Amazon web services 地形中的AWS VPC CIDR子网出现错误
我有一个CIDR block 172.30.0.0/21,并为其创建了2个私有子网和2个公共子网。它们在AWS控制台中启动并运行 这些是子网:Amazon web services 地形中的AWS VPC CIDR子网出现错误,amazon-web-services,terraform,amazon-vpc,terraform-provider-aws,subnet,Amazon Web Services,Terraform,Amazon Vpc,Terraform Provider Aws,Subnet,我有一个CIDR block 172.30.0.0/21,并为其创建了2个私有子网和2个公共子网。它们在AWS控制台中启动并运行 这些是子网: # List of private subnets to create in the environment, e.g. ["172.18.0.0/21", "172.18.8.0/21"] variable "private_subnets-west-2" { type = list
# List of private subnets to create in the environment, e.g. ["172.18.0.0/21", "172.18.8.0/21"]
variable "private_subnets-west-2" {
type = list(string)
default = ["172.30.0.0/23", "172.30.6.0/23"]
}
# List of public subnets to create in the environment, e.g. ["172.18.168.0/22", "172.18.172.0/22"]
variable "public_subnets-west-2" {
type = list(string)
default = ["172.30.4.0/23", "172.30.2.0/23"]
}
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
~ update in-place
- destroy
Terraform will perform the following actions:
# module.rds_replica.aws_db_subnet_group.db_subnet_group[0] will be updated in-place
~ resource "aws_db_subnet_group" "db_subnet_group" {
arn = "arn:aws:rds:us-west-2"
description = "Database subnet group for app-replica"
id = "app-replica-"
name = "app-replica-"
name_prefix = "app-replica-"
~ subnet_ids = [
- "subnet-048e730",
- "subnet-0be733e",
] -> (known after apply)
}
# module.vpc-us-west-2.aws_nat_gateway.this[0] will be created
+ resource "aws_nat_gateway" "this" {
+ allocation_id = "eipalloc-0c"
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc-us-west-2.aws_nat_gateway.this[1] will be created
+ resource "aws_nat_gateway" "this" {
+ allocation_id = "eipalloc-0a"
+ id = (known after apply)
+ network_interface_id = (known after apply)
+ private_ip = (known after apply)
+ public_ip = (known after apply)
+ subnet_id = (known after apply)
}
# module.vpc-us-west-2.aws_route.private_nat_gateway[0] will be updated in-place
~ resource "aws_route" "private_nat_gateway" {
destination_cidr_block = "0.0.0.0/0"
id = "r-rtb-09"
~ nat_gateway_id = "nat-00" -> (known after apply)
origin = "CreateRoute"
route_table_id = "rtb-09"
state = "blackhole"
timeouts {
create = "5m"
}
}
# module.vpc-us-west-2.aws_route.private_nat_gateway[1] will be updated in-place
~ resource "aws_route" "private_nat_gateway" {
destination_cidr_block = "0.0.0.0/0"
id = "r-rtb-0c"
~ nat_gateway_id = "nat-0d" -> (known after apply)
origin = "CreateRoute"
route_table_id = "rtb-0c"
state = "blackhole"
timeouts {
create = "5m"
}
}
# module.vpc-us-west-2.aws_route_table_association.public[0] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = "rtb-0"
+ subnet_id = (known after apply)
}
# module.vpc-us-west-2.aws_route_table_association.public[1] will be created
+ resource "aws_route_table_association" "public" {
+ id = (known after apply)
+ route_table_id = "rtb-09"
+ subnet_id = (known after apply)
}
# module.vpc-us-west-2.aws_subnet.public[0] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-west-2a"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.30.4.0/23"
+ id = (known after apply)
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ vpc_id = "vpc-0d"
}
# module.vpc-us-west-2.aws_subnet.public[0] (deposed object 840b9b87) will be destroyed
- resource "aws_subnet" "public" {
- arn = "arn:aws:ec2:us-west-2:4" -> null
- assign_ipv6_address_on_creation = false -> null
- availability_zone = "us-west-2a" -> null
- availability_zone_id = "usw2-az2" -> null
- cidr_block = "172.30.4.0/23" -> null
- id = "subnet-0b" -> null
- map_public_ip_on_launch = true -> null
- owner_id = "463" -> null
- vpc_id = "vpc-0d" -> null
}
# module.vpc-us-west-2.aws_subnet.public[1] will be created
+ resource "aws_subnet" "public" {
+ arn = (known after apply)
+ assign_ipv6_address_on_creation = false
+ availability_zone = "us-west-2c"
+ availability_zone_id = (known after apply)
+ cidr_block = "172.30.2.0/23"
+ map_public_ip_on_launch = true
+ owner_id = (known after apply)
+ vpc_id = "vpc-0d2"
}
Plan: 6 to add 3 to change, 1 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
module.vpc-us-west-2.aws_subnet.public[0]: Creating...
module.vpc-us-west-2.aws_subnet.public[1]: Creating...
Error: Error creating subnet: InvalidSubnet.Conflict: The CIDR '172.30.2.0/23' conflicts with another subnet
status code: 400, request id:
on .terraform/modules/vpc-us-west-2/main.tf line 335, in resource "aws_subnet" "public":
335: resource "aws_subnet" "public" {
Error: Error creating subnet: InvalidSubnet.Conflict: The CIDR '172.30.4.0/23' conflicts with another subnet
status code: 400, request id:
on .terraform/modules/vpc-us-west-2/main.tf line 335, in resource "aws_subnet" "public":
335: resource "aws_subnet" "public" {
- 它说它将创建“172.30.4.0/23”并销毁前一个?为什么?如果已经创建了该子网,为什么要创建然后销毁已有的子网
- 第二个子网也已经在我的帐户中创建了,所以它没有在计划中选择它,为什么要创建它
- 我不知道如何修复这些错误
- 更新:
- 我使用terraform import导入了第二个子网172.30.2.0/23。导入成功。然而,现在当我运行计划时。。。它正在执行与子网172.30.4.0/23相同的操作
- 这已添加到计划中:
- 所以它又在说它将摧毁aws控制台中已经制作的一个,然后创建一个新的
- 这里有多个问题
它说它将创建“172.30.4.0/23”并销毁前一个
对于某些对象,AWS中没有类似“更新”的操作,甚至在AWS控制台中,您也需要删除并创建新对象。
我不知道为什么你的子网会出现这种情况
第二个子网也已经在我的帐户中创建了,所以它没有在计划中选择它,为什么要创建它
如果第二个子网是在Terraform之外创建的,则需要明确告知Terraform使用现有资源。
在Terraform中,该操作称为导入,例如
$ terraform import aws_subnet.public subnet-9d4a7b6c
谢谢我确实导入了第二个子网terraform12导入。。然而,它仍然在计划中创建它。现在它又在摧毁它。。请看我更新的问题!第二个问题就解决了。第一个不是。@Grzgeroz Oledzki是的,我可以导入!然而,是的,首先不是。即使我导入了它,它仍然在销毁和重新创建子网,而这是它应该做的@Grzgeroz Oledzki关于如何修复它有什么帮助吗?$ terraform import aws_subnet.public subnet-9d4a7b6c