Amazon web services VPC-Terraform中的自动缩放组出现问题

Amazon web services VPC-Terraform中的自动缩放组出现问题,amazon-web-services,amazon-vpc,terraform,Amazon Web Services,Amazon Vpc,Terraform,我正在通过Terraform进行AWS配置 我想做的是让一组实验室索引器在实验室专有网络中自动扩展,并配置路由/子网/安全组。当我执行'terraform apply'时,脚本将挂起在'lab indexer'部分,然后超时。除了配置的超时消息之外,我没有收到任何错误。如果我注释掉vpc_zone_标识符行,索引会无误地旋转,尽管配置不正确。这让我相信我在VPC设置中犯了某种配置错误 我已经搜索了堆栈、溢出和 更新: 在创建ASG中的实例时,我能够登录到控制台并检查ASG活动。我注意到有许多试图

我正在通过Terraform进行AWS配置

我想做的是让一组实验室索引器在实验室专有网络中自动扩展,并配置路由/子网/安全组。当我执行'terraform apply'时,脚本将挂起在'lab indexer'部分,然后超时。除了配置的超时消息之外,我没有收到任何错误。如果我注释掉vpc_zone_标识符行,索引会无误地旋转,尽管配置不正确。这让我相信我在VPC设置中犯了某种配置错误

我已经搜索了堆栈、溢出和

更新: 在创建ASG中的实例时,我能够登录到控制台并检查ASG活动。我注意到有许多试图创建的实例状态为“已取消”。经过调查,我看到了以下信息

说明:说明启动新的EC2实例:i-0bf6afd70895e8212。状态原因:无法更新负载平衡器 实验室asg索引器:EC2实例i-044ff993c34bc237a不在同一位置 作为ELB的VPC。更新负载平衡器配置失败

原因:原因2017-06-19T13:00:41Z启动了一个实例,以响应期望容量和实际容量之间的差异, 将容量从0增加到3

我不知道如何着手解决这个问题与专有网络。我通过以下方式将ELB添加到VPC(我想):


但这并没有解决问题。

有些配置是错误的

  • 首先是您设置为的启动配置 “${aws\u launch\u configuration.lab indexer.id}”应为 ${data.aws\u availability\u zones.all.names}
  • 此外,没有资源在配置中创建密钥对
  • 没有与ELB安全组关联的VPC ID
  • 我已经为您修改了这个,并从我的系统中进行了测试,现在它正在工作。让我知道进展如何

    # ---------------------------------------------------------------------------------------------------------------------
    # GET THE LIST OF AVAILABILITY ZONES IN THE CURRENT REGION
    # Every AWS accout has slightly different availability zones in each region.
    # ---------------------------------------------------------------------------------------------------------------------
    data "aws_availability_zones" "all" {}
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE VPC
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_vpc" "lab-VPC" {
      cidr_block = "10.0.0.0/16"
    
      tags {
        Name = "lab-VPC"
      }
    }
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE SUBNET
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_subnet" "lab-Subnet" {
      vpc_id                  = "${aws_vpc.lab-VPC.id}"
      availability_zone       = "us-east-1a"
      cidr_block              = "10.0.0.0/24"
      map_public_ip_on_launch = "false"
    }
    
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE ROUTE TABLE
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_route_table" "lab-RouteTable-Private" {
      vpc_id = "${aws_vpc.lab-VPC.id}"
      route {
        cidr_block = "0.0.0.0/0"
        gateway_id = "${aws_internet_gateway.gw.id}"
      }
    }
    
    resource "aws_route_table_association" "lab-associatedVPS" {
      subnet_id      = "${aws_subnet.lab-Subnet.id}"
      route_table_id = "${aws_route_table.lab-RouteTable-Private.id}"
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE THE AUTO SCALING GROUP
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_autoscaling_group" "lab-indexers" {
      launch_configuration = "${aws_launch_configuration.lab-indexer.name}"
      # availability_zones   = ["${data.aws_availability_zones.all.names}"]
      # availability_zones = ["${var.region}a"]
      vpc_zone_identifier = ["${aws_subnet.lab-Subnet.id}"]
    
      min_size = 3
      max_size = 9
    
      load_balancers            = ["${aws_elb.lab-indexer-elb.name}"]
      health_check_type         = "ELB"
      wait_for_capacity_timeout = "5m"
    
      tag {
        key                 = "Name"
        value               = "lab-indexer"
        propagate_at_launch = true
      }
    }
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE IGW
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_internet_gateway" "gw" {
      vpc_id = "${aws_vpc.lab-VPC.id}"
    
      tags {
        Name = "lab-IGW"
      }
    }
    
    variable "PATH_TO_PUBLIC_KEY" {
      default = "myKey.pub"
    }
    
    ###create key
    resource "aws_key_pair" "mykeypair" {
      key_name = "mykeypair"
      public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}"
      lifecycle {
        ignore_changes = ["public_key"]
      }
    }
    
