程序员经验分享-hwhale

Terraform - Azure 上的静态 IP 地址

2023-12-31

我们需要为通过 terraform 部署在 Azure 中的虚拟机配置静态私有 IP。原因是我们需要通过 ansible 管道在 Ansible 中使用这些。

我在这里找到的一个解决方案是首先创建一个具有“动态”地址的网卡,然后在 Terraform 的下一步中将其转换为“静态”IP。

# Create network interfaces with Private IP's
resource "azurerm_network_interface" "nic" {
  for_each = { for vm in var.vms : vm.hostname => vm }
  name                = "${each.value.hostname}-NIC"
  location            = var.network_location
  resource_group_name = var.vm_resource_group
  ip_configuration {
    name                          = "monitoringConfg"
    subnet_id                     = data.azurerm_subnet.vm_subnet.id
    private_ip_address_allocation = "dynamic"
  }
  tags = each.value.extra_tag
}

#Convert Dynamic Private IP's to Static
resource "azurerm_network_interface" "staticnic" {
  for_each = { for vm in var.vms : vm.hostname => vm }
  name                = "${each.value.hostname}-NIC"
  location            = var.network_location
  resource_group_name = var.vm_resource_group
  ip_configuration {
    name                          = "monitoringConfg"
    subnet_id                     = data.azurerm_subnet.vm_subnet.id
    private_ip_address_allocation = "static"
    private_ip_address            = azurerm_network_interface.nic[each.key].private_ip_address    
  }
  tags = each.value.extra_tag

但是当我运行这个时,我收到以下错误:

ID 为“/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxxxxxxxxxxxx/providers/Microsoft.Network/networkInterfaces/xxxxxxxxxxxxxxxxxx-NIC”的资源已存在 - 要通过 Terraform 进行管理,需要将此资源导入到国家。有关详细信息,请参阅“azurerm_network_interface”的资源文档。 在 ../../modules/main.tf 第 58 行,资源“azurerm_network_interface”“staticnic”中: 58:资源“azurerm_network_interface”“staticnic”{

有谁知道我做错了什么或有更好的方法来处理这个问题?

亲切的问候, RB


在网络接口连接到正在运行的虚拟机(或其他资源)之前,Azure 不会分配动态 IP 地址,参考this https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_interface#private_ip_address_allocation。所以我认为我们不能在虚拟机创建之前将动态IP转换为静态IP,因为该IP地址暂时不存在。

相反,我们可以通过分配该子网范围内的某些 IP 地址来直接将某些静态 IP 地址关联到 Azure VM。读私有IP https://learn.microsoft.com/en-us/azure/virtual-network/private-ip-addresses#allocation-method分配方法。

Azure 保留每个子网地址范围中的前四个地址。 无法将地址分配给资源。例如,如果 子网的地址范围是 10.0.0.0/16,地址 10.0.0.0-10.0.0.3 和 10.0.255.255 不可用。

例如,您可以参考此模板为虚拟机配置静态私有 IP:

variable "vmlist" {
  type = map(object({
    hostname = string
    IP_address = string
  }))
  default = {
    vm1 ={
    hostname = "vma"
    IP_address = "10.0.2.4"
    },
    vm2 = {
    hostname = "vmb"
    IP_address = "10.0.2.5"
    }
  }
}

#...

resource "azurerm_network_interface" "staticnic" {
  for_each = var.vmlist
  name                = "${each.value.hostname}-nic"
  location            = azurerm_resource_group.main.location
  resource_group_name = azurerm_resource_group.main.name

  ip_configuration {
    name                          = "testconfiguration1"
    subnet_id                     = azurerm_subnet.internal.id
    private_ip_address_allocation = "Static"
    private_ip_address            = each.value.IP_address
  }
}

 #...

resource "azurerm_virtual_machine" "main" {
  for_each = var.vmlist
  name                  = each.value.hostname
  location              = azurerm_resource_group.main.location
  resource_group_name   = azurerm_resource_group.main.name
  network_interface_ids = [azurerm_network_interface.staticnic[each.key].id]
  vm_size               = "Standard_DS1_v2"

  # Uncomment this line to delete the OS disk automatically when deleting the VM
  # delete_os_disk_on_termination = true

  # Uncomment this line to delete the data disks automatically when deleting the VM
  # delete_data_disks_on_termination = true

  storage_image_reference {
    publisher = "MicrosoftWindowsServer"
    offer     = "WindowsServer"
    sku       = "2016-Datacenter"
    version   = "latest"
  }

  storage_os_disk {
    name              = "${each.value.hostname}-osdisk"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
  }
  os_profile {
    computer_name  = each.value.hostname
    admin_username = "testadmin"
    admin_password = "Password1234!"
  }

   os_profile_windows_config {
    provision_vm_agent = "true"
  }

}

我在用

Terraform v0.14.7
+ provider registry.terraform.io/hashicorp/azurerm v2.52.0

Update

如果你想让Azure分配动态IP然后将其转换为静态IP,你可以使用本地执行供应者 https://www.terraform.io/docs/language/resources/provisioners/local-exec.html创建资源后调用本地可执行文件。

resource "null_resource" "example" {

  for_each = var.vmlist
    provisioner "local-exec" {

   command = <<EOT

      $Nic = Get-AzNetworkInterface -ResourceGroupName ${azurerm_resource_group.main.name} -Name ${azurerm_network_interface.nic[each.key].name}
      $Nic.IpConfigurations[0].PrivateIpAllocationMethod = "Static"
      Set-AzNetworkInterface -NetworkInterface $Nic
   EOT
   
   interpreter = ["PowerShell", "-Command"]
  
  }
}
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)

Azure

Ansible

Terraform

terraformproviderazure

Terraform - Azure 上的静态 IP 地址 的相关文章

随机推荐

热门标签