使用 Terraform random_id 创建多个资源未按预期工作
Posted
技术标签:
【中文标题】使用 Terraform random_id 创建多个资源未按预期工作【英文标题】:Using Terraform random_id to create multiple resources not working as expected 【发布时间】:2019-06-20 06:40:32 【问题描述】:我正在尝试结合使用 random_id 属性和 count 元属性来创建多个具有唯一名称的 Azure 存储帐户。
配置代码:
# Create storage accounts
resource "random_id" "storage_account_name_unique"
byte_length = 8
resource "azurerm_storage_account" "storage"
count = "$var.storage_account_count"
name = "tfsta$lower(random_id.storage_account_name_unique.hex)"
resource_group_name = "$azurerm_resource_group.rg.name"
location = "$azurerm_resource_group.rg.location"
account_kind = "StorageV2"
account_tier = "Standard"
access_tier = "Hot"
account_replication_type = "$var.account_replication_type"
network_rules
ip_rules = ["127.0.0.1"]
virtual_network_subnet_ids = ["$azurerm_subnet.subnet.id"]
tags = "$var.tags"
此代码的问题:
-
Terraform 仅生成一个 random_id,并将其用于在 terraform 应用操作期间创建的所有存储帐户实例。
Terraform 被“愚弄”,以为它创建了多个存储帐户,但只创建了一个存储帐户
选定的 Terraform 应用输出:
此输出显示 Terraform 认为它正在创建三个具有相同 random_id 的独立存储帐户。计划已成功应用,但在 Azure 中只创建了一个存储帐户。
random_id.storage_account_name_unique: Creating...
b64: "" => "<computed>"
b64_std: "" => "<computed>"
b64_url: "" => "<computed>"
byte_length: "" => "8"
dec: "" => "<computed>"
hex: "" => "<computed>"
random_id.storage_account_name_unique: Creation complete after 0s (ID: kYl9WvpTSso)
azurerm_storage_account.storage[2]: Creating...
access_tier: "" => "Hot"
account_encryption_source: "" => "Microsoft.Storage"
account_kind: "" => "StorageV2"
account_replication_type: "" => "LRS"
account_tier: "" => "Standard"
enable_blob_encryption: "" => "true"
enable_file_encryption: "" => "true"
identity.#: "" => "<computed>"
location: "" => "westus2"
name: "" => "tfsta91897d5afa534aca"
network_rules.#: "" => "1"
network_rules.0.bypass.#: "" => "<computed>"
network_rules.0.ip_rules.#: "" => "1"
network_rules.0.ip_rules.3619153832: "" => "127.0.0.1"
network_rules.0.virtual_network_subnet_ids.#: "" => "1"
network_rules.0.virtual_network_subnet_ids.3223410521: "" => "/subscriptions/f6d69ee2-34d5-4ca8-a143-7a2fc1aeca55/resourceGroups/hdi-dev-rg/providers/Microsoft.Network/virtualNetworks/hdi-dev-vnet/subnets/hdinsight"
primary_access_key: "<sensitive>" => "<sensitive>"
primary_blob_connection_string: "<sensitive>" => "<sensitive>"
primary_blob_endpoint: "" => "<computed>"
primary_connection_string: "<sensitive>" => "<sensitive>"
primary_file_endpoint: "" => "<computed>"
primary_location: "" => "<computed>"
primary_queue_endpoint: "" => "<computed>"
primary_table_endpoint: "" => "<computed>"
resource_group_name: "" => "hdi-dev-rg"
secondary_access_key: "<sensitive>" => "<sensitive>"
secondary_blob_connection_string: "<sensitive>" => "<sensitive>"
secondary_blob_endpoint: "" => "<computed>"
secondary_connection_string: "<sensitive>" => "<sensitive>"
secondary_location: "" => "<computed>"
secondary_queue_endpoint: "" => "<computed>"
secondary_table_endpoint: "" => "<computed>"
tags.%: "" => "3"
tags.costcenter: "" => "Unknown"
tags.environment: "" => "Dev"
tags.project: "" => "Unknown"
azurerm_storage_account.storage[1]: Creating...
