资源暂时不可用-TCP 5985

时间:2018-07-31 07:58:44

标签: amazon-web-services powershell terraform

我从Udemy课程中克隆了一个git repo,更改了访问密钥和秘密密钥ami,但是我仍然收到如下错误消息:拨打tcp 35.158.225.227:5985:connect:资源暂时不可用。 / p>

ec2实例状态正在运行,但无法执行Powershell。您对哪些功能无法正常工作有想法吗?

windows-instance.tf 

resource "aws_key_pair" "mykey" {
  key_name = "mykey"
  public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}"
}

resource "aws_instance" "win-example" {
  ami = "${lookup(var.WIN_AMIS, var.AWS_REGION)}"
  instance_type = "t2.micro"
  key_name = "${aws_key_pair.mykey.key_name}"
  user_data = <<EOF
<powershell>
net user ${var.INSTANCE_USERNAME} '${var.INSTANCE_PASSWORD}' /add /y
net localgroup administrators ${var.INSTANCE_USERNAME} /add
winrm quickconfig -q
winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="300"}'
winrm set winrm/config '@{MaxTimeoutms="1800000"}'
winrm set winrm/config/service '@{AllowUnencrypted="true"}'
winrm set winrm/config/service/auth '@{Basic="true"}'
netsh advfirewall firewall add rule name="WinRM 5985" protocol=TCP dir=in localport=5985 action=allow
netsh advfirewall firewall add rule name="WinRM 5986" protocol=TCP dir=in localport=5986 action=allow
net stop winrm
sc.exe config winrm start=auto
net start winrm
</powershell>
EOF

  provisioner "file" {
    source = "test.txt"
    destination = "C:/test.txt"
  }
  connection {
    type = "winrm"
    timeout = "10m"
    user = "${var.INSTANCE_USERNAME}"
    password = "${var.INSTANCE_PASSWORD}"
  }
}

vars.tf 

variable "AWS_ACCESS_KEY" {}
variable "AWS_SECRET_KEY" {}
variable "AWS_REGION" {
  default = "eu-central-1"
}
variable "WIN_AMIS" {
  type = "map"
  default = {
    eu-central-1 = "ami-6af7f381"
    eu-west-1 = "ami-96e1f27c"
  }
}

variable "PATH_TO_PRIVATE_KEY" {
  default = "mykey"
}
variable "PATH_TO_PUBLIC_KEY" {
  default = "mykey.pub"
}
variable "INSTANCE_USERNAME" {
  default = "Terraform"
}
variable "INSTANCE_PASSWORD" { }

provider.tf 

provider "aws" {
    access_key = "${var.AWS_ACCESS_KEY}"
    secret_key = "${var.AWS_SECRET_KEY}"
    region = "${var.AWS_REGION}"
}

我的文件夹中还有terraform.tfvars,pub和pem文件。我在做什么错了?

最诚挚的问候

1 个答案:

答案 0 :(得分:1)

问题是您没有以Windows管理员身份登录。 您试图以不存在的用户身份登录,然后将该用户添加到系统中。那是不可能的。您必须以管理员身份登录。

要进行更改

key_name = "${aws_key_pair.mykey.key_name}"


key_name = "${aws_key_pair.mykey.key_name}"
get_password_data = true

新行

get_password_data = true

告诉Terraform在创建Windows密码后立即获取。创建密码后,您需要对其进行访问,解密并使用它登录到实例。因此,下一个更改。

connection {
  type = "winrm"
  timeout = "10m"
  user = "${var.INSTANCE_USERNAME}"
  password = "${var.INSTANCE_PASSWORD}"
}


connection {
  type = "winrm"
  timeout = "10m"
  password = "${rsadecrypt(self.password_data, file("${var.PATH_TO_PRIVATE_KEY}"))}"

}

这将使用解密的管理员密码以管理员身份登录。

下一步删除

net user ${var.INSTANCE_USERNAME} '${var.INSTANCE_PASSWORD}' /add /y
net localgroup administrators ${var.INSTANCE_USERNAME} /add

这不是必需的,因为您将以具有访问密码权限的管理员身份登录。

也要更改

winrm quickconfig -q


winrm quickconfig -force

最后,从vars.tf中删除

variable "INSTANCE_USERNAME" {
  default = "Terraform"
}
variable "INSTANCE_PASSWORD" { }

因为您将改为以管理员身份登录。

然后一切正常。

相关问题
最新问题