个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
28
4
我的目标是在 EFS 上安装一些 python 包并将其连接到我的 Lambda。现在我要将 EFS 安装到 EC2 实例并安装某些库,如 numpy。整个基础架构在 Terraform 中定义。
部署(terraform apply)后,所有资源都已部署,没有任何问题,但访问点目录似乎不存在。我在 aws_efs_access_point 中定义了它,将根目录设置为 /access,因此当我在 /home/ubuntu/mount-point 上使用 EC2 挂载 EFS 时我希望 /access 像 in this example 一样出现在该目录中。但它不见了。
除最后一个资源外,所有资源均无一异常(exception)地创建。我错过了什么吗?
日志:(更详细的日志贴在最后)
cd mount-point/access的响应:null_resource.configure_nfs (remote-exec): /tmp/terraform_1300245673.sh: 17: cd: can't cd to access
null_resource.configure_nfs (remote-exec): PermissionError: [Errno 13] Permission denied: '/home/ubuntu/mount-point/access'
╷
│ Error: remote-exec provisioner error
│
│ on main.tf line 133, in resource "null_resource" "configure_nfs":
│ 133: provisioner "remote-exec" {
│
│ error executing "/tmp/terraform_1300245673.sh": Process exited with status 2
╵
我不太确定 EFS 是否已成功安装。 “sudo mount -t nfs4 (...)”实际上没有返回任何响应。
main.tf 的内容:
provider "aws" {
region = var.region
}
resource "aws_default_vpc" "default" {}
resource "aws_security_group" "ec2_security_group" {
name = "ec2_security_group"
description = "Allow SSH and HTTP"
vpc_id = aws_default_vpc.default.id
ingress {
description = "SSH from VPC"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "EFS mount target"
from_port = 2049
to_port = 2049
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "HTTP from VPC"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "tls_private_key" "key" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "aws_key_pair" "generated_key" {
key_name = "ec2-efs-access-key"
public_key = tls_private_key.key.public_key_openssh
}
resource "aws_instance" "ec2-instance-with-efs" {
ami = "ami-0b1deee75235aa4bb"
security_groups = [aws_security_group.ec2_security_group.name]
instance_type = "t2.micro"
key_name = aws_key_pair.generated_key.key_name
}
resource "aws_efs_file_system" "efs" {}
resource "aws_efs_mount_target" "mount" {
file_system_id = aws_efs_file_system.efs.id
subnet_id = aws_instance.ec2-instance-with-efs.subnet_id
security_groups = [aws_security_group.ec2_security_group.id]
}
resource "aws_efs_access_point" "access-point" {
file_system_id = aws_efs_file_system.efs.id
posix_user {
gid = 1000
uid = 1000
}
root_directory {
path = "/access"
creation_info {
owner_gid = 1000
owner_uid = 1000
permissions = "0777"
}
}
}
resource "null_resource" "configure_nfs" {
depends_on = [aws_efs_mount_target.mount]
connection {
type = "ssh"
user = "ubuntu"
private_key = tls_private_key.key.private_key_pem
host = aws_instance.ec2-instance-with-efs.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo apt-get update -y",
"sudo apt-get install nfs-common -y",
"sudo apt-get install python3.8 -y",
"sudo apt-get install python3-pip -y",
"python --version",
"python3 --version",
"echo ${aws_efs_file_system.efs.dns_name}",
"ls -la",
"pwd",
"sudo mkdir -p mount-point",
"ls -la",
"sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${aws_efs_file_system.efs.dns_name}:/ mount-point",
"ls",
"cd mount-point",
"ls",
"cd access",
"sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.6 1",
"sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.8 2",
"printf '2\n' | sudo update-alternatives --config python3",
"pwd",
"ls -la",
"echo 'Python version:'",
"python3 --version",
"pip3 install --upgrade --target access/ numpy --system"
]
}
}
日志:
Plan: 10 to add, 0 to change, 0 to destroy.
tls_private_key.key: Creating...
aws_default_vpc.default: Creating...
aws_efs_file_system.efs: Creating...
tls_private_key.key: Creation complete after 3s [id=80dd2cd196b9f026cf21076666e718ae75e6802d]
aws_key_pair.generated_key: Creating...
aws_key_pair.generated_key: Creation complete after 0s [id=ec2-efs-access-key]
aws_efs_file_system.efs: Creation complete after 6s [id=fs-91f47fca]
aws_efs_access_point.access-point: Creating...
aws_efs_access_point.access-point: Creation complete after 2s [id=fsap-0515864194da07104]
aws_default_vpc.default: Still creating... [10s elapsed]
aws_default_vpc.default: Creation complete after 13s [id=vpc-a7b5dbcd]
aws_security_group.ec2_security_group: Creating...
aws_security_group.ec2_security_group: Creation complete after 3s [id=sg-0dacec217adacc3dd]
aws_instance.ec2-instance-with-efs: Creating...
