Google 建议删除和创建您自己的 VPC for prod
此资源管理默认 VPC:https : //www.terraform.io/docs/providers/aws/r/default_vpc.html
但我想将不同的 VPC 设置为默认值并删除自动创建的 VPC。
这怎么可能?
尝试创建可用于连接移动某些文件的用户,当我尝试在使用元数据资源创建实例时创建用户时,已成功创建但未执行元数据命令。
`resource "google_compute_instance" "win-dev-instance" {
project = "my_pro_1"
zone = "eu-west2-b"
name = "win-dev-instance"
machine_type = "f1-micro"
boot_disk {
initialize_params {
image = "windows-server-2016-r2-dc-v20191210"
}
}
network_interface {
network = "default"
access_config {
}
}
metadata {
windows-startup-script-cmd = "net user /add devuser PASSWORD & net localgroup adminstrators devuser /add"
}
}`
powershell google-cloud-platform terraform terraform-provider-gcp
使用 Terraform 11.14 我的 terraform 文件包含以下资源:
resource "google_storage_bucket" "assets-bucket" {
name = "${local.assets_bucket_name}"
storage_class = "MULTI_REGIONAL"
force_destroy = true
}
并且这个存储桶已经被创建(它存在于基于先前的基础设施上apply)但是状态(远程上gcs)不一致并且似乎不包括这个存储桶。结果,terraform apply失败并出现以下错误:
google_storage_bucket.assets-bucket: googleapi: Error 409: You already own this bucket. Please select another name., conflict
我该如何协调国家?(terraform refresh没有帮助)
编辑
根据 @ydaetskcoR 的回应,我做了:
terraform import module.bf-nathan.google_storage_bucket.assets-bucket my-bucket
输出:
module.bf-nathan.google_storage_bucket.assets-bucket: Importing from ID "my-bucket"...
module.bf-nathan.google_storage_bucket.assets-bucket: Import complete! Imported google_storage_bucket (ID: next-assets-bf-nathan-botfront-cloud)
module.bf-nathan.google_storage_bucket.assets-bucket: Refreshing state... (ID: next-assets-bf-nathan-botfront-cloud)
Error: module.bf-nathan.provider.kubernetes: 1:11: unknown variable accessed: var.cluster_ip in: …下面是我的 terraform 资源。我们如何从 terraform gcp 资源 iam 绑定中的变量添加项目编号,因为如果我将为其他帐户运行相同的 terraform,我必须手动更改它。
resource "google_project_iam_binding" "project" {
project = var.projectid
role = "roles/container.admin"
members = [
"serviceAccount:service-1016545346555@gcp-sa-cloudbuild.iam.gserviceaccount.com",
]
}
请告诉我如何通过 Terraform 在 GCP 提醒政策中提及多个条件。我尝试了几种创建文档中提到的条件列表的方法,但没有任何效果。
下面是代码片段:
resource "google_monitoring_alert_policy" "alert_policy" {
display_name = "Request count Policy"
combiner = "OR"
conditions = [
display_name = "Request count condition"
condition_threshold {
filter = "metric.type=\"run.googleapis.com/request_count\" AND resource.type=\"cloud_run_revision\" AND metric.label.response_code_class=\"4xx\" AND resource.label.service_name=\"dev-ms\""
duration = "60s"
comparison = "COMPARISON_GT"
threshold_value = 5
trigger = {
count = 1
}
aggregations {
alignment_period = "60s"
per_series_aligner = "ALIGN_DELTA"
cross_series_reducer = "REDUCE_SUM"
group_by_fields = ["metric.label.response_code_class", "resource.label.revision_name"]
}
},
display_name = "Request latencies condition"
condition_threshold {
filter = "metric.type=\"run.googleapis.com/request_count\" …我正在尝试将快照计划添加到 vm_instance 的启动磁盘。
provider "google" {
project = "xxxxxx"
}
resource "google_compute_instance" "xxxxxx" {
name = "xxxxxx"
machine_type = "xxxxxx"
zone = "xxxxxx"
boot_disk {
initialize_params {
image = "???"
}
}
metadata_startup_script = ";;"
network_interface {
network = "default"
}
}
我知道如何将计划添加到外部磁盘: https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_disk_resource_policy_attachment
但是如何使用 vm_instance 磁盘执行此操作呢?
谢谢
我已经能够部署几个月了,现在今天早上我突然收到此错误。
\n\xe2\x94\x82 Error: Error while updating cloudfunction configuration: Error waiting for Updating CloudFunctions Function: Error code 3, message: Build failed: curl: (22) The requested URL returned error: 404 \n\xe2\x94\x82 \n\xe2\x94\x82 gzip: stdin: unexpected end of file\n\xe2\x94\x82 tar: Child returned status 1\n\xe2\x94\x82 tar: Error is not recoverable: exiting now; Error ID: 637fe2a4\n\xe2\x94\x82 \n\xe2\x94\x82 with google_cloudfunctions_function.syncFiles,\n\xe2\x94\x82 on functions.tf line 396, in resource "google_cloudfunctions_function" "syncFiles":\n\xe2\x94\x82 396: resource "google_cloudfunctions_function" "syncFiles" {\n\xe2\x94\x82 \n这是地形配置。我们压缩该目录并将其交给云函数进行部署
\ndata "archive_file" "source-zip" {\n type = "zip"\n source_dir …google-cloud-platform terraform google-cloud-functions terraform-provider-gcp
需要在 Google 云存储桶中创建多个文件夹。我知道可以创建存储桶,但不确定如何在同一个存储桶中创建多个文件夹。
我认为下面的代码适用于存储桶中的一个文件夹。
resource "google_storage_bucket" "storage_bucket" {
name = "my-test-bucket"
location = "us-east4"
project = "my-project"
}
resource "google_storage_bucket_object" "my_folder" {
name = "fold/"
bucket = "${google_storage_bucket.storage_bucket.name}"
}
谁能告诉我如何对多个文件夹执行此操作?
google-cloud-storage google-cloud-platform terraform terraform-provider-gcp
当我使用 Terraform 代码自动创建具有各种资源(例如 Redis、SQL、GKE 等)的新 GCP 项目时,出现以下错误:
Error: error creating NodePool: googleapi: Error 403:
(1) insufficient regional quota to satisfy request: resource "CPUS": request requires '35.0' and is short '24.0'. project has a quota of '24.0' with '24.0' available. View and manage quotas at https://console.cloud.google.com/iam-admin/quotas?usage=USED&project=<PROJECT_ID>
(2) insufficient regional quota to satisfy request: resource "IN_USE_ADDRESSES": request requires '10.0' and is short '4.0'. project has a quota of '8.0' with '8.0' available. View and manage quotas at https://console.cloud.google.com/iam-admin/quotas?usage=USED&project=<PROJECT_ID>., forbidden
我尝试运行的 Terraform 代码: …
resource "google_service_account" "myaccount" {
account_id = "dev-foo-account"
}
resource "google_service_account_key" "mykey" {
service_account_id = google_service_account.myaccount.name
}
data "google_service_account_key" "mykey" {
name = google_service_account_key.mykey.name
public_key_type = "TYPE_X509_PEM_FILE"
}
如果我创建一个服务帐户和这样的密钥 - 之后如何获取密钥?
terraform output产量:
$ terraform output -json google_service_account_key
The output variable requested could not be found in the state
file. If you recently added this to your configuration, be
sure to run `terraform apply`, since the state won't be updated
with new output variables until that command is run.