无法从 terraform 在 azure VM 中执行自定义数据 [英] Unable to execute custom data in azure VM from terraform
问题描述
我正在尝试使用 terraform 创建 azure vm.但无法从 terraform 执行自定义数据.在服务器上创建 Customdata.bin 文件.也尝试了供应商资源,但没有运气.
I'm trying to create azure vm using terraform . But unable to execute custom data from terraform. Customdata.bin file is created on server . Also tried provisioner resource but no luck .
main.tf 文件 azure vm 资源语法:
main.tf file azure vm resource syntax :
resource "azurerm_virtual_machine" "avmweb0" {
name = "${var.env}-${var.bu}-${var.company_name}-media-vm"
location = "${var.region}"
resource_group_name = "${module.network.resource-grp-name}"
network_interface_ids = ["${azurerm_network_interface.nicweb0.id}"]
vm_size = "${var.vm_size}"
storage_image_reference {
publisher = "${var.vm_publisher}"
offer = "${var.vm_offer}"
sku = "${var.vm_sku}"
version = "${var.vm_version}"
}
storage_os_disk {
name = "${var.env}-${var.bu}-${var.company_name}-media-osdisk"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "${var.env}-${var.vm_computer_name}"
admin_username = "${var.vm_admin_username}"
admin_password = "${var.vm_admin_password}"
custom_data = "${data.template_file.userdata.rendered}"
}
os_profile_windows_config{
winrm {
protocol="http"
}
}
/*
connection {
type = "winrm"
user = "${var.vm_admin_username}"
password = "${var.vm_admin_password}"
host = "${azurerm_public_ip.mediapubip.ip_address}"
port = 5985
https = false
insecure = true
timeout = "15m"
# cacert = ""
} */
/* provisioner "file" {
content = "${data.template_file.userdata.rendered}"
destination = "C:\AzureData\initdata.ps1"
connection {
type = "winrm"
user = "${var.vm_admin_username}"
password = "${var.vm_admin_password}"
}
}
provisioner "remote-exec" {
inline = [ "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File "C:\AzureData\initdata.ps1""]
} */
/* provisioner "file" {
content = "${data.template_file.userdata.rendered}"
destination = "C:\AzureData\initdata.ps1"
}
provisioner "local-exec" {
command = "powershell.exe -ExecutionPolicy RemoteSigned -File "C:\AzureData\initdata.ps1" -NoProfile -NonInteractive "
} */
tags {
Name = "${var.env}-${var.bu}-${var.company_name}-media"
BussinessUnit = "${var.bu}"
Environment = "${var.env}"
CompanyName = "${var.company_name}"
Application = "${var.appname}"
}
}
------------自定义数据文件---------------------------------
------------custom data file ---------------------------------
Set-ExecutionPolicy unrestricted
netsh advfirewall firewall add rule name="http" dir=in action=allow protocol=TCP localport=80
write-host "running init script"
if(!(test-path -Path "c: emp"))
{
New-Item -ItemType directory -Path "C: emp"
write-host "created temp directory"
}
$client = new-object System.Net.WebClient
$client.DownloadFile("https://downloads.puppetlabs.com/windows/puppet5/puppet-agent-5.0.0-x64.msi","c: emppuppet.msi")
cd "c: emp"
pwd
echo "`nx.x.x.x puppet" | Out-File -FilePath "C:WindowsSystem32driversetchosts" -Append -Encoding ascii
msiexec /qn /norestart /i "c: emppuppet.msi"
if(test-path -path "C:ProgramDataPuppetLabsfacterfacts.d")
{
echo "`nhello" | Out-File -FilePath "C:ProgramDataPuppetLabsfacterfacts.dfacts.yaml" -Encoding ascii
echo "`nconsolename : ${consolename}" | Out-File -FilePath "C:ProgramDataPuppetLabsfacterfacts.dfacts.yaml" -Append -Encoding ascii
echo "`nbu : ${bu}" | Out-File -FilePath "C:ProgramDataPuppetLabsfacterfacts.dfacts.yaml" -Append -Encoding ascii
echo "`nenv : ${env}" | Out-File -FilePath "C:ProgramDataPuppetLabsfacterfacts.dfacts.yaml" -Append -Encoding ascii
echo "`ncompany_name : ${company_name}" | Out-File -FilePath "C:ProgramDataPuppetLabsfacterfacts.dfacts.yaml" -Append -Encoding ascii
echo "`napplication : ${application}" | Out-File -FilePath "C:ProgramDataPuppetLabsfacterfacts.dfacts.yaml" -Append -Encoding ascii
echo "`nservertype : ${servertype}" | Out-File -FilePath "C:ProgramDataPuppetLabsfacterfacts.dfacts.yaml" -Append -Encoding ascii
}
使用供应商资源时出错:发生 1 个错误:
Error when using provisioner resource : 1 error(s) occurred:
azurerm_virtual_machine.avmweb0:发生 1 个错误:
azurerm_virtual_machine.avmweb0: 1 error(s) occurred:
未知错误 Post http://xxxx:5985/wsman: dial tcp xxxx:5985: connectex: 连接尝试失败,因为连接的一方在一段时间后没有正确响应,或者连接的主机没有响应,建立连接失败.
