gpt4 book ai didi

Azure 独立应用服务环境无法使用 Terraform 创建,错误代码为 "An error has occurred."

转载 作者:行者123 更新时间:2023-12-03 03:47:50 30 4
gpt4 key购买 nike

我正在尝试使用 Terraform 在 Azure 中创建独立的应用服务环境 (ASE)。我已经成功了一次并且有一个 ASE 正在运行。尝试在同一订阅中但在单独的资源组中创建第二个 ASE 失败。唯一可用的错误消息是“发生错误”。 Azure 监控中的调查显示,通过 ARM 模板传递的创建请求在创建 ASE 的过程中遇到了 500 错误(内部服务器错误)。但是,日志消息中没有提供任何详细信息来指示 Azure 在何处/何时/如何遇到 500 错误。

环境:

  • azure cli (2.26.1)
  • 地形 (0.14.11)
  • hashicorp/azurerm 提供商 (2.67.0)

详细信息

我正在为我的项目创建多个环境:开发、测试和登台。它们各自位于同一 Azure 订阅内的不同资源组中。我的 terraform 中的所有资源都是使用环境/资源组特有的名称构建的。预期的生命周期是将基础架构更改部署到开发,然后测试,然后登台(最终在单独的订阅中部署到生产环境)。初始配置和部署到开发已成功。尝试部署到测试,或部署不同的 ASE 到开发,完全失败,反馈很少。

原始的开发 ASE 是 v1 ASE。我尝试使用相同的 terraform 代码在测试中创建第二个 ASE。我还尝试在 dev 中创建 v3 ASE(因为 v3 会更便宜)。如果 v3 ASE 部署成功,我将在开发中切换到它,并将其用作测试和阶段的基础,而不是 v1 ASE。无论我尝试将 v1 ASE 部署到单独的资源组,还是尝试将 v3 ASE 部署到与 v1 ASE 相同的资源组,我都会收到相同的错误。

这是 v1 ASE 的 Terraform,包括将托管它的子网:

resource "azurerm_subnet" "subnet" {
name = "${local.prefix}-subnet"
resource_group_name = var.resource_group_name
virtual_network_name = var.vnet_name
address_prefixes = var.cidrs
enforce_private_link_endpoint_network_policies = var.enforce_private_link_endpoint_network_policies
enforce_private_link_service_network_policies = var.enforce_private_link_service_network_policies

dynamic "delegation" {
for_each = var.delegations

content {
name = "${local.prefix}-delegation-${delegation.key}"
service_delegation {
name = delegation.value.name
actions = delegation.value.actions
}
}
}

// List of Service endpoints to associate with the subnet.
service_endpoints = var.service_endpoints
}

resource "azurerm_network_security_group" "nsg" {
name = "${local.prefix}-nsg"
location = var.resource_group_location
resource_group_name = var.resource_group_name

tags = merge(map("Name", "${local.prefix}-nsg"), local.tags)
}

resource "azurerm_subnet_network_security_group_association" "nsg_assoc" {
subnet_id = azurerm_subnet.subnet.id
network_security_group_id = azurerm_network_security_group.nsg.id
}

resource "azurerm_network_security_rule" "ase_mgmt" {
name = "${local.prefix}-ase-mgmt"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "*"
source_port_range = "*"
source_address_prefix = "AppServiceManagement"
destination_port_range = "454-455"
destination_address_prefix = var.subnet_cidr
resource_group_name = var.resource_group_name
network_security_group_name = azurerm_network_security_group.nsg.name
}

resource "azurerm_network_security_rule" "ingress" {
for_each = {
for idx, cidr in var.ingress_cidrs : idx => cidr
}

name = "${local.prefix}-ingress-${each.key}"
priority = 200 + each.key
direction = "Inbound"
access = "Allow"
protocol = "*"
source_port_range = "*"
source_address_prefix = each.value
destination_port_range = "*"
destination_address_prefix = var.subnet_cidr
resource_group_name = var.resource_group_name
network_security_group_name = azurerm_network_security_group.nsg.name
}

resource "azurerm_app_service_environment" "env" {
name = "${local.prefix}-ase"
subnet_id = azurerm_subnet.subnet.id
pricing_tier = var.pricing_tier
front_end_scale_factor = var.front_scale_factor
internal_load_balancing_mode = "Web, Publishing"
allowed_user_ip_cidrs = var.allowed_user_ip_cidrs

cluster_setting {
name = "DisableTls1.0"
value = "1"
}

depends_on = [
azurerm_network_security_rule.ase_mgmt
]
}

v3 ASE 的配置相同,但 azurerm_app_service_environment.env 除外,它替换为:

resource "azurerm_app_service_environment_v3" "env" {
name = "${local.prefix}-ase-v3"
resource_group_name = var.resource_group_name
subnet_id = azurerm_subnet.subnet.id

cluster_setting {
name = "DisableTls1.0"
value = "1"
}

depends_on = [
azurerm_network_security_rule.ase_mgmt
]
}

结果

  1. Terraform 生成此 ARM 请求(标识符已被编辑):
2021/07/19 09:07:44 [TRACE] dag/walk: vertex "root" is waiting for "meta.count-boundary (EachMode fixup)"
2021-07-19T09:07:45.121-0700 [DEBUG] plugin.terraform-provider-azurerm_v2.67.0_x5: AzureRM Request:
PUT /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxxxxx-dev-rg/providers/Microsoft.Web/hostingEnvironments/xxxxxxxx-dev-ase-v3?api-version=2020-06-01 HTTP/1.1
Host: management.azure.com
User-Agent: Go/go1.16.3 (amd64-darwin) go-autorest/v14.2.1 Azure-SDK-For-Go/v55.4.0 web/2020-06-01 HashiCorp Terraform/0.14.11 (+https://www.terraform.io) Terraform Plugin SDK/2.7.0 terraform-provider-azurerm/2.67.0 pid-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Content-Length: 382
Content-Type: application/json; charset=utf-8
X-Ms-Correlation-Request-Id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
Accept-Encoding: gzip

