3
  • 我正在尝试使用 null_resource 使用 Terraform 的 remote-exec 配置程序配置多个 Windows EC2 实例。

$ terraform -v Terraform v0.12.6 provider.aws v2.23.0 provider.null v2.1.2

  • 最初,我在没有 null_resource 的情况下使用三个 remote-exec 配置程序(其中两个涉及重新启动实例),对于单个实例,一切正常。
  • 然后我需要增加计数并基于几个链接,最终使用 null_resource。 因此,我已将问题减少到我什至无法使用 null_resource 为超过 2 个 Windows EC2 实例运行一个远程执行配置程序的程度。

用于重现错误消息的 Terraform 模板:

//VARIABLES

variable "aws_access_key" {
  default = "AK"
}
variable "aws_secret_key" {
  default = "SAK"
}
variable "instance_count" {
  default = "3"
}
variable "username" {
  default = "Administrator"
}
variable "admin_password" {
  default = "Password"
}
variable "instance_name" {
  default = "Testing"
}
variable "vpc_id" {
  default = "vpc-id"
}

//PROVIDERS
provider "aws" {
  access_key = "${var.aws_access_key}"
  secret_key = "${var.aws_secret_key}"
  region     = "ap-southeast-2"
}

//RESOURCES
resource "aws_instance" "ec2instance" {
  count         = "${var.instance_count}"
  ami           = "Windows AMI"
  instance_type = "t2.xlarge"
  key_name      = "ec2_key"
  subnet_id     = "subnet-id"
  vpc_security_group_ids = ["${aws_security_group.ec2instance-sg.id}"]
  tags = {
    Name = "${var.instance_name}-${count.index}"
  }
}

resource "null_resource" "nullresource" {
  count = "${var.instance_count}"
  connection {
    type     = "winrm"
    host     = "${element(aws_instance.ec2instance.*.private_ip, count.index)}"
    user     = "${var.username}"
    password = "${var.admin_password}"
    timeout  = "10m"
  }
   provisioner "remote-exec" {
     inline = [
       "powershell.exe Write-Host Instance_No=${count.index}"
     ]
   }
//   provisioner "local-exec" {
//     command = "powershell.exe Write-Host Instance_No=${count.index}"
//   }
//   provisioner "file" {
//       source      = "testscript"
//       destination = "D:/testscript"
//   }
}
resource "aws_security_group" "ec2instance-sg" {
  name        = "${var.instance_name}-sg"
  vpc_id      = "${var.vpc_id}"


//   RDP
  ingress {
    from_port   = 3389
    to_port     = 3389
    protocol    = "tcp"
    cidr_blocks = ["CIDR"]
    }

//   WinRM access from the machine running TF to the instance
  ingress {
    from_port   = 5985
    to_port     = 5985
    protocol    = "tcp"
    cidr_blocks = ["CIDR"]
    }

  tags = {
    Name        = "${var.instance_name}-sg"
  }

}
//OUTPUTS
output "private_ip" {
  value = "${aws_instance.ec2instance.*.private_ip}"
}

观察:

4

3 回答 3

4

更新:最终的诀窍是v11.14按照此问题评论将 Terraform 降级为。

您可以尝试几件事:

  1. 内联remote-exec
resource "aws_instance" "ec2instance" {
  count         = "${var.instance_count}"
  # ...
  provisioner "remote-exec" {
    connection {
      # ...
    }
    inline = [
      # ...
    ]
  }
}

现在您可以参考blockself内部connection来获取实例的私有IP。

  1. 添加triggersnull_resource
resource "null_resource" "nullresource" {
  triggers {
    host    = "${element(aws_instance.ec2instance.*.private_ip, count.index)}" # Rerun when IP changes
    version = "${timestamp()}" # ...or rerun every time
  }
  # ...
}

您可以使用该triggers属性重新创建null_resource并因此重新执行remote-exec

于 2019-08-13T06:33:20.767 回答
1

我在 null_resource 中使用了这个触发器,它非常适合我。当实例数量增加并在所有实例上进行配置时,它也可以工作。我使用的是 terraform 和 openstack。

触发器= { instance_ids = join(",",openstack_compute_instance_v2.swarm-cluster-hosts[*].id) }

于 2020-02-12T11:07:31.080 回答
0

Terraform 0.12.26 为我解决了类似的问题(在部署多个 VM 时使用多个文件配置器时)

希望这可以帮助你: https ://github.com/hashicorp/terraform/issues/22006

于 2020-06-25T08:37:15.273 回答