通过Terraform安装GKE和Anthos

我试图启动一个GKE集群，然后安装Anthos，但是我遇到了以下问题:

module "gke" {
source                      = "./gke_private_cluster"
project_id                  = var.project_id
name                        = var.cluster_name
regional                    = false
region                      = var.region
zones                       = var.zones
network                     = module.gcp-network.network_name
subnetwork                  = module.gcp-network.subnets_names[0]
ip_range_pods               = var.ip_range_pods
ip_range_services           = var.ip_range_services
}
module "gke_node_pool11" {
count                          = var.count_primary_np
source                         = "./gke_node_pool"
project_id                     = var.project_id
gke_cluster_name               = module.gke.name
node_pool_name                 = "${var.node_pool_name}-${count.index + 1}"
region                         = var.region
regional                       = var.regional
zones                          = var.zones_01
gke_cluster_min_master_version = var.gke_cluster_min_master_version
image_type                     = var.image_type
machine_type                   = var.machine_type_01[count.index]
preemptible                    = false
}
module "gke_node_pool_preemptible22" {
count                          = var.count_preemptible_np
source                         = "./gke_node_pool"
project_id                     = var.project_id
gke_cluster_name               = module.gke.name
node_pool_name                 = "${var.preemptible_node_pool_name}-${count.index + 1}"
region                         = var.region
regional                       = var.regional
zones                          = var.zones_02
gke_cluster_min_master_version = var.gke_cluster_min_master_version
image_type                     = var.image_type
machine_type                   = var.machine_type_02[count.index]
preemptible                    = true
}
module "hub-primary" {
source                  = "terraform-google-modules/kubernetes-engine/google//modules/hub"
project_id              = var.project_id
cluster_name            = module.gke.name
cluster_endpoint        = module.gke.endpoint
location                = module.gke.location
gke_hub_membership_name = "primary"
gke_hub_sa_name         = "primary"
}
module "asm" {
source                = "github.com/terraform-google-modules/terraform-google-kubernetes-engine//modules/asm"
cluster_name          = module.gke.name
cluster_endpoint      = module.gke.endpoint
project_id            = var.project_id
location              = module.gke.location
enable_all            = true
enable_cluster_roles  = true
enable_cluster_labels = false
enable_gcp_apis       = true
enable_gcp_iam_roles  = false
enable_gcp_components = true
enable_registration   = false
asm_version           = "1.10"
managed_control_plane = false
options               = ["envoy-access-log,egressgateways"]
skip_validation       = false
outdir                = "./${module.gke.name}-outdir-${var.asm_version}"
}

当我运行上面的地形代码时，我遇到以下错误:

dial tcp 35.244.8.53:443: connect: connection refused not found
│ Error: failed to install manifests: errors occurred during operation
│ 2021-09-06T08:23:21.219364 install_asm_1.10: [WARNING]: Failed, retrying...(1 of 5)
│ 2021-09-06T08:23:23.252989 install_asm_1.10: Running: './istio-1.10.4-asm.6/bin/istioctl install -f asm/istio/istio-operator.yaml -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml01 -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml01 --set
│ revision=asm-1104-6 -c asm_kubeconfig --skip-confirmation'
│ 2021-09-06T08:23:23.284655 install_asm_1.10: -------------
│ Error: Get "https://35.244.8.53/api?timeout=32s": dial tcp 35.244.8.53:443: connect: connection refused
│ 2021-09-06T08:23:23.516704 install_asm_1.10: [WARNING]: Failed, retrying...(2 of 5)
│ 2021-09-06T08:23:27.574012 install_asm_1.10: Running: './istio-1.10.4-asm.6/bin/istioctl install -f asm/istio/istio-operator.yaml -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml01 -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml01 --set
│ revision=asm-1104-6 -c asm_kubeconfig --skip-confirmation'
│ 2021-09-06T08:23:27.617173 install_asm_1.10: -------------
│ Error: Get "https://35.244.8.53/api?timeout=32s": dial tcp 35.244.8.53:443: connect: connection refused
│ 2021-09-06T08:23:27.836374 install_asm_1.10: [WARNING]: Failed, retrying...(3 of 5)
│ 2021-09-06T08:23:33.873300 install_asm_1.10: Running: './istio-1.10.4-asm.6/bin/istioctl install -f asm/istio/istio-operator.yaml -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml01 -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml01 --set
│ revision=asm-1104-6 -c asm_kubeconfig --skip-confirmation'
│ 2021-09-06T08:23:33.902169 install_asm_1.10: -------------
│ Error: Get "https://35.244.8.53/api?timeout=32s": dial tcp 35.244.8.53:443: connect: connection refused
│ 2021-09-06T08:23:34.117136 install_asm_1.10: [WARNING]: Failed, retrying...(4 of 5)
│ 2021-09-06T08:23:42.149546 install_asm_1.10: Running: './istio-1.10.4-asm.6/bin/istioctl install -f asm/istio/istio-operator.yaml -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-envoy-access-log.yaml01 -f
│ /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml00 -f /home/sanjay_m/terraform-gcp-3/santest-outdir-1.10/overlay-egressgateways.yaml01 --set
│ revision=asm-1104-6 -c asm_kubeconfig --skip-confirmation'
│ 2021-09-06T08:23:42.181575 install_asm_1.10: -------------
│ Error: Get "https://35.244.8.53/api?timeout=32s": dial tcp 35.244.8.53:443: connect: connection refused
│ 2021-09-06T08:23:42.398271 install_asm_1.10: [WARNING]: Failed, retrying...(5 of 5)
│ + cleanup
│ + rm -rf /tmp/kubectl_wrapper_24744_28603
│
╵
╷
│ Error: Error creating service account: Post "https://iam.googleapis.com/v1/projects/xxx/serviceAccounts?alt=json&prettyPrint=false": oauth2/google: incomplete token received from metadata
│
│   with module.hub-primary.google_service_account.gke_hub_sa[0],
│   on .terraform/modules/hub-primary/modules/hub/main.tf line 33, in resource "google_service_account" "gke_hub_sa":
│   33: resource "google_service_account" "gke_hub_sa" {

假设端点在集群完全完成之前还没有准备好，尝试为模块hub-primary和asm添加depend_on标志，结果出现以下错误:

depend_on = [module.gke_node_pool11, module.gke_node_pool_preemptible22]

Error: Invalid count argument
│
│   on .terraform/modules/asm.asm_install/main.tf line 57, in resource "random_id" "cache":
│   57:   count = (! local.skip_download) ? 1 : 0
│
│ The "count" value depends on resource attributes that cannot be determined until apply, so Terraform cannot predict how many instances will be created. To work around this, use
│ the -target argument to first apply only the resources that the count depends on.

我如何使asm和hub-primary模块在集群创建时等待，因为如果我先分割集群创建，然后运行模块hub-primary和asm，那么terraform脚本可以正常工作?

我错过什么了吗?

谢谢你!

不使用内置的"depends_on"，使用asm模块调用的变量"module_depends_on = [module.kubernetes_cluster]">

相关内容

最新更新

热门标签：