用于配置 Azure 虚拟机规模集以及自定义数据或云初始化的 Terraform 脚本

Terraform script for provisioning azure Virtual machine scale set along with custom data or cloud init

我想知道用于配置 Azure 虚拟机规模集以及自定义数据或云初始化的 Terraform 脚本。

我尝试了很多方法来 运行 我的脚本针对 VMSS 但它不是 working.As 根据我在配置 VMSS 期间的理解 我应该 运行 一些 shell 脚本以便它可以将必要的代理(New relic)安装到所有 VMSS 实例中。

正在寻找 VMSS 的 terraform 脚本以及自定义数据或 cloudinit 配置。

我刚才用过这个:

resource "azurerm_linux_virtual_machine_scale_set" "jumpserver" {
  name                = "${local.prefix}-jumpservers-vmss"
  resource_group_name = azurerm_resource_group.deployment.name
  location            = azurerm_resource_group.deployment.location
  sku                 = "Standard_B2s"
  instances           = 2

  overprovision          = false
  single_placement_group = false

  admin_username = "adminuser"
  admin_password = azurerm_key_vault_secret.vmsecret.value

  disable_password_authentication = false

  custom_data = base64encode(data.local_file.cloudinit.content)

  source_image_reference {
    publisher = "canonical"
    offer     = "0001-com-ubuntu-server-focal"
    sku       = "20_04-lts"
    version   = "latest"
  }

  os_disk {
    storage_account_type = "Standard_LRS"
    caching              = "ReadWrite"
  }

  network_interface {
    name    = "${local.prefix}-jumpserver-vmss-nic"
    primary = true

    ip_configuration {
      name      = "${local.prefix}-jumpserver-vmss-ipconfig"
      primary   = true
      subnet_id = azurerm_subnet.jumpservers_vmss.id
    }
  }

  boot_diagnostics {
    storage_account_uri = null
  }
}

# Data template cloud-init bootstrapping file used by the VMSS
data "local_file" "cloudinit" {
  filename = "${path.module}/cloudinit.conf"
}

cloudinit.conf

#cloud-config

bootcmd:
  - mkdir -p /etc/systemd/system/walinuxagent.service.d
  - echo "[Unit]\nAfter=cloud-final.service" > /etc/systemd/system/walinuxagent.service.d/override.conf
  - sed "s/After=multi-user.target//g" /lib/systemd/system/cloud-final.service > /etc/systemd/system/cloud-final.service
  - systemctl daemon-reload

package_update: true
package_upgrade: true

# Add external package sources, e.g. for Microsoft packages and Kubernetes
apt:
    preserve_sources_list: true
    sources_list: |
      deb $MIRROR $RELEASE main restricted
      deb-src $MIRROR $RELEASE main restricted
      deb $PRIMARY $RELEASE universe restricted
      deb $SECURITY $RELEASE-security multiverse
    sources:
        microsoft-azurecli.list:
            source: "deb https://packages.microsoft.com/repos/azure-cli focal main"
            key: |
                -----BEGIN PGP PUBLIC KEY BLOCK-----
                Version: GnuPG v1.4.7 (GNU/Linux)

                mQENBFYxWIwBCADAKoZhZlJxGNGWzqV+1OG1xiQeoowKhssGAKvd+buXCGISZJwT
                LXZqIcIiLP7pqdcZWtE9bSc7yBY2MalDp9Liu0KekywQ6VVX1T72NPf5Ev6x6DLV
                7aVWsCzUAF+eb7DC9fPuFLEdxmOEYoPjzrQ7cCnSV4JQxAqhU4T6OjbvRazGl3ag
                OeizPXmRljMtUUttHQZnRhtlzkmwIrUivbfFPD+fEoHJ1+uIdfOzZX8/oKHKLe2j
                H632kvsNzJFlROVvGLYAk2WRcLu+RjjggixhwiB+Mu/A8Tf4V6b+YppS44q8EvVr
                M+QvY7LNSOffSO6Slsy9oisGTdfE39nC7pVRABEBAAG0N01pY3Jvc29mdCAoUmVs
                ZWFzZSBzaWduaW5nKSA8Z3Bnc2VjdXJpdHlAbWljcm9zb2Z0LmNvbT6JATUEEwEC
                AB8FAlYxWIwCGwMGCwkIBwMCBBUCCAMDFgIBAh4BAheAAAoJEOs+lK2+EinPGpsH
                /32vKy29Hg51H9dfFJMx0/a/F+5vKeCeVqimvyTM04C+XENNuSbYZ3eRPHGHFLqe
                MNGxsfb7C7ZxEeW7J/vSzRgHxm7ZvESisUYRFq2sgkJ+HFERNrqfci45bdhmrUsy
                7SWw9ybxdFOkuQoyKD3tBmiGfONQMlBaOMWdAsic965rvJsd5zYaZZFI1UwTkFXV
                KJt3bp3Ngn1vEYXwijGTa+FXz6GLHueJwF0I7ug34DgUkAFvAs8Hacr2DRYxL5RJ
                XdNgj4Jd2/g6T9InmWT0hASljur+dJnzNiNCkbn9KbX7J/qK1IbR8y560yRmFsU+
                NdCFTW7wY0Fb1fWJ+/KTsC4=
                =J6gs
                -----END PGP PUBLIC KEY BLOCK-----
        microsoft-prod.list:
            source: "deb https://packages.microsoft.com/ubuntu/20.04/prod focal main"
            key: |
                -----BEGIN PGP PUBLIC KEY BLOCK-----
                Version: GnuPG v1.4.7 (GNU/Linux)