access_tier: "" => "Hot"
account_encryption_source: "" => "Microsoft.Storage"
account_kind: "" => "StorageV2"
account_replication_type: "" => "LRS"
account_tier: "" => "Standard"
enable_blob_encryption: "" => "true"
enable_file_encryption: "" => "true"
identity.#: "" => "<computed>"
location: "" => "westus2"
name: "" => "tfsta91897d5afa534aca"
network_rules.#: "" => "1"
network_rules.0.bypass.#: "" => "<computed>"
network_rules.0.ip_rules.#: "" => "1"
network_rules.0.ip_rules.3619153832: "" => "127.0.0.1"
network_rules.0.virtual_network_subnet_ids.#: "" => "1"
network_rules.0.virtual_network_subnet_ids.3223410521: "" => "/subscriptions/f6d69ee2-34d5-4ca8-a143-7a2fc1aeca55/resourceGroups/hdi-dev-rg/providers/Microsoft.Network/virtualNetworks/hdi-dev-vnet/subnets/hdinsight"
primary_access_key: "<sensitive>" => "<sensitive>"
primary_blob_connection_string: "<sensitive>" => "<sensitive>"
primary_blob_endpoint: "" => "<computed>"
primary_connection_string: "<sensitive>" => "<sensitive>"
primary_file_endpoint: "" => "<computed>"
primary_location: "" => "<computed>"
primary_queue_endpoint: "" => "<computed>"
primary_table_endpoint: "" => "<computed>"
resource_group_name: "" => "hdi-dev-rg"
secondary_access_key: "<sensitive>" => "<sensitive>"
secondary_blob_connection_string: "<sensitive>" => "<sensitive>"
secondary_blob_endpoint: "" => "<computed>"
secondary_connection_string: "<sensitive>" => "<sensitive>"
secondary_location: "" => "<computed>"
secondary_queue_endpoint: "" => "<computed>"
secondary_table_endpoint: "" => "<computed>"
tags.%: "" => "3"
tags.costcenter: "" => "Unknown"
tags.environment: "" => "Dev"
tags.project: "" => "Unknown"
azurerm_storage_account.storage[0]: Creating...
access_tier: "" => "Hot"
account_encryption_source: "" => "Microsoft.Storage"
account_kind: "" => "StorageV2"
account_replication_type: "" => "LRS"
account_tier: "" => "Standard"
enable_blob_encryption: "" => "true"
enable_file_encryption: "" => "true"
identity.#: "" => "<computed>"
location: "" => "westus2"
name: "" => "tfsta91897d5afa534aca"
network_rules.#: "" => "1"
network_rules.0.bypass.#: "" => "<computed>"
network_rules.0.ip_rules.#: "" => "1"
network_rules.0.ip_rules.3619153832: "" => "127.0.0.1"
network_rules.0.virtual_network_subnet_ids.#: "" => "1"
network_rules.0.virtual_network_subnet_ids.3223410521: "" => "/subscriptions/f6d69ee2-34d5-4ca8-a143-7a2fc1aeca55/resourceGroups/hdi-dev-rg/providers/Microsoft.Network/virtualNetworks/hdi-dev-vnet/subnets/hdinsight"
primary_access_key: "<sensitive>" => "<sensitive>"
primary_blob_connection_string: "<sensitive>" => "<sensitive>"
primary_blob_endpoint: "" => "<computed>"
primary_connection_string: "<sensitive>" => "<sensitive>"
primary_file_endpoint: "" => "<computed>"
