Terraform - VSphere - 找不到来宾 ID“otherGuest”的 OS 系列:无权限
Terraform - VSphere - Cannot find OS family for guest ID “otherGuest”: No Permission
我一直在尝试使用 Terraform 在 VSphere 中编写克隆操作脚本。
使用 VSphere UI.
时,我能够手动执行此克隆
当 运行 terraform 计划时,执行失败并出现此错误:
Error: cannot find OS family for guest ID “otherGuest”: NoPermission
正如在 Terraform source code for VSphere module 上看到的那样,这只是因为我正在自定义克隆的 VM(customize {} 部分)...跳过自定义时,terraform plan 成功
我不是 VSphere 环境的完全管理员,但我启用了很多权限。
- 我需要什么权限才能避免这个错误?
main.tf
provider "vsphere" {
user = "${var.vsphere_user}"
password = "${var.vsphere_password}"
vsphere_server = "${var.vsphere_server}"
# if you have a self-signed cert
allow_unverified_ssl = true
}
data "vsphere_datacenter" "dc" {
name = "${var.vsphere_datacenter}"
}
data "vsphere_datastore" "src_datastore" {
name = "${var.vsphere_src_datastore}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
data "vsphere_datastore" "dst_datastore" {
name = "${var.vsphere_dst_datastore}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
data "vsphere_resource_pool" "pool" {
name = "${var.vsphere_resource_pool}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
#data "vsphere_compute_cluster" "cluster" {
# name = "${var.vsphere_compute_cluster_name}"
# datacenter_id = "${data.vsphere_datacenter.dc.id}"
#}
resource "vsphere_folder" "src_folder" {
datacenter_id = "${data.vsphere_datacenter.dc.id}"
path = "${var.vsphere_src_folder}"
type = "vm"
}
resource "vsphere_folder" "dst_folder" {
datacenter_id = "${data.vsphere_datacenter.dc.id}"
path = "${var.vsphere_dst_folder}"
type = "vm"
}
data "vsphere_network" "network" {
name = "${var.vsphere_network}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
data "vsphere_virtual_machine" "vm_clone" {
name = "${var.vsphere_virtual_machine_name_src}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
resource "vsphere_virtual_machine" "cloned_vm" {
name = "${var.vsphere_virtual_machine_name_dst}"
resource_pool_id = "${data.vsphere_resource_pool.pool.id}"
datastore_id = "${data.vsphere_datastore.dst_datastore.id}"
num_cpus = "${var.guest_vcpu}"
memory = "${var.guest_memory}"
guest_id = "otherGuest" //${data.vsphere_virtual_machine.vm_clone.guest_id}"
scsi_type = "${data.vsphere_virtual_machine.vm_clone.scsi_type}"
network_interface {
network_id = "${data.vsphere_network.network.id}"
adapter_type = "${data.vsphere_virtual_machine.vm_clone.network_interface_types[0]}"
}
disk {
label = "disk0"
size = "${data.vsphere_virtual_machine.vm_clone.disks.0.size}"
eagerly_scrub = "${data.vsphere_virtual_machine.vm_clone.disks.0.eagerly_scrub}"
thin_provisioned = "${data.vsphere_virtual_machine.vm_clone.disks.0.thin_provisioned}"
}
clone {
template_uuid = "${data.vsphere_virtual_machine.vm_clone.id}"
customize {
linux_options {
host_name = "${var.guest_host_name}"
domain = "${var.guest_domain}"
}
}
}
}
terraform.tfvars
# Provider Vcenter
vsphere_user = "user"
vsphere_password = "pass"
vsphere_server = "vsphere.mydomain.com"
# Infrastructure
vsphere_datacenter = "Palo Alto"
vsphere_src_datastore = "MyDatastore"
vsphere_dst_datastore = "MyDatastore"
vsphere_resource_pool = "MyResourcePool"
vsphere_network = "192.168.1.x_NET"
vsphere_compute_cluster_name = "Testing Cluster"
vsphere_src_folder = "Test"
vsphere_dst_folder = "Prod"
# Infor VMware clone
# Escapes with "\" are mandatory
vsphere_virtual_machine_name_src = "vm-to-clone"
vsphere_virtual_machine_name_dst = "cloned-vm"
# Infor VMware
guest_vcpu = "4"
guest_memory = "8192"
guest_ipv4_address = "192.168.1.15"
guest_ipv4_netmask = "24"
guest_ipv4_gateway = "192.168.1.1"
guest_dns_servers = "192.168.1.254"
guest_host_name = "test-01"
# Edit
guest_domain = "mydomain.com"
经过一番挖掘,问题出在 VSphere 权限上。
主机虚拟机(要克隆的虚拟机)托管在一台我无权访问的机器上,并且未显示在 VCenter 的主机列表中。
从 UI 手动克隆 VM 时不需要此访问权限,但在使用 API.
