个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
35
4
我在 Terraform 中为前门编码动态 block 时遇到一些问题。我在这里找到了一个很好的工作示例:https://github.com/spy86/terraform-azure-front-door/blob/main/front_door.tf
然而,我的前门设置并不像这个人那么复杂,我不需要他在他身上所做的一切。
我想要实现的目标是在我的前门上放置两个 backend_pool 以启用多个区域。做到这一点的唯一方法是引入动态 block 。然而,当我这样做时,我收到一个错误: │ 错误:不支持的属性 │ │ 在 frontdoor.tf 第 96 行,资源“azurerm_frontdoor”“jctestingfrontdoor”中: │ 96: for_each = var.backend_pool_settings.value.backend[ *] │ ├────────────── │ │ var.backend_pool_settings 是一个对象列表,只有在应用后才知道 │ │ 无法访问对象列表上的属性。您的意思是访问列表中特定元素的属性,还是列表中所有元素的属性?
这是我的前门代码:
Main.tf
resource "azurerm_frontdoor" "jctestingfrontdoor" {
depends_on = [
azurerm_key_vault.jctestingenv_keyvault,
]
name = "testingfrontdoor"
resource_group_name = azurerm_resource_group.Terraform.name
routing_rule {
name = "projroutingrule"
accepted_protocols = ["Http", "Https"]
patterns_to_match = ["/*"]
frontend_endpoints = ["projfrontendendpoint", "${local.frontendendpoint2}"]
forwarding_configuration {
forwarding_protocol = "MatchRequest"
backend_pool_name = "projbackendpool"
}
}
backend_pool_load_balancing {
name = "projloadbalancesettings"
sample_size = 255
successful_samples_required = 1
}
backend_pool_health_probe {
name = "projhealthprobesettings"
path = "/health/probe"
protocol = "Https"
interval_in_seconds = 240
}
dynamic "backend_pool" {
for_each = var.backend_pool_settings[*]
content {
name = var.backend_pool_settings.name
load_balancing_name = var.backend_pool_settings.load_balancing_name
health_probe_name = var.backend_pool_settings.health_probe_name
dynamic "backend" {
for_each = var.backend_pool_settings.backend
content {
address = var.backend_pool_settings.address
host_header = var.backend_pool_settings.host_header
http_port = var.backend_pool_settings.http_port
https_port = var.backend_pool_settings.https_port
priority = var.backend_pool_settings.priority
weight = var.backend_pool_settings.weight
enabled = var.backend_pool_settings.enabled
}
}
}
}
frontend_endpoint {
name = "projfrontendendpoint"
host_name = format("testingfrontdoor.azurefd.net")
}
frontend_endpoint {
name = local.frontendendpoint2
host_name = format("portal-staging.terraform.example")
}
}
resource "azurerm_frontdoor_custom_https_configuration" "portal_staging_https_config" {
depends_on = [
azurerm_frontdoor.jctestingfrontdoor
]
frontend_endpoint_id = "${azurerm_frontdoor.jctestingfrontdoor.id}/frontendEndpoints/${local.frontendendpoint2}"
custom_https_provisioning_enabled = true
custom_https_configuration {
certificate_source = "AzureKeyVault"
azure_key_vault_certificate_secret_name = "imported-cert"
azure_key_vault_certificate_vault_id = azurerm_key_vault.jctestingenv_keyvault.id
}
}变量.tf
variable "backend_pool_settings" {
description = "backend pool stettings for frontdoor"
type = object({
name = string
backend = list(object({
address = string
host_header = string
http_port = number
https_port = number
weight = number
priority = number
enabled = bool
}))
load_balancing_name = string
health_probe_name = string
})
}本地人.tf
locals {
frontendendpoint2 = "projfrondoordnsname"
backendpool1 = "uksouth"
backendpool2 = "westeurope"
}输入变量.tfvars
backend_pool_settings = (
{
name = "uksouth"
backend = {
address = "portal-staging-testing1.terraform.example"
host_header = "portal-staging-testing1.terraform.example"
http_port = 80
https_port = 443
priority = 1
weight = 50
enabled = true
}
load_balancing_name = "projloadbalancesettings"
health_probe_name = "projloadbalancesettings"
},
{
