时间戳

首页 > 解决方案 > 使用 Terraform 时连接超时

amazon-web-services - 使用 Terraform 时连接超时

问题描述

我尝试从子网和 vpc id 创建实例,但在提供远程 exec 时遇到问题。这样做的目的是创建 2 个公共子网(eu-west-1a)和 2 个私有子网(eu-west-1b)和使用其中的子网和 vpc id 创建一个实例,然后 ssh 并安装 nginx。我不知道如何解决这个问题,不幸的是我不是 Terraform 方面的专家,所以这里需要指导。当我尝试使用命令提示符对其进行 ssh 时,它说连接超时。该端口在安全组端口 22 中打开

╷ │</p> 

 Error: remote-exec provisioner error
│ 
│   with aws_instance.EC2InstanceCreate,
│   on main_ec2.tf line 11, in resource "aws_instance" "EC2InstanceCreate":
│   11:   provisioner "remote-exec" {
│
│ timeout - last error: dial tcp 54.154.137.10:22: i/o timeout

╵</p>

[1在此处输入图片说明

我的代码如下:

 `# Server Definition
resource "aws_instance" "EC2InstanceCreate" {
  ami                    = "${var.aws_ami}"
  instance_type          = "${var.server_type}"
  key_name               = "${var.target_keypairs}"
  subnet_id              = "${var.target_subnet}"

 
  provisioner "remote-exec" { 
  connection {
      type    = "ssh"
       host = "${self.public_ip}"
      user    = "centos"
      private_key = "${file("/home/michael/cs-104-michael/lesson6/EC2Tutorial.pem")}"
    timeout     = "5m"
    } 
  
  inline = [
  "sudo yum -y update",
  "sudo yum -y install nginx",
  "sudo service nginx start",
  "sudo yum -y install wget, unzip",
  
  ]

  
  }

  
  tags = {
    Name        = "cs-104-lesson6-michael"
    Environment = "TEST"
    App         = "React App"
  }
}

output "pub_ip" {
  value      = ["${aws_instance.EC2InstanceCreate.public_ip}"]
  depends_on = [aws_instance.EC2InstanceCreate]
}`

安全组配置:

# Create security group for webserver
resource "aws_security_group" "webserver_sg" {
  name        = "sg_ws_name"
  vpc_id      = "${var.target_vpc}"
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    description = "HTTP"
    cidr_blocks = ["0.0.0.0/0"]
   }
  ingress {
    from_port   = 22
    to_port     = 22
    protocol    = "tcp"
    description = "HTTP"
    cidr_blocks = ["0.0.0.0/0"]
  }
  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
  tags = {
    Name = "Security Group VPC devmind" 
    Project = "demo-assignment"
  }
}

子网代码:

resource "aws_subnet" "public-subnet" {
 vpc_id      = "${aws_vpc.default.id}"
  cidr_block  = "${var.public_subnet_2a_cidr}"
  availability_zone = "eu-west-1a"
map_public_ip_on_launch = true
tags = {

Name = "Web Public subnet 1"

}

}

resource "aws_subnet" "public-subnet2" {      
 vpc_id      = "${aws_vpc.default.id}"        
  cidr_block  = "${var.public_subnet_2b_cidr}"
  availability_zone = "eu-west-1a"
map_public_ip_on_launch = true
tags = {

Name = "Web Public subnet 2"

}

}

# Define private subnets

resource "aws_subnet" "private-subnet" {      
 vpc_id      = "${aws_vpc.default.id}"
  cidr_block  = "${var.private_db_subnet_2a_cidr}"
  availability_zone = "eu-west-1b"
map_public_ip_on_launch = false
tags = {

Name = "App Private subnet 1"

}

}

resource "aws_subnet" "private-subnet2" {
 vpc_id      = "${aws_vpc.default.id}"
  cidr_block  = "${var.private_db_subnet_2b_cidr}"
  availability_zone = "eu-west-1b"
map_public_ip_on_launch = false
tags = {

Name = "App Private subnet 2"

}

}

vpc代码:

# Define our VPC        
resource "aws_vpc" "default" {
  cidr_block  = "${var.vpc_cidr}"

  enable_dns_hostnames = true

tags = {

Name = "Devops POC VPC"

}

}

互联网网关包含代码:

# Internet Gateway      
resource "aws_internet_gateway" "gw" {
  vpc_id      = "${aws_vpc.default.id}"

tags = {

name = "VPC IGW"

}

}

标签: amazon-web-servicesterraform

解决方案

您没有为您的实例提供vpc_security_group_ids

vpc_security_group_ids = [aws_security_group.webserver_sg.id]

可能还有许多其他问题,例如未显示的错误设置 VPC。

推荐阅读