{
"kind":"ASEV3",
"location":"centralus",
"properties":
{
"clusterSettings":[{
"name":"DisableTls1.0",
"value":"1"
}],
"name":"xxxxxxxx-dev-ase-v3",
"virtualNetwork":{
"id":"/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxxxxx-dev-rg/providers/Microsoft.Network/virtualNetworks/xxxxxxxx-dev-vnet/subnets/xxxxxxxx-dev-ase-v3-ase-subnet",
"subnet":"xxxxxxxx-dev-ase-v3-ase-subnet"
}
},
"tags":{}
}
  • Terraform 最终报告的错误在调试输出中如下所示:
  • 2021/07/19 09:13:53 [DEBUG] azurerm_app_service_environment_v3.env: apply errored, but we're indicating that via the Error pointer rather than returning it: creating App Service Environment: (Hosting Environment Name "xxxxxxxx-dev-ase-v3" / Resource Group "xxxxxxxx-dev-rg"): web.AppServiceEnvironmentsClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="Failed" Message="The async operation failed." AdditionalInfo=[{"Message":"An error has occurred."}]: creating App Service Environment: (Hosting Environment Name "xxxxxxxx-dev-ase-v3" / Resource Group "xxxxxxxx-dev-rg"): web.AppServiceEnvironmentsClient#CreateOrUpdate: Failure sending request: StatusCode=0 -- Original Error: Code="Failed" Message="The async operation failed." AdditionalInfo=[{"Message":"An error has occurred."}]
  • 查看 Azure Monitor 中的日志时,我发现了类似的模糊错误消息。该消息摘要为 InternalServerError。此处包含 JSON 详细信息以供引用:
  • {
    "authorization": {
    "action": "Microsoft.Web/hostingEnvironments/write",
    "scope": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/xxxxxxxx-dev-rg/providers/Microsoft.Web/hostingEnvironments/xxxxxxxx-dev-ase-v3"
    },
    "caller": "<a href="https://stackoverflow.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="f09485969689de97999c9c9d919eb080829583959e93958097de939f9d" rel="noreferrer noopener nofollow">[email protected]</a>",
    "channels": "Operation",
    "claims": {
    //REDACTED
    },
    "correlationId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
    "description": "",
    "eventDataId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
    "eventName": {
    "value": "EndRequest",
    "localizedValue": "End request"
    },
    "category": {
    "value": "Administrative",
    "localizedValue": "Administrative"
    },
    "eventTimestamp": "2021-07-19T15:51:45.4835627Z",
    "id": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/xxxxxxxx-dev-rg/providers/Microsoft.Web/hostingEnvironments/xxxxxxxx-dev-ase-v3/events/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/ticks/637623067054835627",
    "level": "Error",
    "operationId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
    "operationName": {
    "value": "Microsoft.Web/hostingEnvironments/write",
    "localizedValue": "Create or Update App Service Environment"
    },
    "resourceGroupName": "xxxxxxxx-dev-rg",
    "resourceProviderName": {
    "value": "Microsoft.Web",
    "localizedValue": "Azure Web Sites"
    },
    "resourceType": {
    "value": "Microsoft.Web/hostingEnvironments",
    "localizedValue": "Microsoft.Web/hostingEnvironments"
    },
    "resourceId": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/xxxxxxxx-dev-rg/providers/Microsoft.Web/hostingEnvironments/xxxxxxxx-dev-ase-v3",
    "status": {
    "value": "Failed",
    "localizedValue": "Failed"
    },
    "subStatus": {
    "value": "InternalServerError",
    "localizedValue": "Internal Server Error (HTTP Status Code: 500)"
    },
    "submissionTimestamp": "2021-07-19T15:52:29.177138Z",
    "subscriptionId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
    "tenantId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx",
    "properties": {
    "statusCode": "InternalServerError",
    "serviceRequestId": null,
    "statusMessage": "{\"Message\":\"An error has occurred.\"}",
    "eventCategory": "Administrative",
    "entity": "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/xxxxxxxx-dev-rg/providers/Microsoft.Web/hostingEnvironments/xxxxxxxx-dev-ase-v3",
    "message": "Microsoft.Web/hostingEnvironments/write",
    "hierarchy": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
    },
    "relatedEvents": []
    }

    最佳答案

    在我看来,您似乎遇到了一些订阅限制。如果您尝试通过 Azure 门户创建相同的 ASE,它会为您提供吗?最好知道您尝试通过 UI 执行相同操作时是否遇到错误,如果您确实在 GUI 中遇到了相同的错误,它会给您更好的错误消息。

    关于Azure 独立应用服务环境无法使用 Terraform 创建,错误代码为 "An error has occurred.",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68446328/

    30 4 0
    Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
    广告合作:1813099741@qq.com 6ren.com