堆棧內存溢出
  簡體   English   中英

Terraform 在公共負載均衡器后面配置 azure windows vmss

[英]Terraform provisioning azure windows vmss behind a public load balancer

 原文  2022-07-24 15:05:19       azure/ iis/ terraform-provider-azure

問題描述

我正在嘗試創建一個安裝了 iis 的簡單 windows vmss,它顯示計算機名稱。 由於某種原因,我的腳本沒有運行,公共 IP 地址不起作用。 有人可以告訴我我哪里出錯了嗎?

代碼:

terraform {
  required_version = ">= 0.13"
}

provider "azurerm" {
  features {}
}

variable "admin_username" {
  sensitive = true
  

}

variable "admin_password" {
  sensitive = true
  

}

resource "azurerm_resource_group" "rg1" {
  name     = "rg2"
  location = "uksouth"

}

resource "azurerm_virtual_network" "vn" {
  name                = "vn-vmss"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.rg1.location
  resource_group_name = azurerm_resource_group.rg1.name

}

resource "azurerm_subnet" "subnet1" {
  name                 = "subnet-vmss"
  resource_group_name  = azurerm_resource_group.rg1.name
  virtual_network_name = azurerm_virtual_network.vn.name
  address_prefixes     = ["10.0.1.0/24"]

}

resource "azurerm_public_ip" "vmss-pip" {
  name                = "vmss-pip"
  location            = azurerm_resource_group.rg1.location
  resource_group_name = azurerm_resource_group.rg1.name
  allocation_method   = "Static"
  sku = "Standard"
  domain_name_label = "vmss10101"


  tags = {
    "app" = "scale-set"
    "env" = "dev"
  }

}

resource "azurerm_network_interface" "nic" {
  name                = "vmss-nic"
  location            = azurerm_resource_group.rg1.location
  resource_group_name = azurerm_resource_group.rg1.name

  ip_configuration {
    name                          = "public"
    subnet_id                     = azurerm_subnet.subnet1.id
    private_ip_address_allocation = "Dynamic"
    
    
  }

}

resource "azurerm_network_security_group" "nsg1" {
  name                = "nsg1"
  resource_group_name = azurerm_resource_group.rg1.name
  location            = azurerm_resource_group.rg1.location
  security_rule {
    name                       = "allow-rdp"
    description                = "allow-rdp"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "3389"
    source_address_prefix      = "Internet"
    destination_address_prefix = "*"
  }
  security_rule {
    name                       = "allow-http"
    description                = "allow-http"
    priority                   = 110
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "80"
    source_address_prefix      = "Internet"
    destination_address_prefix = "*"
  }

}
resource "azurerm_subnet_network_security_group_association" "nsg-assoc" {
  depends_on = [
    azurerm_network_security_group.nsg1
  ]
  subnet_id                 = azurerm_subnet.subnet1.id
  network_security_group_id = azurerm_network_security_group.nsg1.id

}

resource "azurerm_lb" "vmss_lb" {
    name = "vmss_lb"
    location = azurerm_resource_group.rg1.location
    resource_group_name = azurerm_resource_group.rg1.name
    sku = "Standard"
    
    
    frontend_ip_configuration {
      name = "PublicIP"
      public_ip_address_id = azurerm_public_ip.vmss-pip.id
      #zones = ["1","3"]
    }     
}

resource "azurerm_lb_backend_address_pool" "backend" {
    name = "backend"
    loadbalancer_id = azurerm_lb.vmss_lb.id
    
     
}

resource "azurerm_lb_probe" "http_probe" {
    name = "http_probe"
    protocol = "Tcp"
    port = 80
    loadbalancer_id = azurerm_lb.vmss_lb.id
  
}

resource "azurerm_lb_rule" "lb_rule" {
    name = "lb_rule"
    loadbalancer_id = azurerm_lb.vmss_lb.id
    protocol = "Tcp"
    frontend_port = 80
    backend_port = 80
    frontend_ip_configuration_name = "PublicIP"
  
