Terraform azurerm schedule start_time 总是在新部署时重置
Terraform azurerm schedule start_time always resets on new deploys
我正在尝试让资源 azurerm_automation_schedule 在每月 (ex: 18:00) 的特定时间进行部署。
我正在使用以下代码:
locals {
update_time = "18:00"
update_date = formatdate("YYYY-MM-DD", timeadd(timestamp(), "24h"))
update_timezone = "UTC"
}
resource "azurerm_automation_schedule" "main" {
name = "test"
resource_group_name = "myresourcegroupname"
automation_account_name = "myautomationaccountname"
frequency = "Month"
timezone = local.update_timezone
start_time = "${local.update_date}T${local.update_time}:00+02:00"
description = "This is an example schedule"
monthly_occurrence {
day = "Tuesday"
occurrence = "1"
}
}
"${local.update_date}T${local.update_time}:00+02:00" 将当前时间增加 2 小时并将日期提前 1。这是确保计划在未来开始所必需的。
这工作正常,除了下次我返回 运行 部署时,它会检测到由于日期更改而导致的新更改,即使没有发生真正的更改。
start_time 将始终向前勾选。
我似乎找不到任何可以提供帮助的地形逻辑。
有没有办法在变量中设置静态开始时间,并且只有在它发生变化时才更新它? (不是日期)。
伪代码为:
if [update_time] has not changed, do not update [azurerm_automation_schedule]
else update [azurerm_automation_schedule] with the new time, incrementing the day forward
更新
我的最终工作代码(奖励:使用 windows 更新调度程序,开始工作很痛苦!)
//== Provider used to store timestamp for updates ==//
provider "time" {
version = "~> 0.4"
}
//== Store 1 day in the future, only update if [local.update_time] is altered ==//
resource "time_offset" "next_day" {
offset_days = 1
triggers = {
update_time = local.update_time
}
}
locals {
update_time = "19:40"
update_date = substr(time_offset.next_day.rfc3339, 0, 10)
update_timezone = "UTC"
update_max_hours = "4"
update_classifications = "Critical, Security, UpdateRollup, ServicePack, Definition, Updates"
update_reboot_settings = "IfRequired"
update_day = "Tuesday"
update_occurrence = "2"
}
#This type should eventually replace the manual deploy via azurerm: azurerm_automation_softwareUpdateConfigurations
#https://github.com/terraform-providers/terraform-provider-azurerm/issues/2812
resource "azurerm_template_deployment" "windows" {
name = "windows-update"
resource_group_name = module.stack.azurerm_resource_group.name
template_body = <<DEPLOY
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"apiVersion": "2017-05-15-preview",
"type": "Microsoft.Automation/automationAccounts/softwareUpdateConfigurations",
"name": "${module.stack.azurerm_automation_account.name}/windows-updates",
"properties": {
"updateConfiguration": {
"operatingSystem": "Windows",
"duration": "PT${local.update_max_hours}H",
"windows": {
"excludedKbNumbers": [
],
"includedUpdateClassifications": "${local.update_classifications}",
"rebootSetting": "${local.update_reboot_settings}"
},
"azureVirtualMachines": [
"${module.server_1.azurerm_virtual_machine.id}",
"${module.server_2.azurerm_virtual_machine.id}"
],
"nonAzureComputerNames": [
]
},
"scheduleInfo": {
"frequency": "Month",
"startTime": "${local.update_date}T${local.update_time}:00",
"timeZone": "${local.update_timezone}",
"interval": 1,
"advancedSchedule": {
"monthlyOccurrences": [
{
"occurrence": "${local.update_occurrence}",
"day": "${local.update_day}"
}
