So I've been working with AWS cloud to host some Windows servers. Embracing the concept "infrastructure as code", I coded the server set up as AWS CloudFormation template. As part of a server creation, some custom scripts might need to be run to initialise the server. Those scripts can be specified in an AWS::CloudFormation::Init block. A snippet of that is below:
"WindowsInstance": { "Metadata": { "AWS::CloudFormation::Init": { "config": { "commands": { "00-configEnvAndCopyScripts": { "command": "powershell.exe -ExecutionPolicy Unrestricted c:\\cfn\\scripts\\config_env_and_copy_scripts.ps1" }, "01-settingTime": { "command": "powershell.exe -ExecutionPolicy Unrestricted c:\\cfn\\scripts\\set_time.ps1" }, ...
All well and good so far. But I can tell you how much I hate Windows servers... In AWS cloud, it could take up to 30 minutes to spin up a Windows server. Luckily AWS does output the log of the initialisation process in the file
cfn-init.log
so that we can trace through what is going on. The output sample is something like this:2016-01-14 05:08:50,957 [DEBUG] CloudFormation client initialized with endpoint https://cloudformation.ap-southeast-2.amazonaws.com 2016-01-14 05:08:50,957 [DEBUG] Describing resource WindowsInstance in stack arn:aws:cloudformation:ap-southeast-2:4623423112354:stack/tableau-a/abcdef-123456 2016-01-14 05:08:51,535 [INFO] -----------------------Starting build----------------------- 2016-01-14 05:08:51,737 [DEBUG] Creating Scheduled Task for cfn-init resume 2016-01-14 05:08:51,816 [DEBUG] Scheduled Task created 2016-01-14 05:08:51,832 [INFO] Running configSets: default 2016-01-14 05:08:51,832 [INFO] Running configSet default 2016-01-14 05:08:51,832 [INFO] Running config config 2016-01-14 05:08:51,832 [DEBUG] No packages specified 2016-01-14 05:08:51,832 [DEBUG] No groups specified 2016-01-14 05:08:51,832 [DEBUG] No users specified 2016-01-14 05:08:51,832 [DEBUG] No sources specified 2016-01-14 05:08:51,878 [DEBUG] Running command 00-configEnvAndCopyScripts 2016-01-14 05:08:51,878 [DEBUG] No test for command 00-configEnvAndCopyScripts 2016-01-14 05:10:47,171 [INFO] Command 00-configEnvAndCopyScripts succeeded 2016-01-14 05:10:47,171 [DEBUG] Command 00-configEnvAndCopyScripts output: The operation completed successfully. 2016-01-14 05:10:47,173 [INFO] Waiting 60 seconds for reboot 2016-01-14 05:10:48,187 [DEBUG] Running command 01-settingTime 2016-01-14 05:10:48,187 [DEBUG] No test for command 01-settingTime 2016-01-14 05:10:48,437 [INFO] Command 01-settingTime succeeded 2016-01-14 05:10:48,437 [DEBUG] Command 01-settingTime output: The operation completed successfully. 2016-01-14 05:10:48,437 [INFO] Waiting 60 seconds for rebootLooking at the output, I was curious about the line
Waiting 60 seconds for reboot
, what was it doing? Why does it wait for 60 seconds? I searched around and finally got an answer: by default, every command in AWS will wait for 60 seconds in case the command causes a restart. But if you are sure that your command does NOT cause a restart, you don't need to and shouldn't have to wait. In that case, you can put "waitAfterCompletion": "0"
after the command. It will save one minute per command. So if you have 60 commands, that is 60 minutes saved.The new CloudFormation template looks like this:
"WindowsInstance": { "Metadata": { "AWS::CloudFormation::Init": { "config": { "commands": { "00-configEnvAndCopyScripts": { "command": "powershell.exe -ExecutionPolicy Unrestricted c:\\cfn\\scripts\\config_env_and_copy_scripts.ps1", "waitAfterCompletion": "0" }, "01-settingTime": { "command": "powershell.exe -ExecutionPolicy Unrestricted c:\\cfn\\scripts\\set_time.ps1", "waitAfterCompletion": "0" }, ...Unfortunately, you need to repeat that
waitAfterCompletion
block after every command. As far as I know, there is no way to set the default wait to 0 second. If you find a better way to achieve this, please leave a comment below. So you might say, "why don't you set up everything, then build an AMI from it, rather than doing initialisation every time?". Good question! I like to build everything from scratch as I know what goes into the server, and those changes are version controlled. Having an AMI is like a black box, you want to keep it to the minimum. If you lose that AMI, you might not know how to rebuild that AMI.
Thanks and good luck with your AWS adventure.