【发布时间】:2022-01-09 06:50:35
【问题描述】:
我使用 Terraform(TF) 创建多个 Digital Ocean Droplet resource (VM),并通过 remote-exec 配置程序从 TF 公共资源中设置每个 VM random string password。
resource "digitalocean_droplet" "testvm" {
count = var.count_of_droplets
image = "ubuntu-20-04-x64"
name = "testvm-${count.index}"
region = "nyc3"
size = "s-1vcpu-1gb"
ssh_keys = [data.digitalocean_ssh_keys.keys.ssh_keys[0].id]
provisioner "remote-exec" {
connection {
type = "ssh"
user = "root"
private_key = file("${var.my_ssh_private_key}")
host = self.ipv4_address
}
inline = [
"echo '${var.os_user}:${random_string.password[count.index].result}' | sudo chpasswd",
"sed -i '/PermitRootLogin/c PermitRootLogin yes' /etc/ssh/sshd_config",
"systemctl restart sshd"
]
}
tags = ["dev"]
}
和随机密码生成器:
resource "random_string" "password" {
count = var.count_of_droplets
length = 16
special = true
override_special = "_%@"
}
我通过 Terraform 输出为每个创建的带有 VM 名称的 VM 打印公共 ip:
output "droplet_ip_addresses" {
value = {
for droplet in digitalocean_droplet.testvm :
droplet.name => droplet.ipv4_address
}
}
输出:
droplet_ip_addresses = {
- testvm-0 = "1.1.1.1"
- testvm-1 = "2.2.2.2"
}
如何在上面的输出中添加生成的密码?喜欢:
droplets_data = {
- testvm-0 = "1.1.1.1" = "5j1dYBZzqDd30yhJ"
- testvm-1 = "2.2.2.2" = "6R%wj4zebwd9FiAt"
}
【问题讨论】: