我一直在使用 AWS ECS 做一个项目,并且工作得很好。但是,当我想破坏架构时遇到了问题。我的 aws_ecs_service 和 module.vpc.aws_internet_gateway 出现循环错误。这是它的外观:
运行 terraform destory
aws_ecs_service.service: Still destroying... [id=arn:aws:ecs:us-east-1:xxxxxxxxxxxx:service/ecs-cluster/ecs-web-service, 5m10s elapsed]
module.vpc.aws_internet_gateway.this[0]: Still destroying... [id=igw-047a69fdbde0baacb, 5m10s elapsed]
我认为问题源于我创建的 IAM 文件,该文件用于创建然后附加到角色的策略。
asg.tf
data "aws_ami" "amazon_linux" {
most_recent = true
filter {
name = "name"
values = ["amzn-ami*amazon-ecs-optimized"]
}
filter {
name = "architecture"
values = ["x86_64"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
owners = ["amazon", "self"]
}
###### ECS launch configuration and ASG
## Creates a template of what the instance will need such as
## AMI, keypair, User Data, instance type, etc.
## Need to work on User Data for setting up URL.
resource "aws_launch_configuration" "lc" {
name = "ecs-lc"
iam_instance_profile = aws_iam_instance_profile.ecs_service_role.name
image_id = data.aws_ami.amazon_linux.id
instance_type = "t2.micro"
key_name = var.key_name
security_groups = [aws_security_group.alb-sg.id]
associate_public_ip_address = true
user_data = <<EOF
#! /bin/bash
sudo apt-get update
sudo echo "ECS_CLUSTER=${var.cluster_name}" >> /etc/ecs/ecs.config
EOF
lifecycle {
create_before_destroy = true
}
}
## Creates the ASG to scale the instances with a Private instance.
resource "aws_autoscaling_group" "asg" {
name = "asg"
launch_configuration = aws_launch_configuration.lc.name
vpc_zone_identifier = module.vpc.public_subnets
min_size = 3
desired_capacity = 3
max_size = 4
health_check_type = "ELB"
health_check_grace_period = 300
target_group_arns = [aws_alb_target_group.alb-target-group.arn]
protect_from_scale_in = true
lifecycle {
create_before_destroy = true
}
tag {
key = "Name"
value = "dude"
propagate_at_launch = true
}
}
alb.tf
### ALB is used for public hosting since is in a private instance for better security
resource "aws_alb" "alb" {
name = "Bevy-ALB"
load_balancer_type = "application"
internal = false
subnets = module.vpc.public_subnets
security_groups = [aws_security_group.alb-sg.id]
tags = {
Environment = "bevy"
CreatedBy = "dude"
}
}
resource "aws_alb_target_group" "alb-target-group" {
name = "ECS-Target-Group"
port = 80
protocol = "HTTP"
target_type = "instance"
vpc_id = data.aws_vpc.main.id
health_check {
path = "/"
healthy_threshold = 2
unhealthy_threshold = 10
timeout = 60
interval = 300
matcher = "200,301,302"
}
}
resource "aws_alb_listener" "alb-listener" {
load_balancer_arn = aws_alb.alb.arn
port = "80"
protocol = "HTTP"
default_action {
type = "forward"
target_group_arn = aws_alb_target_group.alb-target-group.arn
}
}
我必须为 Terraform 手动删除 ALB 以销毁剩余资源,但即便如此,我还是遇到了另一个障碍,我无法通过 Terraform 或 AWS 的控制台删除我的 AWS ECS 集群。它说它已被删除但在 AWS 中仍然可用。如果有人可以帮助解决我的问题,我将不胜感激。
编辑:最终能够删除 ECS 集群。我不得不手动删除 ALB 目标组和 ASG。让我更新我的问题以显示我的 ALB 和 ASG。我绝对确定它可能是我的 ASG 中的 lifecycle 用途。