]
}
}
}
}
]
}
DEPLOY
deployment_mode = "Incremental"
}
它一直计划更改的原因是因为您编写的代码指的是当前时间,而不是获取 "tomorrow" 并以某种方式跟踪它。
为此,您需要一种方法来获取 "tomorrow" 一次,并将其固定在状态中。存在于状态中的事物是资源,因此您需要一种资源来表示具有偏移量的时间。这就是 time provider 的用武之地。
这是最重要的部分:
resource "time_offset" "tomorrow" {
offset_days = 1
}
这将为您获得 "tomorrow",在应用后它将保存在 Terraform 状态。
time_offset.tomorrow.rfc3339
计算结果如下:
2020-05-13T04:28:07Z
但是,我们只想要 YYYY-MM-DD,所以我们使用 substr 来获取前 10 个字符:
substr(time_offset.tomorrow.rfc3339, 0, 10)
将它们放在一起,我们得到了这个(添加了 4 行,包括空格,更改了 1 行):
locals {
update_time = "18:00"
update_date = substr(time_offset.tomorrow.rfc3339, 0, 10)
update_timezone = "UTC"
}
resource "time_offset" "tomorrow" {
offset_days = 1
}
resource "azurerm_automation_schedule" "main" {
name = "test"
resource_group_name = "myresourcegroupname"
automation_account_name = "myautomationaccountname"
frequency = "Month"
timezone = local.update_timezone
start_time = "${local.update_date}T${local.update_time}:00+02:00"
description = "This is an example schedule"
monthly_occurrence {
day = "Tuesday"
occurrence = "1"
}
}
您可能需要引入 time 提供程序才能使用它(如果没有它就不能工作,请将它与您的 AzureRM 提供程序放在一起):
provider "time" {}
如果需要,您可以使用 terraform taint 'time_offset.tomorrow' 强制重新计算时间。
分享回来。我根据该线程中的信息创建了一个 terraform 模块,以简化调度更新。适用于 linux 和 windows 虚拟机:
https://github.com/canada-ca-terraform-modules/terraform-azurerm_update_management
下面是一个示例,说明如何使用该模块来完成您要查找的内容:
locals {
update_time = "18:00"
update_date = substr(time_offset.tomorrow.rfc3339, 0, 10)
update_timezone = "UTC"
}
resource "time_offset" "tomorrow" {
offset_days = 1
}
module "linux-weekly-updates" {
source = "github.com/canada-ca-terraform-modules/terraform-azurerm_update_management?ref=20200527.1"
name = "test"
resource_group_name = "my_resource_group_name"
azurerm_automation_account = azurerm_automation_account.my_azurerm_automation_account
operatingSystem = "Linux"
scope = [azurerm_resource_group.somerg1.id, azurerm_resource_group.somerg1.id]
timeZone = "EST"
startTime = "${local.update_date}T${local.update_time}:00+02:00"
weekDays = ["Sunday"]
}
我正在尝试让资源 azurerm_automation_schedule 在每月 (ex: 18:00) 的特定时间进行部署。
我正在使用以下代码:
locals {
update_time = "18:00"
update_date = formatdate("YYYY-MM-DD", timeadd(timestamp(), "24h"))
update_timezone = "UTC"
}
resource "azurerm_automation_schedule" "main" {
name = "test"
resource_group_name = "myresourcegroupname"
automation_account_name = "myautomationaccountname"
frequency = "Month"
timezone = local.update_timezone
start_time = "${local.update_date}T${local.update_time}:00+02:00"
description = "This is an example schedule"
monthly_occurrence {
day = "Tuesday"
occurrence = "1"
}
}
"${local.update_date}T${local.update_time}:00+02:00" 将当前时间增加 2 小时并将日期提前 1。这是确保计划在未来开始所必需的。
这工作正常,除了下次我返回 运行 部署时,它会检测到由于日期更改而导致的新更改,即使没有发生真正的更改。 start_time 将始终向前勾选。
我似乎找不到任何可以提供帮助的地形逻辑。 有没有办法在变量中设置静态开始时间,并且只有在它发生变化时才更新它? (不是日期)。
伪代码为:
if [update_time] has not changed, do not update [azurerm_automation_schedule]
else update [azurerm_automation_schedule] with the new time, incrementing the day forward
更新
我的最终工作代码(奖励:使用 windows 更新调度程序,开始工作很痛苦!)
