Question

我正在通过Terraform处理AWS配置。

我尝试做的是在实验室-VPC中配置一个自动扩展的实验室索引器组，并配置路由/子网/安全组。当我执行`terraform apply＆＃39;该脚本将挂在＆＃39; lab-indexer＆＃39;部分然后超时。除了我配置的超时消息之外，我没有收到任何错误。如果我注释掉vpc_zone_indentifier行，那么索引会在没有错误的情况下旋转，尽管配置不正确。这让我相信我在我的VPC设置中会出现某种配置错误。

我搜索了Terraform Docs，Stack Overflow和this comprehensive guide to Terraform。

更新我在能够创建ASG中的实例时登录到控制台并检查ASG活动。我注意到了一堆尝试的实例创作＆＃34;取消＆＃34;作为状态。经过调查，我看到了以下信息。

描述：说明启动新的EC2实例：i-0bf6afd70895e8212。状态原因：无法更新负载均衡器   lab-asg-indexer：EC2实例i-044ff993c34bc237a不在同一个   VPC为ELB。更新负载均衡器配置失败

原因：原因在2017-06-19T13：00：41Z，为了响应所需容量和实际容量之间的差异，启动了一个实例，   将容量从0增加到3。

我不确定如何解决这个问题与VPC。我通过以下方式将ELB添加到VPC（我认为）：

  subnets            = ["${aws_subnet.lab-Subnet.id}"]

但这还没有解决问题。

Answer 1

有些配置错了。

首先是您设置的launch_configuration ＆＃34; $ {aws_launch_configuration.lab-indexer.id}＆＃34;应该 $ {data.aws_availability_zones.all.names}
此外，您的配置
没有与ELB安全组关联的VPC ID。

我已经为您修改了这个并从我的系统进行了测试，现在它正在运行。让我知道它是怎么回事

# ---------------------------------------------------------------------------------------------------------------------
# GET THE LIST OF AVAILABILITY ZONES IN THE CURRENT REGION
# Every AWS accout has slightly different availability zones in each region.
# ---------------------------------------------------------------------------------------------------------------------
data "aws_availability_zones" "all" {}

# --------------------------------------------------------------------------------------------------------------------
# CREATE VPC
# --------------------------------------------------------------------------------------------------------------------
resource "aws_vpc" "lab-VPC" {
  cidr_block = "10.0.0.0/16"

  tags {
    Name = "lab-VPC"
  }
}

# --------------------------------------------------------------------------------------------------------------------
# CREATE SUBNET
# --------------------------------------------------------------------------------------------------------------------
resource "aws_subnet" "lab-Subnet" {
  vpc_id                  = "${aws_vpc.lab-VPC.id}"
  availability_zone       = "us-east-1a"
  cidr_block              = "10.0.0.0/24"
  map_public_ip_on_launch = "false"
}


# --------------------------------------------------------------------------------------------------------------------
# CREATE ROUTE TABLE
# --------------------------------------------------------------------------------------------------------------------
resource "aws_route_table" "lab-RouteTable-Private" {
  vpc_id = "${aws_vpc.lab-VPC.id}"
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.gw.id}"
  }
}

resource "aws_route_table_association" "lab-associatedVPS" {
  subnet_id      = "${aws_subnet.lab-Subnet.id}"
  route_table_id = "${aws_route_table.lab-RouteTable-Private.id}"
}

# ---------------------------------------------------------------------------------------------------------------------
# CREATE THE AUTO SCALING GROUP
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_autoscaling_group" "lab-indexers" {
  launch_configuration = "${aws_launch_configuration.lab-indexer.name}"
  # availability_zones   = ["${data.aws_availability_zones.all.names}"]
  # availability_zones = ["${var.region}a"]
  vpc_zone_identifier = ["${aws_subnet.lab-Subnet.id}"]

  min_size = 3
  max_size = 9

  load_balancers            = ["${aws_elb.lab-indexer-elb.name}"]
  health_check_type         = "ELB"
  wait_for_capacity_timeout = "5m"

  tag {
    key                 = "Name"
    value               = "lab-indexer"
    propagate_at_launch = true
  }
}

