1
00:00:00,000 --> 00:00:00,833
‫So let's quickly

2
00:00:00,833 --> 00:00:02,580
‫talk about CloudFormation Rollbacks.

3
00:00:02,580 --> 00:00:04,110
‫It's very important to know how they work

4
00:00:04,110 --> 00:00:05,700
‫in case they appear at the exam.

5
00:00:05,700 --> 00:00:07,410
‫So if the stack creation fails,

6
00:00:07,410 --> 00:00:09,750
‫so if you upload a stack and the stack creation fails,

7
00:00:09,750 --> 00:00:11,430
‫by default, everything will roll back.

8
00:00:11,430 --> 00:00:12,900
‫That means will get deleted.

9
00:00:12,900 --> 00:00:15,150
‫And so we can look at the log to understand what happens.

10
00:00:15,150 --> 00:00:16,140
‫But when you create the stack

11
00:00:16,140 --> 00:00:18,417
‫you also have the option to disable the rollback

12
00:00:18,417 --> 00:00:20,760
‫in order to troubleshoot what happened.

13
00:00:20,760 --> 00:00:24,630
‫And gain a bit more insights into what was created.

14
00:00:24,630 --> 00:00:25,980
‫If you update a stack,

15
00:00:25,980 --> 00:00:27,060
‫so it was already created

16
00:00:27,060 --> 00:00:29,340
‫and it's successful and now you update it,

17
00:00:29,340 --> 00:00:32,460
‫if the update fails, the stack will automatically roll back

18
00:00:32,460 --> 00:00:34,350
‫to the previous known working state,

19
00:00:34,350 --> 00:00:37,920
‫which is the green state you just wanted to update.

20
00:00:37,920 --> 00:00:40,020
‫And you get the ability in the log

21
00:00:40,020 --> 00:00:41,070
‫to see what happened

22
00:00:41,070 --> 00:00:42,660
‫thanks to error messages.

23
00:00:42,660 --> 00:00:46,833
‫So this lecture is all about showing you how rollback works.

24
00:00:47,790 --> 00:00:49,440
‫Okay, so let's practice failures.

25
00:00:49,440 --> 00:00:51,330
‫So let's create a stack

26
00:00:51,330 --> 00:00:52,800
‫and we'll upload a template file.

27
00:00:52,800 --> 00:00:54,090
‫And the file I'm going to upload

28
00:00:54,090 --> 00:00:57,900
‫is called triggerfailure.yaml, the number two.

29
00:00:57,900 --> 00:00:59,700
‫So why is this file problematic?

30
00:00:59,700 --> 00:01:02,700
‫Well, if you go into triggerfailure.yaml,

31
00:01:02,700 --> 00:01:05,340
‫you look at the image ID of my EC2 instance,

32
00:01:05,340 --> 00:01:07,260
‫it is an image ID that does not exist.

33
00:01:07,260 --> 00:01:10,230
‫So therefore it's going to create a failure.

34
00:01:10,230 --> 00:01:11,280
‫So let's click on next

35
00:01:11,280 --> 00:01:14,490
‫and I'll call this one TriggerCreationFailure.

36
00:01:16,650 --> 00:01:17,880
‫Click on next.

37
00:01:17,880 --> 00:01:19,950
‫And here, under stack failure options,

38
00:01:19,950 --> 00:01:21,480
‫we have two options.

39
00:01:21,480 --> 00:01:23,910
‫Number one is to roll back all stack resources.

40
00:01:23,910 --> 00:01:25,800
‫That means that they're going to be rolled back

41
00:01:25,800 --> 00:01:28,470
‫to the previous known stable states

42
00:01:28,470 --> 00:01:32,040
‫or we can preserve successfully provisioned resources.

43
00:01:32,040 --> 00:01:34,620
‫And this will keep the successfully provisioned resources

44
00:01:34,620 --> 00:01:36,390
‫and roll back any failed resources

45
00:01:36,390 --> 00:01:38,700
‫to theIR last known stable states.

