我希望使用Terraform在AWS中旋转域控制器。我已经尝试通过UserData传递所有命令,但是我只是找不到重新启动后运行命令的方法。
这是我的用户:
workflow Rename-And-Continue {
Rename-Computer -NewName "HACKDC" -Force -Passthru
Restart-Computer -Wait
Install-WindowsFeature AD-Domain-Services, rsat-adds -IncludeAllSubFeature
Install-ADDSForest -DomainName hackdc -SafeModeAdministratorPassword (ConvertTo-SecureString "SOMEPASSWORD" -AsPlainText -Force) -DomainMode Win2012R2 -DomainNetbiosName HACKDC -ForestMode Win2012R2 -Confirm:$false -Force
Restart-Service NetLogon -EA 0
Get-Service -Name ADWS; while($s.Status -ne "Running") {Start-Service ADWS; Start-Sleep 3};
}
$AtStartup = New-JobTrigger -AtStartup
Register-ScheduledJob -Name testWorkflow -Trigger $AtStartup -ScriptBlock {Import-Module PSWorkflow; Get-Job testWorkflow -State Suspended | Resume-Job};
Rename-And-Continue -AsJob -JobName testWorkflow
这里的主要问题是可以做些什么来确保工作流程正确运行,以便我可以设置环境即使需要多个重新启动(是的,我知道以上并不是适当配置DC的每个步骤,只是片段(
您当前的脚本仅等待计算机重新启动。
-Wait <SwitchParameter>
Indicates that this cmdlet suppresses the Windows PowerShell prompt and blocks the pipeline
until all of the computers have restarted. You can use this parameter in a script to restart
computers and then continue to process when the restart is finished.
为了继续运行脚本,您可能需要使用以下内容。
# This will restart the computer. Then delay 2 seconds.
# Then wait for PowerShell to become available again.
# It will also timeout after 300 seconds (5 mins).
Restart-Computer -Wait -For PowerShell -Timeout 300 -Delay 2
有关更多信息,只需使用带有-EXAMPLES标志的Get -Help CMDLET即可。具体的示例将是以下。
PS C:>Restart-Computer -ComputerName "Server01" -Wait -For PowerShell -Timeout 300 -Delay 2
This command restarts the Server01 remote computer and then waits up to 5 minutes (300 seconds)
for Windows PowerShell to be available on the restarted computer before it continues.
https://docs.aws.amazon.com/awsec2/latest/windowsguide/ec2-windows-user-data.html#user-data-data-scripts-scripts-scripts-sibs-subsequent
EC2的用户达塔仅用于默认情况下的初始启动。查看上面的链接以获取配置编辑以更改此链接。请注意,您的UserData现在需要学习每次运行的步骤,或者它将仅重复运行第一个命令(重命名实例,重新启动(。它需要通过记录或其他内容在实例中遗留状态,或者需要在重新运行之前检查步骤。