...
aws_instance.ec2-instance-with-efs: Creation complete after 34s [id=i-0078c219f3e6e58e1]
aws_efs_mount_target.mount: Creating...
...
aws_efs_mount_target.mount: Still creating... [1m20s elapsed]
aws_efs_mount_target.mount: Creation complete after 1m25s [id=fsmt-85ae45dd]
null_resource.configure_nfs: Creating...
null_resource.configure_nfs: Provisioning with 'remote-exec'...
null_resource.configure_nfs (remote-exec): Connecting to remote host via SSH...
null_resource.configure_nfs (remote-exec): Host: 18.195.16.239
null_resource.configure_nfs (remote-exec): User: ubuntu
null_resource.configure_nfs (remote-exec): Password: false
null_resource.configure_nfs (remote-exec): Private key: true
null_resource.configure_nfs (remote-exec): Certificate: false
null_resource.configure_nfs (remote-exec): SSH Agent: false
null_resource.configure_nfs (remote-exec): Checking Host Key: false
null_resource.configure_nfs (remote-exec): Target Platform: unix
null_resource.configure_nfs (remote-exec): Connected!
null_resource.configure_nfs (remote-exec): /tmp/terraform_1300245673.sh: 6: /tmp/terraform_1300245673.sh: python: not found
null_resource.configure_nfs (remote-exec): Python 3.6.9
null_resource.configure_nfs (remote-exec): fs-81x47xca.efs.eu-central-1.amazonaws.com
null_resource.configure_nfs (remote-exec): total 32
null_resource.configure_nfs (remote-exec): drwxr-xr-x 5 ubuntu ubuntu 4096 Oct 7 20:25 .
null_resource.configure_nfs (remote-exec): drwxr-xr-x 3 root root 4096 Oct 7 20:24 ..
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 220 Apr 4 2018 .bash_logout
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 3771 Apr 4 2018 .bashrc
null_resource.configure_nfs (remote-exec): drwx------ 2 ubuntu ubuntu 4096 Oct 7 20:25 .cache
null_resource.configure_nfs (remote-exec): drwx------ 3 ubuntu ubuntu 4096 Oct 7 20:25 .gnupg
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 807 Apr 4 2018 .profile
null_resource.configure_nfs (remote-exec): drwx------ 2 ubuntu ubuntu 4096 Oct 7 20:24 .ssh
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 0 Oct 7 20:25 .sudo_as_admin_successful
null_resource.configure_nfs (remote-exec): /home/ubuntu
null_resource.configure_nfs (remote-exec): total 36
null_resource.configure_nfs (remote-exec): drwxr-xr-x 6 ubuntu ubuntu 4096 Oct 7 20:26 .
null_resource.configure_nfs (remote-exec): drwxr-xr-x 3 root root 4096 Oct 7 20:24 ..
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 220 Apr 4 2018 .bash_logout
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 3771 Apr 4 2018 .bashrc
null_resource.configure_nfs (remote-exec): drwx------ 2 ubuntu ubuntu 4096 Oct 7 20:25 .cache
null_resource.configure_nfs (remote-exec): drwx------ 3 ubuntu ubuntu 4096 Oct 7 20:25 .gnupg
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 807 Apr 4 2018 .profile
null_resource.configure_nfs (remote-exec): drwx------ 2 ubuntu ubuntu 4096 Oct 7 20:24 .ssh
null_resource.configure_nfs (remote-exec): -rw-r--r-- 1 ubuntu ubuntu 0 Oct 7 20:25 .sudo_as_admin_successful
null_resource.configure_nfs (remote-exec): drwxr-xr-x 2 root root 4096 Oct 7 20:26 mount-point
null_resource.configure_nfs (remote-exec): mount-point
null_resource.configure_nfs (remote-exec): /tmp/terraform_1300245673.sh: 17: cd: can't cd to access
null_resource.configure_nfs (remote-exec): update-alternatives: using /usr/bin/python3.6 to provide /usr/bin/python3 (python3) in auto mode
null_resource.configure_nfs (remote-exec): update-alternatives: using /usr/bin/python3.8 to provide /usr/bin/python3 (python3) in auto mode
null_resource.configure_nfs (remote-exec): There are 2 choices for the alternative python3 (providing /usr/bin/python3).
