Amazon ec2 调试Terraform AWS应用程序负载平衡器验证错误的最佳方法是什么？_Amazon Ec2_Terraform

Amazon ec2 调试Terraform AWS应用程序负载平衡器验证错误的最佳方法是什么？

amazon-ec2 terraform

Amazon ec2 调试Terraform AWS应用程序负载平衡器验证错误的最佳方法是什么？,amazon-ec2,terraform,Amazon Ec2,Terraform,我试图在AWS上用Terraform提供一个演示web服务，但遇到了以下错误 Error: Error applying plan: 2 error(s) occurred: * module.prod.module.web.module.web.aws_alb_listener.frontend: 1 error(s) occurred: * aws_alb_listener.frontend: Error creating LB Listener: ValidationError: '

我试图在AWS上用Terraform提供一个演示web服务，但遇到了以下错误

Error: Error applying plan:

2 error(s) occurred:

* module.prod.module.web.module.web.aws_alb_listener.frontend: 1 error(s) occurred:

* aws_alb_listener.frontend: Error creating LB Listener: ValidationError: 'arn:aws:elasticloadbalancing:us-west-2:114416042199:loadbalancer/app/demo-svc-prod-alb/2a5f486a7b9d265a' is not a valid target group ARN
  status code: 400, request id: e3819755-799c-11e8-ac82-43dfdd4e44d1
* module.prod.module.web.module.web.aws_autoscaling_group.backend: 1 error(s) occurred:

* aws_autoscaling_group.backend: Error creating AutoScaling Group: ValidationError: Provided Load Balancers may not be valid. Please ensure they exist and try again.
  status code: 400, request id: e37efee9-799c-11e8-955a-c50a9e447dfa

我不明白的是为什么ARN是无效的，因为它属于Terraform创建的资源。ARN指的是

弹性负载平衡

，这似乎有点可疑。在使用AWS应用程序负载平衡器和ASG时，是否有需要注意的问题？使用经典ELB时，我没有发现这个问题。有没有办法从地形中获得更多有用的信息

引发错误的相关资源包括：

resource "aws_alb_listener" "frontend" {
  load_balancer_arn       = "${aws_alb.frontend.arn}"
  port                    = "${local.https_port}"
  protocol                = "HTTPS"
  ssl_policy              = "ELBSecurityPolicy-TLS-1-2-2017-01"

  default_action {
    target_group_arn      = "${aws_alb.frontend.arn}"
    type                  = "forward"
  }
}

及

完整的代码可以在上找到。

您在这两种情况下引用的资源都是错误的

对于第一个错误，您的侦听器定义为：

resource "aws_alb_listener" "frontend" {
  load_balancer_arn       = "${aws_alb.frontend.arn}"
  port                    = "${local.https_port}"
  protocol                = "HTTPS"
  ssl_policy              = "ELBSecurityPolicy-TLS-1-2-2017-01"

  default_action {
    target_group_arn      = "${aws_alb.frontend.arn}"
    type                  = "forward"
  }
}

请注意，因此您需要将它指向您的目标组，而不是负载平衡器本身

因此，您应该使用：

resource "aws_alb_listener" "frontend" {
  load_balancer_arn       = "${aws_alb.frontend.arn}"
  port                    = "${local.https_port}"
  protocol                = "HTTPS"
  ssl_policy              = "ELBSecurityPolicy-TLS-1-2-2017-01"

  default_action {
    target_group_arn      = "${aws_alb_target_group.frontend.arn}"
    type                  = "forward"
  }
}

因为您只定义了一个侦听器规则，所以还可以删除，因为它在侦听器上执行的操作与默认操作相同。如果希望不同的流量（通过主机或通过路径）到达不同的目标组，则只能分别定义规则

第二个错误来自尝试通过将自动缩放组附加到ELB classic。如前所述，您应该使用：

resource "aws_autoscaling_group" "backend" {
  name                    = "${local.cluster_name}-asg"
  launch_configuration    = "${aws_launch_configuration.backend.id}"
  availability_zones      = ["${data.aws_availability_zones.all.names}"]
  target_group_arns       = ["${aws_alb_target_group.frontend.arn}"]
  health_check_type       = "ELB"
  min_size                = "${var.min_size}"
  max_size                = "${var.max_size}"
  // This resource type uses different tags specification format.
  // A list comp over the locals tags map would sure come in handy to keep
  // things DRY.
  tags                    = [
    {
      key                 = "System"
      value               = "${var.tags["System"]}"
      propagate_at_launch = true
    },
    {
      key                 = "Environment"
      value               = "${local.tags["Environment"]}"
      propagate_at_launch = true
    },
    {
      key                 = "Owner"
      value               = "${local.tags["Owner"]}"
      propagate_at_launch = true
    },
    {
      key                 = "Description"
      value               = "${local.tags["Description"]}"
      propagate_at_launch = true
    }
  ]
}

这将自动将自动缩放组附加到ALB目标组，以便您也可以摆脱正在执行相同操作的。如果您单独定义了ALB目标组和自动校准组，并且需要在它们之间进行链接，则通常只会使用

aws\u自动校准\u附件

资源。

谢谢！这就解决了问题。我还必须改变这一点，因为我使用的是

name

而不是

arn

target\u group\u arns=[“${aws\u alb\u target\u group.frontend.arn}”]

Oh Man big Thank@ydaetskcoR，你救了我的周末；）

resource "aws_autoscaling_group" "backend" {
  name                    = "${local.cluster_name}-asg"
  launch_configuration    = "${aws_launch_configuration.backend.id}"
  availability_zones      = ["${data.aws_availability_zones.all.names}"]
  target_group_arns       = ["${aws_alb_target_group.frontend.arn}"]
  health_check_type       = "ELB"
  min_size                = "${var.min_size}"
  max_size                = "${var.max_size}"
  // This resource type uses different tags specification format.
  // A list comp over the locals tags map would sure come in handy to keep
  // things DRY.
  tags                    = [
    {
      key                 = "System"
      value               = "${var.tags["System"]}"
      propagate_at_launch = true
    },
    {
      key                 = "Environment"
      value               = "${local.tags["Environment"]}"
      propagate_at_launch = true
    },
    {
      key                 = "Owner"
      value               = "${local.tags["Owner"]}"
      propagate_at_launch = true
    },
    {
      key                 = "Description"
      value               = "${local.tags["Description"]}"
      propagate_at_launch = true
    }
  ]
}