Achieving Full Stack Readiness in CloudFormation Templates

Ensure Complete Stack Readiness for LAMP Stack Deployments

Prev Question Next Question

Question

You are in charge of designing a Cloudformation template which deploys a LAMP stack.

After deploying a stack , you see that the status of the stack is showing as CREATE_COMPLETE , but the apache server is still not up and running and is experiencing issues while starting up.

You want to ensure that the stack creation only shows the status of CREATE_COMPLETE after all resources defined in the stack are up and running.

How can you achieve this?

Answers

A. Define a stack policy which defines that all underlying resources should be up and running before showing a status of CREATE_COMPLET.

B. Use lifecycle hooks to mark the completion of the creation and configuration of the underlying resource.

C. Use the CreationPolicy to ensure it is associated with the EC2 Instance resource.

D. Use the CFN helper scripts to signal once the resource configuration is complete.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - C and D.

The AWS Documentation mentions.

When you provision an Amazon EC2 instance in an AWS CloudFormation stack, you might specify additional actions to configure the instance, such as install software packages or bootstrap applications.

Normally, CloudFormation proceeds with stack creation after the instance has been successfully created.

However, you can use a CreationPolicy so that CloudFormation proceeds with stack creation only after your configuration actions are done.

That way you'll know your applications are ready to go after stack creation succeeds.

For more information on the Creation Policy, please visit the below url.

https://aws.amazon.com/blogs/devops/use-a-creationpolicy-to-wait-for-on-instance-configurations/

To ensure that the stack creation only shows the status of CREATE_COMPLETE after all resources defined in the stack are up and running, we need to use the CreationPolicy in the CloudFormation template.

Option A: Defining a stack policy that all underlying resources should be up and running before showing a status of CREATE_COMPLETE is not the correct approach as the stack policy is used for controlling updates to the stack and not the creation process.

Option B: Using lifecycle hooks to mark the completion of the creation and configuration of the underlying resource is not the correct approach as lifecycle hooks are used for delaying stack actions while additional operations are performed on the resources.

Option D: Using the CFN helper scripts to signal once the resource configuration is complete is not the correct approach as the helper scripts are used to retrieve metadata from the instance and signal CloudFormation that the resource has been successfully created.

The correct approach is to use the CreationPolicy to ensure it is associated with the EC2 Instance resource. A CreationPolicy is a CloudFormation resource attribute that specifies a timeout period during which CloudFormation waits for an AWS resource to be created. It allows CloudFormation to wait for a resource to reach a certain state before continuing with the stack creation.

To use CreationPolicy in a CloudFormation template, you can define the policy attribute within the resource block of the EC2 Instance resource. For example, to wait for an EC2 Instance to reach the running state, you can use the following code snippet:

swift
"Resources": {   "WebServer": {     "Type": "AWS::EC2::Instance",     "Properties": {       "ImageId": "ami-0c55b159cbfafe1f0",       "InstanceType": "t2.micro",       "KeyName": "mykeypair",       "SecurityGroupIds": [         {"Ref": "WebServerSecurityGroup"}       ],       "UserData": {         "Fn::Base64": {           "Fn::Join": ["", [             "#!/bin/bash -xe\n",             "yum update -y aws-cfn-bootstrap\n",             "# Install the LAMP stack\n",             "yum install -y httpd24 php56 mysql55-server php56-mysqlnd\n",             "service httpd start\n",             "chkconfig httpd on\n",             "groupadd www\n",             "usermod -a -G www ec2-user\n",             "chown -R root:www /var/www\n",             "chmod 2775 /var/www\n",             "find /var/www -type d -exec chmod 2775 {} +\n",             "find /var/www -type f -exec chmod 0664 {} +\n",             "# Signal CloudFormation that the instance is up and running\n",             "/opt/aws/bin/cfn-signal -e 0 --stack ", {"Ref": "AWS::StackName"}, " --resource WebServer --region ", {"Ref": "AWS::Region"}, "\n"           ]]         }       },       "CreationPolicy": {         "ResourceSignal": {           "Timeout": "PT15M"         }       }     }   } }

In the above code, the CreationPolicy attribute is set to wait for a resource signal with a timeout of 15 minutes. The resource signal is sent by the CFN helper script /opt/aws/bin/cfn-signal to indicate that the resource creation is complete and the instance is up and running.

By using CreationPolicy, CloudFormation will wait for the EC2 instance to reach the running state and receive a successful signal before proceeding with the stack creation. This ensures that the stack creation status is only marked as CREATE_COMPLETE when all the resources defined in the stack are up

Prev Question Next Question