46
00:01:38,700 --> 00:01:39,533
‫So if we do this,

47
00:01:39,533 --> 00:01:42,090
‫which is the non-default option,

48
00:01:42,090 --> 00:01:44,700
‫and then we click on next

49
00:01:44,700 --> 00:01:46,563
‫and then submit,

50
00:01:47,820 --> 00:01:48,810
‫as you can see,

51
00:01:48,810 --> 00:01:51,960
‫we generate an SSH security group

52
00:01:51,960 --> 00:01:55,890
‫and we generate a server security group.

53
00:01:55,890 --> 00:01:57,180
‫And so as you can see,

54
00:01:57,180 --> 00:02:00,570
‫I need to, first of all, there's one problem

55
00:02:00,570 --> 00:02:03,120
‫that I didn't provide the group description.

56
00:02:03,120 --> 00:02:05,820
‫So it's a good example of the failure of this.

57
00:02:05,820 --> 00:02:06,720
‫So as you can see,

58
00:02:07,890 --> 00:02:10,830
‫even though my server security group

59
00:02:10,830 --> 00:02:12,660
‫was not able to be created

60
00:02:12,660 --> 00:02:15,960
‫my SSH security group was able to be created.

61
00:02:15,960 --> 00:02:17,700
‫And if I go into resources,

62
00:02:17,700 --> 00:02:19,410
‫well one is still being kept.

63
00:02:19,410 --> 00:02:22,470
‫Whereas if you had a creation

64
00:02:22,470 --> 00:02:24,150
‫and by default it would fail,

65
00:02:24,150 --> 00:02:25,830
‫it would delete everything.

66
00:02:25,830 --> 00:02:26,970
‫So this could be the occasion

67
00:02:26,970 --> 00:02:28,890
‫to just troubleshoot if you needed to.

68
00:02:28,890 --> 00:02:33,090
‫But of course, because this leaves some remainders,

69
00:02:33,090 --> 00:02:35,700
‫you need to absolutely delete the stack

70
00:02:35,700 --> 00:02:36,533
‫to get rid of it.

71
00:02:36,533 --> 00:02:38,580
‫So you cannot update the stack and fix things.

72
00:02:38,580 --> 00:02:42,120
‫So we will delete it and now it's gone.

73
00:02:42,120 --> 00:02:45,450
‫So this is showing you the option of what it is

74
00:02:45,450 --> 00:02:47,640
‫when there is a create failure

75
00:02:47,640 --> 00:02:48,990
‫and you can do the exact same thing.

76
00:02:48,990 --> 00:02:51,150
‫So you can create a stack right now,

77
00:02:51,150 --> 00:02:54,240
‫I'll create a stack based on a correct template

78
00:02:54,240 --> 00:02:57,180
‫called just-ec2.yaml

79
00:02:57,180 --> 00:02:59,237
‫and I'll call it FailureOnUpdate.

80
00:03:02,640 --> 00:03:04,320
‫So right now we're good.

81
00:03:04,320 --> 00:03:05,760
‫We know that this is going to work

82
00:03:05,760 --> 00:03:06,840
‫because, well, this is the template

83
00:03:06,840 --> 00:03:08,640
‫we've used from before.

84
00:03:08,640 --> 00:03:11,130
‫So let's wait for things to be created

85
00:03:11,130 --> 00:03:12,420
‫and as we can see, we're good.

86
00:03:12,420 --> 00:03:13,710
‫So I'm going to update my stack

87
00:03:13,710 --> 00:03:14,730
‫and if you don't see this button,

88
00:03:14,730 --> 00:03:16,200
‫just refresh your page.

89
00:03:16,200 --> 00:03:17,070
‫So update my stack,

90
00:03:17,070 --> 00:03:19,350
‫but this time I will replace the template

91
00:03:19,350 --> 00:03:22,290
‫with the template file named TriggerFailure.

92
00:03:22,290 --> 00:03:26,490
‫So this time we'll have a group description called hello.

93
00:03:26,490 --> 00:03:27,480
‫Next.

94
00:03:27,480 --> 00:03:29,400
‫And here we have again the option to roll back

95
00:03:29,400 --> 00:03:30,420
‫all stack resources

96
00:03:30,420 --> 00:03:34,710
‫or to preserve successfully provisioned resources.

