标签: terraform-provider-gcp
过滤 terraform 列表中的特定值
我有一个 terraform 代码块,可以生成 gcp 区域列表
data "google_compute_regions" "available" {
project = var.project
}
output "name" {
value = data.google_compute_regions.available.names
}
~ name = [
+ "asia-east1",
+ "asia-east2",
+ "asia-northeast1",
+ "asia-northeast2",
+ "asia-northeast3",
+ "asia-south1",
+ "asia-southeast1",
+ "asia-southeast2",
+ "australia-southeast1",
+ "europe-north1",
+ "europe-west1",
+ "europe-west2",
+ "europe-west3",
+ "europe-west4",
+ "europe-west6",
+ "northamerica-northeast1",
+ "southamerica-east1",
+ "us-central1",
+ "us-east1",
+ "us-east4",
+ "us-west1",
+ "us-west2",
+ "us-west3",
+ "us-west4",
]
但是,我只想过滤掉欧洲地区。
这样做
output "names" {
value = …推荐指数
解决办法
查看次数
GCP 中的 Terraform“name” 与“self_link”
在 GCP 中,当使用 Terraform 时,我发现我可以使用name属性以及self_link. 所以,我想知道是否在某些情况下我必须使用其中任何一个。
例如:
resource "google_compute_ssl_policy" "custom_ssl_policy" {
name = "my-ssl-policy"
profile = "MODERN"
min_tls_version = "TLS_1_1"
}
这个对象,那么可以被称为:
ssl_policy = google_compute_ssl_policy.custom_ssl_policy.name
和
ssl_policy = google_compute_ssl_policy.custom_ssl_policy.self_link
我知道object.name返回 Terraform 对象名称,并object.self_link返回 GCP 资源的 URI。
我尝试过使用多个对象,并且它适用于这两个属性,所以我想知道这是否微不足道,或者在某些情况下我应该使用其中之一。
推荐指数
解决办法
查看次数
Terraform - 如何在模块内引用我的输出?
尝试在 main.tf 中引用我的输出之一时遇到问题。我正在尝试使用实例的公共 IP 地址的输出来尝试使用remote-exec. 以下是文件:
主.tf
\nmodule "subnetwork" {\n source = "../modules/uc1" \n env = "${var.var_env}"\n company = "${var.var_company}"\n depends_on = [\n module.vpc\n ]\n\n}\n\noutput "server_private_ip" {\n value = google_compute_instance.default.network_interface[0].network_ip\n}\n\noutput "server_public_ip" {\n value = google_compute_instance.default.network_interface[0].access_config[0].nat_ip\n}\n../模块/uc1:
\nresource "google_compute_instance" "default" {\n name = "${format("%s","${var.company}-${var.tester}-${var.env}-${var.var_region_name}-instance1")}"\n machine_type = "${var.var_machine_type}"\n zone = "${var.var_zone_name}"\n\n tags = ["http", "https", "ssh"]\n\n boot_disk {\n initialize_params {\n image = "${var.var_instance_image}"\n }\n }\n\n\n metadata = {\n ssh-keys = "root:${file(var.var_ssh)}"\n }\n\n \n provisioner "remote-exec" {\n\n …推荐指数
解决办法
查看次数
使用 Windows SSL 安装 Google Cloud SDK 错误
我正在尝试在公司计算机上安装 Google Cloud SDK,但似乎无法正常工作。我认为这与防火墙有关,但我无法弄清楚。
这是错误消息。你有什么线索吗?
我尝试禁用 VPN,但没有成功。另外,我正在以管理员权限运行 .exe。
Output folder: C:\Program Files (x86)\Google\Cloud SDK
Downloading Google Cloud SDK core.
Extracting Google Cloud SDK core.
Create Google Cloud SDK bat file: C:\Program Files (x86)\Google\Cloud SDK\cloud_env.bat
Installing components.
Welcome to the Google Cloud SDK!
Beginning update. This process may take several minutes.
This will install all the core command line tools necessary for working with
the Google Cloud Platform.
Traceback (most recent call last):
File "C:\Program Files (x86)\Google\Cloud SDK\google-cloud-sdk\lib\third_party\urllib3\contrib\pyopenssl.py", line 488, in …推荐指数
解决办法
查看次数
如何解决:读取或编辑 Project Service Foo/container.googleapis.com 时出错:googleapi:错误 403
我是 GCP 新手,我正在尝试通过 Terraform 启用许多 API。
variable "gcp_service_list" {
description ="Projectof apis"
type = list(string)
default = [
"cloudresourcemanager.googleapis.com",
"serviceusage.googleapis.com"
]
}
resource "google_project_service" "gcp" {
for_each = toset(var.gcp_service_list)
project = "project-id"
service = each.key
}
但我不断遇到错误
Error when reading or editing Project Service Foo/compute.googleapis.com: googleapi: Error 403: The caller does not have permission, forbidden
我需要授予我的服务帐户什么权限才能使其能够执行此操作?
