我正在使用terraform v0.10.6来启动digitalocean上的Droplet。我正在引用一个已经添加到我的terraform配置中的digitalocean的密钥和SSH指纹(下面复制)。我能够使用这个ssh键登录现有的液滴,但不能在新形成的液滴上登录(SSH只是失败)。关于如何解决此问题的任何想法,以便当我通过terraform启动Droplet时,我应该能够通过已经添加到digitalocean上的密钥登录Droplet(并且在DO控制台上可见)。目前,Droplet出现在digitalocean管理控制台上,但我永远无法SSH到服务器上(连接被拒绝)。
test.tf
# add base droplet with name
resource "digitalocean_droplet" "do-mail" {
image = "ubuntu-16-04-x64"
name = "tmp.validdomain.com"
region = "nyc3"
size = "1gb"
private_networking = true
ssh_keys = [
"${var.ssh_fingerprint}",
]
connection {
user = "root"
type = "ssh"
private_key = "${file(var.private_key)}"
timeout = "2m"
}
provisioner "remote-exec" {
inline = [
"export PATH=$PATH:/usr/bin",
"sudo apt-get update",
]
}
}
terraform.tfvars
digitalocean_token = "correcttoken"
public_key = "~/.ssh/id_rsa.pub"
private_key = "~/.ssh/id_rsa"
ssh_fingerprint = "correct:finger:print"
provider.tf
provider "digitalocean" {
token = "${var.digitalocean_token}"
}
variables.tf
##variables used by terraform
# DO token
variable "digitalocean_token" {
type = "string"
}
# DO public key file location on local server
variable "public_key" {
type = "string"
}
# DO private key file location on local server
variable "private_key" {
type = "string"
}
# DO ssh key fingerprint
variable "ssh_fingerprint" {
type = "string"
}
答案 0 :(得分:0)
当我将digitalocean令牌指定为环境变量(而不是依赖于terraform.tfvars文件)时,我能够在初始化时使用SSH密钥设置新的Droplet。