Terraform 配置未在 GCP 上公开 http 端口
Terraform config not exposing http port on GCP
我正在使用以下 Terraform 代码在端口 80 上公开一个 http 服务器应用程序 运行。
应用 terraform 配置后,当我尝试 curl 或访问 public IP 时 iget 连接超时。
如果我卷曲本地主机,它工作正常。所以问题是配置。我缺少任何配置吗?
// Configure the Google Cloud provider
provider "google" {
credentials = file("xxxxxx-13a189a9c1c7.json")
project = "xxxx-xxxx"
region = "us-west1"
}
// Terraform plugin for creating random ids
resource "random_id" "instance_id" {
byte_length = 8
}
// A single Compute Engine instance
resource "google_compute_instance" "default" {
name = "bkps-314318-${random_id.instance_id.hex}"
machine_type = "f1-micro"
zone = "us-west1-a"
tags = ["web","http-server"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
metadata = {
ssh-keys = "joao:${file("/home/gc/projetos/gcp/terraform/joaossh.pub")}"
}
metadata_startup_script = file("${path.module}/startup.sh")
network_interface {
network = "default"
access_config {
// Include this section to give the VM an external ip address
// A variable for extracting the external IP address of the instance
}
}
}
output "ip" {
value = google_compute_instance.default.network_interface.0.access_config.0.nat_ip
}
resource "google_compute_firewall" "allow-http" {
name = "http-firewall"
network = google_compute_network.default.name
source_ranges = ["0.0.0.0/0"]
allow {
protocol = "tcp"
ports = ["80", "443", "8080", "1000-4000"]
}
source_tags = ["web"]
}
resource "google_compute_network" "default" {
name = "test-network"
}
在资源部分
resource "google_compute_firewall" "allow-http" {
您使用以下方法定义了要附加防火墙规则的实例:
source_tags = ["web']
解决方案:
在资源部分
resource "google_compute_instance" "default" {
添加以下行:
tags = ["web"]
我设法工作了。
最终代码为:
// Configure the Google Cloud provider
provider "google" {
credentials = file("xxxxx-13a189a9c1c7.json")
project = "xxxxx14318"
region = "us-west1"
}
// Terraform plugin for creating random ids
resource "random_id" "instance_id" {
byte_length = 8
}
// A single Compute Engine instance
resource "google_compute_instance" "default" {
name = "xxxxx-${random_id.instance_id.hex}"
machine_type = "f1-micro"
zone = "us-west1-a"
tags = ["web","http-server"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
metadata = {
ssh-keys = "joao:${file("/home/joao/projetos/gcp/terraform/joaossh.pub")}"
}
// Make sure flask is installed on all new instances for later steps
//metadata_startup_script = "sudo apt-get update; sudo apt-get install -yq build-essential python-pip rsync; pip install flask"
metadata_startup_script = file("${path.module}/startup.sh")
network_interface {
network = "default"
access_config {
// Include this section to give the VM an external ip address
// A variable for extracting the external IP address of the instance
}
}
}
output "ip" {
value = google_compute_instance.default.network_interface.0.access_config.0.nat_ip
}
resource "google_compute_firewall" "default" {
name = "web-firewall"
network = "default"
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
ports = ["80", "443", "8080", "1000-4000"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["web"]
}
我正在使用以下 Terraform 代码在端口 80 上公开一个 http 服务器应用程序 运行。 应用 terraform 配置后,当我尝试 curl 或访问 public IP 时 iget 连接超时。 如果我卷曲本地主机,它工作正常。所以问题是配置。我缺少任何配置吗?
// Configure the Google Cloud provider
provider "google" {
credentials = file("xxxxxx-13a189a9c1c7.json")
project = "xxxx-xxxx"
region = "us-west1"
}
// Terraform plugin for creating random ids
resource "random_id" "instance_id" {
byte_length = 8
}
// A single Compute Engine instance
resource "google_compute_instance" "default" {
name = "bkps-314318-${random_id.instance_id.hex}"
machine_type = "f1-micro"
zone = "us-west1-a"
tags = ["web","http-server"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
metadata = {
ssh-keys = "joao:${file("/home/gc/projetos/gcp/terraform/joaossh.pub")}"
}
metadata_startup_script = file("${path.module}/startup.sh")
network_interface {
network = "default"
access_config {
// Include this section to give the VM an external ip address
// A variable for extracting the external IP address of the instance
}
}
}
output "ip" {
value = google_compute_instance.default.network_interface.0.access_config.0.nat_ip
}
resource "google_compute_firewall" "allow-http" {
name = "http-firewall"
network = google_compute_network.default.name
source_ranges = ["0.0.0.0/0"]
allow {
protocol = "tcp"
ports = ["80", "443", "8080", "1000-4000"]
}
source_tags = ["web"]
}
resource "google_compute_network" "default" {
name = "test-network"
}
在资源部分
resource "google_compute_firewall" "allow-http" {
您使用以下方法定义了要附加防火墙规则的实例:
source_tags = ["web']
解决方案:
在资源部分
resource "google_compute_instance" "default" {
添加以下行:
tags = ["web"]
我设法工作了。 最终代码为:
// Configure the Google Cloud provider
provider "google" {
credentials = file("xxxxx-13a189a9c1c7.json")
project = "xxxxx14318"
region = "us-west1"
}
// Terraform plugin for creating random ids
resource "random_id" "instance_id" {
byte_length = 8
}
// A single Compute Engine instance
resource "google_compute_instance" "default" {
name = "xxxxx-${random_id.instance_id.hex}"
machine_type = "f1-micro"
zone = "us-west1-a"
tags = ["web","http-server"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
metadata = {
ssh-keys = "joao:${file("/home/joao/projetos/gcp/terraform/joaossh.pub")}"
}
// Make sure flask is installed on all new instances for later steps
//metadata_startup_script = "sudo apt-get update; sudo apt-get install -yq build-essential python-pip rsync; pip install flask"
metadata_startup_script = file("${path.module}/startup.sh")
network_interface {
network = "default"
access_config {
// Include this section to give the VM an external ip address
// A variable for extracting the external IP address of the instance
}
}
}
output "ip" {
value = google_compute_instance.default.network_interface.0.access_config.0.nat_ip
}
resource "google_compute_firewall" "default" {
name = "web-firewall"
network = "default"
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
ports = ["80", "443", "8080", "1000-4000"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["web"]
}