                mQENBFYxWIwBCADAKoZhZlJxGNGWzqV+1OG1xiQeoowKhssGAKvd+buXCGISZJwT
                LXZqIcIiLP7pqdcZWtE9bSc7yBY2MalDp9Liu0KekywQ6VVX1T72NPf5Ev6x6DLV
                7aVWsCzUAF+eb7DC9fPuFLEdxmOEYoPjzrQ7cCnSV4JQxAqhU4T6OjbvRazGl3ag
                OeizPXmRljMtUUttHQZnRhtlzkmwIrUivbfFPD+fEoHJ1+uIdfOzZX8/oKHKLe2j
                H632kvsNzJFlROVvGLYAk2WRcLu+RjjggixhwiB+Mu/A8Tf4V6b+YppS44q8EvVr
                M+QvY7LNSOffSO6Slsy9oisGTdfE39nC7pVRABEBAAG0N01pY3Jvc29mdCAoUmVs
                ZWFzZSBzaWduaW5nKSA8Z3Bnc2VjdXJpdHlAbWljcm9zb2Z0LmNvbT6JATUEEwEC
                AB8FAlYxWIwCGwMGCwkIBwMCBBUCCAMDFgIBAh4BAheAAAoJEOs+lK2+EinPGpsH
                /32vKy29Hg51H9dfFJMx0/a/F+5vKeCeVqimvyTM04C+XENNuSbYZ3eRPHGHFLqe
                MNGxsfb7C7ZxEeW7J/vSzRgHxm7ZvESisUYRFq2sgkJ+HFERNrqfci45bdhmrUsy
                7SWw9ybxdFOkuQoyKD3tBmiGfONQMlBaOMWdAsic965rvJsd5zYaZZFI1UwTkFXV
                KJt3bp3Ngn1vEYXwijGTa+FXz6GLHueJwF0I7ug34DgUkAFvAs8Hacr2DRYxL5RJ
                XdNgj4Jd2/g6T9InmWT0hASljur+dJnzNiNCkbn9KbX7J/qK1IbR8y560yRmFsU+
                NdCFTW7wY0Fb1fWJ+/KTsC4=
                =J6gs
                -----END PGP PUBLIC KEY BLOCK-----
        kubernetes:
            source: "deb http://apt.kubernetes.io/ kubernetes-xenial main"
            keyid: 7F92E05B31093BEF5A3C2D38FEEA9169307EA071

# Install packages via apt. To add packages it might be required to add additional sources above.
packages:
 - unzip
 - git
 - wget
 - curl
 - apt-transport-https
 - software-properties-common
 - powershell
 - azure-cli
 - npm
 - docker.io
 - packages-microsoft-prod
 - dotnet-sdk-6.0
 - kubectl

# Install latest version of azcopy (can not be installed via apt)
runcmd:
# Download AzCopy and extract archive
 - wget https://aka.ms/downloadazcopy-v10-linux
 - tar -xvf downloadazcopy-v10-linux
# Move AzCopy to the destination
 - sudo cp ./azcopy_linux_amd64_*/azcopy /usr/bin/
# Allow execution for all users
 - sudo chmod +x /usr/bin/azcopy

# create the docker group
groups:
  - docker

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

final_message: "The system is finally up, after $UPTIME seconds"

这是我最终能够使用自定义数据通过 terraform 完成的以下解决方案。

terraform {
required_version = ">=0.12"

required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "~>2.0"
}
}
}



provider "azurerm" {
features {}
}



resource "azurerm_resource_group" "vmss" {
name = var.resource_group_name
location = var.location
tags = var.tags
}



resource "random_string" "fqdn" {
length = 6
special = false
upper = false
number = false
}



resource "azurerm_virtual_network" "vmss" {
name = "vmss-vnet"
address_space = ["10.0.0.0/16"]
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
tags = var.tags
}



resource "azurerm_subnet" "vmss" {
name = "vmss-subnet"
resource_group_name = azurerm_resource_group.vmss.name
virtual_network_name = azurerm_virtual_network.vmss.name
address_prefixes = ["10.0.2.0/24"]
}



resource "azurerm_public_ip" "vmss" {
name = "vmss-public-ip"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
allocation_method = "Static"
domain_name_label = random_string.fqdn.result
tags = var.tags
}




resource "azurerm_virtual_machine_scale_set" "vmss" {
name = "vmscaleset"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
upgrade_policy_mode = "Manual"



sku {
name = "Standard_DS1_v2"
tier = "Standard"
capacity = 2
}



storage_profile_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
}



storage_profile_os_disk {
name = ""
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"

}



os_profile {
computer_name_prefix = "vmlab"
admin_username = var.admin_user
admin_password = var.admin_password
**custom_data = file("test.sh") **// This is the key line to pass any custom data to VMSS so that during VM spin up each time automatically script will be invoked and will be executed.**
}



os_profile_linux_config {
disable_password_authentication = false
}
network_profile {
name = "terraformnetworkprofile"
primary = true



ip_configuration {
name = "IPConfiguration"
subnet_id = azurerm_subnet.vmss.id
#load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
primary = true
}
}
tags = var.tags
}