google-cloud-platform terraform terraform-provider-gcp terraform0.12+
推荐指数
解决办法
查看次数
(Terraform) 错误 403:项目 905986752003 之前未使用过 Cloud Run Admin API 或已禁用。通过访问 https://console.d 启用它
在GCP上,我应用了下面的Terraform代码来运行Cloud Run 服务“渲染器”:
resource "google_cloud_run_service" "renderer" {
name = "renderer"
location = "asia-northeast1"
template {
spec {
containers {
image = "gcr.io/${var.project_id}/renderer:latest"
}
}
}
}
但我收到了这个错误:
创建服务时出错:googleapi:错误 403:之前未在项目 905986752003 中使用 Cloud Run Admin API 或已禁用。通过访问 https://console.developers.google.com/apis/api/run.googleapis.com/overview?project=905986752003启用它 ,然后重试。如果您最近启用了此 API,请等待几分钟,以便该操作传播到我们的系统,然后重试。
因此,我访问了上面这个错误中显示的网址https://console.developers.google.com/apis/api/run.googleapis.com/overview?project=905986752003:
然后,启用Cloud Run API:
然后,再次应用此Terraform代码:
resource "google_cloud_run_service" "renderer" {
name = "renderer"
location = "asia-northeast1"
template {
spec {
containers {
image = "gcr.io/${var.project_id}/renderer:latest"
}
}
}
} …google-cloud-platform terraform devops terraform-provider-gcp google-cloud-run
推荐指数
解决办法
查看次数
在秘密更新时更新 Cloud Run 实例
在 GCP 上,我将 Cloud Run 与 Secret Manager 中的环境变量一起使用。
更新密钥时如何高效更新 Cloud Run 实例?
我尝试使用此 Terraform 代码,但没有成功:
// run.tf
module "cloud-run-app" {
source = "GoogleCloudPlatform/cloud-run/google"
version = "~> 0.0"
service_name = "${local.main_project}-cloudrun"
location = local.region
image = local.cloudrun_image
project_id = local.main_project
env_vars = local.envvars_injection
env_secret_vars = local.secrets_injection
service_account_email = google_service_account.app.email
ports = local.cloudrun_port
service_annotations = {
"run.googleapis.com/ingress" : "internal-and-cloud-load-balancing"
}
service_labels = {
"env_type" = var.env_name
}
template_annotations = {
"autoscaling.knative.dev/maxScale" : local.cloudrun_app_max_scale,
"autoscaling.knative.dev/minScale" : local.cloudrun_app_min_scale,
"generated-by" : "terraform",
"run.googleapis.com/client-name" : …google-cloud-platform terraform-provider-gcp google-cloud-run
推荐指数
解决办法
查看次数
使用 Terraform 为 Google Cloud SQL PostgreSQL 数据库创建架构
我是 Terraform 的新手,我想为postgres在 Google Cloud SQL 上的 PostgreSQL 9.6 实例上创建的数据库创建架构。
要创建PostgreSQL实例我有这个main.tf:
resource "google_sql_database_instance" "my-database" {
name = "my-${var.deployment_name}"
database_version = "POSTGRES_9_6"
region = "${var.deployment_region}"
settings {
tier = "db-f1-micro"
ip_configuration {
ipv4_enabled = true
}
}
}
我试图创建一个PostgreSQL这样的对象:
provider "postgresql" {
host = "${google_sql_database_instance.my-database.ip_address}"
username = "postgres"
}
最后创建架构:
resource "postgresql_schema" "my_schema" {
name = "my_schema"
owner = "postgres"
}
但是,这个配置不起作用,我们运行terraform plan:
Inappropriate value for attribute "host": string required.
如果我删除 …
postgresql google-cloud-sql terraform terraform-provider-gcp
推荐指数
解决办法
查看次数
terraform 手动安装插件失败
我正在使用 terraform 0.13.0 并尝试使用 kubernetes-alpha 提供程序(https://github.com/hashicorp/terraform-provider-kubernetes-alpha)。我下载了 Mac 的插件并将插件复制到 ~/.terraform.d/plugins 目录
当我运行 terraform init 时,它没有找到本地插件,而是试图从 hashicorp 站点找到
terraform init
2020/08/21 16:42:58 [WARN] Log levels other than TRACE are currently unreliable, and are supported only for backward compatibility.
Use TF_LOG=TRACE to see Terraform's internal logs.
----
2020/08/21 16:42:58 [INFO] Terraform version: 0.13.0
2020/08/21 16:42:58 [INFO] Go runtime version: go1.14.2
2020/08/21 16:42:58 [INFO] CLI args: []string{"<$HOME>/bin/terraform", "init"}
2020/08/21 16:42:58 [DEBUG] Attempting to open CLI config file: <$HOME>/.terraformrc
2020/08/21 16:42:58 Loading CLI …macos kubernetes terraform terraform-provider-gcp terraform-provider-kubernetes
推荐指数
解决办法
查看次数
terraform plan 通知基础设施的变化,但也说没有变化
当我跑
terraform plan它显示了 Terraform 所做更改的列表,并在输出结束时通知“没有更改。您的基础设施与配置匹配。”:
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply":
# google_sql_database_instance.db1 has been changed
~ resource "google_sql_database_instance" "db1" {
id = "db1"
name = "db1"
# (12 unchanged attributes hidden)
....
whole list of objects to update
....
....
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to …推荐指数
解决办法
查看次数