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE A LAUNCH CONFIGURATION THAT DEFINES EACH EC2 INSTANCE IN THE ASG
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_launch_configuration" "lab-indexer" {
      # AWS Linux AMI (HVM), SSD Volume Type in us-east-1
      image_id      = "ami-c58c1dd3"
      instance_type = "t2.micro"
      security_groups = ["${aws_security_group.instance.id}"]
      key_name      = "${aws_key_pair.mykeypair.key_name}"
    
    # This device contains homePath
      ebs_block_device {
        device_name           = "/dev/xvdb"
        volume_size           = 8
        volume_type           = "gp2"
    #    encrypted             = true
        delete_on_termination = true
      }
    
      ebs_block_device {
        device_name           = "/dev/xvdc"
        volume_size           = 8
        volume_type           = "gp2"
    #    encrypted             = true
        delete_on_termination = true
      }
    
      lifecycle {
        create_before_destroy = true
      }
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE THE SECURITY GROUP THAT'S APPLIED TO EACH EC2 INSTANCE IN THE ASG
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_security_group" "instance" {
      name = "lab-indexer"
       vpc_id = "${aws_vpc.lab-VPC.id}"
    
      # Inbound SSH
      ingress {
        from_port   = "22"
        to_port     = "22"
        protocol    = "tcp"
        cidr_blocks = ["66.196.30.124/32"]
      }
    
      # Outbound All Protocols
      egress {
        from_port   = "0"
        to_port     = "0"
        protocol    = "-1"
        cidr_blocks = ["0.0.0.0/0"]
      }
    
      lifecycle {
        create_before_destroy = true
      }
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE AN ELB TO ROUTE TRAFFIC ACROSS THE AUTO SCALING GROUP
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_elb" "lab-indexer-elb" {
      name               = "lab-asg-indexer"
      security_groups    = ["${aws_security_group.elb.id}"]
     # availability_zones = ["${data.aws_availability_zones.all.names}"]
      subnets             = ["${aws_subnet.lab-Subnet.id}"]
    
      # will work on this later
      # health_check {
      #   healthy_threshold = 5
      #   unhealthy_threshold = 5
      #   timeout = 3
      #   interval = 30
      #   target = "HTTP:80/"
      # }
    
      # This adds a listener for incoming HTTP requests.
      listener {
        lb_port           = 80
        lb_protocol       = "http"
        instance_port     = "80"
        instance_protocol = "http"
      }
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE A SECURITY GROUP THAT CONTROLS WHAT TRAFFIC AN GO IN AND OUT OF THE ELB
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_security_group" "elb" {
      name = "lab-indexer-elb"
      vpc_id = "${aws_vpc.lab-VPC.id}"
    
      # Allow all outbound
      egress {
        from_port   = 0
        to_port     = 0
        # -1 is semantically equivalent to "all." So all protocols are allowed
        protocol    = "-1"
        cidr_blocks = ["0.0.0.0/0"]
      }
    
      # Inbound HTTP from anywhere
      ingress {
        from_port   = 80
        to_port     = 80
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
      }
    }
    

    快速看一眼,我猜是因为您正在ASG上使用ELB健康检查,但实际上没有配置ELB健康检查。要么修复ELB运行状况检查,要么切换到EC2运行状况检查(就虚拟机监控程序而言,它是否通过了基本系统检查),看看这是否解决了您的问题。如果您可以发布terraform脚本,这将很有帮助。@ydaetskcoR-感谢您的建议!我将类型更改为EC2,但得到了相同的结果。控制台到达创建ASG“”的点aws\U autoscaling\U group.lab-indexer:仍在创建…“”它只是坐在那里重复这个消息,直到不可避免的超时。请不要在堆栈溢出上发布像paste.ofcode.org这样的短暂内容。谢谢你的回复!密钥对在那里,但我选择排除代码的这一部分。我对launch config=${data.aws\u availability\u zones.all.names}进行了您建议的初始更改,但我得到一个错误,即launch config必须是单个值,而不是列表。这是因为它列出了所有可用性区域。我不太理解这种方法,所以说实话,我不知道从这里走到哪里。你是否使用我在上面粘贴的配置,因为我没有收到相同的错误?我能够复制你在上面粘贴的错误“EC2实例I-044ff993c34bc237a与ELB不在同一VPC中…”请参阅上面的第3项以了解解决方案。配置也有其他问题,但我已经修改了tf文件,并对其进行了测试,它可以正常工作。用我贴在上面的那个。你可以调整它来满足你的需要。让我知道进展如何
    # ---------------------------------------------------------------------------------------------------------------------
    # GET THE LIST OF AVAILABILITY ZONES IN THE CURRENT REGION
    # Every AWS accout has slightly different availability zones in each region.
    # ---------------------------------------------------------------------------------------------------------------------
    data "aws_availability_zones" "all" {}
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE VPC
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_vpc" "lab-VPC" {
      cidr_block = "10.0.0.0/16"
    
      tags {
        Name = "lab-VPC"
      }
    }
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE SUBNET
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_subnet" "lab-Subnet" {
      vpc_id                  = "${aws_vpc.lab-VPC.id}"
      availability_zone       = "us-east-1a"
      cidr_block              = "10.0.0.0/24"
      map_public_ip_on_launch = "false"
    }
    
