VPC中自動縮放組的問題 - Terraform

我正在通過Terraform進行AWS配置。我很難找出我目前正在運行的問題。VPC中自動縮放組的問題 - Terraform

我試圖做的是有實驗室VPC中紡了配置的路由/子網/安全組實驗室索引器的自動縮放組。當我執行'terraform apply'時，腳本會掛在'lab-indexer'部分，然後超時。除了我配置的超時消息外，我沒有收到任何錯誤。如果我註釋掉vpc_zone_indentifier行，索引無錯地旋轉，但未正確配置。這導致我相信我在我的VPC設置中發生了某種配置錯誤。

我搜索了Terraform Docs，堆棧溢出，並this comprehensive guide to Terraform。我一直沒有發現這個問題。

我是新對terraform（已經使用了3周）和相對較新的AWS（開始2個月前）。我確信我犯了一個愚蠢的錯誤，但我很難找到問題。我將不勝感激任何幫助。你可以在這裏找到我的代碼：https://paste.ofcode.org/duZScjhHbCn57sUXEkqAve

UPDATE： 我能夠登錄到控制檯，並檢查ASG活動正在創建的ASG中的實例時。我注意到一堆嘗試實例創作與「取消」狀態。經過調查，我看到以下消息。

說明：說明啓動一個新的EC2實例：I-0bf6afd70895e8212。狀態描述：無法更新負載平衡器實驗室ASG-索引：EC2實例I-044ff993c34bc237a不在同一 VPC爲ELB。更新負載平衡器配置失敗

原因：原因在2017-06-19T13：00：41Z的實例是響應開始之間的差期望的和實際的容量，增加從0容量爲3

我不知道如何去與VPC修復此問題。我通過添加ELB到VPC（我認爲）：

subnets   = ["${aws_subnet.lab-Subnet.id}"]

但是這並沒有解決問題。有任何想法嗎？

來源

2017-06-16 Matt G.

快速瀏覽一下，我猜是因爲你在ASG上使用ELB健康檢查，但實際上並沒有配置你的ELB健康檢查。要麼修復ELB運行狀況檢查，要麼切換到EC2運行狀況檢查（就管理程序而言它是否會通過基本系統檢查），然後查看是否可以解決您的問題。 – ydaetskcoR

如果您可以發佈有助於的terraform腳本。 – strongjz

@ydaetskcoR - 感謝您的建議！我將類型更改爲EC2，但我得到的結果相同。控制檯到達創建ASG'''''的位置aws_autoscaling_group.lab-indexer：仍在創建...'''，它只是在那裏重複該消息，直到不可避免的超時。 –

一些配置是錯誤的。

首先你設置爲的launch_configuration 「$ {} aws_launch_configuration.lab-indexer.id」應該是 $ {} data.aws_availability_zones.all.names
也沒有資源來創建密鑰配對
沒有與ELB安全組關聯的VPC ID。

我已經修改了這個給你從我的系統測試，它現在的工作。讓我知道它是怎麼回事

# --------------------------------------------------------------------------------------------------------------------- 
# GET THE LIST OF AVAILABILITY ZONES IN THE CURRENT REGION 
# Every AWS accout has slightly different availability zones in each region. 
# --------------------------------------------------------------------------------------------------------------------- 
data "aws_availability_zones" "all" {} 

# -------------------------------------------------------------------------------------------------------------------- 
# CREATE VPC 
# -------------------------------------------------------------------------------------------------------------------- 
resource "aws_vpc" "lab-VPC" { 
    cidr_block = "10.0.0.0/16" 

    tags { 
    Name = "lab-VPC" 
    } 
} 

# -------------------------------------------------------------------------------------------------------------------- 
# CREATE SUBNET 
# -------------------------------------------------------------------------------------------------------------------- 
resource "aws_subnet" "lab-Subnet" { 
    vpc_id     = "${aws_vpc.lab-VPC.id}" 
    availability_zone  = "us-east-1a" 
    cidr_block    = "10.0.0.0/24" 
    map_public_ip_on_launch = "false" 
} 


# -------------------------------------------------------------------------------------------------------------------- 
# CREATE ROUTE TABLE 
# -------------------------------------------------------------------------------------------------------------------- 
resource "aws_route_table" "lab-RouteTable-Private" { 
    vpc_id = "${aws_vpc.lab-VPC.id}" 
    route { 
    cidr_block = "0.0.0.0/0" 
    gateway_id = "${aws_internet_gateway.gw.id}" 
    } 
} 

resource "aws_route_table_association" "lab-associatedVPS" { 
    subnet_id  = "${aws_subnet.lab-Subnet.id}" 
    route_table_id = "${aws_route_table.lab-RouteTable-Private.id}" 
} 

# --------------------------------------------------------------------------------------------------------------------- 
# CREATE THE AUTO SCALING GROUP 
# --------------------------------------------------------------------------------------------------------------------- 
resource "aws_autoscaling_group" "lab-indexers" { 
    launch_configuration = "${aws_launch_configuration.lab-indexer.name}" 
    # availability_zones = ["${data.aws_availability_zones.all.names}"] 
    # availability_zones = ["${var.region}a"] 
    vpc_zone_identifier = ["${aws_subnet.lab-Subnet.id}"] 

    min_size = 3 
    max_size = 9 

    load_balancers   = ["${aws_elb.lab-indexer-elb.name}"] 
    health_check_type   = "ELB" 
    wait_for_capacity_timeout = "5m" 

    tag { 
    key     = "Name" 
    value    = "lab-indexer" 
    propagate_at_launch = true 
    } 
} 