}

resource "azurerm_windows_virtual_machine_scale_set" "vmss" {
   
  name                = "vmss"
  resource_group_name = azurerm_resource_group.rg1.name
  location            = azurerm_resource_group.rg1.location
  sku                 = "Standard_F2"
  instances           = 2
  admin_password      = var.admin_password
  admin_username      = var.admin_username
  

  source_image_reference {
    publisher = "MicrosoftWindowsServer"
    offer     = "WindowsServer"
    sku       = "2016-Datacenter"
    version   = "latest"
  }

  os_disk {
    storage_account_type = "Standard_LRS"
    caching              = "ReadWrite"
  }

  network_interface {
    name    = "example"
    primary = true

    ip_configuration {
      name      = "internal"
      primary   = true
      subnet_id = azurerm_subnet.subnet1.id
      load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.backend.id]
      
    }
  }
}


resource "azurerm_virtual_machine_scale_set_extension" "iis_vmss_extension" {
    name = "iis_vmss_ext"
    virtual_machine_scale_set_id = azurerm_windows_virtual_machine_scale_set.vmss.id
    publisher            = "Microsoft.Compute"
    type                 = "CustomScriptExtension"
    type_handler_version = "1.9"
    protected_settings = <<SETTINGS
  {
    "commandToExecute": "powershell -command \"[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('${base64encode(data.template_file.tf.rendered)}')) | Out-File -filepath iis.ps1\" && powershell -ExecutionPolicy Unrestricted -File iis.ps1"
  }
  SETTINGS
}


data "template_file" "tf" {
    template = "${file("iis.ps1")}"
}

iis.ps1

安裝-WindowsFeature -name Web-Server -IncludeManagementTools Add-Content -Path "C:\inetpub\wwwroot\Default.htm" -Value $($env:computername)

1 個解決方案

解決方案1
 0  2022-07-25 07:10:30

我們已經在本地嘗試過同樣的方法,在對您的代碼進行一些修改后它工作正常

PowerShell 腳本需要在設置中執行,這是區分大小寫的,我們需要正確使用它。 我試圖直接執行 PowerShell 命令,而不參考 iis.ps1 或任何變量。

在測試擴展已成功安裝我們在 VMSS 中提供的圖像后

您可以嘗試以下方法; main.tf

terraform {
  required_version = ">= 0.13"
}

provider "azurerm" {
  features {}
}


resource "azurerm_resource_group" "rg1" {
  name     = "rg2"
  location = "westus2"

}

resource "azurerm_virtual_network" "vn" {
  name                = "vn-vmss"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.rg1.location
  resource_group_name = azurerm_resource_group.rg1.name

}

resource "azurerm_subnet" "subnet1" {
  name                 = "subnet-vmss"
  resource_group_name  = azurerm_resource_group.rg1.name
  virtual_network_name = azurerm_virtual_network.vn.name
  address_prefixes     = ["10.0.1.0/24"]

}

resource "azurerm_public_ip" "vmss-pip" {
  name                = "vmss-pip"
  location            = azurerm_resource_group.rg1.location
  resource_group_name = azurerm_resource_group.rg1.name
  allocation_method   = "Static"
  sku = "Standard"
  domain_name_label = "vmss10101"


  tags = {
    "app" = "scale-set"
    "env" = "dev"
  }

}

resource "azurerm_network_interface" "nic" {
  name                = "vmss-nic"
  location            = azurerm_resource_group.rg1.location
  resource_group_name = azurerm_resource_group.rg1.name

  ip_configuration {
    name                          = "public"
    subnet_id                     = azurerm_subnet.subnet1.id
    private_ip_address_allocation = "Dynamic"
    
    
  }

}

resource "azurerm_network_security_group" "nsg1" {
  name                = "nsg1"
  resource_group_name = azurerm_resource_group.rg1.name
  location            = azurerm_resource_group.rg1.location
  security_rule {
    name                       = "allow-rdp"
    description                = "allow-rdp"
    priority                   = 100
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "3389"
    source_address_prefix      = "Internet"
    destination_address_prefix = "*"
  }
  security_rule {
    name                       = "allow-http"
    description                = "allow-http"
    priority                   = 110
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "80"
    source_address_prefix      = "Internet"
    destination_address_prefix = "*"
  }