# --------------------------------------------------------------------------------------------------------------------
# CREATE IGW
# --------------------------------------------------------------------------------------------------------------------
resource "aws_internet_gateway" "gw" {
  vpc_id = "${aws_vpc.lab-VPC.id}"

  tags {
    Name = "lab-IGW"
  }
}

variable "PATH_TO_PUBLIC_KEY" {
  default = "myKey.pub"
}

###create key
resource "aws_key_pair" "mykeypair" {
  key_name = "mykeypair"
  public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}"
  lifecycle {
    ignore_changes = ["public_key"]
  }
}


# ---------------------------------------------------------------------------------------------------------------------
# CREATE A LAUNCH CONFIGURATION THAT DEFINES EACH EC2 INSTANCE IN THE ASG
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_launch_configuration" "lab-indexer" {
  # AWS Linux AMI (HVM), SSD Volume Type in us-east-1
  image_id      = "ami-c58c1dd3"
  instance_type = "t2.micro"
  security_groups = ["${aws_security_group.instance.id}"]
  key_name      = "${aws_key_pair.mykeypair.key_name}"

# This device contains homePath
  ebs_block_device {
    device_name           = "/dev/xvdb"
    volume_size           = 8
    volume_type           = "gp2"
#    encrypted             = true
    delete_on_termination = true
  }

  ebs_block_device {
    device_name           = "/dev/xvdc"
    volume_size           = 8
    volume_type           = "gp2"
#    encrypted             = true
    delete_on_termination = true
  }

  lifecycle {
    create_before_destroy = true
  }
}

# ---------------------------------------------------------------------------------------------------------------------
# CREATE THE SECURITY GROUP THAT'S APPLIED TO EACH EC2 INSTANCE IN THE ASG
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_security_group" "instance" {
  name = "lab-indexer"
   vpc_id = "${aws_vpc.lab-VPC.id}"

  # Inbound SSH
  ingress {
    from_port   = "22"
    to_port     = "22"
    protocol    = "tcp"
    cidr_blocks = ["66.196.30.124/32"]
  }

  # Outbound All Protocols
  egress {
    from_port   = "0"
    to_port     = "0"
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  lifecycle {
    create_before_destroy = true
  }
}

# ---------------------------------------------------------------------------------------------------------------------
# CREATE AN ELB TO ROUTE TRAFFIC ACROSS THE AUTO SCALING GROUP
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_elb" "lab-indexer-elb" {
  name               = "lab-asg-indexer"
  security_groups    = ["${aws_security_group.elb.id}"]
 # availability_zones = ["${data.aws_availability_zones.all.names}"]
  subnets             = ["${aws_subnet.lab-Subnet.id}"]

  # will work on this later
  # health_check {
  #   healthy_threshold = 5
  #   unhealthy_threshold = 5
  #   timeout = 3
  #   interval = 30
  #   target = "HTTP:80/"
  # }

  # This adds a listener for incoming HTTP requests.
  listener {
    lb_port           = 80
    lb_protocol       = "http"
    instance_port     = "80"
    instance_protocol = "http"
  }
}

# ---------------------------------------------------------------------------------------------------------------------
# CREATE A SECURITY GROUP THAT CONTROLS WHAT TRAFFIC AN GO IN AND OUT OF THE ELB
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_security_group" "elb" {
  name = "lab-indexer-elb"
  vpc_id = "${aws_vpc.lab-VPC.id}"

  # Allow all outbound
  egress {
    from_port   = 0
    to_port     = 0
    # -1 is semantically equivalent to "all." So all protocols are allowed
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  # Inbound HTTP from anywhere
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

VPC中自动缩放组的问题 - Terraform

1 个答案: