我正在使用下面的Terraform文件来创建AKS集群:
resource "random_pet" "prefix" {}
resource "kubernetes_persistent_volume" "example" {
metadata {
name = "example"
}
spec {
capacity = {
storage = "1Gi"
}
access_modes = ["ReadWriteOnce"]
persistent_volume_source {
azure_disk {
caching_mode = "None"
data_disk_uri = azurerm_managed_disk.example.id
disk_name = "example"
kind = "Managed"
}
}
}
}
resource "azurerm_kubernetes_cluster" "example" {
name = "${random_pet.prefix.id}-aks"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
dns_prefix = "${random_pet.prefix.id}-k8s"
default_node_pool {
name = "example"
node_count = 2
vm_size = "Standard_D2_v2"
os_disk_size_gb = 30
}
identity {
type = "SystemAssigned"
}
role_based_access_control {
enabled = true
}
addon_profile {
kube_dashboard {
enabled = true
}
}
tags = {
environment = "Demo"
}
}
provider "azurerm" {
version = ">=2.20.0"
features {}
}
resource "azurerm_resource_group" "example" {
name = "${random_pet.prefix.id}-rg"
location = "westus2"
}
resource "azurerm_managed_disk" "example" {
name = "example"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
storage_account_type = "Standard_LRS"
create_option = "Empty"
disk_size_gb = "1"
tags = {
environment = azurerm_resource_group.example.name
}
}
我从Terraform的有关设置AKS集群的教程中获取了上述文件:https : //learn.hashicorp.com/tutorials/terraform/aks
我已经使用Terraform的示例在此处设置Azure托管磁盘和k8s卷:https ://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/persistent_volume
当我尝试使用Terraform运行上述配置时,出现以下错误:
Error: Post "https://pumped-llama-k8s-419df981.hcp.westus2.azmk8s.io:443/api/v1/persistentvolumes": dial tcp: lookup pumped-llama-k8s-419df981.hcp.westus2.azmk8s.io on 192.168.1.1:53: no such host
on main.tf line 3, in resource "kubernetes_persistent_volume" "example":
3: resource "kubernetes_persistent_volume" "example" {
每当我尝试使用任何非azurerm
Terraform资源时,我都会收到相同的错误消息。例如。尝试配置角色和角色绑定时:resource "kubernetes_role"
我通过错误消息的URL进行假设-尝试连接到HashiCorp Cloud Platform(我假设它是默认设置)-我需要明确告诉这些非azurerm
资源我正在连接到Azure托管的Kubernetes。但是我不知道该怎么做。
原来,我需要kubernetes
在Terraform文件中定义提供程序-惊讶的是,考虑到我正在与它的资源进行交互,因此我没有收到不包含该警告的警告。
这是我修复它的方法:
outputs.tf:
output "host" {
value = azurerm_kubernetes_cluster.default.kube_config.0.host
}
output "client_key" {
value = azurerm_kubernetes_cluster.default.kube_config.0.client_key
}
output "client_certificate" {
value = azurerm_kubernetes_cluster.default.kube_config.0.client_certificate
}
output "kube_config" {
value = azurerm_kubernetes_cluster.default.kube_config_raw
}
output "cluster_ca_certificate" {
value = azurerm_kubernetes_cluster.default.kube_config.0.cluster_ca_certificate
}
main.tf:
...
provider "kubernetes" {
version = "=1.13.2"
load_config_file = "false"
host = azurerm_kubernetes_cluster.default.kube_config.0.host
client_certificate = "${base64decode(azurerm_kubernetes_cluster.default.kube_config.0.client_certificate)}"
client_key = "${base64decode(azurerm_kubernetes_cluster.default.kube_config.0.client_key)}"
cluster_ca_certificate = "${base64decode(azurerm_kubernetes_cluster.default.kube_config.0.cluster_ca_certificate)}"
}
...