我正在尝试使用Terraform在azure应用程序服务上部署Windows容器。应用程序服务计划可以很好地部署,但是在尝试部署应用程序服务时出现授权错误。我正在使用具有管理员用户和密码的ACR实例使用连接字符串。有人有想法吗?
如果我从门户网站手动进行部署,则部署会成功。
# Create an App Service Plan with Windows
resource "azurerm_app_service_plan" "appserviceplan" {
name = "${var.rg-name}-plan"
location = "westus"
resource_group_name = var.rg-name
# Define Windows as Host OS
kind = "xenon"
is_xenon = true
# Choose size
sku {
tier = "PremiumContainer"
size = "PC2"
}
}
# Create an Azure Web App for Containers in that App Service Plan
resource "azurerm_app_service" "dockerapp" {
name = "${var.rg-name}-dockerapp"
location = "westus"
resource_group_name = "${var.rg-name}"
app_service_plan_id = "${azurerm_app_service_plan.appserviceplan.id}"
# Configure Docker Image to load on start
site_config {
windows_fx_version = "DOCKER|apps.azurecr.io/test/container:latest"
}
app_settings = {
# Settings for private Container Registires
DOCKER_REGISTRY_SERVER_URL = "repo.azureco.io",
DOCKER_REGISTRY_SERVER_USERNAME = "admin user",
DOCKER_REGISTRY_SERVER_PASSWORD = "password"
}
}
错误:
Error: Error creating App Service "dockerapp" (Resource Group "resource-group"): web.AppsClient#CreateOrUpdate: Failure sending request: StatusCode=401 -- Original Error: Code="Unauthorized" Message="Access is denied. Not authorized. latest" Details=[{"Message":"Access is denied. Not authorized. latest"},{"Code":"Unauthorized"},{"ErrorEntity":{"Code":"Unauthorized","ExtendedCode":"01001","Message":"Access is denied. Not authorized. latest","MessageTemplate":"Access is denied.","Parameters":[]}}]
答案 0 :(得分:1)
您可以验证DOCKER_REGISTRY_SERVER_URL的值是否正确,它应该是有效的 URL 。
例如,在您的代码中看起来像这样。
app_settings = {
# Settings for private Container Registires
DOCKER_REGISTRY_SERVER_URL = "https://apps.azurecr.io",
DOCKER_REGISTRY_SERVER_USERNAME = "admin user",
DOCKER_REGISTRY_SERVER_PASSWORD = "password"
}
有关更多参考,Here是使用Terraform在azure应用程序服务上部署Windows容器的示例。
答案 1 :(得分:0)
您能否快速检查 DOCKER_REGISTRY_SERVER_URL 中的URL是否与 site_config.windows_fx_version
中使用的URL相同?