使用vagrant创建虚拟机时出错

时间:2018-04-19 23:05:08

标签: azure vagrant

我想使用Vagrant在Azure中创建虚拟机。我关注此链接link 我已经成功获得了azure的证书,这里是我的vagrantFile:

# -*- mode: ruby -*-
  # vi: set ft=ruby :

  # All Vagrant configuration is done below. The "2" in Vagrant.configure
  #Ponemos el plugin que hemos instalado antes y que se explica durante el tutorial
  require "vagrant-azure"
  # configures the configuration version (we support older styles for
  # backwards compatibility). Please don't change it unless you know what
  # you're doing.
  Vagrant.configure("2") do |config|
  # The most common configuration options are documented and commented below.
  # For a complete reference, please see the online documentation at
  # https://docs.vagrantup.com.

  # Every Vagrant development environment requires a box. You can search for
  # boxes at https://vagrantcloud.com/search.
  #Aqui ponemos el nuestro box al lugar del box por defecto.
  # config.vm.box = "base"
  config.vm.box = "azure"
  # Disable automatic box update checking. If you disable this, then
  # boxes will only be checked for updates when the user runs
  # `vagrant box outdated`. This is not recommended.
  # config.vm.box_check_update = false
  config.ssh.private_key_path = "/home/elda/.ssh/id_rsa"
  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # NOTE: This will enable public access to the opened port
  #config.vm.network "forwarded_port", guest: 80, host: 8080

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine and only allow access
  # via 127.0.0.1 to disable public access
  #config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"

  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
  # config.vm.network "private_network", ip: "192.168.33.10"

  # Create a public network, which generally matched to bridged network.
  # Bridged networks make the machine appear as another physical device on
  # your network.
  # config.vm.network "public_network"

  # Share an additional folder to the guest VM. The first argument is
  # the path on the host to the actual folder. The second argument is
  # the path on the guest to mount the folder. And the optional third
  # argument is a set of non-required options.
  # config.vm.synced_folder "../data", "/vagrant_data"

  # Provider-specific configuration so you can fine-tune various
  # backing providers for Vagrant. These expose provider-specific options.
  # Example for VirtualBox:
  #
  # config.vm.provider "virtualbox" do |vb|
  #   # Display the VirtualBox GUI when booting the machine
  #   vb.gui = true
  #
  #   # Customize the amount of memory on the VM:
  #   vb.memory = "1024"
  # end
  # View the documentation for the provider you are using for more
  # information on available options.
  # Configuramos el niuestro proveedor azure
  config.vm.provider "azure" do |az, override|
  # Los param del VM 
    #az.vm_name = 'pgtic_test2'
    #az.vm_size = 'Standard_B1s'
    #az.vm_image_urn = 'Canonical:UbuntuServer:16.04-LTS:latest'
    #az.resource_group_name = 'vagrant'
  # Aqui usamos el informacion obtenido del servicio principal Azure AD 
 # Tweak to bypass Azure Box not found 
    az.tenant_id = ".........."
    az.client_id = "........."
    az.client_secret = ".........."
    az.subscription_id = "............."
  # Enable provisioning with a shell script. Additional provisioners such as
  # Puppet, Chef, Ansible, Salt, and Docker are also available. Please see the
  # documentation for more information about their specific syntax and use.
  # config.vm.provision "shell", inline: <<-SHELL
  #   apt-get update
  #   apt-get install -y apache2
  # SHELL
end
 config.vm.provision "shell", inline: "echo Hello, World"
 end
所有插件都已安装,但问题是,当我尝试vagrant up机器时,它会给我一个错误,我无法找到响应:

