Amazon web services VPC-Terraform中的自动缩放组出现问题
我正在通过Terraform进行AWS配置 我想做的是让一组实验室索引器在实验室专有网络中自动扩展,并配置路由/子网/安全组。当我执行'terraform apply'时,脚本将挂起在'lab indexer'部分,然后超时。除了配置的超时消息之外,我没有收到任何错误。如果我注释掉vpc_zone_标识符行,索引会无误地旋转,尽管配置不正确。这让我相信我在VPC设置中犯了某种配置错误 我已经搜索了堆栈、溢出和 更新: 在创建ASG中的实例时,我能够登录到控制台并检查ASG活动。我注意到有许多试图创建的实例状态为“已取消”。经过调查,我看到了以下信息 说明:说明启动新的EC2实例:i-0bf6afd70895e8212。状态原因:无法更新负载平衡器 实验室asg索引器:EC2实例i-044ff993c34bc237a不在同一位置 作为ELB的VPC。更新负载平衡器配置失败 原因:原因2017-06-19T13:00:41Z启动了一个实例,以响应期望容量和实际容量之间的差异, 将容量从0增加到3 我不知道如何着手解决这个问题与专有网络。我通过以下方式将ELB添加到VPC(我想):Amazon web services VPC-Terraform中的自动缩放组出现问题,amazon-web-services,amazon-vpc,terraform,Amazon Web Services,Amazon Vpc,Terraform,我正在通过Terraform进行AWS配置 我想做的是让一组实验室索引器在实验室专有网络中自动扩展,并配置路由/子网/安全组。当我执行'terraform apply'时,脚本将挂起在'lab indexer'部分,然后超时。除了配置的超时消息之外,我没有收到任何错误。如果我注释掉vpc_zone_标识符行,索引会无误地旋转,尽管配置不正确。这让我相信我在VPC设置中犯了某种配置错误 我已经搜索了堆栈、溢出和 更新: 在创建ASG中的实例时,我能够登录到控制台并检查ASG活动。我注意到有许多试图
但这并没有解决问题。有些配置是错误的
# ---------------------------------------------------------------------------------------------------------------------
# GET THE LIST OF AVAILABILITY ZONES IN THE CURRENT REGION
# Every AWS accout has slightly different availability zones in each region.
# ---------------------------------------------------------------------------------------------------------------------
data "aws_availability_zones" "all" {}
# --------------------------------------------------------------------------------------------------------------------
# CREATE VPC
# --------------------------------------------------------------------------------------------------------------------
resource "aws_vpc" "lab-VPC" {
cidr_block = "10.0.0.0/16"
tags {
Name = "lab-VPC"
}
}
# --------------------------------------------------------------------------------------------------------------------
# CREATE SUBNET
# --------------------------------------------------------------------------------------------------------------------
resource "aws_subnet" "lab-Subnet" {
vpc_id = "${aws_vpc.lab-VPC.id}"
availability_zone = "us-east-1a"
cidr_block = "10.0.0.0/24"
map_public_ip_on_launch = "false"
}
# --------------------------------------------------------------------------------------------------------------------
# CREATE ROUTE TABLE
# --------------------------------------------------------------------------------------------------------------------
resource "aws_route_table" "lab-RouteTable-Private" {
vpc_id = "${aws_vpc.lab-VPC.id}"
route {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.gw.id}"
}
}
resource "aws_route_table_association" "lab-associatedVPS" {
subnet_id = "${aws_subnet.lab-Subnet.id}"
route_table_id = "${aws_route_table.lab-RouteTable-Private.id}"
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE THE AUTO SCALING GROUP
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_autoscaling_group" "lab-indexers" {
launch_configuration = "${aws_launch_configuration.lab-indexer.name}"
# availability_zones = ["${data.aws_availability_zones.all.names}"]
# availability_zones = ["${var.region}a"]
vpc_zone_identifier = ["${aws_subnet.lab-Subnet.id}"]
min_size = 3
max_size = 9
load_balancers = ["${aws_elb.lab-indexer-elb.name}"]
health_check_type = "ELB"
wait_for_capacity_timeout = "5m"
tag {
key = "Name"
value = "lab-indexer"
propagate_at_launch = true
}
}
# --------------------------------------------------------------------------------------------------------------------
# CREATE IGW
# --------------------------------------------------------------------------------------------------------------------
resource "aws_internet_gateway" "gw" {
