要使用WinRM上载到Azure VM的Terraform文件供应器:错误:i/o超时
我正在尝试使用Terraform文件供应器使用WinRM将目录上载到Azure VM。获取各种错误和超时。Win2009服务器VM部署得很好,部署后,我可以使用WinRM对系统执行Powershell远程会话。但是,当我添加文件Provisioner(如下所示)时,会出现以下错误之一:要使用WinRM上载到Azure VM的Terraform文件供应器:错误:i/o超时,terraform,terraform-provider-azure,Terraform,Terraform Provider Azure,我正在尝试使用Terraform文件供应器使用WinRM将目录上载到Azure VM。获取各种错误和超时。Win2009服务器VM部署得很好,部署后,我可以使用WinRM对系统执行Powershell远程会话。但是,当我添加文件Provisioner(如下所示)时,会出现以下错误之一: Error: timeout - last error: http response error: 401 - invalid content type 或此错误,取决于切换到https true/false或
Error: timeout - last error: http response error: 401 - invalid content type
Error: timeout - last error: unknown error Post https://52.176.165.48:5985/wsman: http: server gave HTTP response to HTTPS client
locals {
virtual_machine_name = "${var.prefix}-dc1"
virtual_machine_fqdn = "${local.virtual_machine_name}.${var.active_directory_domain}"
custom_data_params = "Param($RemoteHostName = \"${local.virtual_machine_fqdn}\", $ComputerName = \"${local.virtual_machine_name}\")"
custom_data_content = "${local.custom_data_params} ${file("${path.module}/files/winrm.ps1")}"
}
resource "azurerm_availability_set" "dcavailabilityset" {
name = "dcavailabilityset"
resource_group_name = "${var.resource_group_name}"
location = "${var.location}"
platform_fault_domain_count = 3
platform_update_domain_count = 5
managed = true
}
resource "azurerm_virtual_machine" "domain-controller" {
name = "${local.virtual_machine_name}"
location = "${var.location}"
resource_group_name = "${var.resource_group_name}"
availability_set_id = "${azurerm_availability_set.dcavailabilityset.id}"
network_interface_ids = ["${azurerm_network_interface.primary.id}"]
vm_size = "Standard_A1"
delete_os_disk_on_termination = false
storage_image_reference {
publisher = "MicrosoftWindowsServer"
offer = "WindowsServer"
sku = "2019-Datacenter"
version = "latest"
}
storage_os_disk {
name = "${local.virtual_machine_name}-disk1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "${local.virtual_machine_name}"
admin_username = "${var.admin_username}"
admin_password = "${var.admin_password}"
custom_data = "${local.custom_data_content}"
}
os_profile_windows_config {
provision_vm_agent = true
enable_automatic_upgrades = false
additional_unattend_config {
pass = "oobeSystem"
component = "Microsoft-Windows-Shell-Setup"
setting_name = "AutoLogon"
content = "<AutoLogon><Password><Value>${var.admin_password}</Value></Password><Enabled>true</Enabled><LogonCount>1</LogonCount><Username>${var.admin_username}</Username></AutoLogon>"