	Bringing machine 'default' up with 'azure' provider...
==> default: Launching an instance with the following settings...
==> default:  -- Management Endpoint: https://management.azure.com
==> default:  -- Subscription Id: ebf53860-e727-4003-90bc-3d099632c913
==> default:  -- Resource Group Name: red-darkness-38
==> default:  -- Location: westus
==> default:  -- Admin Username: vagrant
==> default:  -- VM Name: polished-voice-23
==> default:  -- VM Storage Account Type: Premium_LRS
==> default:  -- VM Size: Small
==> default:  -- Image URN: canonical:ubuntuserver:16.04.0-LTS:latest
==> default:  -- DNS Label Prefix: polished-voice-23
/home/elda/.vagrant.d/gems/2.4.3/gems/azure_mgmt_compute-0.10.0/lib/generated/azure_mgmt_compute/virtual_machine_images.rb:218:in `block in list_async': { (MsRestAzure::AzureOperationError)
  "message": "MsRestAzure::AzureOperationError: AuthorizationFailed: The client '6939d76b-a697-42d0-a52f-1af3c8412d51' with object id '6939d76b-a697-42d0-a52f-1af3c8412d51' does not have authorization to perform action 'Microsoft.Compute/locations/publishers/artifacttypes/offers/skus/versions/read' over scope '/subscriptions/ebf53860-e727-4003-90bc-3d099632c913'.",
  "request": {
    "base_uri": "https://management.azure.com",
    "path_template": "/subscriptions/{subscriptionId}/providers/Microsoft.Compute/locations/{location}/publishers/{publisherName}/artifacttypes/vmimage/offers/{offer}/skus/{skus}/versions",
    "method": "get",
    "path_params": {
      "location": "westus",
      "publisherName": "canonical",
      "offer": "ubuntuserver",
      "skus": "16.04.0-LTS",
      "subscriptionId": "ebf53860-e727-4003-90bc-3d099632c913"
    },
    "skip_encoding_path_params": null,
    "query_params": {
      "$filter": null,
      "$top": null,
      "$orderby": null,
      "api-version": "2016-04-30-preview"
    },
    "skip_encoding_query_params": null,
    "headers": {
      "Content-Type": "application/json;charset=utf-8",
      "accept-language": "en-US",
      "x-ms-client-request-id": "da80d2da-c90b-4f3e-8085-8545dfe9928c"
    },
    "body": null,
    "middlewares": [
      [
        "MsRest::RetryPolicyMiddleware",
        {
          "times": 3,
          "retry": 0.02
        }
      ],
      [
        "cookie_jar"
      ]
    ],
    "log": null
  },
  "response": {
    "body": "{\"error\":{\"code\":\"AuthorizationFailed\",\"message\":\"The client '6939d76b-a697-42d0-a52f-1af3c8412d51' with object id '6939d76b-a697-42d0-a52f-1af3c8412d51' does not have authorization to perform action 'Microsoft.Compute/locations/publishers/artifacttypes/offers/skus/versions/read' over scope '/subscriptions/ebf53860-e727-4003-90bc-3d099632c913'.\"}}",
    "headers": {
      "cache-control": "no-cache",
      "pragma": "no-cache",
      "content-type": "application/json; charset=utf-8",
      "expires": "-1",
      "x-ms-failure-cause": "gateway",
      "x-ms-request-id": "d2824106-2381-455d-89a8-7b20e84539a3",
      "x-ms-correlation-request-id": "d2824106-2381-455d-89a8-7b20e84539a3",
      "x-ms-routing-request-id": "FRANCESOUTH:20180419T225147Z:d2824106-2381-455d-89a8-7b20e84539a3",
      "strict-transport-security": "max-age=31536000; includeSubDomains",
      "x-content-type-options": "nosniff",
      "date": "Thu, 19 Apr 2018 22:51:47 GMT",
      "connection": "close",
      "content-length": "349"
    },
    "status": 403
  }
}
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/promise.rb:501:in `block in on_fulfill'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/safe_task_executor.rb:24:in `block in execute'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/synchronization/mri_lockable_object.rb:38:in `block in synchronize'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/synchronization/mri_lockable_object.rb:38:in `synchronize'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/synchronization/mri_lockable_object.rb:38:in `synchronize'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/safe_task_executor.rb:19:in `execute'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/promise.rb:531:in `block in realize'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/ruby_thread_pool_executor.rb:348:in `run_task'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/ruby_thread_pool_executor.rb:337:in `block (3 levels) in create_worker'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/ruby_thread_pool_executor.rb:320:in `loop'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/ruby_thread_pool_executor.rb:320:in `block (2 levels) in create_worker'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/ruby_thread_pool_executor.rb:319:in `catch'
	from /home/elda/.vagrant.d/gems/2.4.3/gems/concurrent-ruby-1.0.5/lib/concurrent/executor/ruby_thread_pool_executor.rb:319:in `block in create_worker'
似乎没有语法错误或缺少某些东西。 如果有人遇到同样的问题,请与我分享解决方案吗? 我有所有者权限: enter image description here

非常感谢。

1 个答案:

答案 0 :(得分:1)

在订阅中创建对象时遇到同样的问题。您的帐户需要适当的权限才能创建对象。

来自Microsoft :(已编辑)

由于显示的错误,似乎是最可能的原因。

您使用的服务主体在该租户中没有权利。

租户订阅和服务主体属于租户。 Azure资源管理器还公开了给定主体的基于角色的授权,这将授予其对Azure资源的权限。服务主管似乎没有权利从该订阅中读取。