Description: VPC CIDR
Value: !Ref VpcCIDR
PublicSubnets:
Description: Public Subnets
Value: !Join [ ",", [!Ref PublicSubnet1, !Ref PublicSubnet2]]
PrivateSubnets:
Description: Private Subenets
Value: !Join [ ",", [!Ref PublicSubnet1, !Ref PublicSubnet2]]
PublicSubnet1:
Description: Public Subnet AZ1
Value: !Ref PublicSubnet1
PublicSubnet2:
Description: Public Subnet AZ2
Value: !Ref PublicSubnet2
PrivateSubnet1:
Description: Private Subnet AZ1
Value: !Ref PrivateSubnet1
PrivateSubnet2:
Description: Private Subnet AZ2
Value: !Ref PrivateSubnet2
PublicRouteTable:
Description: Public Route Table
Value: !Ref PublicRouteTable
PrivateRouteTable:
Description: Private Route Table
Value: !Ref PrivateRouteTable
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VpcCIDR
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: !Sub ${VpcName}-${Environment}
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Sub ${VpcName}-${Environment}
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Select [0, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${VpcName}-${Environment}-public-1
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Select [1, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${VpcName}-${Environment}-public-2
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Select [2, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${VpcName}-${Environment}-private-1
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Select [1, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${VpcName}-${Environment}-private-2
NatGateway1EIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
NatGateway2EIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
NatGateway1:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway1EIP.AllocationId
SubnetId: !Ref PublicSubnet1
NatGateway2:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway2EIP.AllocationId
SubnetId: !Ref PublicSubnet2
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${Environment} Public Routes
DefaultPublicRoute:
Type: AWS::EC2::Route
DependsOn: InternetGatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet1
PublicSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet2
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${Environment} Private Routes (AZ1)
DefaultPrivateRoute1:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway1
PrivateSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref PrivateSubnet1
Ответ №1:
Да. это потому, что ваши PublicSubnet2 и PrivateSubnet2 получают одинаковое значение CIDR подсети.
если вы посмотрите на свой шаблон, у вас будет одинаковое значение для обеих подсетей, которое !Select [1, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]] .
Ответ №2:
PrivateSubnet2 Должно быть :
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Select [3, !Cidr [!Ref VpcCIDR, !Ref NumberOfSubnets, !Ref SubnetOffset]]
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${VpcName}-${Environment}-private-2
Первоначально он CidrBlock был дубликатом того, из PublicSubnet2 .