}
# Unattend config is to enable basic auth in WinRM, required for the provisioner stage.
additional_unattend_config {
pass = "oobeSystem"
component = "Microsoft-Windows-Shell-Setup"
setting_name = "FirstLogonCommands"
content = "${file("${path.module}/files/FirstLogonCommands.xml")}"
}
}
provisioner "file" {
source = "BadBlood"
destination = "C:/BadBlood"
connection {
host = "${azurerm_public_ip.dc1-external.ip_address}"
type = "winrm"
user = "${var.admin_username}"
password = "${var.admin_password}"
timeout = "15m"
https = false
port = "5985"
insecure = true
}
}
}
本地人{
虚拟机名称=“${var.prefix}-dc1”
virtual_machine_fqdn=“${local.virtual_machine_name}.${var.active_directory_domain}”
自定义\u data\u params=“Param($RemoteHostName=\“${local.virtual\u fqdn}\”,$ComputerName=\“${local.virtual\u machine\u name}\”)
custom_data_content=“${local.custom_data_params}${file(${path.module}/files/winrm.ps1”)}”
}
资源“azurerm\u可用性\u集”“dcavailabilityset”{
name=“dcavailabilityset”
resource\u group\u name=“${var.resource\u group\u name}”
location=“${var.location}”
平台故障域计数=3
平台\更新\域\计数=5
托管=真
}
资源“azurerm\u虚拟机”“域控制器”{
name=“${local.virtual\u machine\u name}”
location=“${var.location}”
resource\u group\u name=“${var.resource\u group\u name}”
availability_set_id=“${azurerm_availability_set.dcavailabilityset.id}”
network_interface_id=[“${azurerm_network_interface.primary.id}”]
vm_size=“标准_A1”
在终止时删除操作系统磁盘=错误
存储\图像\参考{
publisher=“MicrosoftWindowsServer”
offer=“WindowsServer”
sku=“2019数据中心”
version=“最新”
}
存储操作系统磁盘{
name=“${local.virtual_machine_name}-disk1”
缓存=“读写”
创建\u option=“FromImage”
托管磁盘\u type=“标准\u LRS”
}
操作系统配置文件{
computer\u name=“${local.virtual\u machine\u name}”
admin_username=“${var.admin_username}”
admin_password=“${var.admin_password}”
custom_data=“${local.custom_data_content}”
}
操作系统配置文件windows配置文件{
provision\u vm\u agent=true
启用自动升级=错误
附加\u无人参与\u配置{
pass=“oobeSystem”
component=“Microsoft Windows Shell安装程序”
设置_name=“自动登录”
content=“${var.admin\u password}true1${var.admin\u username}”
}
#无人参与配置用于在WinRM中启用provisioner阶段所需的基本身份验证。
附加\u无人参与\u配置{
pass=“oobeSystem”
component=“Microsoft Windows Shell安装程序”
设置_name=“FirstLogonCommand”
content=“${file(${path.module}/files/firstLogonCommand.xml”)}”
}
}
供应器“文件”{
来源=“坏血液”
destination=“C:/BadBlood”
联系{
host=“${azurerm\u public\u ip.dc1 external.ip\u address}”
type=“winrm”
user=“${var.admin\u username}”
password=“${var.admin\u password}”
超时=“15米”
https=false
port=“5985”
不安全=正确
}
}
}
Write-Host "Enable HTTPS in WinRM"
$WinRmHttps = "@{Hostname=`"$RemoteHostName`"; CertificateThumbprint=`"$Thumbprint`"}"
winrm create winrm/config/Listener?Address=*+Transport=HTTPS $WinRmHttps
Write-Host "Set Basic Auth in WinRM"
$WinRmBasic = "@{Basic=`"true`"}"
winrm set winrm/config/service/Auth $WinRmBasicWrite-Host "Open Firewall Ports"
netsh advfirewall firewall add ruleenter code here name="Windows Remote Management (HTTP-In)" dir=in action=allow protocol=TCP localport=5985
netsh advfirewall firewall add rule name="Windows Remote Management (HTTPS-In)" dir=in action=allow protocol=TCP localport=5986
provisioner "file" {
source = "${path.module}/files/badblood.zip"
destination = "C:/terraform/badblood.zip"
connection {
host = "${azurerm_public_ip.dc1-external.ip_address}"
type = "winrm"
user = "${var.admin_username}"
password = "${var.admin_password}"
timeout = "15m"
https = true
port = "5986"
insecure = true
}
你确定WinRM真的启用了吗?如果是,您还需要创建NSG规则以允许端口5985用于入站流量,同时存在与之关联的NSG。是的,我最终通过添加windows防火墙规则以允许端口5986用于https winrm来解决问题,并将provisioner更改为使用端口5986,https设置为true。确定,如果你自己解决了,请添加一个答案来显示它或删除它。