个人中心
gpt4 book ai didi

amazon-web-services - 在 "provisioner" block 上的 AWS EC2 实例上运行 Hashicorp Vault 服务器

转载 作者:行者123 更新时间:2023-12-04 08:05:31 25 4
gpt4 key购买 nike

我正在创建一个 AWS 实例,并且在创建时尝试运行 Vault 服务器。我的问题是创建过程永远不会完成,因为服务器没有在后台运行。这是我的配置:

resource "aws_instance" "web" {
  ami           = "ami-466768ac"
  instance_type = "t2.micro"
  key_name = "my_key"

  tags {
    Name = "Vault"
  }

  provisioner "remote-exec" {

    connection {
      type        = "ssh"
      agent       = false
      user        = "ec2-user"
      private_key = "${file("/path/to/my_key")}"
    }

    inline = [
      "curl -O https://releases.hashicorp.com/vault/0.10.4/vault_0.10.4_linux_amd64.zip",
      "unzip vault_0.10.4_linux_amd64.zip",
      "./vault server -dev -dev-listen-address=0.0.0.0:8200"
    ]
  }

}

基本上,我通过 curl 下载 Vault并运行开发服务器。服务器实际上正在运行(我在终端日志中看到它),但实例创建(由 Terraform)从未完成: 
aws_instance.web: Still creating... (40s elapsed)
aws_instance.web: Still creating... (50s elapsed)
aws_instance.web: Still creating... (1m0s elapsed)
aws_instance.web: Still creating... (1m10s elapsed)
aws_instance.web: Still creating... (1m20s elapsed)
aws_instance.web: Still creating... (1m30s elapsed)
...

我试图添加 &在启动 Vault 服务器命令的末尾,为了不阻止 shell,但是,当我这样做时,会创建实例,但实际上并未启动 Vault 服务器。

如何在创建实例时以后台模式启动服务器?

编辑

我也试过 nohup : 
nohup ./vault server -dev -dev-listen-address=0.0.0.0:8200

但是当terraform完成时服务器没有启动......

最佳答案

最后,正如@StephenKing 在评论中告诉我的那样,我创建了一个 systemd 服务。这是我的配置:

resource "aws_instance" "web" {
  ami           = "ami-466768ac"
  instance_type = "t2.micro"
  key_name = "my_key"

  tags {
    Name = "Vault"
  }

  //upload vault.service file (systemd unit)
  provisioner "file" {
    connection {
      type        = "ssh"
      agent       = false
      user        = "ec2-user"
      private_key = "${file("/path/to/my/key")}"
    }
    source = "./vault.service"
    destination = "/home/ec2-user/vault.service"
  }

  //download vault and start service
  provisioner "remote-exec" {
    connection {
      type        = "ssh"
      agent       = false
      user        = "ec2-user"
      private_key = "${file("/path/to/my/key")}"
    }
    inline = [
      "curl -O https://releases.hashicorp.com/vault/0.10.4/vault_0.10.4_linux_amd64.zip",
      "unzip vault_0.10.4_linux_amd64.zip",
      "sudo mv /home/ec2-user/vault.service /etc/systemd/system/",
      "sudo systemctl start vault.service"
    ]
  }

}

vault.service 
[Unit]
Description=Vault dev server

[Service]
ExecStart=/home/ec2-user/vault server -dev -dev-listen-address=0.0.0.0:8200

关于amazon-web-services - 在 "provisioner" block 上的 AWS EC2 实例上运行 Hashicorp Vault 服务器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51739984/

25 4 0
文章推荐: amazon-web-services - 按 Sortkey 顺序和 VACUUM 加载数据
文章推荐: algorithmic-trading - 如何找到烛条模式在 2 小时到 15 分钟的时间范围内出现的最大次数
文章推荐: haskell - 我有哪个软件包版本?
文章推荐: amazon-web-services - aws cloudformation 部署 - 如何增加等待时间
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com