我正在尝试使用terraform创建azure vm . 但无法从terraform执行自定义数据 . Customdata.bin文件在服务器上创建 . 也尝试过配置资源,但没有运气 .
main.tf文件azure vm资源语法:
resource "azurerm_virtual_machine" "avmweb0" {
name = "${var.env}-${var.bu}-${var.company_name}-media-vm"
location = "${var.region}"
resource_group_name = "${module.network.resource-grp-name}"
network_interface_ids = ["${azurerm_network_interface.nicweb0.id}"]
vm_size = "${var.vm_size}"
storage_image_reference {
publisher = "${var.vm_publisher}"
offer = "${var.vm_offer}"
sku = "${var.vm_sku}"
version = "${var.vm_version}"
}
storage_os_disk {
name = "${var.env}-${var.bu}-${var.company_name}-media-osdisk"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "${var.env}-${var.vm_computer_name}"
admin_username = "${var.vm_admin_username}"
admin_password = "${var.vm_admin_password}"
custom_data = "${data.template_file.userdata.rendered}"
}
os_profile_windows_config{
winrm {
protocol="http"
}
}
/*
connection {
type = "winrm"
user = "${var.vm_admin_username}"
password = "${var.vm_admin_password}"
host = "${azurerm_public_ip.mediapubip.ip_address}"
port = 5985
https = false
insecure = true
timeout = "15m"
# cacert = ""
} */
/* provisioner "file" {
content = "${data.template_file.userdata.rendered}"
destination = "C:\\AzureData\\initdata.ps1"
connection {
type = "winrm"
user = "${var.vm_admin_username}"
password = "${var.vm_admin_password}"
}
}
provisioner "remote-exec" {
inline = [ "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File \"C:\\AzureData\\initdata.ps1\""]
} */
/* provisioner "file" {
content = "${data.template_file.userdata.rendered}"
destination = "C:\\AzureData\\initdata.ps1"
}
provisioner "local-exec" {
command = "powershell.exe -ExecutionPolicy RemoteSigned -File \"C:\\AzureData\\initdata.ps1\" -NoProfile -NonInteractive "
} */
tags {
Name = "${var.env}-${var.bu}-${var.company_name}-media"
BussinessUnit = "${var.bu}"
Environment = "${var.env}"
CompanyName = "${var.company_name}"
Application = "${var.appname}"
}
}
------------自定义数据文件---------------------------------
Set-ExecutionPolicy unrestricted
netsh advfirewall firewall add rule name="http" dir=in action=allow protocol=TCP localport=80
write-host "running init script"
if(!(test-path -Path "c:\temp"))
{
New-Item -ItemType directory -Path "C:\temp"
write-host "created temp directory"
}
$client = new-object System.Net.WebClient
$client.DownloadFile("https://downloads.puppetlabs.com/windows/puppet5/puppet-agent-5.0.0-x64.msi","c:\temp\puppet.msi")
cd "c:\temp"
pwd
echo "`nx.x.x.x puppet" | Out-File -FilePath "C:\Windows\System32\drivers\etc\hosts" -Append -Encoding ascii
msiexec /qn /norestart /i "c:\temp\puppet.msi"
if(test-path -path "C:\ProgramData\PuppetLabs\facter\facts.d")
{
echo "`nhello" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Encoding ascii
echo "`nconsolename : ${consolename}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`nbu : ${bu}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`nenv : ${env}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`ncompany_name : ${company_name}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`napplication : ${application}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
echo "`nservertype : ${servertype}" | Out-File -FilePath "C:\ProgramData\PuppetLabs\facter\facts.d\facts.yaml" -Append -Encoding ascii
}
使用供应商资源时出错:发生1个错误:
-
azurerm_virtual_machine.avmweb0:发生了1个错误:
-
未知错误发布http://x.x.x.x:5985/wsman:拨打tcp x.x.x.x:5985:connectex:连接尝试失败,因为连接方在一段时间后没有正确响应,或者由于连接主机无法响应而 Build 连接失败 .
Terraform在面对错误时不会自动回滚 . 相反,您的Terraform状态文件已使用成功完成的任何资源进行了部分更新 . 请解决上述错误并再次申请逐步更改您的基础架构 . [0m [0m
代码:
resource "azurerm_virtual_machine_extension" "avmme0" {
name = "${var.env}-${var.vm_computer_name}-config"
location = "West US"
resource_group_name = "${module.network.resource-grp-name}"
virtual_machine_name = "${azurerm_virtual_machine.avmweb0.name}"
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.8"
settings = <<SETTINGS
{
"fileUris": ["https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1"],
"commandToExecute": "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File userdata.ps1"
}
SETTINGS
tags {
Name = "${var.env}-${var.bu}-${var.company_name}-media"
BussinessUnit = "${var.bu}"
Environment = "${var.env}"
CompanyName = "${var.company_name}"
Application = "${var.appname}"
}
}
错误:[0m [1mazurerm_virtual_machine_extension.avmme0:仍然在创建......(经过25分20秒)[0m [0m [31mError应用计划:
发生1个错误:
-
azurerm_virtual_machine_extension.avmme0:发生1个错误:
-
azurerm_virtual_machine_extension.avmme0:compute.VirtualMachineExtensionsClient#CreateOrUpdate:发送请求失败:StatusCode = 200 - 原始错误:长时间运行的操作终止,状态为“Failed”:Code =“VMAgentStatusCommunicationError”Message =“VM'dev-it-mactores-media -vm'尚未报告VM代理或扩展的状态 . 请验证VM是否有正在运行的VM代理,并且可以 Build 到Azure存储的出站连接 .
我可以使用以下命令从服务器下载:$ client = new-object System.Net.WebClient $ client.DownloadFile(“https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1 "," c:\ temp \ userdata.ps1”)
入站和出站规则对5985开放 .
Tf var file details :
region ="West US"
storage_account_type =""
vm.size ="Standard_DS1_v2"
location ="West US"
appname ="xxx"
bu ="it"
company_name ="xxxx"
env ="dev"
tenant_id =""
client_secret =""
client_id =""
storage_account_type ="Standard_LRS"
vm_size = "Standard_DS1_v2"
vm_publisher = "MicrosoftWindowsServer"
vm_offer = "WindowsServer"
vm_sku = "2012-R2-Datacenter"
vm_version = "latest"
vm_computer_name = "web-media"
vm_admin_username = "xxxx"
vm_admin_password = "xxxx"
1 回答
错误日志的原因是您不在Azure NSG上打开端口5985 . 因此,您的脚本无法连接到Azure VM . 对于Azure VM,我建议您使用Custom Script Extension而不是
winrm您的VM .Terraform还支持自定义脚本扩展 . 请参考这个link . 根据您的方案,我建议您将自定义数据保存为ps1文件,并将其上传到GitHub或Azure存储帐户 . 你可以参考我的answer . Windows自定义脚本扩展应使用如下所示:
你可以查看我的vm.tf .