如何使用 Terraform 将 AWS CloudWatch 警报链接到 AWS Route53 运行状况检查?

【问题标题】:How to link an AWS CloudWatch Alarm to an AWS Route53 Health Check using Terraform?如何使用 Terraform 将 AWS CloudWatch 警报链接到 AWS Route53 运行状况检查?
【发布时间】:2017-02-15 07:22:36
【问题描述】:

我目前正在使用 Terraform 设置 AWS CloudWatch 警报来检测我的服务器的运行状况。使用 AWS Route 53 运行状况检查检查运行状况状态。我的.tf 文件是:

resource "aws_cloudwatch_metric_alarm" "val1-alarm" {
  alarm_name = "val-alarm"
  comparison_operator = "LessThanOrEqualToThreshold"
  evaluation_periods = "2"
  metric_name = "HealthCheckStatus"
  namespace = "AWS/Route53"
  period = "60"
  statistic = "Minimum"
  threshold = "0"
  dimensions {
    HealthCheckId = "${aws_route53_health_check.val1-hc.id}"
  }
  alarm_description = "This metric monitor whether the server is down or not."
  insufficient_data_actions = []
}

resource "aws_route53_health_check" "val1-hc" {
  fqdn = "${aws_route53_record.val1-record.name}"
  port = 27017
  type = "TCP"
  failure_threshold = "3"
  request_interval = "30"
  measure_latency = 1
  cloudwatch_alarm_name = "${aws_cloudwatch_metric_alarm.val1-alarm.alarm_name}"
  cloudwatch_alarm_region = "eu-central-1"
}

申请时出现这个错误:

Cycle: aws_route53_health_check.val1-hc, aws_cloudwatch_metric_alarm.val1-alarm

循环意味着每个资源调用另一个。当我尝试从运行状况检查中删除 cloudwatch_alarm_namecloudwatch_alarm_region 时,一个 terraform 错误提示我需要这两个参数(即使 doc 指定这两个参数是可选的)。 如何解决?

非常感谢任何帮助或建议!

【问题讨论】:

标签: amazon-web-services amazon-route53 amazon-cloudwatch terraform


【解决方案1】:

您不能从B 引用A 和从A 引用B

aws_cloudwatch_metric_alarm.val1-alarm 中删除引用,例如:

resource "aws_cloudwatch_metric_alarm" "val1-alarm" {
  alarm_name = "val-alarm"
  comparison_operator = "LessThanOrEqualToThreshold"
  evaluation_periods = "2"
  metric_name = "HealthCheckStatus"
  namespace = "AWS/Route53"
  period = "60"
  statistic = "Minimum"
  threshold = "0"
  alarm_description = "This metric monitor whether the server is down or not."
  insufficient_data_actions = []
}

resource "aws_route53_health_check" "val1-hc" {
  fqdn = "${aws_route53_record.val1-record.name}"
  port = 27017
  type = "TCP"
  failure_threshold = "3"
  request_interval = "30"
  measure_latency = 1
  cloudwatch_alarm_name = "${aws_cloudwatch_metric_alarm.val1-alarm.alarm_name}"
  cloudwatch_alarm_region = "eu-central-1"
}

See CloudWatch Alarm Example from here

【讨论】:

  • 我遇到了与 OP 相同的问题,但上述建议对我不起作用,Route53 运行状况检查仪表板仍然显示“未配置警报”。有什么想法吗?
【解决方案2】:

在 Terraform 0.9.3 上,我必须做相反的事情,从 aws_route53_health_check 资源中删除 cloudwatch_alarm_name 和 cloudwatch_alarm_region 以获取连接到运行状况检查的警报。感觉倒退了。 HealthCheckId 维度足以将它们连接在一起。

resource "aws_cloudwatch_metric_alarm" "val1-alarm" {
  alarm_name = "val-alarm"
  comparison_operator = "LessThanOrEqualToThreshold"
  evaluation_periods = "2"
  metric_name = "HealthCheckStatus"
  namespace = "AWS/Route53"
  period = "60"
  statistic = "Minimum"
  threshold = "0"
  dimensions {
    HealthCheckId = "${aws_route53_health_check.val1-hc.id}"
  }
  alarm_description = "This metric monitor whether the server is down or not."
  insufficient_data_actions = []
}

resource "aws_route53_health_check" "val1-hc" {
  fqdn = "${aws_route53_record.val1-record.name}"
  port = 27017
  type = "TCP"
  failure_threshold = "3"
  request_interval = "30"
  measure_latency = 1
}

【讨论】:

  • aws_route53_health_check.val1-hc 资源中还有 cloudwatch_alarm_namecloudwatch_alarm_region
  • 谢谢,@vikas027!我太专注于格式化代码,我忘了编辑代码! :)
  • 这很好,但是这段代码真的对你有用吗?我的意思是还有其他资源。它没有按我的预期工作。见this
【解决方案3】:

请注意,您需要将资源放在美国东部(弗吉尼亚北部),因为:

如果您选择任何其他指标,Amazon Route 53 指标将不可用 区域作为当前区域。

来源:Monitoring Health Check Status and Getting Notifications

我设法通过这个模块使它与eu-west-1 一起工作:

variable "environment" {}
variable "domain_name" {}
variable "resource_path" {}

provider "aws" {
  alias  = "use1"
  region = "us-east-1"
}

resource "aws_route53_health_check" "health_check" {
  fqdn              = "${var.domain_name}"
  port              = 443
  type              = "HTTPS"
  resource_path     = "${var.resource_path}"
  measure_latency   = true
  request_interval  = 30
  failure_threshold = 3

  tags = {
    Name        = "${var.environment}"
    Origin      = "terraform"
    Environment = "${var.environment}"
  }
}

resource "aws_sns_topic" "topic" {
  name     = "${var.environment}-healthcheck"
  provider = "aws.use1"
}

resource "aws_cloudwatch_metric_alarm" "metric_alarm" {
  provider                  = "aws.use1"
  alarm_name                = "${var.environment}-alarm-health-check"
  comparison_operator       = "LessThanThreshold"
  evaluation_periods        = "1"
  metric_name               = "HealthCheckStatus"
  namespace                 = "AWS/Route53"
  period                    = "60"
  statistic                 = "Minimum"
  threshold                 = "1"
  insufficient_data_actions = []
  alarm_actions             = ["${aws_sns_topic.topic.arn}"]
  alarm_description         = "Send an alarm if ${var.environment} is down"

  dimensions {
    HealthCheckId = "${aws_route53_health_check.health_check.id}"
  }
}

【讨论】:

  • 谢谢!这个解决方案解决了这个问题。区域名称是关键。
【解决方案4】:

命名空间 = "AWS/Route53"

【讨论】:

    猜你喜欢
    • 2019-03-04
    • 2021-05-25
    • 2019-07-14
    • 1970-01-01
    • 2014-03-16
    • 2021-10-30
    • 1970-01-01
    • 2021-12-26
    • 2020-04-17
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode