Terraform Azure 容器组似乎无法安装多个卷?
Terraform Azure Container Groups appear to have no way to mount multiple volumes?
在查看 Azure 容器组的文档时,特别是关于机密的页面:https://docs.microsoft.com/en-us/azure/container-instances/container-instances-volume-secret
我注意到 volumes 对象是一个包含 1 个或多个卷的数组。
"volumes": [
{
"name": "secretvolume1",
"secret": {
"mysecret1": "TXkgZmlyc3Qgc2VjcmV0IEZPTwo=",
"mysecret2": "TXkgc2Vjb25kIHNlY3JldCBCQVIK"
}
}
]
在此处查看 Terraform 文档时:https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_group
我注意到体积对象是单一的。
是否不能在 terraform 中创建多个卷?尽管在文档中看起来如此,但在 ARM 中这也是不可能的吗?测试表明 Terrraform 不支持多卷,尽管我对 ARM 的熟练程度不足以验证。
当然,可以使用 Terraform 创建多个卷:
在我的工作示例中,它创建了两个卷,一个用于存储文件共享,另一个是秘密卷。
resource "azurerm_resource_group" "example" {
name = "${var.prefix}-resources"
location = var.location
}
resource "azurerm_storage_account" "example" {
name = "${var.prefix}stor"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_storage_share" "example" {
name = "aci-test-share"
storage_account_name = azurerm_storage_account.example.name
quota = 50
}
resource "azurerm_container_group" "example" {
name = "${var.prefix}-continst"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
ip_address_type = "public"
dns_name_label = "${var.prefix}-continst"
os_type = "Linux"
container {
name = "hello-world"
image = "microsoft/aci-helloworld:latest"
cpu = "0.5"
memory = "1.5"
ports {
port = 443
protocol = "TCP"
}
volume {
name = "logs"
mount_path = "/aci/logs"
read_only = false
share_name = azurerm_storage_share.example.name
storage_account_name = azurerm_storage_account.example.name
storage_account_key = azurerm_storage_account.example.primary_access_key
}
volume {
name = "secretvolume1"
mount_path = "/mnt/secrets"
read_only = false
secret = {
"mysecret1"=base64encode("My first secret FOO")
"mysecret2"=base64encode("My second secret BAR")
}
}
}
}
我使用的是最新的提供商。
PS D:\Terraform> .\terraform.exe -v
Terraform v0.14.7
+ provider registry.terraform.io/hashicorp/azurerm v2.48.0
在 Azure 门户上从容器实例验证装载路径--->连接--->/bin/sh。
在查看 Azure 容器组的文档时,特别是关于机密的页面:https://docs.microsoft.com/en-us/azure/container-instances/container-instances-volume-secret 我注意到 volumes 对象是一个包含 1 个或多个卷的数组。
"volumes": [
{
"name": "secretvolume1",
"secret": {
"mysecret1": "TXkgZmlyc3Qgc2VjcmV0IEZPTwo=",
"mysecret2": "TXkgc2Vjb25kIHNlY3JldCBCQVIK"
}
}
]
在此处查看 Terraform 文档时:https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/container_group 我注意到体积对象是单一的。
是否不能在 terraform 中创建多个卷?尽管在文档中看起来如此,但在 ARM 中这也是不可能的吗?测试表明 Terrraform 不支持多卷,尽管我对 ARM 的熟练程度不足以验证。
当然,可以使用 Terraform 创建多个卷:
在我的工作示例中,它创建了两个卷,一个用于存储文件共享,另一个是秘密卷。
resource "azurerm_resource_group" "example" {
name = "${var.prefix}-resources"
location = var.location
}
resource "azurerm_storage_account" "example" {
name = "${var.prefix}stor"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
account_tier = "Standard"
account_replication_type = "LRS"
}
resource "azurerm_storage_share" "example" {
name = "aci-test-share"
storage_account_name = azurerm_storage_account.example.name
quota = 50
}
resource "azurerm_container_group" "example" {
name = "${var.prefix}-continst"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
ip_address_type = "public"
dns_name_label = "${var.prefix}-continst"
os_type = "Linux"
container {
name = "hello-world"
image = "microsoft/aci-helloworld:latest"
cpu = "0.5"
memory = "1.5"
ports {
port = 443
protocol = "TCP"
}
volume {
name = "logs"
mount_path = "/aci/logs"
read_only = false
share_name = azurerm_storage_share.example.name
storage_account_name = azurerm_storage_account.example.name
storage_account_key = azurerm_storage_account.example.primary_access_key
}
volume {
name = "secretvolume1"
mount_path = "/mnt/secrets"
read_only = false
secret = {
"mysecret1"=base64encode("My first secret FOO")
"mysecret2"=base64encode("My second secret BAR")
}
}
}
}
我使用的是最新的提供商。
PS D:\Terraform> .\terraform.exe -v
Terraform v0.14.7
+ provider registry.terraform.io/hashicorp/azurerm v2.48.0
在 Azure 门户上从容器实例验证装载路径--->连接--->/bin/sh。