9

azurerm_virtual_machine_extension用来在 azure 中引导一些虚拟机。

我发现的所有示例都显示使用类似于:

settings = <<SETTINGS
    {   
    "fileUris": [ "https://my.bootstrapscript.com/script.sh}" ],
    "commandToExecute": "bash script.sh"
    }
SETTINGS

虽然这可行,但我的问题是我必须公开托管script以用于fileUris. 设置中是否有允许我从 terraform 文件夹发送本地文件内容的选项?

就像是:

settings = <<SETTINGS
    {   
    "file": [ ${file("./script.txt")} ],
    "commandToExecute": "bash script.sh"
    }
SETTINGS

谢谢。

4

1 回答 1

19

我们可以!

介绍

在 protected_settings 中,使用“脚本”。

脚本

地形脚本

provider "azurerm" {
}

resource "azurerm_virtual_machine_extension" "vmext" {
    resource_group_name     = "${var.resource_group_name}"
    location                = "${var.location}"
    name                    = "${var.hostname}-vmext"

    virtual_machine_name = "${var.hostname}"
    publisher            = "Microsoft.Azure.Extensions"
    type                 = "CustomScript"
    type_handler_version = "2.0"

    protected_settings = <<PROT
    {
        "script": "${base64encode(file(var.scfile))}"
    }
    PROT
}

变量

variable resource_group_name {
    type = string
    default = "ORA"
}

variable location {
    type = string
    default = "eastus"
}

variable hostname {
    type = string
    default = "ora"
}

variable scfile{
    type = string
    default = "yum.bash"
}

bash 脚本

#!/bin/bash

mkdir -p ~/download
cd ~/download
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -ivh epel-release-latest-7.noarch.rpm
yum -y install cowsay
cowsay ExaGridDba

输出

申请

[terraform@terra stackoverflow]$ terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azurerm_virtual_machine_extension.vmex0 will be created
  + resource "azurerm_virtual_machine_extension" "vmex0" {
      + id                   = (known after apply)
      + location             = "eastus"
      + name                 = "ora-vmext"
      + protected_settings   = (sensitive value)
      + publisher            = "Microsoft.Azure.Extensions"
      + resource_group_name  = "ORA"
      + tags                 = (known after apply)
      + type                 = "CustomScript"
      + type_handler_version = "2.0"
      + virtual_machine_name = "ora"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

azurerm_virtual_machine_extension.vmex0: Creating...
azurerm_virtual_machine_extension.vmex0: Still creating... [10s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [20s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [30s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [40s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [50s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [1m0s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [1m10s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [1m20s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [1m30s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [1m40s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [1m50s elapsed]
azurerm_virtual_machine_extension.vmex0: Still creating... [2m0s elapsed]
azurerm_virtual_machine_extension.vmex0: Creation complete after 2m1s [id=/subscriptions/7fe8a9c3-0812-42e2-9733-3f567308a0d0/resourceGroups/ORA/providers/Microsoft.Compute/virtualMachines/ora/extensions/ora-vmext]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

目标上的标准输出

[root@ora ~]# cat /var/lib/waagent/custom-script/download/0/stdout
Preparing...                          ########################################
Updating / installing...
epel-release-7-12                     ########################################
Loaded plugins: langpacks, ulninfo
Resolving Dependencies
--> Running transaction check
---> Package cowsay.noarch 0:3.04-4.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

================================================================================
 Package          Arch             Version                 Repository      Size
================================================================================
Installing:
 cowsay           noarch           3.04-4.el7              epel            42 k

Transaction Summary
================================================================================
Install  1 Package

Total download size: 42 k
Installed size: 77 k
Downloading packages:
Public key for cowsay-3.04-4.el7.noarch.rpm is not installed
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : cowsay-3.04-4.el7.noarch                                     1/1
  Verifying  : cowsay-3.04-4.el7.noarch                                     1/1

Installed:
  cowsay.noarch 0:3.04-4.el7

Complete!

< ExaGridDba >
 ------------
        \   ^__^
         \  (oo)\_______
            (__)\       )\/\
                ||----w |
                ||     ||

评论

  1. 脚本大小限制为 262144 字节 base64 编码,或 196608 字节。
  2. “#!” 决定解释器。"#!/bin/python" 将启动一个 python 脚本。
  3. 这些 azurerm_virtual_machine_extension 参数不是必需的:
    • 设置
    • 文件URIs
    • 命令执行
    • storageAccountName
    • storageAccountKey
  4. Terraform 文档中可能未提及 protected_settings 参数“脚本”。请参阅 将 Azure 自定义脚本扩展版本 2 用于 Linux 虚拟机
  5. azurerm_virtual_machine_extension 可以在 VM 创建期间使用,也可以作为独立的管理工具使用。

结论

在 Azure VM 中,可以在不引用 Blob 存储帐户的情况下运行脚本。

于 2019-11-09T03:57:53.733 回答