使用 terraform 的 Azure 缩放设置有问题

Question

不确定我做错了什么。我在 terraform 配置中只有一个 NAT 规则，而且我没有使用 NAT 池。

错误：

azurerm_virtual_machine_scale_set.development-eastus-ss:     compute.VirtualMachineScaleSetsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidRequestFormat" Message="Cannot parse the request." Details=[{"code":"InvalidJsonReferenceWrongType","message":"Reference Id /subscriptions/sub-id/resourceGroups/prod-eastus-rg/providers/Microsoft.Network/loadBalancers/development-eastus-lb/inboundNatRules/development-eastus-lb-nat-http is referencing resource of a wrong type. The Id is expected to reference resources of type loadBalancers/inboundNatPools. Path Properties.UpdateGroups[0].NetworkProfile.networkInterfaceConfigurations[0].properties.ipConfigurations[0].properties.loadBalancerInboundNatPools[0]."}]

NAT 规则：

resource "azurerm_lb_nat_rule" "development-eastus-lb-nat-http" {
  name                           = "development-eastus-lb-nat-http"
  resource_group_name            = "${var.resource_group_name}"
  loadbalancer_id                = "${azurerm_lb.development-eastus-lb.id}"
  protocol                       = "Tcp"
  frontend_port                  = 80
  backend_port                   = 8080
  frontend_ip_configuration_name = "development-eastus-lb-frontend"

Answer 1

这似乎是尝试将单个 nat 规则绑定到规模集时出现的问题。正如错误所暗示的那样，它期望一个 nat pool rather than a nat rule nat 池将允许负载均衡器和规模集构建一组规则，其中负载均衡器将每个底层 VM 的不同端口公开到虚拟机。

考虑一下您希望能够远程连接到特定 VM 的 RDP，这将通过为您提供一个唯一的端口来使用映射到该 VM 来实现这一点。

resource "azurerm_lb_nat_pool" "test" {
  resource_group_name            = "${azurerm_resource_group.test.name}"
  loadbalancer_id                = "${azurerm_lb.test.id}"
  name                           = "SampleApplicationPool"
  protocol                       = "Tcp"
  frontend_port_start            = 80
  frontend_port_end              = 81
  backend_port                   = 8080
  frontend_ip_configuration_name = "PublicIPAddress"
}

但是，如果您正在寻找运行内部与外部不同端口上的 HTTP 网站等服务，例如本地网络上的 8080，然后是外部网络上的端口 80 public网络，那么我会看一下 lb rule，因为它专门允许您设置端口，如下所示。

resource "azurerm_lb_rule" "test" {
  resource_group_name            = "${azurerm_resource_group.test.name}"
  loadbalancer_id                = "${azurerm_lb.test.id}"
  name                           = "LBRule"
  protocol                       = "Tcp"
  frontend_port                  = 3389
  backend_port                   = 3389
  frontend_ip_configuration_name = "PublicIPAddress"
}

希望这对您有所帮助

使用 terraform 的 Azure 缩放设置有问题

Having an issue with Azure scaling set with terraform

terraform

terraform-provider-azure