Amazon ec2 调试Terraform AWS应用程序负载平衡器验证错误的最佳方法是什么?
我试图在AWS上用Terraform提供一个演示web服务,但遇到了以下错误Amazon ec2 调试Terraform AWS应用程序负载平衡器验证错误的最佳方法是什么?,amazon-ec2,terraform,Amazon Ec2,Terraform,我试图在AWS上用Terraform提供一个演示web服务,但遇到了以下错误 Error: Error applying plan: 2 error(s) occurred: * module.prod.module.web.module.web.aws_alb_listener.frontend: 1 error(s) occurred: * aws_alb_listener.frontend: Error creating LB Listener: ValidationError: '
Error: Error applying plan:
2 error(s) occurred:
* module.prod.module.web.module.web.aws_alb_listener.frontend: 1 error(s) occurred:
* aws_alb_listener.frontend: Error creating LB Listener: ValidationError: 'arn:aws:elasticloadbalancing:us-west-2:114416042199:loadbalancer/app/demo-svc-prod-alb/2a5f486a7b9d265a' is not a valid target group ARN
status code: 400, request id: e3819755-799c-11e8-ac82-43dfdd4e44d1
* module.prod.module.web.module.web.aws_autoscaling_group.backend: 1 error(s) occurred:
* aws_autoscaling_group.backend: Error creating AutoScaling Group: ValidationError: Provided Load Balancers may not be valid. Please ensure they exist and try again.
status code: 400, request id: e37efee9-799c-11e8-955a-c50a9e447dfa
我不明白的是为什么ARN是无效的,因为它属于Terraform创建的资源。ARN指的是弹性负载平衡
,这似乎有点可疑。在使用AWS应用程序负载平衡器和ASG时,是否有需要注意的问题?使用经典ELB时,我没有发现这个问题。有没有办法从地形中获得更多有用的信息
引发错误的相关资源包括:
resource "aws_alb_listener" "frontend" {
load_balancer_arn = "${aws_alb.frontend.arn}"
port = "${local.https_port}"
protocol = "HTTPS"
ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01"
default_action {
target_group_arn = "${aws_alb.frontend.arn}"
type = "forward"
}
}
及
完整的代码可以在上找到。您在这两种情况下引用的资源都是错误的 对于第一个错误,您的侦听器定义为:
resource "aws_alb_listener" "frontend" {
load_balancer_arn = "${aws_alb.frontend.arn}"
port = "${local.https_port}"
protocol = "HTTPS"
ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01"
default_action {
target_group_arn = "${aws_alb.frontend.arn}"
type = "forward"
}
}
请注意,因此您需要将它指向您的目标组,而不是负载平衡器本身
因此,您应该使用:
resource "aws_alb_listener" "frontend" {
load_balancer_arn = "${aws_alb.frontend.arn}"
port = "${local.https_port}"
protocol = "HTTPS"
ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01"
default_action {
target_group_arn = "${aws_alb_target_group.frontend.arn}"
type = "forward"
}
}
因为您只定义了一个侦听器规则,所以还可以删除,因为它在侦听器上执行的操作与默认操作相同。如果希望不同的流量(通过主机或通过路径)到达不同的目标组,则只能分别定义规则
第二个错误来自尝试通过将自动缩放组附加到ELB classic。如前所述,您应该使用:
resource "aws_autoscaling_group" "backend" {
name = "${local.cluster_name}-asg"
launch_configuration = "${aws_launch_configuration.backend.id}"
availability_zones = ["${data.aws_availability_zones.all.names}"]
target_group_arns = ["${aws_alb_target_group.frontend.arn}"]
health_check_type = "ELB"
min_size = "${var.min_size}"
max_size = "${var.max_size}"
// This resource type uses different tags specification format.
// A list comp over the locals tags map would sure come in handy to keep
// things DRY.
tags = [
{
key = "System"
value = "${var.tags["System"]}"
propagate_at_launch = true
},
{
key = "Environment"
value = "${local.tags["Environment"]}"
propagate_at_launch = true
},
{
key = "Owner"
value = "${local.tags["Owner"]}"
propagate_at_launch = true
},
{
key = "Description"
value = "${local.tags["Description"]}"
propagate_at_launch = true
}
]
}
这将自动将自动缩放组附加到ALB目标组,以便您也可以摆脱正在执行相同操作的。如果您单独定义了ALB目标组和自动校准组,并且需要在它们之间进行链接,则通常只会使用
aws\u自动校准\u附件
资源。谢谢!这就解决了问题。我还必须改变这一点,因为我使用的是name
而不是arn
target\u group\u arns=[“${aws\u alb\u target\u group.frontend.arn}”]
Oh Man big Thank@ydaetskcoR,你救了我的周末;)
resource "aws_autoscaling_group" "backend" {
name = "${local.cluster_name}-asg"
launch_configuration = "${aws_launch_configuration.backend.id}"
availability_zones = ["${data.aws_availability_zones.all.names}"]
target_group_arns = ["${aws_alb_target_group.frontend.arn}"]
health_check_type = "ELB"
min_size = "${var.min_size}"
max_size = "${var.max_size}"
// This resource type uses different tags specification format.
// A list comp over the locals tags map would sure come in handy to keep
// things DRY.
tags = [
{
key = "System"
value = "${var.tags["System"]}"
propagate_at_launch = true
},
{
key = "Environment"
value = "${local.tags["Environment"]}"
propagate_at_launch = true
},
{
key = "Owner"
value = "${local.tags["Owner"]}"
propagate_at_launch = true
},
{
key = "Description"
value = "${local.tags["Description"]}"
propagate_at_launch = true
}
]
}