从VPC Peering添加路由时,Terraform会不断更新aws_route_table

时间:2018-03-09 21:39:34

标签: terraform

我创建了一个aws_vpc_peering_connection来连接我帐户中的VPC。我正在使用aws_route_table使用路由表部分中的变量为每个VPC将路由应用到路由表以设置路由。

路线表适用,但是每次我申请后,terraform都会再次申请。其中一个VPC的vpc对等路由的gateway_id来自变量,因为数据是从另一个模块中提取的。

resource "aws_route_table" "route-table" {
  vpc_id = "${aws_vpc.us-west-2-3.id}"

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = "${aws_internet_gateway.internet-gateway.id}"
  }

  route {
    cidr_block  = "10.12.0.0/16"
    gateway_id  = "${aws_vpc_peering_connection.usw2-1-usw2-3.id}"
  }

}

每次planapply terraform想要更改aws_route_table

  ~ module.us-west-2-3.aws_route_table.route-table
      route.2485290482.cidr_block:                "10.12.0.0/16" => ""
      route.2485290482.egress_only_gateway_id:    "" => ""
      route.2485290482.gateway_id:                "" => ""
      route.2485290482.instance_id:               "" => ""
      route.2485290482.ipv6_cidr_block:           "" => ""
      route.2485290482.nat_gateway_id:            "" => ""
      route.2485290482.network_interface_id:      "" => ""
      route.2485290482.vpc_peering_connection_id: "pcx-0f3853c43363d28bb" => ""
      route.383599590.cidr_block:                 "" => "10.12.0.0/16"
      route.383599590.egress_only_gateway_id:     "" => ""
      route.383599590.gateway_id:                 "" => "pcx-0f3853c43363d28bb"
      route.383599590.instance_id:                "" => ""
      route.383599590.ipv6_cidr_block:            "" => ""
      route.383599590.nat_gateway_id:             "" => ""
      route.383599590.network_interface_id:       "" => ""
      route.383599590.vpc_peering_connection_id:  "" => ""
      route.4190671864.cidr_block:                "0.0.0.0/0" => "0.0.0.0/0"
      route.4190671864.egress_only_gateway_id:    "" => ""
      route.4190671864.gateway_id:                "igw-84caffe3" => "igw-84caffe3"
      route.4190671864.instance_id:               "" => ""
      route.4190671864.ipv6_cidr_block:           "" => ""
      route.4190671864.nat_gateway_id:            "" => ""
      route.4190671864.network_interface_id:      "" => ""
      route.4190671864.vpc_peering_connection_id: "" => ""

这是我应该报告的错误还是我做错了什么?

1 个答案:

答案 0 :(得分:1)

在第二个内联路由定义中,您指定 gateway_id

Gateway_id用于互联网访问。您想要使用的是 vpc_peering_connection_id 

vpc_peering_connection_id  = "${aws_vpc_peering_connection.usw2-1-usw2-3.id}"

官方terraform doc提到你在混合gateway_id和nat_gateway_id时可能会遇到这种无限更新,当你混合使用gateway_id和vpc_peering_connection时,我也不会感到惊讶:

  

关于gateway_id和nat_gateway_id的说明:AWS API非常宽容这两个属性,并且可以使用指定为网关ID属性的NAT ID创建aws_route_table资源。这将导致配置和状态文件之间的永久差异,因为API在返回的路由表中返回正确的参数。如果您在aws_route_table资源中遇到常量差异,首先要检查的是您是否指定了NAT ID而不是网关ID,反之亦然。

资料来源:https://www.terraform.io/docs/providers/aws/r/route_table.html

相关问题
最新问题