从应该创建 AWS VPC 的 Terraform 文件中获取错误
Getting error from a Terraform file that's supposed to create an AWS VPC
我有一个应该远程创建 AWS VPC 的 Terraform 文件,但每次 运行 terraform apply 我都会收到以下错误:
│ Error: error waiting for EC2 NAT Gateway (nat-0ddd4f893ecbaa66b) create: unexpected state 'failed', wanted target 'available'. last error: Resource.AlreadyAssociated: Elastic IP address [eipalloc-0d420da39dea25c38] is already associated
│
│ with aws_nat_gateway.NATgw[2],
│ on main.tf line 91, in resource "aws_nat_gateway" "NATgw":
│ 91: resource "aws_nat_gateway" "NATgw" {
│
╵
╷
│ Error: error waiting for EC2 NAT Gateway (nat-0ea71e57475b449ec) create: unexpected
state 'failed', wanted target 'available'. last error: Resource.AlreadyAssociated:
Elastic IP address [eipalloc-0d420da39dea25c38] is already associated
│
│ with aws_nat_gateway.NATgw[0],
│ on main.tf line 91, in resource "aws_nat_gateway" "NATgw":
│ 91: resource "aws_nat_gateway" "NATgw" {
│
这就是 main.tf 我正在尝试 运行:
terraform {
required_providers {
aws = {
version = "~> 3.0"
source = "hashicorp/aws"
}
}
}
//Creating VPC here
resource "aws_vpc" "Main" {
provider = aws.east
cidr_block = "IP_Address"
instance_tenancy = "default"
}
//Creating Internet Gateway
resource "aws_internet_gateway" "IGW" {
provider = aws.east
vpc_id = aws_vpc.Main.id
}
//Creating Public Subnets
resource "aws_subnet" "publicsubnets" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc_id = aws_vpc.Main.id
cidr_block = "${var.public_subnets[count.index]}" //CIDR block of public subnets
}
//Creating Private Subnets
resource "aws_subnet" "privatesubnets" {
provider = aws.east
count = "${length(var.private_subnets)}"
vpc_id = aws_vpc.Main.id
cidr_block = "${var.private_subnets[count.index]}" //CIDR block of private subnets
}
//Creating Route Table for Public Subnets
resource "aws_route_table" "PublicRT" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc_id = aws_vpc.Main.id
route {
cidr_block = "IP_Address" //Traffic from Public Subnet reaches Internet via Internet Gateway
gateway_id = aws_internet_gateway.IGW.id
}
}
//Creating Route Table for Private Subnet
resource "aws_route_table" "PrivateRT" {
provider = aws.east
count = "${length(var.private_subnets)}"
vpc_id = aws_vpc.Main.id
route {
cidr_block = "IP_Address" //Traffic from Private Subnet reaches Internet via NAT Gateway
nat_gateway_id = aws_nat_gateway.NATgw[count.index].id
}
}
resource "aws_route_table_association" "PublicRTassociation" {
provider = aws.east
count = "${length(var.public_subnets)}"
subnet_id = aws_subnet.publicsubnets[count.index].id
route_table_id = aws_route_table.PublicRT[count.index].id
}
resource "aws_route_table_association" "PrivateRTassociation" {
provider = aws.east
count = "${length(var.private_subnets)}"
subnet_id = aws_subnet.privatesubnets[count.index].id
route_table_id = aws_route_table.PrivateRT[count.index].id
}
resource "aws_eip" "nateIP" {
provider = aws.east
vpc = true
}
resource "aws_nat_gateway" "NATgw" {
provider = aws.east
count = "${length(var.public_subnets)}"
allocation_id = aws_eip.nateIP.id
subnet_id = aws_subnet.privatesubnets[count.index].id
}
我在单独的文件中提供了 main 的提供程序和变量。此外,我正在尝试创建多个 public 和具有多个 IP 地址块的私有子网,这就是计数变量和参数的原因。
注意:我已经更改了 privacy/security 的一些名称和变量。
我做错了什么?
