我在Terraform中应用以下配置:
resource "azurerm_resource_group" "rg" {
name = var.resourceGroupName
location = var.location
}
resource "azurerm_app_service_plan" "app_plan" {
name = var.appServicePlanName
location = var.location
resource_group_name = azurerm_resource_group.rg.name
sku {
tier = "Free"
size = "F1"
}
}
resource "azurerm_app_service" "app_service" {
name = var.appServiceName
location = var.location
resource_group_name = azurerm_resource_group.rg.name
app_service_plan_id = azurerm_app_service_plan.app_plan.id
app_settings = {
"SOME_KEY" = "some-value"
}
}
我第一次运行“ terraform apply”,结果就是我所期望的。资源已创建。如果我将再次运行相同的配置,则会收到:错误:用于App Service的名称“ xxx”必须是全局唯一的,并且不可用:主机名“ xxx”已存在。请选择其他名称。
我有点困惑,因为我希望Terraform跳过任何更改,只是让我知道什么都没有更改,我想念什么?我的provider(provider.tf)配置如下:
provider "azurerm" {
skip_provider_registration = "true"
subscription_id = var.subscriptionId
tenant_id = var.tenantId
client_id = var.clientId
client_secret = var.clientSecret
}
此外,我有terraform.tfvars
resourceGroupName = "xxx-poc1-rg"
location = "eastus"
appServicePlanName = "xxx-poc1-asp01"
appServiceName = "xxx-poc1-apsvc01"
subscriptionId = ""
tenantId = ""
clientId = ""
clientSecret = ""
和variables.tf文件
variable "appServiceName" {
type = string
description = "The name of app service"
}
variable "appServicePlanName" {
type = string
description = "The name of app service plan"
}
variable "resourceGroupName" {
type = string
description = "The name of resource group"
}
variable "location" {
type = string
description = "Location"
}
variable "subscriptionId" {
type = string
description = "Subscription id"
}
variable "tenantId" {
type = string
description = "Tenant id"
}
variable "clientId" {
type = string
description = "Client id"
}
variable "clientSecret" {
type = string
description = "Client secret"
}
PS如果我尝试通过添加connection_string部分或修改app_settings来修改应用程序服务配置,则结果是一样的,但会抛出异常,提示“错误:用于应用程序服务的名称“ xxx”必须是全局唯一的,并且不是可用:主机名“ xxx”已存在。请选择其他名称。”
这是terraform状态的输出:D:\ alexus-git \ TerraformAppServicePlanTest [master≡]> terraform plan在计划之前刷新内存中的Terraform状态...刷新后的状态将用于计算此计划,但不会持久化到本地或远程状态存储。
azurerm_resource_group.rg:刷新状态... [id = / subscriptions / 0f1c414a -...- a351876ecd47 / resourceGroups / xxx-poc1-rg] azurerm_app_service_plan.app_plan:刷新状态... [id = / subscriptions / 0f1c414a- .. .-a351876ecd47 / resourceGroups / xxx-poc1-rg / providers / Microsoft.Web / serverfarms / xxx-poc1-asp01]
执行计划已生成,如下所示。资源操作用以下符号表示:+创建
Terraform将执行以下操作:
#将创建azurerm_app_service.app_service +资源“ azurerm_app_service”“ app_service” {+ app_service_plan_id =“ /subscriptions/0f1c414a-...-a351876ecd47/resourceGroups/xxx-poc1-rg/providers/Microsoft.Web/serverfarms/xxx-poc1 -asp01“ + app_settings = {+” SOME_KEY“ =”某些值“} + client_affinity_enabled =(在应用后已知)+ default_site_hostname =(在应用后已知)+ enabled = true + https_only = false + id =(在应用后已知) +位置=“ eastus” +名称=“ xxx-poc1-apsvc01”+ outbound_ip_addresses =(在应用后已知)+可能_outbound_ip_addresses =(在应用后已知)+ resource_group_name =“ xxx-poc1-rg” + site_credential =(应用后已知)+ source_control =(应用后已知)+标签=(应用后已知)
+ auth_settings {
+ additional_login_params = (known after apply)
+ allowed_external_redirect_urls = (known after apply)
+ default_provider = (known after apply)
+ enabled = (known after apply)
+ issuer = (known after apply)
+ runtime_version = (known after apply)
+ token_refresh_extension_hours = (known after apply)
+ token_store_enabled = (known after apply)
+ unauthenticated_client_action = (known after apply)
+ active_directory {
+ allowed_audiences = (known after apply)
+ client_id = (known after apply)
+ client_secret = (sensitive value)
}
+ facebook {
+ app_id = (known after apply)
+ app_secret = (sensitive value)
+ oauth_scopes = (known after apply)
}
+ google {
+ client_id = (known after apply)
+ client_secret = (sensitive value)
+ oauth_scopes = (known after apply)
}
+ microsoft {
+ client_id = (known after apply)
+ client_secret = (sensitive value)
+ oauth_scopes = (known after apply)
}
+ twitter {
+ consumer_key = (known after apply)
+ consumer_secret = (sensitive value)
}
}
+ connection_string {
+ name = (known after apply)
+ type = (known after apply)
+ value = (sensitive value)
}
+ identity {
+ identity_ids = (known after apply)
+ principal_id = (known after apply)
+ tenant_id = (known after apply)
+ type = (known after apply)
}
+ logs {
+ application_logs {
+ azure_blob_storage {
+ level = (known after apply)
+ retention_in_days = (known after apply)
+ sas_url = (sensitive value)
}
}
+ http_logs {
+ azure_blob_storage {
+ retention_in_days = (known after apply)
+ sas_url = (sensitive value)
}
+ file_system {
+ retention_in_days = (known after apply)
+ retention_in_mb = (known after apply)
}
}
}
+ site_config {
+ always_on = (known after apply)
+ app_command_line = (known after apply)
+ auto_swap_slot_name = (known after apply)
+ default_documents = (known after apply)
+ dotnet_framework_version = (known after apply)
+ ftps_state = (known after apply)
+ http2_enabled = (known after apply)
+ ip_restriction = (known after apply)
+ java_container = (known after apply)
+ java_container_version = (known after apply)
+ java_version = (known after apply)
+ linux_fx_version = (known after apply)
+ local_mysql_enabled = (known after apply)
+ managed_pipeline_mode = (known after apply)
+ min_tls_version = (known after apply)
+ php_version = (known after apply)
+ python_version = (known after apply)
+ remote_debugging_enabled = (known after apply)
+ remote_debugging_version = (known after apply)
+ scm_type = (known after apply)
+ use_32_bit_worker_process = (known after apply)
+ virtual_network_name = (known after apply)
+ websockets_enabled = (known after apply)
+ windows_fx_version = (known after apply)
+ cors {
+ allowed_origins = (known after apply)
+ support_credentials = (known after apply)
}
}
+ storage_account {
+ access_key = (sensitive value)
+ account_name = (known after apply)
+ mount_path = (known after apply)
+ name = (known after apply)
+ share_name = (known after apply)
+ type = (known after apply)
}
}
计划:1增加,0更改,0销毁。
问题是您不提供使用zurerm的支持,因此不会保存您的状态文件。为了解决这个问题,您可以添加backend
一个现有.tf
文件或创建一个新的例如backend.tf
包含内容的文件:
terraform {
backend "azurerm" {
}
}
谢谢尼古拉,是的。我使用Azure DevOps服务器运行代码,而gitignore排除了状态文件,因此,每次在构建代理上运行状态时,都会从头开始创建状态,而terraform则试图重新创建资源。