vpc_id = "${aws_vpc.lab-VPC.id}"
tags {
Name = "lab-IGW"
}
}
variable "PATH_TO_PUBLIC_KEY" {
default = "myKey.pub"
}
###create key
resource "aws_key_pair" "mykeypair" {
key_name = "mykeypair"
public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}"
lifecycle {
ignore_changes = ["public_key"]
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE A LAUNCH CONFIGURATION THAT DEFINES EACH EC2 INSTANCE IN THE ASG
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_launch_configuration" "lab-indexer" {
# AWS Linux AMI (HVM), SSD Volume Type in us-east-1
image_id = "ami-c58c1dd3"
instance_type = "t2.micro"
security_groups = ["${aws_security_group.instance.id}"]
key_name = "${aws_key_pair.mykeypair.key_name}"
# This device contains homePath
ebs_block_device {
device_name = "/dev/xvdb"
volume_size = 8
volume_type = "gp2"
# encrypted = true
delete_on_termination = true
}
ebs_block_device {
device_name = "/dev/xvdc"
volume_size = 8
volume_type = "gp2"
# encrypted = true
delete_on_termination = true
}
lifecycle {
create_before_destroy = true
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE THE SECURITY GROUP THAT'S APPLIED TO EACH EC2 INSTANCE IN THE ASG
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_security_group" "instance" {
name = "lab-indexer"
vpc_id = "${aws_vpc.lab-VPC.id}"
# Inbound SSH
ingress {
from_port = "22"
to_port = "22"
protocol = "tcp"
cidr_blocks = ["66.196.30.124/32"]
}
# Outbound All Protocols
egress {
from_port = "0"
to_port = "0"
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
lifecycle {
create_before_destroy = true
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE AN ELB TO ROUTE TRAFFIC ACROSS THE AUTO SCALING GROUP
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_elb" "lab-indexer-elb" {
name = "lab-asg-indexer"
security_groups = ["${aws_security_group.elb.id}"]
# availability_zones = ["${data.aws_availability_zones.all.names}"]
subnets = ["${aws_subnet.lab-Subnet.id}"]
# will work on this later
# health_check {
# healthy_threshold = 5
# unhealthy_threshold = 5
# timeout = 3
# interval = 30
# target = "HTTP:80/"
# }
# This adds a listener for incoming HTTP requests.
listener {
lb_port = 80
lb_protocol = "http"
instance_port = "80"
instance_protocol = "http"
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE A SECURITY GROUP THAT CONTROLS WHAT TRAFFIC AN GO IN AND OUT OF THE ELB
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_security_group" "elb" {
name = "lab-indexer-elb"
vpc_id = "${aws_vpc.lab-VPC.id}"
# Allow all outbound
egress {
from_port = 0
to_port = 0
# -1 is semantically equivalent to "all." So all protocols are allowed
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
# Inbound HTTP from anywhere
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
快速看一眼,我猜是因为您正在ASG上使用ELB健康检查,但实际上没有配置ELB健康检查。要么修复ELB运行状况检查,要么切换到EC2运行状况检查(就虚拟机监控程序而言,它是否通过了基本系统检查),看看这是否解决了您的问题。如果您可以发布terraform脚本,这将很有帮助。@ydaetskcoR-感谢您的建议!我将类型更改为EC2,但得到了相同的结果。控制台到达创建ASG“”的点aws\U autoscaling\U group.lab-indexer:仍在创建…“”它只是坐在那里重复这个消息,直到不可避免的超时。请不要在堆栈溢出上发布像paste.ofcode.org这样的短暂内容。谢谢你的回复!密钥对在那里,但我选择排除代码的这一部分。我对launch config=${data.aws\u availability\u zones.all.names}进行了您建议的初始更改,但我得到一个错误,即launch config必须是单个值,而不是列表。这是因为它列出了所有可用性区域。我不太理解这种方法,所以说实话,我不知道从这里走到哪里。你是否使用我在上面粘贴的配置,因为我没有收到相同的错误?我能够复制你在上面粘贴的错误“EC2实例I-044ff993c34bc237a与ELB不在同一VPC中…”请参阅上面的第3项以了解解决方案。配置也有其他问题,但我已经修改了tf文件,并对其进行了测试,它可以正常工作。用我贴在上面的那个。你可以调整它来满足你的需要。让我知道进展如何