name = "westeurope"
backend = {
address = "portal-staging-testing2.terraform.example"
host_header = "portal-staging-testing2.terraform.example"
http_port = 80
https_port = 443
priority = 1
weight = 50
enabled = true
}
load_balancing_name = "projloadbalancesettings"
health_probe_name = "projloadbalancesettings"
})我已将变量编码为对象列表,但我不确定这是否正确,并且我不确定是否应该像示例中那样将 backend_pool 拆分为两个动态 block 。
更新:
完成我的代码后,我对其进行了进一步简化,
resource "azurerm_frontdoor" "jctestingfrontdoor" {
depends_on = [
azurerm_key_vault.jctestingenv_keyvault,
]
name = "testingfrontdoor"
resource_group_name = azurerm_resource_group.Terraform.name
routing_rule {
name = "projroutingrule"
accepted_protocols = ["Http", "Https"]
patterns_to_match = ["/*"]
frontend_endpoints = ["projfrontendendpoint", "${local.frontendendpoint2}"]
forwarding_configuration {
forwarding_protocol = "MatchRequest"
backend_pool_name = "projbackendpool"
}
}
backend_pool_load_balancing {
name = "projloadbalancesettings"
sample_size = 255
successful_samples_required = 1
}
backend_pool_health_probe {
name = "projhealthprobesettings"
path = "/health/probe"
protocol = "Https"
interval_in_seconds = 240
}
backend_pool {
name = "projbackendpool"
dynamic "backend" {
for_each = var.backend_pool_settings.value.backend[*]
content {
address = backend.address
host_header = backend.host_header
http_port = backend.http_port
https_port = backend.https_port
priority = backend.priority
weight = backend.weight
enabled = backend.enabled
}
}
load_balancing_name = "projloadbalancesettings"
health_probe_name = "projhealthprobesettings"
}
frontend_endpoint {
name = "projfrontendendpoint"
host_name = format("testingfrontdoor.azurefd.net")
}
frontend_endpoint {
name = local.frontendendpoint2
host_name = format("portal-staging.terraform.example")
}
}现在我得到的错误是: │ 错误:不支持的属性 │ │ 在 frontdoor.tf 第 96 行,资源“azurerm_frontdoor”“jctestingfrontdoor”中: │ 96: for_each = var.backend_pool_settings.value.backend[* ] │ ├────────────── │ │ var.backend_pool_settings 是一个对象列表,只有在应用后才知道 │ │ 无法访问对象列表上的属性。您的意思是访问列表中特定元素的属性,还是列表中所有元素的属性?
最佳答案
我已经通过使用 map 变量设法解决了这个问题。基本上,前门不需要指定后端的对象,因为它已经知道它正在构建后端。我还尝试了一些其他代码并使其正常工作,请参阅我的代码:
mainj.tf
resource "azurerm_frontdoor" "jctestingfrontdoor" {
depends_on = [
azurerm_key_vault.jctestingenv_keyvault,
]
name = "testingfrontdoor"
resource_group_name = azurerm_resource_group.terraform.name
routing_rule {
name = "projroutingrule"
accepted_protocols = ["Http", "Https"]
patterns_to_match = ["/*"]
frontend_endpoints = ["projfrontendendpoint", "${local.frontendendpoint2}"]
forwarding_configuration {
forwarding_protocol = "MatchRequest"
backend_pool_name = "projbackendpool"
}
}
backend_pool_load_balancing {
name = "projloadbalancesettings"
sample_size = 255
successful_samples_required = 1
}
backend_pool_health_probe {
name = "projhealthprobesettings"
path = "/health/probe"
protocol = "Https"
interval_in_seconds = 240
}
backend_pool {
name = "projbackendpool"
dynamic "backend" {
for_each = var.backend_pool_settings
content {
address = backend.value.address
host_header = backend.value.host_header
http_port = backend.value.http_port
https_port = backend.value.https_port
priority = backend.value.priority
weight = backend.value.weight
enabled = backend.value.enabled
}
}
load_balancing_name = "projloadbalancesettings"
health_probe_name = "projhealthprobesettings"
}
frontend_endpoint {
name = "projfrontendendpoint"
host_name = format("testingfrontdoor.azurefd.net")
}
frontend_endpoint {
name = local.frontendendpoint2
host_name = format("portal-staging.terraform.example")
