我有 2 個地形腳本。其中之一創建了一個帶有網路和 1 個子網的 Azure VM。第二個 TF 腳本在 Azure VM 網路中創建 databricks 和 2 個額外的子網,以連接 Databricks 和 VM。
問題是第一次應用后一切正常。但是在第二個之后,terraform 想要洗掉 2 個額外的子網。
我的問題是如何防止洗掉 2 個額外的子網?
創建網路的VM部分和一個子網:
resource "azurerm_virtual_network" "neo4j_virt_network" {
name = "neo4j-virtnetwork-${var.env}-${var.location}-001"
address_space = ["10.0.0.0/16"]
location = var.location
resource_group_name = var.resource_group
subnet {
name = "neo4j-virtnetwork-subnet-${var.env}-${var.location}-001"
address_prefix = "10.0.1.0/24"
security_group = azurerm_network_security_group.neo4j_sg.id
}
tags = local.tags
}
創建 2 個附加子網的 Databricks 部分:
resource "azurerm_subnet" "private" {
name = "databricks-dev-northeurope-001-private"
resource_group_name = var.resource_group
virtual_network_name = azurerm_virtual_network.neo4j_virt_network.name
address_prefixes = ["10.0.3.0/24"]
delegation {
name = "databricks-delegation"
service_delegation {
name = "Microsoft.Databricks/workspaces"
actions = [
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action",
]
}
}
}
resource "azurerm_network_security_group" "private" {
name = "databricks-dev-northeurope-001-private-sg"
resource_group_name = var.resource_group
location = var.location
}
resource "azurerm_subnet_network_security_group_association" "private" {
subnet_id = azurerm_subnet.private.id
network_security_group_id = azurerm_network_security_group.private.id
}
resource "azurerm_subnet" "public" {
name = "databricks-dev-northeurope-001-public"
resource_group_name = var.resource_group
virtual_network_name = azurerm_virtual_network.neo4j_virt_network.name
address_prefixes = ["10.0.5.0/24"]
delegation {
name = "databricks-delegation"
service_delegation {
name = "Microsoft.Databricks/workspaces"
actions = [
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action",
]
}
}
}
resource "azurerm_network_security_group" "public" {
name = "databricks-dev-northeurope-001-public-sg"
resource_group_name = var.resource_group
location = var.location
}
resource "azurerm_subnet_network_security_group_association" "public" {
subnet_id = azurerm_subnet.public.id
network_security_group_id = azurerm_network_security_group.public.id
}
resource "azurerm_databricks_workspace" "databricks" {
name = "databricks-${var.env}-${var.location}-001"
resource_group_name = var.resource_group
location = var.location
sku = "standard"
managed_resource_group_name = "${var.company_name}-rg-databricks-workspace-${var.env}-${var.location}-001"
custom_parameters {
machine_learning_workspace_id = azurerm_machine_learning_workspace.ml_workspace.id
storage_account_name = "databrick${var.env}${random_string.db_code.result}"
virtual_network_id = azurerm_virtual_network.neo4j_virt_network.id
public_subnet_name = azurerm_subnet.public.name
public_subnet_network_security_group_association_id = azurerm_subnet_network_security_group_association.public.id
private_subnet_name = azurerm_subnet.private.name
private_subnet_network_security_group_association_id = azurerm_subnet_network_security_group_association.private.id
}
depends_on = [
azurerm_subnet_network_security_group_association.public,
azurerm_subnet_network_security_group_association.private,
]
tags = local.tags
}
來自除錯的訊息,關于網路物件中更改的子網數量:
2022-11-10T09:28:12.050 0200 [WARN] Provider "registry.terraform.io/hashicorp/azurerm" produced an unexpected new value for module.dev.azurerm_virtual_network.neo4j_virt_network during refresh.
- .subnet: actual set element cty.ObjectVal(map[string]cty.Value{"address_prefix":cty.StringVal("10.0.3.0/24"), "id":cty.StringVal("[...]"), "name":cty.StringVal("databricks-dev-northeurope-001-private"), "security_group":cty.StringVal("[...]")}) does not correlate with any element in plan
- .subnet: actual set element cty.ObjectVal(map[string]cty.Value{"address_prefix":cty.StringVal("10.0.5.0/24"), "id":cty.StringVal("[...]"), "name":cty.StringVal("databricks-dev-northeurope-001-public"), "security_group":cty.StringVal("[...]")}) does not correlate with any element in plan
- .subnet: length changed from 1 to 3
uj5u.com熱心網友回復:
不要subnet { ... }在 vnet 定義中使用塊,而是將子網創建為單獨的資源。
resource "azurerm_virtual_network" "neo4j_virt_network" {
name = "neo4j-virtnetwork-${var.env}-${var.location}-001"
address_space = ["10.0.0.0/16"]
location = var.location
resource_group_name = var.resource_group
tags = local.tags
}
resource "azurerm_subnet" "neo4j_virt_subnet" {
name = "neo4j-virtnetwork-subnet-${var.env}-${var.location}-001"
resource_group_name = var.resource_group
virtual_network_name = azurerm_virtual_network.neo4j_virt_network.name
address_prefixes = ["10.0.1.0/24"]
}
resource "azurerm_subnet_network_security_group_association" "neo4j_virt_nsg_assoc" {
subnet_id = azurerm_subnet.neo4j_virt_subnet.id
network_security_group_id = azurerm_network_security_group.neo4j_sg.id
}
uj5u.com熱心網友回復:
根據https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/virtual_network
Terraform 當前提供獨立的子網資源,并允許在虛擬網路資源中行內定義子網。目前,您不能將具有行內子網的虛擬網路與任何子網資源結合使用。這樣做會導致子網配置沖突并覆寫子網。
所以我將VM部分中的子網從行內重寫為獨立子網資源,然后手動將子網資源添加到tfstate中。現在一切正常
轉載請註明出處,本文鏈接:https://www.uj5u.com/qukuanlian/531609.html
標籤:天蓝色地形虚拟机数据块terraform-provider-azure