我正在尝试使用 terraform 创建 azure vm。但无法从 terraform 执行自定义数据。Customdata.bin 文件是在服务器上创建的。还尝试了供应商资源,但没有运气。
main.tf 文件 azure vm 资源语法:
resource "azurerm_virtual_machine" "avmweb0" {
name = "${var.env}-${var.bu}-${var.company_name}-media-vm"
location = "${var.region}"
resource_group_name = "${module.network.resource-grp-name}"
network_interface_ids = ["${azurerm_network_interface.nicweb0.id}"]
vm_size = "${var.vm_size}"
storage_image_reference {
publisher = "${var.vm_publisher}"
offer = "${var.vm_offer}"
sku = "${var.vm_sku}"
version = "${var.vm_version}"
}
storage_os_disk {
name = "${var.env}-${var.bu}-${var.company_name}-media-osdisk"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "${var.env}-${var.vm_computer_name}"
admin_username = "${var.vm_admin_username}"
admin_password = "${var.vm_admin_password}"
custom_data = "${data.template_file.userdata.rendered}"
}
os_profile_windows_config{
winrm {
protocol="http"
}
}
/*
connection {
type = "winrm"
user = "${var.vm_admin_username}"
password = "${var.vm_admin_password}"
host = "${azurerm_public_ip.mediapubip.ip_address}"
port = 5985
https = false
insecure = true
timeout = "15m"
# cacert = ""
} */
/* provisioner "file" {
content = "${data.template_file.userdata.rendered}"
destination = "C:\\AzureData\\initdata.ps1"
connection {
type = "winrm"
user = "${var.vm_admin_username}"
password = "${var.vm_admin_password}"
}
}
provisioner "remote-exec" {
inline = [ "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File \"C:\\AzureData\\initdata.ps1\""]
} */
/* provisioner "file" {
content = "${data.template_file.userdata.rendered}"
destination = "C:\\AzureData\\initdata.ps1"
}
provisioner "local-exec" {
command = "powershell.exe -ExecutionPolicy RemoteSigned -File \"C:\\AzureData\\initdata.ps1\" -NoProfile -NonInteractive "
} */
tags {
Name = "${var.env}-${var.bu}-${var.company_name}-media"
BussinessUnit = "${var.bu}"
Environment = "${var.env}"
CompanyName = "${var.company_name}"
Application = "${var.appname}"
}
}
------------自定义数据文件 ---------------------------------
Set-ExecutionPolicy unrestricted
netsh advfirewall firewall add rule name="http" dir=in action=allow protocol=TCP localport=80
write-host "running init script"
if(!(test-path -Path "c:\temp"))
{
New-Item -ItemType directory -Path "C:\temp"
write-host "created temp directory"
}
$client = new-object System.Net.WebClient
$client.DownloadFile("https://downloads.puppetlabs.com/windows/puppet5/puppet-agent-5.0.0-x64.msi","c:\temp\puppet.msi")
cd "c:\temp"
pwd
echo "`nx.x.x.x puppet" | Out-File -FilePath "C:\Windows\System32\drivers\etc\hosts" -Append -Encoding ascii
msiexec /qn /norestart /i "c:\temp\puppet.msi"
if(test-path -path "C:\ProgramData\PuppetLabs\facter\facts.d")
{
echo "`nhello" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Encoding ascii
echo "`nconsolename : ${consolename}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`nbu : ${bu}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`nenv : ${env}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`ncompany_name : ${company_name}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`napplication : ${application}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`nservertype : ${servertype}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
}
使用供应商资源时出错:发生 1 个错误:
azurerm_virtual_machine.avmweb0:发生 1 个错误:
未知错误 Post http://xxxx:5985/wsman : dial tcp xxxx:5985: connectex: 连接尝试失败,因为连接方在一段时间后没有正确响应,或者建立连接失败,因为连接的主机没有响应.
Terraform 不会在遇到错误时自动回滚。相反,您的 Terraform 状态文件已使用成功完成的任何资源进行了部分更新。请解决上述错误并再次申请以逐步更改您的基础设施。[0m[0m]
代码 :
resource "azurerm_virtual_machine_extension" "avmme0" {
name = "${var.env}-${var.vm_computer_name}-config"
location = "West US"
resource_group_name = "${module.network.resource-grp-name}"
virtual_machine_name = "${azurerm_virtual_machine.avmweb0.name}"
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.8"
settings = <<SETTINGS
{
"fileUris": ["https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1"],
"commandToExecute": "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File userdata.ps1"
}
SETTINGS
tags {
Name = "${var.env}-${var.bu}-${var.company_name}-media"
BussinessUnit = "${var.bu}"
Environment = "${var.env}"
CompanyName = "${var.company_name}"
Application = "${var.appname}"
}
}
错误:[0m[1mazurerm_virtual_machine_extension.avmme0:仍在创建...(25m20s 已过)[0m[0m [31mError 应用计划:
发生了 1 个错误:
azurerm_virtual_machine_extension.avmme0:发生 1 个错误:
azurerm_virtual_machine_extension.avmme0:compute.VirtualMachineExtensionsClient#CreateOrUpdate:发送请求失败:StatusCode=200——原始错误:长时间运行的操作以状态“失败”终止:代码=“VMAgentStatusCommunicationError”消息=“VM”dev-it-mactores-media- vm' 未报告 VM 代理或扩展的状态。请验证 VM 是否有正在运行的 VM 代理,并且可以建立到 Azure 存储的出站连接。”
我可以使用以下命令从服务器下载: $client = new-object System.Net.WebClient $client.DownloadFile(" https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1 ", "c:\temp\userdata.ps1")
入站和出站规则对 5985 开放。
Tf var file details :
region ="West US"
storage_account_type =""
vm.size ="Standard_DS1_v2"
location ="West US"
appname ="xxx"
bu ="it"
company_name ="xxxx"
env ="dev"
tenant_id =""
client_secret =""
client_id =""
storage_account_type ="Standard_LRS"
vm_size = "Standard_DS1_v2"
vm_publisher = "MicrosoftWindowsServer"
vm_offer = "WindowsServer"
vm_sku = "2012-R2-Datacenter"
vm_version = "latest"
vm_computer_name = "web-media"
vm_admin_username = "xxxx"
vm_admin_password = "xxxx"
错误日志的原因是您没有在 Azure NSG 上打开端口 5985。因此,您的脚本无法连接到 Azure VM。对于Azure的VM,我建议你可以使用Custom Script Extension,而不是winrm你的虚拟机。
自定义脚本扩展下载并在 Azure 虚拟机上执行脚本。此扩展对于部署后配置、软件安装或任何其他配置/管理任务非常有用。
Terraform 还支持自定义脚本扩展。请参阅此链接。根据您的情况,建议您将自定义数据保存为ps1文件,上传到GitHub或Azure存储账户。你可以参考我的回答。Windows 自定义脚本扩展应该使用如下:
resource "azurerm_virtual_machine_extension" "test" {
name = "hostname"
location = "West US"
resource_group_name = "${azurerm_resource_group.test.name}"
virtual_machine_name = "${azurerm_virtual_machine.test.name}"
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.8"
settings = <<SETTINGS
{
"fileUris": ["https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1"],
"commandToExecute": "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File userdata.ps1"
}
SETTINGS
你可以检查我的vm.tf。
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句