# ---------------------------------------------------------------------------------------------------------------------
# GET THE LIST OF AVAILABILITY ZONES IN THE CURRENT REGION
# Every AWS accout has slightly different availability zones in each region.
# ---------------------------------------------------------------------------------------------------------------------
data "aws_availability_zones" "all" {}
# --------------------------------------------------------------------------------------------------------------------
# CREATE VPC
# --------------------------------------------------------------------------------------------------------------------
resource "aws_vpc" "lab-VPC" {
cidr_block = "10.0.0.0/16"
tags {
Name = "lab-VPC"
}
}
# --------------------------------------------------------------------------------------------------------------------
# CREATE SUBNET
# --------------------------------------------------------------------------------------------------------------------
resource "aws_subnet" "lab-Subnet" {
vpc_id = "${aws_vpc.lab-VPC.id}"
availability_zone = "us-east-1a"
cidr_block = "10.0.0.0/24"
map_public_ip_on_launch = "false"
}
# --------------------------------------------------------------------------------------------------------------------
# CREATE ROUTE TABLE
# --------------------------------------------------------------------------------------------------------------------
resource "aws_route_table" "lab-RouteTable-Private" {
vpc_id = "${aws_vpc.lab-VPC.id}"
route {
cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.gw.id}"
}
}
resource "aws_route_table_association" "lab-associatedVPS" {
subnet_id = "${aws_subnet.lab-Subnet.id}"
route_table_id = "${aws_route_table.lab-RouteTable-Private.id}"
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE THE AUTO SCALING GROUP
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_autoscaling_group" "lab-indexers" {
launch_configuration = "${aws_launch_configuration.lab-indexer.name}"
# availability_zones = ["${data.aws_availability_zones.all.names}"]
# availability_zones = ["${var.region}a"]
vpc_zone_identifier = ["${aws_subnet.lab-Subnet.id}"]
min_size = 3
max_size = 9
load_balancers = ["${aws_elb.lab-indexer-elb.name}"]
health_check_type = "ELB"
wait_for_capacity_timeout = "5m"
tag {
key = "Name"
value = "lab-indexer"
propagate_at_launch = true
}
}
# --------------------------------------------------------------------------------------------------------------------
# CREATE IGW
# --------------------------------------------------------------------------------------------------------------------
resource "aws_internet_gateway" "gw" {
vpc_id = "${aws_vpc.lab-VPC.id}"
tags {
Name = "lab-IGW"
}
}
variable "PATH_TO_PUBLIC_KEY" {
default = "myKey.pub"
}
###create key
resource "aws_key_pair" "mykeypair" {
key_name = "mykeypair"
public_key = "${file("${var.PATH_TO_PUBLIC_KEY}")}"
lifecycle {
ignore_changes = ["public_key"]
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE A LAUNCH CONFIGURATION THAT DEFINES EACH EC2 INSTANCE IN THE ASG
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_launch_configuration" "lab-indexer" {
# AWS Linux AMI (HVM), SSD Volume Type in us-east-1
image_id = "ami-c58c1dd3"
instance_type = "t2.micro"
security_groups = ["${aws_security_group.instance.id}"]
key_name = "${aws_key_pair.mykeypair.key_name}"
# This device contains homePath
ebs_block_device {
device_name = "/dev/xvdb"
volume_size = 8
volume_type = "gp2"
# encrypted = true
delete_on_termination = true
}
ebs_block_device {
device_name = "/dev/xvdc"
volume_size = 8
volume_type = "gp2"
# encrypted = true
delete_on_termination = true
}
lifecycle {
create_before_destroy = true
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE THE SECURITY GROUP THAT'S APPLIED TO EACH EC2 INSTANCE IN THE ASG
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_security_group" "instance" {
name = "lab-indexer"
vpc_id = "${aws_vpc.lab-VPC.id}"
# Inbound SSH
ingress {
from_port = "22"
to_port = "22"
protocol = "tcp"
cidr_blocks = ["66.196.30.124/32"]
}
# Outbound All Protocols
egress {
from_port = "0"
to_port = "0"
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
lifecycle {
create_before_destroy = true
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE AN ELB TO ROUTE TRAFFIC ACROSS THE AUTO SCALING GROUP
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_elb" "lab-indexer-elb" {
name = "lab-asg-indexer"
security_groups = ["${aws_security_group.elb.id}"]
# availability_zones = ["${data.aws_availability_zones.all.names}"]
subnets = ["${aws_subnet.lab-Subnet.id}"]
# will work on this later
# health_check {
# healthy_threshold = 5
# unhealthy_threshold = 5
# timeout = 3
# interval = 30
# target = "HTTP:80/"
# }
# This adds a listener for incoming HTTP requests.
listener {
lb_port = 80
lb_protocol = "http"
instance_port = "80"
instance_protocol = "http"
}
}
# ---------------------------------------------------------------------------------------------------------------------
# CREATE A SECURITY GROUP THAT CONTROLS WHAT TRAFFIC AN GO IN AND OUT OF THE ELB
# ---------------------------------------------------------------------------------------------------------------------
resource "aws_security_group" "elb" {
name = "lab-indexer-elb"
vpc_id = "${aws_vpc.lab-VPC.id}"
# Allow all outbound
egress {
from_port = 0
to_port = 0
# -1 is semantically equivalent to "all." So all protocols are allowed
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
# Inbound HTTP from anywhere
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}