Terraform无法执行remote-exec(aws / ec2)

时间:2019-04-27 08:39:08

标签: amazon-ec2 terraform terraform-provider-aws

当试图执行Terra脚本连接中的shell脚本引发预配器“ remote-exec”时未建立

我正在为ubuntu-xenial-16.04使用ami,因此用户是ubuntu

这是我用来执行shell脚本的最后一个代码:

resource "aws_instance" "secondary_zone" {
  count = 1
  instance_type = "${var.ec2_instance_type}"
  ami           = "${data.aws_ami.latest-ubuntu.id}"
  key_name = "${aws_key_pair.deployer.key_name}"
  subnet_id = "${aws_subnet.secondary.id}"
  vpc_security_group_ids =  ["${aws_security_group.server.id}"]
  associate_public_ip_address = true

  provisioner "remote-exec" {
    inline = ["${template_file.script.rendered}"]
  }

  connection {
    type        = "ssh"
    user        = "ubuntu"
    private_key = "${file("~/.ssh/id_rsa")}"
  }
}

这是控制台中的内容:

aws_instance.secondary_zone (remote-exec): Connecting to remote host via SSH...
aws_instance.secondary_zone (remote-exec):   Host: x.x.x.x
aws_instance.secondary_zone (remote-exec):   User: ubuntu
aws_instance.secondary_zone (remote-exec):   Password: false
aws_instance.secondary_zone (remote-exec):   Private key: true
aws_instance.secondary_zone (remote-exec):   SSH Agent: false
aws_instance.secondary_zone (remote-exec):   Checking Host Key: false

谢谢您的帮助...

3 个答案:

答案 0 :(得分:1)

我有同样的问题。在您的连接块中,尝试指定主机。

  connection {
    type        = "ssh"
    user        = "ubuntu"
    private_key = "${file("~/.ssh/id_rsa")}"
    host        = self.public_ip
  }

我还必须创建一个路由和网关,并将它们关联到我的vpc。我仍在学习terraform,但这对我有用。

resource "aws_internet_gateway" "test-env-gw" {
  vpc_id = aws_vpc.test-env.id
}

resource "aws_route_table" "route-table-test-env" {
  vpc_id = aws_vpc.test-env.id
  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.test-env-gw.id
  }
}

resource "aws_route_table_association" "subnet-association" {
  subnet_id      = aws_subnet.us-east-2a-public.id
  route_table_id = aws_route_table.route-table-test-env.id
}

答案 1 :(得分:0)

正如我所提到的,这与我的情况有关。

此外,template_file已过时,因此我将代码更改为:

resource "aws_instance" "secondary_zone" {
  instance_type = "${var.ec2_instance_type}"
  ami           = "${data.aws_ami.latest-ubuntu.id}"
  key_name = "${aws_key_pair.deployer.key_name}"
  subnet_id = "${aws_subnet.secondary.id}"
  vpc_security_group_ids =  ["${aws_security_group.server.id}"]
  associate_public_ip_address = true

    connection {
    type     = "ssh"
    user = "ubuntu"
    private_key = "${file("~/.ssh/id_rsa")}"
    timeout = "2m"

  }

  provisioner "file" {
    source      = "/server/script.sh"
    destination = "/tmp/script.sh"
  }  

  provisioner "remote-exec" {
    inline = [
      "chmod +x /tmp/script.sh",
      "/tmp/script.sh args",
    ]
  }
}

此外,我了解到scrip.sh必须格式化为LR

答案 2 :(得分:0)

如果您只是想运行一些脚本来提供您使用Terraform创建的任何ec2节点,我都会尝试设置user-data参数来引用您的脚本。节点初始化时,用户数据脚本会自动运行。

这将确保您的部署没有与生命周期相关的问题(例如,正在创建EC2节点,并且主机不可供远程执行程序使用),从而确保整体清洁。

一个例子如下:

resource "aws_instance" "secondary_zone" {
  count = 1
  instance_type = "${var.ec2_instance_type}"
  ami           = "${data.aws_ami.latest-ubuntu.id}"
  key_name = "${aws_key_pair.deployer.key_name}"
  subnet_id = "${aws_subnet.secondary.id}"
  vpc_security_group_ids =  ["${aws_security_group.server.id}"]
  associate_public_ip_address = true

  user_data = "${template_file.script.rendered}"
}

希望这会有所帮助!

进一步阅读: TF docs Userdata examples