问题描述
问题:
大家好,
感谢您的宝贵时间。所以我是terraform和一般开发人员的新手。 我觉得我在Provisioner连接块下做错了。 我正在尝试使用terraform创建一个主要的主从配置。为了使我的主服务器能够与从服务器通信,需要主节点的ssh公钥在.ssh / authorized中的所有从服务器中都可用,为此,我正在尝试在创建时通过ssh并传递主公钥奴隶。 出于某种原因,我在尝试创建时尝试了所有我无法想象的并进入很多论坛,无法进入slave。我确定我可能在这里做错了。 任何帮助,将不胜感激。 问候。
terraform v0.13.0
variable "region" {
default = "us-east-1"
}
variable "type" {
default = "t2.micro"
}
variable "ec2LinuxAmi" {
type = map(string)
default = {
us-east-1 = "ami-0bcc094591f354be2"
}
}
variable "keyname" {
default = "terraformKeys"
}
variable "privateKeyPath" {
description = "Path to private key"
default = "/home/userName/.ssh/id_rsa"
}
variable "awsKey" {
default = "terraformKeys.pem"
}
variable "user_names" {
description = "Create IAM users with these names"
type = list(string)
default = ["ansibleMaster"]
}
provider "aws" {
region = var.region
shared_credentials_file = "/home/userName/.aws/credentials"
profile = "default"
}
resource "aws_security_group" "port_22_ingress_globally_accessible" {
name = "port_22_ingress_globally_accessible"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "linux"{
count = length(var.user_names)
ami = lookup(var.ec2LinuxAmi,var.region)
instance_type = var.type
security_groups = [ "port_22_ingress_globally_accessible" ]
key_name = var.keyname
tags = {
Name = var.user_names[count.index]
}
provisioner "file" {
source = "foo"
destination = "/tmp/foo"
}
connection {
type = "ssh"
user = "ubuntu"
host = "self.public_ip"
port = 22
private_key = "${file("/home/userName/.ssh/id_rsa")}"
}
}
调试输出
2020/08/30 19:10:30 [WARN] Provider "registry.terraform.io/hashicorp/aws" produced an unexpected new value for aws_instance.linux[0],but we are tolerating it because it is using the legacy plugin SDK.
The following problems may be the cause of any confusing errors from downstream operations:
- .disable_api_termination: was null,but Now cty.False
- .ebs_optimized: was null,but Now cty.False
- .hibernation: was null,but Now cty.False
- .monitoring: was null,but Now cty.False
- .iam_instance_profile: was null,but Now cty.StringVal("")
- .credit_specification: block count changed from 0 to 1
2020/08/30 19:10:30 [TRACE] eval: *terraform.EvalMaybeTainted
2020/08/30 19:10:30 [TRACE] eval: *terraform.EvalWriteState
2020/08/30 19:10:30 [TRACE] EvalWriteState: recording 0 dependencies for aws_instance.linux[0]
2020/08/30 19:10:30 [TRACE] EvalWriteState: writing current state object for aws_instance.linux[0]
2020/08/30 19:10:30 [TRACE] eval: *terraform.EvalApplyProvisioners
2020/08/30 19:10:30 [TRACE] EvalApplyProvisioners: provisioning aws_instance.linux[0] with "file"
aws_instance.linux[0]: Provisioning with 'file'...
2020-08-30T19:10:30.228-0400 [DEBUG] plugin.terraform: file-provisioner (internal) 2020/08/30 19:10:30 using private key for authentication
2020-08-30T19:10:30.229-0400 [DEBUG] plugin.terraform: file-provisioner (internal) 2020/08/30 19:10:30 [DEBUG] Connecting to self.public_ip:22 for SSH
2020-08-30T19:10:30.248-0400 [DEBUG] plugin.terraform: file-provisioner (internal) 2020/08/30 19:10:30 [ERROR] connection error: dial tcp: lookup self.public_ip on 127.0.0.53:53: no such host
调试结束:
"Error: timeout - last error: SSH authentication Failed
(ubuntu@18.204.3.15:22): ssh: handshake Failed: ssh: unable to
authenticate,attempted methods [none publickey],no supported methods
remain".
解决方法
您的主机将只是一个字符串“ self.public_ip”:
host = "self.public_ip"
应该是:
host = self.public_ip
另外connection应该在provisioner块内:
provisioner "file" {
source = "foo"
destination = "/tmp/foo"
connection {
type = "ssh"
user = "ubuntu"
host = self.public_ip
port = 22
private_key = "${file("/home/userName/.ssh/id_rsa")}"
}
}
最后,未创建aws_key_pair资源。但这可能被排除在问题之外。