Skip to content

(aws-ec2): userDataCausesReplacement timeouts, if resourceSignalTimeout is set #12749

New issue
New issue
Closed
#18726
Closed
(aws-ec2): userDataCausesReplacement timeouts, if resourceSignalTimeout is set#12749
#18726
Labels
@aws-cdk/aws-ec2Related to Amazon Elastic Compute CloudbugThis issue is a bug.effort/smallSmall work item – less than a day of effortp1
@ilko-rbi

Description

@ilko-rbi
ilko-rbi
opened on Jan 28, 2021

If userDataCausesReplacement is set to true and additionally resourceSignalTimeout is set the CF stack timeouts in the creation of the new EC2 instance due to not able to receive the cfn-signal from the newly created EC2

Reproduction Steps

The following stack works:

class Ec2UserDataReplacementTestStack(core.Stack):
    def __init__(self, scope: core.Construct, sid: str, **kwargs) -> None:
        super().__init__(scope, sid, **kwargs)

        vpc = aws_ec2.Vpc.from_lookup(self, id="vpcimported", vpc_id=VPC_ID)

        user_data_script_path = path.join(Path(__file__).parent.absolute(), "user-data.sh")

        ec2 = aws_ec2.Instance(
            scope=self,
            id="ec2id",
            instance_type=aws_ec2.InstanceType(instance_type_identifier="t3a.large"),
            machine_image=aws_ec2.GenericLinuxImage({"eu-central-1": "ami-0fc812ebb87bb5b8e"}),
            vpc=vpc,
            user_data_causes_replacement=True,
        )
        user_data_asset = aws_s3_assets.Asset(self, "user-data-s3-asset", path=user_data_script_path)
        local_path = ec2.user_data.add_s3_download_command(
            bucket=user_data_asset.bucket, bucket_key=user_data_asset.s3_object_key
        )
        ec2.user_data.add_execute_file_command(file_path=local_path)
        ec2.user_data.add_signal_on_exit_command(ec2)
        user_data_asset.grant_read(ec2.role)

If we add to the ec2.Instance additionally custom timeout for the cfn-signal, a CreationPolicy is generated in the stack and the creation / update of the stack timeouts after the set timeout:

ec2 = aws_ec2.Instance(
            scope=self,
            id="ec2id",
            instance_type=aws_ec2.InstanceType(instance_type_identifier="t3a.large"),
            machine_image=aws_ec2.GenericLinuxImage({"eu-central-1": "ami-0fc812ebb87bb5b8e"}),
            vpc=vpc,
            user_data_causes_replacement=True,
            resource_signal_timeout=core.Duration.minutes(3)
        )

adds:

CreationPolicy:
      ResourceSignal:
        Timeout: PT3M

However the update (even the initial creation) fails:

2021-01-28 13:49:40 UTC+0100 | myteststack2 | ROLLBACK_IN_PROGRESS | The following resource(s) failed to create: [ec2idC85D4938b6c9a12994f1bfa6]. Rollback requested by user.
-- | -- | -- | --
2021-01-28 13:49:39 UTC+0100 | ec2idC85D4938b6c9a12994f1bfa6 | CREATE_FAILED | Failed to receive 1 resource signal(s) within the specified duration
2021-01-28 13:46:07 UTC+0100 | ec2idC85D4938b6c9a12994f1bfa6 | CREATE_IN_PROGRESS | Resource creation Initiated

What did you expect to happen?

Creation / update must work with this setup also

What actually happened?

CF doesn't receive the cfn-signal sent from the newly created EC2 instance, perhaps this relates to the "manipulated" logical IDs generated in this case?

Environment

  • CDK CLI Version : 1.85.0
  • Framework Version:
  • Node.js Version: v12.18.4
  • OS : Amazon Linux 2
  • Language (Version): Python 3.7.7

Other

n.a.

This is 🐛 Bug Report

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-ec2Related to Amazon Elastic Compute CloudbugThis issue is a bug.effort/smallSmall work item – less than a day of effortp1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions