Toggle 在 Terraform 中创建 Azure VM

Question

我必须使用terraform 在Azure 中配置Windows VM，唯一的条件是，应该为除DEV 之外的所有其他环境创建VM（以及依赖资源，如VNET、NSG、PublicIP 等）。

如果我使用以下 terraform 代码运行 terraform plan。我收到此错误。

##[error]Terraform command 'plan' failed with exit code '1'.:  Missing resource instance key |  Missing resource instance key |  Missing resource instance key

[0m  on main_infra_app.tf line 284, in resource "azurerm_network_interface" "network-interface":
284:         subnet_id                     = "${[4mazurerm_subnet.snet[0m.id}"
[0m
Because azurerm_subnet.snet has "count" set, its attributes must be accessed
on specific instances.
For example, to correlate with indices of a referring resource, use:
azurerm_subnet.snet[count.index]

地形代码：

resource "azurerm_virtual_network" "vnet-main" {
    count               = "${var.env == "dev" ? 0 : 1}"
    name                = "$var.name"
    address_space       = ["10.0.0.0/16"]
    location            = "$var.location"
    resource_group_name = "${azurerm_resource_group.rg.name}"
} 

#Create Public IPs
resource "azurerm_public_ip" "PublicIP" {
    count                        = "${var.env  == "dev" ? 0 : 1}"
    name                         = "${var.ip}"
    location                     = "${azurerm_resource_group.rg.location}"
    resource_group_name          = "${azurerm_resource_group.rg.name}"
    allocation_method            = "Static"
}

#Create Subnet
resource "azurerm_subnet" "snet" {
    count                = "${var.env == "dev" ? 0 : 1}"
    name                 = "${var.subnet}"
    resource_group_name  = "${azurerm_resource_group.rg.name}"
    virtual_network_name = "azurerm_virtual_network.vnet-main"
    address_prefix       = "10.0.2.0/24"
}

#Create Network Security Group
resource "azurerm_network_security_group" "NSG" {
    count               = "${var.env == "dev" ? 0 : 1}"
    name                = "${var.nsg}"
    location            = "${azurerm_resource_group.rg.location}"
    resource_group_name = "${azurerm_resource_group.rg.name}"

  security_rule  {
  ...
    }
  security_rule {
  ...
    }
}

#Create Network Interface
resource "azurerm_network_interface" "network-interface" {
    count                     = "${var.env == "dev" ? 0 : 1}"
    name                      = "${var.nic}"
    location                  = "${azurerm_resource_group.rg.location}"
    resource_group_name       = "${azurerm_resource_group.rg.name}"
    network_security_group_id = "${var.devops_stage == "dev" ? azurerm_network_security_group.NSG[count.index] : azurerm_network_security_group.NSG.id}"

    ip_configuration {
        name                          = "IP-Conf-1"
        subnet_id                     = "${var.devops_stage == "dev" ? azurerm_subnet.snet[count.index] : azurerm_subnet.snet.id}"
        private_ip_address_allocation = "Dynamic"
        public_ip_address_id           = "${var.devops_stage == "dev" ? azurerm_public_ip.PublicIP[count.index] : azurerm_public_ip.PublicIP.id}"
   }
}

resource "azurerm_virtual_machine" "vm" {
    count               = "${var.env == "dev" ? 0 : 1}"
    name                  = var.vm_name
    location              = "${azurerm_resource_group.rg.location}"
    resource_group_name   = "${azurerm_resource_group.rg.name}"
    network_interface_ids = "${var.env == "dev" ? azurerm_network_interface.network-interface[count.index] : azurerm_network_interface.network-interface[count.index]}"
    vm_size               = "Standard_D13_v2"
    ..
    ..
    ..
}

请指导我。

Answer 1

正如我从您的 Terraform 代码中看到的，您想添加条件变量 env 是否与“dev”匹配来判断是否创建 VM 和其他资源。我认为您只需要在计数处添加条件，而不是在任何其他地方。所以最后，Terraform 代码应该是这样的：

resource "azurerm_virtual_network" "vnet-main" {
    count               = "${var.env == "dev" ? 0 : 1}"
    name                = "${var.name}"
    address_space       = ["10.0.0.0/16"]
    location            = "${azurerm_resource_group.rg.location}"
    resource_group_name = "${azurerm_resource_group.rg.name}"
} 

#Create Public IPs
resource "azurerm_public_ip" "PublicIP" {
    count                        = "${var.env  == "dev" ? 0 : 1}"
    name                         = "${var.ip}"
    location                     = "${azurerm_resource_group.rg.location}"
    resource_group_name          = "${azurerm_resource_group.rg.name}"
    allocation_method            = "Static"
}

#Create Subnet
resource "azurerm_subnet" "snet" {
    count                = "${var.env == "dev" ? 0 : 1}"
    name                 = "${var.subnet}"
    resource_group_name  = "${azurerm_resource_group.rg.name}"
    virtual_network_name = "${azurerm_virtual_network.vnet-main[count.index].name}"
    address_prefix       = "10.0.2.0/24"
}

#Create Network Security Group
resource "azurerm_network_security_group" "NSG" {
    count               = "${var.env == "dev" ? 0 : 1}"
    name                = "${var.nsg}"
    location            = "${azurerm_resource_group.rg.location}"
    resource_group_name = "${azurerm_resource_group.rg.name}"

  security_rule  {
  ...
    }
  security_rule {
  ...
    }
}

#Create Network Interface
resource "azurerm_network_interface" "network-interface" {
    count                     = "${var.env == "dev" ? 0 : 1}"
    name                      = "${var.nic}"
    location                  = "${azurerm_resource_group.rg.location}"
    resource_group_name       = "${azurerm_resource_group.rg.name}"
    network_security_group_id = "${azurerm_network_security_group.NSG[count.index].id}"

    ip_configuration {
        name                          = "IP-Conf-1"
        subnet_id                     = "${azurerm_subnet.snet[count.index].id}"
        private_ip_address_allocation = "Dynamic"
        public_ip_address_id           = "${azurerm_public_ip.PublicIP[count.index].id}"
   }
}

resource "azurerm_virtual_machine" "vm" {
    count               = "${var.env == "dev" ? 0 : 1}"
    name                  = var.vm_name
    location              = "${azurerm_resource_group.rg.location}"
    resource_group_name   = "${azurerm_resource_group.rg.name}"
    network_interface_ids = "${azurerm_network_interface.network-interface[count.index].id}"
    vm_size               = "Standard_D13_v2"
    ..
    ..
    ..
}