97
00:03:34,710 --> 00:03:36,277
‫So we're now we'd say,

98
00:03:36,277 --> 00:03:37,920
‫"Roll back everything and see what happens."

99
00:03:37,920 --> 00:03:40,740
‫And then we'll do the second option right after.

100
00:03:40,740 --> 00:03:43,140
‫So let's click on next

101
00:03:43,140 --> 00:03:44,763
‫and then click on submit.

102
00:03:45,600 --> 00:03:48,240
‫So this is going to create a few security groups

103
00:03:48,240 --> 00:03:51,270
‫and then it's going to trigger a rollback.

104
00:03:51,270 --> 00:03:54,660
‫So my security groups right now are being created.

105
00:03:54,660 --> 00:03:55,623
‫Now they're done.

106
00:03:56,700 --> 00:03:57,533
‫And as you can see,

107
00:03:57,533 --> 00:03:59,970
‫the instance get created,

108
00:03:59,970 --> 00:04:01,290
‫but then there was an update failed,

109
00:04:01,290 --> 00:04:05,190
‫because, well, the invalid AMI was not found,

110
00:04:05,190 --> 00:04:07,080
‫so therefore, what's going to happen?

111
00:04:07,080 --> 00:04:10,560
‫Well, because we have specified everything to roll back,

112
00:04:10,560 --> 00:04:12,510
‫then everything is going to roll back

113
00:04:12,510 --> 00:04:14,160
‫based on the last known state.

114
00:04:14,160 --> 00:04:16,325
‫And so that means that my server,

115
00:04:16,325 --> 00:04:18,360
‫server security group

116
00:04:18,360 --> 00:04:22,020
‫and SSH security groups should disappear.

117
00:04:22,020 --> 00:04:24,363
‫So let's wait for these events to happen.

118
00:04:25,530 --> 00:04:26,940
‫And as you can see right now,

119
00:04:26,940 --> 00:04:28,140
‫my SSH security group

120
00:04:28,140 --> 00:04:30,903
‫and server security group get deleted.

121
00:04:31,800 --> 00:04:33,300
‫And similarly as an exercise,

122
00:04:33,300 --> 00:04:35,280
‫if you update the stack,

123
00:04:35,280 --> 00:04:36,780
‫but this time you choose,

124
00:04:36,780 --> 00:04:38,730
‫again, the Trigger Failure

125
00:04:38,730 --> 00:04:41,853
‫and we'll just enter description again.

126
00:04:43,050 --> 00:04:44,490
‫And under stack failure option,

127
00:04:44,490 --> 00:04:45,323
‫we just say,

128
00:04:45,323 --> 00:04:47,580
‫"Preserve successfully provision resources."

129
00:04:47,580 --> 00:04:48,480
‫Then you know what happens,

130
00:04:48,480 --> 00:04:49,890
‫you can try it out on your own.

131
00:04:49,890 --> 00:04:52,950
‫This would create SSH and server security groups

132
00:04:52,950 --> 00:04:54,720
‫but it would not roll them back

133
00:04:54,720 --> 00:04:57,510
‫in case there is a rollback happening,

134
00:04:57,510 --> 00:04:58,740
‫a stack failure.

135
00:04:58,740 --> 00:05:00,510
‫So this is up to you to choose what you want,

136
00:05:00,510 --> 00:05:04,260
‫but both the behaviors can be desirable

137
00:05:04,260 --> 00:05:06,180
‫based on the what you're trying to do.

138
00:05:06,180 --> 00:05:07,013
‫So when you're done,

139
00:05:07,013 --> 00:05:08,460
‫please go ahead and delete the stack

140
00:05:08,460 --> 00:05:09,480
‫and you'll be good.

141
00:05:09,480 --> 00:05:10,313
‫Alright, that's it.

142
00:05:10,313 --> 00:05:11,460
‫I hope you liked it

143
00:05:11,460 --> 00:05:13,410
‫and I will see you in the next lecture.