我非常熟悉 Terraform against AWS。 现在尝试将项目移植到 GCP 上。
我有一个相当简单的 .tf 文件:
resource "google_compute_network" "vpc" {
name = "${local.resource_prefix}-vpc"
auto_create_subnetworks = false
}
resource "google_compute_subnetwork" "public_subnet_1" {
name = "${local.resource_prefix}-public-subnet-1"
ip_cidr_range = local.subnet_public_1_cidr
network = google_compute_network.vpc.id
region = local.gcp_region
private_ip_google_access = false
}
这在第一个apply上创建良好,但是在每个后续apply,它要求我强制替换子网:
# google_compute_subnetwork.private_subnet_1 must be replaced
-/+ resource "google_compute_subnetwork" "private_subnet_1" {
~ creation_timestamp = "2020-06-11T08:12:27.002-07:00" -> (known after apply)
+ enable_flow_logs = (known after apply)
+ fingerprint = (known after apply)
~ gateway_address = "10.1.100.1" -> (known after apply)
~ id = "projects/(project-id)/regions/us-east1/subnetworks/foo-private-subnet-1" -> (known after apply)
ip_cidr_range = "10.1.100.0/24"
name = "foo-private-subnet-1"
~ network = "https://www.googleapis.com/compute/v1/projects/(project-name)/global/networks/foo-vpc" -> "projects/(project-id)/global/networks/foo-vpc" # forces replacement
private_ip_google_access = false
~ project = "(project-id)" -> (known after apply)
region = "us-east1"
~ secondary_ip_range = [] -> (known after apply)
~ self_link = "https://www.googleapis.com/compute/v1/projects/(project-name)/regions/us-east1/subnetworks/foo-private-subnet-1" -> (known after apply)
}
子网的network似乎是强制替换的原因,但这来自 VPC 属性,据我所知,我正在遵循我能找到的每个在线示例。
我错过了什么? 为什么网络中的名称和ID不匹配,还是其他原因?
我相信答案只是替换:
network = google_compute_network.vpc.id
跟
network = google_compute_network.vpc.self_link
self_link这个名字有点奇怪,而不是我到目前为止在几个教程中看到的,但它似乎工作正常。
请在每次申请后删除 .tfstate 文件和 .tfstate.backup 文件