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE ROUTE TABLE
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_route_table" "lab-RouteTable-Private" {
      vpc_id = "${aws_vpc.lab-VPC.id}"
      route {
        cidr_block = "0.0.0.0/0"
        gateway_id = "${aws_internet_gateway.gw.id}"
      }
    }
    
    resource "aws_route_table_association" "lab-associatedVPS" {
      subnet_id      = "${aws_subnet.lab-Subnet.id}"
      route_table_id = "${aws_route_table.lab-RouteTable-Private.id}"
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE THE AUTO SCALING GROUP
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_autoscaling_group" "lab-indexers" {
      launch_configuration = "${aws_launch_configuration.lab-indexer.name}"
      # availability_zones   = ["${data.aws_availability_zones.all.names}"]
      # availability_zones = ["${var.region}a"]
      vpc_zone_identifier = ["${aws_subnet.lab-Subnet.id}"]
    
      min_size = 3
      max_size = 9
    
      load_balancers            = ["${aws_elb.lab-indexer-elb.name}"]
      health_check_type         = "ELB"
      wait_for_capacity_timeout = "5m"
    
      tag {
        key                 = "Name"
        value               = "lab-indexer"
        propagate_at_launch = true
      }
    }
    
    # --------------------------------------------------------------------------------------------------------------------
    # CREATE IGW
    # --------------------------------------------------------------------------------------------------------------------
    resource "aws_internet_gateway" "gw" {
      vpc_id = "${aws_vpc.lab-VPC.id}"
    
      tags {
        Name = "lab-IGW"
      }
    }
    
    variable "PATH_TO_PUBLIC_KEY" {
      default = "myKey.pub"
    }
    
    ###create key
    resource "aws_key_pair" "mykeypair" {
      key_name = "mykeypair"
      public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}"
      lifecycle {
        ignore_changes = ["public_key"]
      }
    }
    
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE A LAUNCH CONFIGURATION THAT DEFINES EACH EC2 INSTANCE IN THE ASG
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_launch_configuration" "lab-indexer" {
      # AWS Linux AMI (HVM), SSD Volume Type in us-east-1
      image_id      = "ami-c58c1dd3"
      instance_type = "t2.micro"
      security_groups = ["${aws_security_group.instance.id}"]
      key_name      = "${aws_key_pair.mykeypair.key_name}"
    
    # This device contains homePath
      ebs_block_device {
        device_name           = "/dev/xvdb"
        volume_size           = 8
        volume_type           = "gp2"
    #    encrypted             = true
        delete_on_termination = true
      }
    
      ebs_block_device {
        device_name           = "/dev/xvdc"
        volume_size           = 8
        volume_type           = "gp2"
    #    encrypted             = true
        delete_on_termination = true
      }
    
      lifecycle {
        create_before_destroy = true
      }
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE THE SECURITY GROUP THAT'S APPLIED TO EACH EC2 INSTANCE IN THE ASG
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_security_group" "instance" {
      name = "lab-indexer"
       vpc_id = "${aws_vpc.lab-VPC.id}"
    
      # Inbound SSH
      ingress {
        from_port   = "22"
        to_port     = "22"
        protocol    = "tcp"
        cidr_blocks = ["66.196.30.124/32"]
      }
    
      # Outbound All Protocols
      egress {
        from_port   = "0"
        to_port     = "0"
        protocol    = "-1"
        cidr_blocks = ["0.0.0.0/0"]
      }
    
      lifecycle {
        create_before_destroy = true
      }
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE AN ELB TO ROUTE TRAFFIC ACROSS THE AUTO SCALING GROUP
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_elb" "lab-indexer-elb" {
      name               = "lab-asg-indexer"
      security_groups    = ["${aws_security_group.elb.id}"]
     # availability_zones = ["${data.aws_availability_zones.all.names}"]
      subnets             = ["${aws_subnet.lab-Subnet.id}"]
    
      # will work on this later
      # health_check {
      #   healthy_threshold = 5
      #   unhealthy_threshold = 5
      #   timeout = 3
      #   interval = 30
      #   target = "HTTP:80/"
      # }
    
      # This adds a listener for incoming HTTP requests.
      listener {
        lb_port           = 80
        lb_protocol       = "http"
        instance_port     = "80"
        instance_protocol = "http"
      }
    }
    
    # ---------------------------------------------------------------------------------------------------------------------
    # CREATE A SECURITY GROUP THAT CONTROLS WHAT TRAFFIC AN GO IN AND OUT OF THE ELB
    # ---------------------------------------------------------------------------------------------------------------------
    resource "aws_security_group" "elb" {
      name = "lab-indexer-elb"
      vpc_id = "${aws_vpc.lab-VPC.id}"
    
      # Allow all outbound
      egress {
        from_port   = 0
        to_port     = 0
        # -1 is semantically equivalent to "all." So all protocols are allowed
        protocol    = "-1"
        cidr_blocks = ["0.0.0.0/0"]
      }
    
      # Inbound HTTP from anywhere
      ingress {
        from_port   = 80
        to_port     = 80
        protocol    = "tcp"
        cidr_blocks = ["0.0.0.0/0"]
      }
    }