【发布时间】:2021-09-07 08:09:22
【问题描述】:
我正在尝试使用 Terraform 在 Azure 中构建 AKS 群集。但是,我不希望将 AKS 部署到它自己的 VNET 和子网中,我已经在我希望它使用的 vnet 中构建了一个子网。当试图只给它子网 ID 时,我得到一个重叠的 CIDER 问题。我的网络是:
VNET:10.0.0.0/16 子网:10.0.1.0/24、10.0.2.0/24 和 10.0.3.0/24。我需要 AKS 才能在此 VNET 中使用 10.0.1.0./24 子网。但是,我的 Terraform 配置正在尝试使用 10.0.0.0/16 的 CIDR,这是一个明显的冲突。我不知道如何在 Terraform 中解决这个问题,通过门户我可以为 AKS 选择 vnet/子网。以下是生成错误的 Terraform 配置:
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=2.46.0"
}
}
}
# Configure the Microsoft Azure Provider
provider "azurerm" {
features {}
subscription_id = "####"
tenant_id = "####"
}
locals {
azure_location = "East US"
azure_location_short = "eastus"
}
resource "azurerm_resource_group" "primary_vnet_resource_group" {
name = "vnet-prod-002-eastus-001"
location = local.azure_location
}
resource "azurerm_virtual_network" "primary_vnet_virtual_network" {
name = "vnet_primary_eastus-001"
location = local.azure_location
resource_group_name = azurerm_resource_group.primary_vnet_resource_group.name
address_space = ["10.0.0.0/16"]
}
resource "azurerm_subnet" "aks-subnet" {
name = "snet-aks-prod-002-eastus-001"
# location = local.azure_location
virtual_network_name = azurerm_virtual_network.primary_vnet_virtual_network.name
resource_group_name = azurerm_resource_group.primary_vnet_resource_group.name
address_prefixes = ["10.0.1.0/24"]
}
output "aks_subnet_id" {
value = azurerm_subnet.aks-subnet.id
}
resource "azurerm_subnet" "application-subnet" {
name = "snet-app-prod-002-eastus-001"
# location = local.azure_location
virtual_network_name = azurerm_virtual_network.primary_vnet_virtual_network.name
resource_group_name = azurerm_resource_group.primary_vnet_resource_group.name
address_prefixes = ["10.0.2.0/24"]
}
resource "azurerm_subnet" "postgres-subnet" {
name = "snet-postgres-prod-002-eastus-001"
# location = local.azure_location
virtual_network_name = azurerm_virtual_network.primary_vnet_virtual_network.name
resource_group_name = azurerm_resource_group.primary_vnet_resource_group.name
address_prefixes = ["10.0.3.0/24"]
}
output "postgres_subnet_id" {
value = azurerm_subnet.postgres-subnet.id
}
resource "azurerm_kubernetes_cluster" "aks-prod-002-eastus-001" {
name = "aks-prod-002-eastus-001"
location = local.azure_location
resource_group_name = azurerm_resource_group.primary_vnet_resource_group.name
dns_prefix = "aks-prod-002-eastus-001"
default_node_pool {
name = "default"
node_count = 1
vm_size = "Standard_DS2_v2"
vnet_subnet_id = azurerm_subnet.aks-subnet.id
}
network_profile {
network_plugin = "azure"
}
identity {
type = "SystemAssigned"
}
addon_profile {
aci_connector_linux {
enabled = false
}
azure_policy {
enabled = false
}
http_application_routing {
enabled = false
}
oms_agent {
enabled = false
}
}
}
我不是 Terraform 专家,如果有人知道如何做到这一点,我真的需要帮助。我一直在上下文档,我可以找到一种指定子网ID的方法,但这就是我能做的。如果我不指定子网 ID,那么一切都会构建,但是会创建一个新的 vnet,这是我不想要的。
提前致谢
【问题讨论】: