user_data 未在 EC2 中执行,在 cloud-init thru terraform 中出现错误

【问题标题】:user_data is not executed in EC2 with error in cloud-init thru terraformuser_data 未在 EC2 中执行,在 cloud-init thru terraform 中出现错误
【发布时间】:2021-11-05 13:55:48
【问题描述】:

我在私有网络中通过 terraform 简单部署了一个 EC2 实例,通过 NAt gw 对其进行互联网访问,一切都很好,只是我使用 user_data 解析脚本以在这个 ubuntu 实例上安装一个简单的 Web 服务器但我在相关实例中的 cloud-init 上看到以下错误:

/var/log/cloud-init-output.log

 96 Cloud-init v. 21.1-19-gbad84ad4-0ubuntu1~20.04.2 running 'modules:config' at Wed, 08 Sep 2021 18:17:18 +0000. Up 58.79 seconds.
 97 *** Installing apache2
 98 Err:1 http://security.ubuntu.com/ubuntu focal-security InRelease
 99   Cannot initiate the connection to security.ubuntu.com:80 (2001:67c:1562::18). - connect (101: Network is unreachable) Cannot initiate the conn    ection to security.ubuntu.com:80 (2001:67c:1562::15). - connect (101: Network is unreachable) Could not connect to security.ubuntu.com:80 (91.18    9.91.38), connection timed out Could not connect to security.ubuntu.com:80 (91.189.91.39), connection timed out
100 Err:2 http://us-east-2.ec2.archive.ubuntu.com/ubuntu focal InRelease
101   Could not connect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.155.232), connection timed out Could not connect to us-east-2.ec2.archive.ubun    tu.com:80 (52.15.107.13), connection timed out Could not connect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.106.142), connection timed out Co    uld not connect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.102.108), connection timed out Could not connect to us-east-2.ec2.archive.ubuntu.c    om:80 (52.15.159.198), connection timed out Could not connect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.158.54), connection timed out
102 Err:3 http://us-east-2.ec2.archive.ubuntu.com/ubuntu focal-updates InRelease
103   Unable to connect to us-east-2.ec2.archive.ubuntu.com:http:
104 Err:4 http://us-east-2.ec2.archive.ubuntu.com/ubuntu focal-backports InRelease
105   Unable to connect to us-east-2.ec2.archive.ubuntu.com:http:
106 Reading package lists...
107 W: Failed to fetch http://us-east-2.ec2.archive.ubuntu.com/ubuntu/dists/focal/InRelease  Could not connect to us-east-2.ec2.archive.ubuntu.com:8    0 (52.15.155.232), connection timed out Could not connect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.107.13), connection timed out Could not     connect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.106.142), connection timed out Could not connect to us-east-2.ec2.archive.ubuntu.com:80 (5    2.15.102.108), connection timed out Could not connect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.159.198), connection timed out Could not con    nect to us-east-2.ec2.archive.ubuntu.com:80 (52.15.158.54), connection timed out
108 W: Failed to fetch http://us-east-2.ec2.archive.ubuntu.com/ubuntu/dists/focal-updates/InRelease  Unable to connect to us-east-2.ec2.archive.ubun    tu.com:http:

这是我通过 terraform 执行此操作的方式:

resource "aws_instance" "vray_instance" {
  ami                    = "ami-00399ec92321828f5"
  instance_type          = "t2.micro"
  key_name               = aws_key_pair.vray_key_pair.key_name
  vpc_security_group_ids = [aws_security_group.vray_security_group_web.id]
  subnet_id              = aws_subnet.vray_privated_subnet[0].id
  user_data              = file("${path.cwd}/install_el_apache.sh")

  tags = {
    Name = "Instance  Web Server"
  }
}

这是我的 shell 脚本的内容:

       │ File: install_el_apache.sh
───────┼──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
   1 ~ │ #!/bin/bash
   2 ~ │ echo "*** Installing apache2"
   3 ~ │ sudo apt-get update
   4 ~ │ sudo apt-get install -y apache2
   5 ~ │ sudo systemctl start apache2
   6 ~ │ sudo systemctl enable apache2
   7 ~ │ echo "<h1>Web server Task2 with Terraform</h1>" | sudo tee /var/www/html/index.html
   8 ~ │ echo "*** Completed Installing apache2"

非常欢迎对此提供任何线索或指责,有人指出,在执行脚本时未创建 NAT,但我检查了其他类似问题,不需要执行 cath 错误或输入脚本中的延迟,以便等待创建此脚本以处理脚本步骤。

提前致谢

+vRay

【问题讨论】:

  • 您在其中部署实例的子网似乎没有通往 Internet 的路由?是否配置了到 NAT 网关的路由?
  • 其实它的路线是我所有来自 terraform 的核心:link
  • 一个简单的验证方法是将ssh 进入服务器并尝试手动运行这些命令,或者只运行curl 或其他东西来检查互联网访问。如果这不起作用,那么您需要查看您的网络配置。
  • 是的,我还通过运行所有这些进行了测试,并在我创建的用于托管 Web 服务的实例中运行正常,我使用的 jumbox 也可以正常连接并从网络服务器
  • 进展如何?仍然不清楚是什么问题?

标签: amazon-web-services shell amazon-ec2 terraform


【解决方案1】:

有人指出,执行脚本时并未创建 NAT

你几乎是正确的。但就您而言,这与您的vray_vpc_us_east2a_privated_association 有关。基本上,您的实例是在建立关联之前创建的,因此它们会超时。你应该可以用depends_on 解决这个问题:

resource "aws_instance" "vray_instance" {
  ami                    = "ami-00399ec92321828f5"
  instance_type          = "t2.micro"
  key_name               = aws_key_pair.vray_key_pair.key_name
  vpc_security_group_ids = [aws_security_group.vray_security_group_web.id]
  subnet_id              = aws_subnet.vray_privated_subnet[0].id
  user_data              = file("${path.cwd}/install_el_apache.sh")

  tags = {
    Name = "Instance vRay Web Server"
  }
  
  depends_on = [aws_route_table_association.vray_vpc_us_east2a_privated_association]
}

#-------------------Creation of the JumpBox in Privated Subnet---------------------------
#not possible to reach Privated subnet within the VPC!!!
resource "aws_instance" "vray_jumpbox" {
  ami                    = "ami-00399ec92321828f5"
  instance_type          = "t2.micro"
  key_name               = aws_key_pair.vray_key_pair.key_name
  vpc_security_group_ids      = [aws_security_group.vray_security_group.id]
  subnet_id                   = aws_subnet.vray_public_subnet[0].id
  associate_public_ip_address = true
  tags = {
    Name = "Jumpbox vRay"
  }
  
  depends_on = [aws_route_table_association.vray_vpc_us_east2a_privated_association]  
  
}

您的应用仍然无法通过 Internet 访问,因为它位于私有子网中,但至少该实例应仅在 存在到 NAT 的路由之后启动。

【讨论】:

  • 不幸的是,我没有足够的声望给你们积分,当我得到足够的时候会回来给你们。
【解决方案2】:

我明白你为什么感到困惑。如果您可以在从跳转框连接到实例的同时运行更新,则说明您有 Internet 连接。但是,错误消息表明当时该实例没有互联网连接。

那么这可能是时间问题吗(我对此表示怀疑,但值得一试)?如果在 Terraform 代码中添加“依赖于”Internet 网关会怎样?

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 2013-07-21
    • 2019-01-23
    • 2017-10-08
    • 2022-12-08
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode