使用 terraform 在 GCP 中为不同的项目 ID 创建计算实例时出现问题
Problem with creating compute instance in GCP for different project IDs with terraform
我有一个 terraform 可以在 GCP 中创建计算实例,如下所示:
resource "google_compute_address" "static_ip" {
project = var.project_id
name = "vm-instance"
}
resource "google_compute_instance" "vm_instance" {
project = var.project_id
name = "vm-instance"
machine_type = "e2-standard-4"
zone = "us-east4-c"
boot_disk {
device_name = "vm-instance"
mode = "READ_WRITE"
initialize_params {
image = "centos-cloud/centos-7"
size = 20
}
}
tags = ["web-host","http-server","https-server"]
network_interface {
network = var.network
subnetwork = var.subnetwork
#subnetwork_project = var.project_id
access_config {
nat_ip = google_compute_address.static_ip.address
}
}
service_account {
scopes = ["cloud-platform"]
}
scheduling {
on_host_maintenance = "MIGRATE"
#provisioning_model = "STANDARD"
}
shielded_instance_config {
enable_secure_boot = true
enable_vtpm = true
enable_integrity_monitoring = true
}
}
以及将使用它的模块:
module "sandbox_vm" {
source = "./modules/terraform-vm"
network = "sandbox-vpc"
subnetwork = "sandbox-vpc"
project_id = var.sandbox_project
}
module "dev_vm" {
source = "./modules/terraform-vm"
network = "dev-vpc"
subnetwork = "dev-vpc"
project_id = var.dev_project
}
module "prod_vm" {
source = "./modules/terraform-vm"
network = "prod-vpc"
subnetwork = "prod-vpc"
project_id = var.prod_project
}
但是当我尝试应用它时会出现错误:
Error: Error creating instance: googleapi: Error 400: Invalid value for field 'resource.networkInterfaces[0].subnetwork': 'projects/cloud-sandbox/regions/us-east4/subnetworks/dev-vpc'. The referenced subnetwork resource cannot be found., invalid
on modules/terraform-vm/main.tf line 6, in resource "google_compute_instance" "vm_instance":
6: resource "google_compute_instance" "vm_instance" {
Error: Error creating instance: googleapi: Error 400: Invalid value for field 'resource.networkInterfaces[0].subnetwork': 'projects/cloud-sandbox/regions/us-east4/subnetworks/prod-vpc'. The referenced subnetwork resource cannot be found., invalid
on modules/terraform-vm/main.tf line 6, in resource "google_compute_instance" "vm_instance":
6: resource "google_compute_instance" "vm_instance" {
当每个模块都严格指定子网时,为什么它会尝试使用来自其他项目 ID 的子网?
PS.
提供商文件包含
provider "google" {
credentials = var.credentials_file
region = var.region
}
在指定子网时发现 documentation 不正确。结果发现需要提供所有 3 个参数才能使其正常工作:
network = var.network
subnetwork = var.subnetwork
subnetwork_project = var.project_id
我有一个 terraform 可以在 GCP 中创建计算实例,如下所示:
resource "google_compute_address" "static_ip" {
project = var.project_id
name = "vm-instance"
}
resource "google_compute_instance" "vm_instance" {
project = var.project_id
name = "vm-instance"
machine_type = "e2-standard-4"
zone = "us-east4-c"
boot_disk {
device_name = "vm-instance"
mode = "READ_WRITE"
initialize_params {
image = "centos-cloud/centos-7"
size = 20
}
}
tags = ["web-host","http-server","https-server"]
network_interface {
network = var.network
subnetwork = var.subnetwork
#subnetwork_project = var.project_id
access_config {
nat_ip = google_compute_address.static_ip.address
}
}
service_account {
scopes = ["cloud-platform"]
}
scheduling {
on_host_maintenance = "MIGRATE"
#provisioning_model = "STANDARD"
}
shielded_instance_config {
enable_secure_boot = true
enable_vtpm = true
enable_integrity_monitoring = true
}
}
以及将使用它的模块:
module "sandbox_vm" {
source = "./modules/terraform-vm"
network = "sandbox-vpc"
subnetwork = "sandbox-vpc"
project_id = var.sandbox_project
}
module "dev_vm" {
source = "./modules/terraform-vm"
network = "dev-vpc"
subnetwork = "dev-vpc"
project_id = var.dev_project
}
module "prod_vm" {
source = "./modules/terraform-vm"
network = "prod-vpc"
subnetwork = "prod-vpc"
project_id = var.prod_project
}
但是当我尝试应用它时会出现错误:
Error: Error creating instance: googleapi: Error 400: Invalid value for field 'resource.networkInterfaces[0].subnetwork': 'projects/cloud-sandbox/regions/us-east4/subnetworks/dev-vpc'. The referenced subnetwork resource cannot be found., invalid
on modules/terraform-vm/main.tf line 6, in resource "google_compute_instance" "vm_instance":
6: resource "google_compute_instance" "vm_instance" {
Error: Error creating instance: googleapi: Error 400: Invalid value for field 'resource.networkInterfaces[0].subnetwork': 'projects/cloud-sandbox/regions/us-east4/subnetworks/prod-vpc'. The referenced subnetwork resource cannot be found., invalid
on modules/terraform-vm/main.tf line 6, in resource "google_compute_instance" "vm_instance":
6: resource "google_compute_instance" "vm_instance" {
当每个模块都严格指定子网时,为什么它会尝试使用来自其他项目 ID 的子网?
PS.
提供商文件包含
provider "google" {
credentials = var.credentials_file
region = var.region
}
在指定子网时发现 documentation 不正确。结果发现需要提供所有 3 个参数才能使其正常工作:
network = var.network
subnetwork = var.subnetwork
subnetwork_project = var.project_id