null_resource.configure_nfs (remote-exec): Selection Path Priority Status
null_resource.configure_nfs (remote-exec): ------------------------------------------------------------
null_resource.configure_nfs (remote-exec): * 0 /usr/bin/python3.8 2 auto mode
null_resource.configure_nfs (remote-exec): 1 /usr/bin/python3.6 1 manual mode
null_resource.configure_nfs (remote-exec): 2 /usr/bin/python3.8 2 manual mode
null_resource.configure_nfs (remote-exec): Press <enter> to keep the current choice[*], or type selection number: /home/ubuntu/mount-point
null_resource.configure_nfs (remote-exec): total 8
null_resource.configure_nfs (remote-exec): drwxr-xr-x 2 root root 6144 Oct 7 20:23 .
null_resource.configure_nfs (remote-exec): drwxr-xr-x 6 ubuntu ubuntu 4096 Oct 7 20:26 ..
null_resource.configure_nfs (remote-exec): Python version:
null_resource.configure_nfs (remote-exec): Python 3.8.0
null_resource.configure_nfs (remote-exec): Collecting numpy
null_resource.configure_nfs (remote-exec): Downloading https://files.pythonhosted.org/packages/18/d3/0b5dbf3dd99f6a645612dc8cd78c633130139d98afb5303a3ce09723609b/numpy-1.21.2-cp38-cp38-
manylinux_2_5_x86_64.manylinux1_x86_64.whl (14.1MB)
null_resource.configure_nfs (remote-exec): 100% |████████████████████████████████| 14.1MB 96kB/s
null_resource.configure_nfs (remote-exec): Installing collected packages: numpy
null_resource.configure_nfs (remote-exec): Successfully installed numpy-1.21.2
null_resource.configure_nfs (remote-exec): Exception:
null_resource.configure_nfs (remote-exec): Traceback (most recent call last):
null_resource.configure_nfs (remote-exec): File "/usr/lib/python3/dist-packages/pip/basecommand.py", line 215, in main
null_resource.configure_nfs (remote-exec): status = self.run(options, args)
null_resource.configure_nfs (remote-exec): File "/usr/lib/python3/dist-packages/pip/commands/install.py", line 406, in run
null_resource.configure_nfs (remote-exec): ensure_dir(options.target_dir)
null_resource.configure_nfs (remote-exec): File "/usr/lib/python3/dist-packages/pip/utils/__init__.py", line 83, in ensure_dir
null_resource.configure_nfs (remote-exec): os.makedirs(path)
null_resource.configure_nfs (remote-exec): File "/usr/lib/python3.8/os.py", line 221, in makedirs
null_resource.configure_nfs (remote-exec): mkdir(name, mode)
null_resource.configure_nfs (remote-exec): PermissionError: [Errno 13] Permission denied: '/home/ubuntu/mount-point/access'
╷
│ Error: remote-exec provisioner error
│
│ on main.tf line 133, in resource "null_resource" "configure_nfs":
│ 133: provisioner "remote-exec" {
│
│ error executing "/tmp/terraform_1300245673.sh": Process exited with status 2
╵
最佳答案
这个错误是因为你只为 root 设置你的挂载点,而你试图以 ubuntu 用户身份访问它,正如我在评论中写的那样。要解决此问题,请添加 sudo chown ubuntu.ubuntu mount-point 将 mount-point 的所有权授予 ubuntu。此外,文件夹 access 本身并不存在,因为它是在 EFS 级别而非实例级别创建的。因此它应该是:
resource "null_resource" "configure_nfs" {
depends_on = [aws_efs_access_point.access-point, aws_efs_mount_target.mount]
connection {
type = "ssh"
user = "ubuntu"