发生这种情况是因为您只创建了一个EIP,并尝试在多个NAT 网关中使用它。您必须为每个 NAT 创建 1 个 EIP。因此它应该是:
resource "aws_eip" "nateIP" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc = true
}
resource "aws_nat_gateway" "NATgw" {
provider = aws.east
count = "${length(var.public_subnets)}"
allocation_id = aws_eip.nateIP[count.index].id
subnet_id = aws_subnet.privatesubnets[count.index].id
}
我有一个应该远程创建 AWS VPC 的 Terraform 文件,但每次 运行 terraform apply 我都会收到以下错误:
│ Error: error waiting for EC2 NAT Gateway (nat-0ddd4f893ecbaa66b) create: unexpected state 'failed', wanted target 'available'. last error: Resource.AlreadyAssociated: Elastic IP address [eipalloc-0d420da39dea25c38] is already associated
│
│ with aws_nat_gateway.NATgw[2],
│ on main.tf line 91, in resource "aws_nat_gateway" "NATgw":
│ 91: resource "aws_nat_gateway" "NATgw" {
│
╵
╷
│ Error: error waiting for EC2 NAT Gateway (nat-0ea71e57475b449ec) create: unexpected
state 'failed', wanted target 'available'. last error: Resource.AlreadyAssociated:
Elastic IP address [eipalloc-0d420da39dea25c38] is already associated
│
│ with aws_nat_gateway.NATgw[0],
│ on main.tf line 91, in resource "aws_nat_gateway" "NATgw":
│ 91: resource "aws_nat_gateway" "NATgw" {
│
这就是 main.tf 我正在尝试 运行:
terraform {
required_providers {
aws = {
version = "~> 3.0"
source = "hashicorp/aws"
}
}
}
//Creating VPC here
resource "aws_vpc" "Main" {
provider = aws.east
cidr_block = "IP_Address"
instance_tenancy = "default"
}
//Creating Internet Gateway
resource "aws_internet_gateway" "IGW" {
provider = aws.east
vpc_id = aws_vpc.Main.id
}
//Creating Public Subnets
resource "aws_subnet" "publicsubnets" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc_id = aws_vpc.Main.id
cidr_block = "${var.public_subnets[count.index]}" //CIDR block of public subnets
}
//Creating Private Subnets
resource "aws_subnet" "privatesubnets" {
provider = aws.east
count = "${length(var.private_subnets)}"
vpc_id = aws_vpc.Main.id
cidr_block = "${var.private_subnets[count.index]}" //CIDR block of private subnets
}
//Creating Route Table for Public Subnets
resource "aws_route_table" "PublicRT" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc_id = aws_vpc.Main.id
route {
cidr_block = "IP_Address" //Traffic from Public Subnet reaches Internet via Internet Gateway
gateway_id = aws_internet_gateway.IGW.id
}
}
//Creating Route Table for Private Subnet
resource "aws_route_table" "PrivateRT" {
provider = aws.east
count = "${length(var.private_subnets)}"
vpc_id = aws_vpc.Main.id
route {
cidr_block = "IP_Address" //Traffic from Private Subnet reaches Internet via NAT Gateway
nat_gateway_id = aws_nat_gateway.NATgw[count.index].id
}
}
resource "aws_route_table_association" "PublicRTassociation" {
provider = aws.east
count = "${length(var.public_subnets)}"
subnet_id = aws_subnet.publicsubnets[count.index].id
route_table_id = aws_route_table.PublicRT[count.index].id
}
resource "aws_route_table_association" "PrivateRTassociation" {
provider = aws.east
count = "${length(var.private_subnets)}"
subnet_id = aws_subnet.privatesubnets[count.index].id
route_table_id = aws_route_table.PrivateRT[count.index].id
}
resource "aws_eip" "nateIP" {
provider = aws.east
vpc = true
}
resource "aws_nat_gateway" "NATgw" {
provider = aws.east
count = "${length(var.public_subnets)}"
allocation_id = aws_eip.nateIP.id
subnet_id = aws_subnet.privatesubnets[count.index].id
}
我在单独的文件中提供了 main 的提供程序和变量。此外,我正在尝试创建多个 public 和具有多个 IP 地址块的私有子网,这就是计数变量和参数的原因。
注意:我已经更改了 privacy/security 的一些名称和变量。
我做错了什么?
发生这种情况是因为您只创建了一个EIP,并尝试在多个NAT 网关中使用它。您必须为每个 NAT 创建 1 个 EIP。因此它应该是:
resource "aws_eip" "nateIP" {
provider = aws.east
count = "${length(var.public_subnets)}"
vpc = true
}
resource "aws_nat_gateway" "NATgw" {
provider = aws.east
count = "${length(var.public_subnets)}"
allocation_id = aws_eip.nateIP[count.index].id
subnet_id = aws_subnet.privatesubnets[count.index].id
}