# -------------------------------------------------------------------------------------------------------------------- 
# CREATE IGW 
# -------------------------------------------------------------------------------------------------------------------- 
resource "aws_internet_gateway" "gw" { 
    vpc_id = "${aws_vpc.lab-VPC.id}" 

    tags { 
    Name = "lab-IGW" 
    } 
} 

variable "PATH_TO_PUBLIC_KEY" { 
    default = "myKey.pub" 
} 

###create key 
resource "aws_key_pair" "mykeypair" { 
    key_name = "mykeypair" 
    public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}" 
    lifecycle { 
    ignore_changes = ["public_key"] 
    } 
} 


# --------------------------------------------------------------------------------------------------------------------- 
# CREATE A LAUNCH CONFIGURATION THAT DEFINES EACH EC2 INSTANCE IN THE ASG 
# --------------------------------------------------------------------------------------------------------------------- 
resource "aws_launch_configuration" "lab-indexer" { 
    # AWS Linux AMI (HVM), SSD Volume Type in us-east-1 
    image_id  = "ami-c58c1dd3" 
    instance_type = "t2.micro" 
    security_groups = ["${aws_security_group.instance.id}"] 
    key_name  = "${aws_key_pair.mykeypair.key_name}" 

# This device contains homePath 
    ebs_block_device { 
    device_name   = "/dev/xvdb" 
    volume_size   = 8 
    volume_type   = "gp2" 
# encrypted    = true 
    delete_on_termination = true 
    } 

    ebs_block_device { 
    device_name   = "/dev/xvdc" 
    volume_size   = 8 
    volume_type   = "gp2" 
# encrypted    = true 
    delete_on_termination = true 
    } 

    lifecycle { 
    create_before_destroy = true 
    } 
} 

# --------------------------------------------------------------------------------------------------------------------- 
# CREATE THE SECURITY GROUP THAT'S APPLIED TO EACH EC2 INSTANCE IN THE ASG 
# --------------------------------------------------------------------------------------------------------------------- 
resource "aws_security_group" "instance" { 
    name = "lab-indexer" 
    vpc_id = "${aws_vpc.lab-VPC.id}" 

    # Inbound SSH 
    ingress { 
    from_port = "22" 
    to_port  = "22" 
    protocol = "tcp" 
    cidr_blocks = ["66.196.30.124/32"] 
    } 

    # Outbound All Protocols 
    egress { 
    from_port = "0" 
    to_port  = "0" 
    protocol = "-1" 
    cidr_blocks = ["0.0.0.0/0"] 
    } 

    lifecycle { 
    create_before_destroy = true 
    } 
} 

# --------------------------------------------------------------------------------------------------------------------- 
# CREATE AN ELB TO ROUTE TRAFFIC ACROSS THE AUTO SCALING GROUP 
# --------------------------------------------------------------------------------------------------------------------- 
resource "aws_elb" "lab-indexer-elb" { 
    name    = "lab-asg-indexer" 
    security_groups = ["${aws_security_group.elb.id}"] 
# availability_zones = ["${data.aws_availability_zones.all.names}"] 
    subnets    = ["${aws_subnet.lab-Subnet.id}"] 

    # will work on this later 
    # health_check { 
    # healthy_threshold = 5 
    # unhealthy_threshold = 5 
    # timeout = 3 
    # interval = 30 
    # target = "HTTP:80/" 
    # } 

    # This adds a listener for incoming HTTP requests. 
    listener { 
    lb_port   = 80 
    lb_protocol  = "http" 
    instance_port  = "80" 
    instance_protocol = "http" 
    } 
} 

# --------------------------------------------------------------------------------------------------------------------- 
# CREATE A SECURITY GROUP THAT CONTROLS WHAT TRAFFIC AN GO IN AND OUT OF THE ELB 
# --------------------------------------------------------------------------------------------------------------------- 
resource "aws_security_group" "elb" { 
    name = "lab-indexer-elb" 
    vpc_id = "${aws_vpc.lab-VPC.id}" 

    # Allow all outbound 
    egress { 
    from_port = 0 
    to_port  = 0 
    # -1 is semantically equivalent to "all." So all protocols are allowed 
    protocol = "-1" 
    cidr_blocks = ["0.0.0.0/0"] 
    } 

    # Inbound HTTP from anywhere 
    ingress { 
    from_port = 80 
    to_port  = 80 
    protocol = "tcp" 
    cidr_blocks = ["0.0.0.0/0"] 
    } 
}

來源

2017-06-18 10:43:12

感謝您的回覆！密鑰對在那裏，但我選擇排除那部分代碼。我對啓動配置= $ {data.aws_availability_zones.all.names}進行了初始更改，但是出現啓動配置必須是單個值而不是列表的錯誤。這是因爲它列出了所有可用區域。我不太明白這種做法，所以說實話我不知道從哪裏出發。 –

您是否使用上面粘貼的配置，因爲我沒有得到相同的錯誤？ –

我能夠複製上面粘貼的錯誤「EC2實例i-044ff993c34bc237a與ELB不在同一個VPC .....」請參閱上面的第3項以獲取解決方案。配置中還有其他問題，但我已經修改了tf文件並對其進行了測試並且它工作正常。使用上面粘貼的那個。你可以調整它來分類你的需求。讓我知道事情的後續 –

VPC中自動縮放組的問題 - Terraform

回答

相關問題