private_key = tls_private_key.key.private_key_pem
host = aws_instance.ec2-instance-with-efs.public_ip
}
provisioner "remote-exec" {
inline = [
"sudo apt-get update -y",
"sudo apt-get install nfs-common -y",
"sudo apt-get install python3.8 -y",
"sudo apt-get install python3-pip -y",
"python --version",
"python3 --version",
"echo ${aws_efs_file_system.efs.dns_name}",
"ls -la",
"pwd",
"sudo mkdir -p mount-point",
"ls -la",
"sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport ${aws_efs_file_system.efs.dns_name}:/ mount-point",
"ls",
"sudo chown -R ubuntu.ubuntu mount-point",
"cd mount-point",
"ls",
"mkdir access",
"sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.6 1",
"sudo update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.8 2",
"printf '2\n' | sudo update-alternatives --config python3",
"pwd",
"ls -la",
"echo 'Python version:'",
"python3 --version",
"pip3 install --upgrade --target ./access/ numpy --system"
]
}
}
关于amazon-web-services - Terraform:如何将 EFS 访问点挂载到 EC2?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69488032/
28
4
0
有什么方法可以将 Terraform 模板输出用于另一个 Terraform 模板的输入? 例如:我有一个创建 ELB 的 Terraform 模板,我有另一个 Terraform 模板,它将创建一个
我正在使用 Terraform 在 Azure 中设置虚拟网络。 我有几个 VNet,每个 VNet 都有自己的网络安全组 100% 在 Terraform 中管理,在运行 Terraform 之前不
resources and data sources在 terraform 文档中 link ,谁能解释一下它们的区别以及可以使用它们的示例场景 最佳答案 Data Sources :允许 Terra
terraform plan 等命令如何知道/决定使用哪些文件? -help 显示了一个 DIR-OR-PLAN 参数,但没有显示如何使用它: $ terraform -help plan Usage
我在尝试运行使用 terraform lock 的 terraform 脚本时收到以下错误消息。 *Acquiring state lock. This may take a few moments.
我想简化这样的构造 variable "google" { type = object({ project = string region = string
这是一个场景 - 您开发用于研发组织的 terraform 模块。它们已经被一两个微服务使用,转化为十几个 pod。您确定了重构机会,例如将某些功能提取到其自己的 terraform 模块中。很好,但
Terraform 是否支持条件属性?我只想根据变量的值使用属性。 例子: resource "aws_ebs_volume" "my_volume" { availability_zone =
我想将此作为功能请求发布,但我想在发布之前看看是否有其他人找到了一些聪明的方法。或者也许 Hashicorp 的某个人可以告诉我这将是 future 的一个功能 在运行 terraform apply
我在 terraform 的变量插值中遇到了麻烦。这是我的 terraform 配置的样子。即内置函数内的变量 variable "key" {} ssh_keys { pat
运行 terraform 并等待需要很长时间。 所以我想运行它来排除需要最长执行时间的 rds 或者我只想运行 ec2 资源。 有没有办法在 terraform 中做这样的事情? 最佳答案 您可以使用
terraform 是否提供这样的功能来覆盖变量值?假设我已经声明了下面给出的两个变量。 variable "foo" {} variable "bar" { default = "false"} f
我正在为 Terraform Associate Certification 做准备考试。我在 Udemy 上进行了一次练习考试,并收到了一个关于自动安装社区提供程序的问题。但是,根据实际 terra
我有很多使用 Terraform 的 gcp-provider 用 Terraform 0.11 编写的 Terraform 模块,并希望将其升级到 Terraform 0.12。 为此,我需要保留系
我的项目有 2 个存储库。静态网站和服务器。我希望网站由 cloudfront 和 s3 托管,服务器在 elasticbeanstalk 上。我知道这些资源至少需要了解 Route53 资源才能在同
我能有这样的资源吗 resource "foo" "bar.baz"{ ... } 或者以后 . 会把我搞砸吗?特别是,是否允许这样做: resource "foo" "other"{ ...
我能有这样的资源吗 resource "foo" "bar.baz"{ ... } 或者以后 . 会把我搞砸吗?特别是,是否允许这样做: resource "foo" "other"{ ...
运行时terraform init使用 Terraform 时 0.11.3我们收到以下错误: Initializing provider plugins... - Checking for avai
我正在尝试将项目的 CLI 工作区迁移到 Terraform Cloud。我正在使用 Terraform 版本 0.14.8 并遵循官方指南 here . $ terraform0.14.8 work
尝试在Azure Pipeline中将terraform init作为任务运行时,错误指出 spawn C:\hostedtoolcache\windows\terraform\0.12.7\x64\
我是一名优秀的程序员,十分优秀!