//== Provider used to store timestamp for updates ==//
provider "time" {
version = "~> 0.4"
}
//== Store 1 day in the future, only update if [local.update_time] is altered ==//
resource "time_offset" "next_day" {
offset_days = 1
triggers = {
update_time = local.update_time
}
}
locals {
update_time = "19:40"
update_date = substr(time_offset.next_day.rfc3339, 0, 10)
update_timezone = "UTC"
update_max_hours = "4"
update_classifications = "Critical, Security, UpdateRollup, ServicePack, Definition, Updates"
update_reboot_settings = "IfRequired"
update_day = "Tuesday"
update_occurrence = "2"
}
#This type should eventually replace the manual deploy via azurerm: azurerm_automation_softwareUpdateConfigurations
#https://github.com/terraform-providers/terraform-provider-azurerm/issues/2812
resource "azurerm_template_deployment" "windows" {
name = "windows-update"
resource_group_name = module.stack.azurerm_resource_group.name
template_body = <<DEPLOY
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"apiVersion": "2017-05-15-preview",
"type": "Microsoft.Automation/automationAccounts/softwareUpdateConfigurations",
"name": "${module.stack.azurerm_automation_account.name}/windows-updates",
"properties": {
"updateConfiguration": {
"operatingSystem": "Windows",
"duration": "PT${local.update_max_hours}H",
"windows": {
"excludedKbNumbers": [
],
"includedUpdateClassifications": "${local.update_classifications}",
"rebootSetting": "${local.update_reboot_settings}"
},
"azureVirtualMachines": [
"${module.server_1.azurerm_virtual_machine.id}",
"${module.server_2.azurerm_virtual_machine.id}"
],
"nonAzureComputerNames": [
]
},
"scheduleInfo": {
"frequency": "Month",
"startTime": "${local.update_date}T${local.update_time}:00",
"timeZone": "${local.update_timezone}",
"interval": 1,
"advancedSchedule": {
"monthlyOccurrences": [
{
"occurrence": "${local.update_occurrence}",
"day": "${local.update_day}"
}
]
}
}
}
}
]
}
DEPLOY
deployment_mode = "Incremental"
}
它一直计划更改的原因是因为您编写的代码指的是当前时间,而不是获取 "tomorrow" 并以某种方式跟踪它。
为此,您需要一种方法来获取 "tomorrow" 一次,并将其固定在状态中。存在于状态中的事物是资源,因此您需要一种资源来表示具有偏移量的时间。这就是 time provider 的用武之地。
这是最重要的部分:
resource "time_offset" "tomorrow" {
offset_days = 1
}
这将为您获得 "tomorrow",在应用后它将保存在 Terraform 状态。
time_offset.tomorrow.rfc3339
计算结果如下:
2020-05-13T04:28:07Z
但是,我们只想要 YYYY-MM-DD,所以我们使用 substr 来获取前 10 个字符:
substr(time_offset.tomorrow.rfc3339, 0, 10)
将它们放在一起,我们得到了这个(添加了 4 行,包括空格,更改了 1 行):
locals {
update_time = "18:00"
update_date = substr(time_offset.tomorrow.rfc3339, 0, 10)
update_timezone = "UTC"
}
resource "time_offset" "tomorrow" {
offset_days = 1
}
resource "azurerm_automation_schedule" "main" {
name = "test"
resource_group_name = "myresourcegroupname"
automation_account_name = "myautomationaccountname"
frequency = "Month"
timezone = local.update_timezone
start_time = "${local.update_date}T${local.update_time}:00+02:00"
description = "This is an example schedule"
monthly_occurrence {
day = "Tuesday"
occurrence = "1"
}
}
您可能需要引入 time 提供程序才能使用它(如果没有它就不能工作,请将它与您的 AzureRM 提供程序放在一起):
provider "time" {}
如果需要,您可以使用 terraform taint 'time_offset.tomorrow' 强制重新计算时间。
分享回来。我根据该线程中的信息创建了一个 terraform 模块,以简化调度更新。适用于 linux 和 windows 虚拟机:
https://github.com/canada-ca-terraform-modules/terraform-azurerm_update_management
下面是一个示例,说明如何使用该模块来完成您要查找的内容:
locals {
update_time = "18:00"
update_date = substr(time_offset.tomorrow.rfc3339, 0, 10)
update_timezone = "UTC"
}
resource "time_offset" "tomorrow" {
offset_days = 1
}
module "linux-weekly-updates" {
source = "github.com/canada-ca-terraform-modules/terraform-azurerm_update_management?ref=20200527.1"
name = "test"
resource_group_name = "my_resource_group_name"
azurerm_automation_account = azurerm_automation_account.my_azurerm_automation_account
operatingSystem = "Linux"
scope = [azurerm_resource_group.somerg1.id, azurerm_resource_group.somerg1.id]
timeZone = "EST"
startTime = "${local.update_date}T${local.update_time}:00+02:00"
weekDays = ["Sunday"]
}