我正在尝试使用bot . VPC验证amazon VPC的内容。但是它不是验证子网的内容,而是尝试创建子网。我在init中给出了现有子网的详细信息。sls文件:
Ensure VPC exists:
boto_vpc.present:
- name: dlab
- cidr_block: 10.xx.xx.0/24
- dns_hostnames: True
- region: us-east-1
- keyid: keyid
- key: key
Ensure subnet exists:
boto_vpc.subnet_present:
- name: dlab
- vpc_id: vpc-xxxxxxx
- cidr_block: 10.xx.xx.0/24
- region: us-east-1
- keyid: keyid
- key: key
当我运行这个命令时,我得到的结果是:
[root@salt get_vpc]# salt '*' state.apply
salt.localdomain:
----------
ID: Ensure VPC exists
Function: boto_vpc.present
Name: dlab
Result: True
Comment: VPC present.
Started: 14:36:19.166569
Duration: 312.981 ms
Changes:
----------
ID: Ensure subnet exists
Function: boto_vpc.subnet_present
Name: dlab
Result: False
Comment: Failed to create subnet: Bad Request: The CIDR '10.60.58.0/24' conflicts with another subnet
Started: 14:36:19.479896
Duration: 355.565 ms
Changes:
Summary for salt.localdomain
------------
Succeeded: 1
Failed: 1
------------
Total states run: 2
Total run time: 668.546 ms
ERROR: Minions returned with non-zero exit code
VPC校验成功。但是salt试图创建一个新的子网,而不是告诉我已经存在的子网。在"确保子网存在"下的top文件中指定的子网名称正确!
为什么会发生这种情况?如何让salt验证子网而不是尝试创建子网?
我建议这个解决方案,我还没有测试过,但如果你有subnet_id那么你可能能够使用它
Ensure subnet exists:
module.run:
- name: boto_vpc.subnet_exists
- subnet_id: subnet-foo-id
该模块将检查子网是否存在。如果子网存在,则返回True,否则返回False。根据docs