unknown error Post http://x.x.x.x:5985/wsman: dial tcp x.x.x.x:5985: connectex: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Terraform 在遇到错误时不会自动回滚.相反,您的 Terraform 状态文件已部分更新为任何成功完成的资源.请解决错误并再次申请以逐步更改您的基础架构.[0m[0m
Terraform does not automatically rollback in the face of errors. Instead, your Terraform state file has been partially updated with any resources that successfully completed. Please address the error above and apply again to incrementally change your infrastructure.[0m[0m
代码:
resource "azurerm_virtual_machine_extension" "avmme0" {
name = "${var.env}-${var.vm_computer_name}-config"
location = "West US"
resource_group_name = "${module.network.resource-grp-name}"
virtual_machine_name = "${azurerm_virtual_machine.avmweb0.name}"
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.8"
settings = <<SETTINGS
{
"fileUris": ["https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1"],
"commandToExecute": "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File userdata.ps1"
}
SETTINGS
tags {
Name = "${var.env}-${var.bu}-${var.company_name}-media"
BussinessUnit = "${var.bu}"
Environment = "${var.env}"
CompanyName = "${var.company_name}"
Application = "${var.appname}"
}
}
错误:[0m[1mazurerm_virtual_machine_extension.avmme0:仍在创建...(经过 25m20s)[0m[0m[31mError应用计划:
error : [0m[1mazurerm_virtual_machine_extension.avmme0: Still creating... (25m20s elapsed)[0m[0m [31mError applying plan:
发生了 1 个错误:
azurerm_virtual_machine_extension.avmme0:发生 1 个错误:
azurerm_virtual_machine_extension.avmme0: 1 error(s) occurred:
azurerm_virtual_machine_extension.avmme0:compute.VirtualMachineExtensionsClient#CreateOrUpdate:发送请求失败:StatusCode=200 - 原始错误:长时间运行的操作以状态失败"终止:代码=VMAgentStatusCommunicationError"消息=VM 'dev-it-mactores-media-vm' 没有报告 VM 代理或扩展的状态.请验证 VM 是否有正在运行的 VM 代理,并且可以建立到 Azure 存储的出站连接."
azurerm_virtual_machine_extension.avmme0: compute.VirtualMachineExtensionsClient#CreateOrUpdate: Failure sending request: StatusCode=200 -- Original Error: Long running operation terminated with status 'Failed': Code="VMAgentStatusCommunicationError" Message="VM 'dev-it-mactores-media-vm' has not reported status for VM agent or extensions. Please verify the VM has a running VM agent, and can establish outbound connections to Azure storage."
我可以使用以下命令从服务器下载:$client = 新对象 System.Net.WebClient$client.DownloadFile("https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1","c: empuserdata.ps1")
I'm able to download from server with below commands : $client = new-object System.Net.WebClient $client.DownloadFile("https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1","c: empuserdata.ps1")
对 5985 开放入站和出站规则.
Inbound and outbound rule is open for 5985 .
Tf var file details :
region ="West US"
storage_account_type =""
vm.size ="Standard_DS1_v2"
location ="West US"
appname ="xxx"
bu ="it"
company_name ="xxxx"
env ="dev"
tenant_id =""
client_secret =""
client_id =""
storage_account_type ="Standard_LRS"
vm_size = "Standard_DS1_v2"
vm_publisher = "MicrosoftWindowsServer"
vm_offer = "WindowsServer"
vm_sku = "2012-R2-Datacenter"
vm_version = "latest"
vm_computer_name = "web-media"
vm_admin_username = "xxxx"
vm_admin_password = "xxxx"
推荐答案
错误日志的原因是你没有在 Azure NSG 上打开 5985 端口.因此,您的脚本无法连接到 Azure VM.对于 Azure VM,我建议您可以使用 自定义脚本扩展而不是winrm你的VM.
The reason for the error log is you don't open port 5985 on Azure NSG. So, your script could not connect to Azure VM. For a Azure VM, I suggest you could use Custom Script Extension instead winrm your VM.
自定义脚本扩展在 Azure 上下载和执行脚本虚拟机.此扩展对后期部署很有用配置、软件安装或任何其他配置/管理任务.
The Custom Script Extension downloads and executes scripts on Azure virtual machines. This extension is useful for post deployment configuration, software installation, or any other configuration / management task.
Terraform 还支持自定义脚本扩展.请参考此链接.根据您的情况,我建议您将自定义数据保存为 ps1 文件,然后将其上传到 GitHub 或 Azure 存储帐户.您可以参考我的答案.Windows 自定义脚本扩展应使用如下:
Terraform also support custom script extension. Please refer to this link. According to your scenario, I suggest you save your custom data as a ps1 file and upload it to GitHub or Azure storage account. You could refer to my answer. Windows Custom Script extension should use like below:
resource "azurerm_virtual_machine_extension" "test" {
name = "hostname"
location = "West US"
resource_group_name = "${azurerm_resource_group.test.name}"
virtual_machine_name = "${azurerm_virtual_machine.test.name}"
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.8"
settings = <<SETTINGS
{
"fileUris": ["https://raw.githubusercontent.com/saveshnshetty/devops/master/userdata.ps1"],
"commandToExecute": "powershell.exe -ExecutionPolicy unrestricted -NoProfile -NonInteractive -File userdata.ps1"
}
SETTINGS
你可以查看我的vm.tf.
这篇关于无法从 terraform 在 azure VM 中执行自定义数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