primary_location: "" => "<computed>"
primary_queue_endpoint: "" => "<computed>"
primary_table_endpoint: "" => "<computed>"
resource_group_name: "" => "hdi-dev-rg"
secondary_access_key: "<sensitive>" => "<sensitive>"
secondary_blob_connection_string: "<sensitive>" => "<sensitive>"
secondary_blob_endpoint: "" => "<computed>"
secondary_connection_string: "<sensitive>" => "<sensitive>"
secondary_location: "" => "<computed>"
secondary_queue_endpoint: "" => "<computed>"
secondary_table_endpoint: "" => "<computed>"
tags.%: "" => "3"
tags.costcenter: "" => "Unknown"
tags.environment: "" => "Dev"
tags.project: "" => "Unknown"
azurerm_storage_account.storage[0]: Creation complete after 21s (ID: /subscriptions/f6d69ee2-34d5-4ca8-a143-.../storageAccounts/tfsta91897d5afa534aca)
azurerm_storage_account.storage[2]: Creation complete after 22s (ID: /subscriptions/f6d69ee2-34d5-4ca8-a143-.../storageAccounts/tfsta91897d5afa534aca)
azurerm_storage_account.storage[1]: Creation complete after 23s (ID: /subscriptions/f6d69ee2-34d5-4ca8-a143-.../storageAccounts/tfsta91897d5afa534aca)
【问题讨论】:
【参考方案1】:您的问题是您使用了随机字符串,您只制作了一个字符串并在每个名称中重复使用相同的字符串。 如果您希望将随机字符串元素作为存储帐户名称的一部分,则需要多个随机字符串。下面的示例演示了在资源中使用和创建多个随机字符串。
resource "random_id" "storage_account_name_unique"
count = "$var.storage_account_count"
byte_length = 8
output "random"
value=["$random_id.storage_account_name_unique.*.hex"]
provider "random"
version="2.0"
resource "null_resource" "echo"
count = "$var.storage_account_count"
provisioner "local-exec"
command =
"echo $element(random_id.storage_account_name_unique.*.hex, count.index)"
这给了你:
null_resource.echo[0]: Creating...
null_resource.echo[1]: Creating...
null_resource.echo[0]: Provisioning with 'local-exec'...
null_resource.echo[1]: Provisioning with 'local-exec'...
null_resource.echo[1] (local-exec): Executing: ["cmd" "/C" "echo e5ddcf9fb82798f2"]
null_resource.echo[0] (local-exec): Executing: ["cmd" "/C" "echo ceb231a41c8cdb24"]
null_resource.echo[1] (local-exec): e5ddcf9fb82798f2
null_resource.echo[0] (local-exec): ceb231a41c8cdb24
null_resource.echo[1]: Creation complete after 0s (ID: 3289535031294242492)
null_resource.echo[0]: Creation complete after 0s (ID: 4611439113584915035)
Apply complete! Resources: 2 added, 0 changed, 0 destroyed.
Outputs:
random = [
ceb231a41c8cdb24,
e5ddcf9fb82798f2
]
【讨论】:
【参考方案2】:我认为无论使用 Terraform 还是 Azure REST API 创建存储帐户,问题都是一样的。它显示在Azure REST API - Create:
使用指定的异步创建一个新的存储帐户 参数。如果一个帐户已经创建并且随后创建 使用不同的属性发出请求,帐户属性 将会被更新。如果一个帐户已经创建并且后续 创建或更新请求使用完全相同的一组 属性,请求就会成功。
因此,当它创建第一个存储帐户时,操作照常进行。但是随后的同名创建将遵循上述规则。最后,仅使用一个名称保留一个存储帐户。如果要创建多个存储帐户,则应使用不同的名称。
【讨论】:
超级有用,解释了 Terraform 创建多个同名存储帐户的行为。 @RogerDoherty 所以你可以投票或将其标记为答案。以上是关于使用 Terraform random_id 创建多个资源未按预期工作的主要内容,如果未能解决你的问题,请参考以下文章
创建谷歌云存储桶并使用相同的 terraform 脚本将 terraform 状态保存到其中?