}
}
resource "azurerm_frontdoor_custom_https_configuration" "portal_staging_https_config" {
depends_on = [
azurerm_frontdoor.jctestingfrontdoor
]
frontend_endpoint_id = "${azurerm_frontdoor.jctestingfrontdoor.id}/frontendEndpoints/${local.frontendendpoint2}"
custom_https_provisioning_enabled = true
custom_https_configuration {
certificate_source = "AzureKeyVault"
azure_key_vault_certificate_secret_name = "imported-cert"
azure_key_vault_certificate_vault_id = azurerm_key_vault.jctestingenv_keyvault.id
}
}
variables.tf
variable "backend_pool_settings" {
description = "backend pool stettings for frontdoor"
type = map(object({
address = string
host_header = string
http_port = number
https_port = number
weight = number
priority = number
enabled = bool
}))
}
inputvariables.tfvars
backend_pool_settings = {
backendone = {
address = "portal-staging-testing1.terraform.example"
host_header = "portal-staging-testing1.terraform.example"
http_port = 80
https_port = 443
priority = 1
weight = 50
enabled = true
},
backendtwo = {
address = "portal-staging-testing2.terraform.example"
host_header = "portal-staging-testing2.terraform.example"
http_port = 80
https_port = 443
priority = 1
weight = 50
enabled = true
}
}这篇文章还帮助我解决了使用 Terraform 处理 map 对象的问题:https://serverfault.com/questions/1063395/terraform-values-from-tfvars-are-not-loading-when-using-multi-level-maps
关于Azure Frontdoor 动态 block 在 Terraform 中不起作用,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/73882819/
35
4
0
有什么方法可以将 Terraform 模板输出用于另一个 Terraform 模板的输入? 例如:我有一个创建 ELB 的 Terraform 模板,我有另一个 Terraform 模板,它将创建一个
我正在使用 Terraform 在 Azure 中设置虚拟网络。 我有几个 VNet,每个 VNet 都有自己的网络安全组 100% 在 Terraform 中管理,在运行 Terraform 之前不
resources and data sources在 terraform 文档中 link ,谁能解释一下它们的区别以及可以使用它们的示例场景 最佳答案 Data Sources :允许 Terra
terraform plan 等命令如何知道/决定使用哪些文件? -help 显示了一个 DIR-OR-PLAN 参数,但没有显示如何使用它: $ terraform -help plan Usage
我在尝试运行使用 terraform lock 的 terraform 脚本时收到以下错误消息。 *Acquiring state lock. This may take a few moments.
我想简化这样的构造 variable "google" { type = object({ project = string region = string
这是一个场景 - 您开发用于研发组织的 terraform 模块。它们已经被一两个微服务使用,转化为十几个 pod。您确定了重构机会,例如将某些功能提取到其自己的 terraform 模块中。很好,但
Terraform 是否支持条件属性?我只想根据变量的值使用属性。 例子: resource "aws_ebs_volume" "my_volume" { availability_zone =
我想将此作为功能请求发布,但我想在发布之前看看是否有其他人找到了一些聪明的方法。或者也许 Hashicorp 的某个人可以告诉我这将是 future 的一个功能 在运行 terraform apply
我在 terraform 的变量插值中遇到了麻烦。这是我的 terraform 配置的样子。即内置函数内的变量 variable "key" {} ssh_keys { pat
运行 terraform 并等待需要很长时间。 所以我想运行它来排除需要最长执行时间的 rds 或者我只想运行 ec2 资源。 有没有办法在 terraform 中做这样的事情? 最佳答案 您可以使用
terraform 是否提供这样的功能来覆盖变量值?假设我已经声明了下面给出的两个变量。 variable "foo" {} variable "bar" { default = "false"} f
我正在为 Terraform Associate Certification 做准备考试。我在 Udemy 上进行了一次练习考试,并收到了一个关于自动安装社区提供程序的问题。但是,根据实际 terra
我有很多使用 Terraform 的 gcp-provider 用 Terraform 0.11 编写的 Terraform 模块,并希望将其升级到 Terraform 0.12。 为此,我需要保留系
我的项目有 2 个存储库。静态网站和服务器。我希望网站由 cloudfront 和 s3 托管,服务器在 elasticbeanstalk 上。我知道这些资源至少需要了解 Route53 资源才能在同
我能有这样的资源吗 resource "foo" "bar.baz"{ ... } 或者以后 . 会把我搞砸吗?特别是,是否允许这样做: resource "foo" "other"{ ...
我能有这样的资源吗 resource "foo" "bar.baz"{ ... } 或者以后 . 会把我搞砸吗?特别是,是否允许这样做: resource "foo" "other"{ ...
运行时terraform init使用 Terraform 时 0.11.3我们收到以下错误: Initializing provider plugins... - Checking for avai
我正在尝试将项目的 CLI 工作区迁移到 Terraform Cloud。我正在使用 Terraform 版本 0.14.8 并遵循官方指南 here . $ terraform0.14.8 work
尝试在Azure Pipeline中将terraform init作为任务运行时,错误指出 spawn C:\hostedtoolcache\windows\terraform\0.12.7\x64\
我是一名优秀的程序员,十分优秀!