时需要此访问权限
因此,解决方案是编辑我的用户权限并在数据中心级别select “传播到 children” 以确保我有权访问所有主机和集群。
不需要添加特定权限,只需添加应用于正确级别的基本权限即可。
我一直在尝试使用 Terraform 在 VSphere 中编写克隆操作脚本。 使用 VSphere UI.
时,我能够手动执行此克隆当 运行 terraform 计划时,执行失败并出现此错误:
Error: cannot find OS family for guest ID “otherGuest”: NoPermission
正如在 Terraform source code for VSphere module 上看到的那样,这只是因为我正在自定义克隆的 VM(customize {} 部分)...跳过自定义时,terraform plan 成功
我不是 VSphere 环境的完全管理员,但我启用了很多权限。
- 我需要什么权限才能避免这个错误?
main.tf
provider "vsphere" {
user = "${var.vsphere_user}"
password = "${var.vsphere_password}"
vsphere_server = "${var.vsphere_server}"
# if you have a self-signed cert
allow_unverified_ssl = true
}
data "vsphere_datacenter" "dc" {
name = "${var.vsphere_datacenter}"
}
data "vsphere_datastore" "src_datastore" {
name = "${var.vsphere_src_datastore}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
data "vsphere_datastore" "dst_datastore" {
name = "${var.vsphere_dst_datastore}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
data "vsphere_resource_pool" "pool" {
name = "${var.vsphere_resource_pool}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
#data "vsphere_compute_cluster" "cluster" {
# name = "${var.vsphere_compute_cluster_name}"
# datacenter_id = "${data.vsphere_datacenter.dc.id}"
#}
resource "vsphere_folder" "src_folder" {
datacenter_id = "${data.vsphere_datacenter.dc.id}"
path = "${var.vsphere_src_folder}"
type = "vm"
}
resource "vsphere_folder" "dst_folder" {
datacenter_id = "${data.vsphere_datacenter.dc.id}"
path = "${var.vsphere_dst_folder}"
type = "vm"
}
data "vsphere_network" "network" {
name = "${var.vsphere_network}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
data "vsphere_virtual_machine" "vm_clone" {
name = "${var.vsphere_virtual_machine_name_src}"
datacenter_id = "${data.vsphere_datacenter.dc.id}"
}
resource "vsphere_virtual_machine" "cloned_vm" {
name = "${var.vsphere_virtual_machine_name_dst}"
resource_pool_id = "${data.vsphere_resource_pool.pool.id}"
datastore_id = "${data.vsphere_datastore.dst_datastore.id}"
num_cpus = "${var.guest_vcpu}"
memory = "${var.guest_memory}"
guest_id = "otherGuest" //${data.vsphere_virtual_machine.vm_clone.guest_id}"
scsi_type = "${data.vsphere_virtual_machine.vm_clone.scsi_type}"
network_interface {
network_id = "${data.vsphere_network.network.id}"
adapter_type = "${data.vsphere_virtual_machine.vm_clone.network_interface_types[0]}"
}
disk {
label = "disk0"
size = "${data.vsphere_virtual_machine.vm_clone.disks.0.size}"
eagerly_scrub = "${data.vsphere_virtual_machine.vm_clone.disks.0.eagerly_scrub}"
thin_provisioned = "${data.vsphere_virtual_machine.vm_clone.disks.0.thin_provisioned}"
}
clone {
template_uuid = "${data.vsphere_virtual_machine.vm_clone.id}"
customize {
linux_options {
host_name = "${var.guest_host_name}"
domain = "${var.guest_domain}"
}
}
}
}
terraform.tfvars
# Provider Vcenter
vsphere_user = "user"
vsphere_password = "pass"
vsphere_server = "vsphere.mydomain.com"
# Infrastructure
vsphere_datacenter = "Palo Alto"
vsphere_src_datastore = "MyDatastore"
vsphere_dst_datastore = "MyDatastore"
vsphere_resource_pool = "MyResourcePool"
vsphere_network = "192.168.1.x_NET"
vsphere_compute_cluster_name = "Testing Cluster"
vsphere_src_folder = "Test"
vsphere_dst_folder = "Prod"
# Infor VMware clone
# Escapes with "\" are mandatory
vsphere_virtual_machine_name_src = "vm-to-clone"
vsphere_virtual_machine_name_dst = "cloned-vm"
# Infor VMware
guest_vcpu = "4"
guest_memory = "8192"
guest_ipv4_address = "192.168.1.15"
guest_ipv4_netmask = "24"
guest_ipv4_gateway = "192.168.1.1"
guest_dns_servers = "192.168.1.254"
guest_host_name = "test-01"
# Edit
guest_domain = "mydomain.com"
经过一番挖掘,问题出在 VSphere 权限上。 主机虚拟机(要克隆的虚拟机)托管在一台我无权访问的机器上,并且未显示在 VCenter 的主机列表中。
从 UI 手动克隆 VM 时不需要此访问权限,但在使用 API.
时需要此访问权限因此,解决方案是编辑我的用户权限并在数据中心级别select “传播到 children” 以确保我有权访问所有主机和集群。
不需要添加特定权限,只需添加应用于正确级别的基本权限即可。