}
resource "azurerm_subnet_network_security_group_association" "nsg-assoc" {
  depends_on = [
    azurerm_network_security_group.nsg1
  ]
  subnet_id                 = azurerm_subnet.subnet1.id
  network_security_group_id = azurerm_network_security_group.nsg1.id

}

resource "azurerm_lb" "vmss_lb" {
    name = "vmss_lb"
    location = azurerm_resource_group.rg1.location
    resource_group_name = azurerm_resource_group.rg1.name
    sku = "Standard"
    
    
    frontend_ip_configuration {
      name = "PublicIP"
      public_ip_address_id = azurerm_public_ip.vmss-pip.id
      #zones = ["1","3"]
    }     
}

resource "azurerm_lb_backend_address_pool" "backend" {
    name = "backend"
    loadbalancer_id = azurerm_lb.vmss_lb.id
    
     
}

resource "azurerm_lb_probe" "http_probe" {
    name = "http_probe"
    protocol = "Tcp"
    port = 80
    loadbalancer_id = azurerm_lb.vmss_lb.id
  
}

resource "azurerm_lb_rule" "lb_rule" {
    name = "lb_rule"
    loadbalancer_id = azurerm_lb.vmss_lb.id
    protocol = "Tcp"
    frontend_port = 80
    backend_port = 80
    frontend_ip_configuration_name = "PublicIP"
  
}

resource "azurerm_windows_virtual_machine_scale_set" "vmss" {
   
  name                = "vmss"
  resource_group_name = azurerm_resource_group.rg1.name
  location            = azurerm_resource_group.rg1.location
  sku                 = "Standard_F2"
  instances           = 2
  admin_password      = "Pxxxxx123!"
  admin_username      = "adminUsername"

  

  source_image_reference {
    publisher = "MicrosoftWindowsServer"
    offer     = "WindowsServer"
    sku       = "2016-Datacenter"
    version   = "latest"
  }

  os_disk {
    storage_account_type = "Standard_LRS"
    caching              = "ReadWrite"
  }

  network_interface {
    name    = "example"
    primary = true

    ip_configuration {
      name      = "internal"
      primary   = true
      subnet_id = azurerm_subnet.subnet1.id
      load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.backend.id]
      
    }
  }
}


resource "azurerm_virtual_machine_scale_set_extension" "iis_vmss_extension" {
    name = "iis_vmss_ext"
    virtual_machine_scale_set_id = azurerm_windows_virtual_machine_scale_set.vmss.id
    publisher            = "Microsoft.Compute"
    type                 = "CustomScriptExtension"
    type_handler_version = "1.9"
  settings = <<SETTINGS
    {
        "commandToExecute": "powershell -ExecutionPolicy Unrestricted Install-WindowsFeature -Name Web-Server -IncludeAllSubFeature -IncludeManagementTools"
    }
SETTINGS
}

#data "template_file" "tf" {
#    template = "${file("iis.ps1")}"
#}

OUTPUT 屏幕截圖供參考:- 在此處輸入圖像描述 在此處輸入圖像描述

在此處輸入圖像描述

在此處輸入圖像描述 在此處輸入圖像描述

有關更多信息,請參閱此博客| 使用 @Facundo Gauna的 Terraform 在 Azure VM 上安裝 IIS。

解決方案2
 0  2022-07-26 16:47:06

我復制了代碼,我所做的唯一更改是區域。 我可以從您的屏幕截圖中看到擴展名。 當您訪問公共 IP 時,您是否看到了 IIS 頁面?

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 單個Azure負載均衡器后面有多個VMS 沒有負載均衡器的 Azure vmss 天藍色公共負載均衡器后面的彈性搜索集群 Microsoft Azure-面向公共負載均衡器的2個VM Terraform 銷毀 azure 負載均衡器 Terraform私有Azure負載均衡器問題 Terraform Azure AKS 內部負載均衡器 如何將多個 Azure VMSS 添加到一個基本層 Azure 負載均衡器? Azure VMSS 無公共 ip Azure公共負載平衡器和內部負載平衡器之間的性能差異
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM