使用 Terraform 从 Azure Marketplace 部署 AlienVault USM
问题描述 投票:0回答:1
有人有使用 Terraform 从 Azure 市场部署 AlienVault USM Linux VM 的成功/经验吗?
我有以下
main.tf# VM depends on NIC
# Create network interface first
resource "azurerm_network_interface" "nic" {
for_each = var.virtual_machines
name = each.value.nic_name
location = var.location
resource_group_name = var.resource_group_name
ip_configuration {
name = each.value.ip_configuration.name
subnet_id = each.value.ip_configuration.subnet_id
private_ip_address_allocation = each.value.ip_configuration.private_ip_address_allocation
private_ip_address = each.value.ip_configuration.private_ip_address
}
}
resource "azurerm_linux_virtual_machine" "vm" {
for_each = var.virtual_machines
name = each.value.name
computer_name = each.value.computer_name
location = var.location
resource_group_name = var.resource_group_name
size = var.vm_size
network_interface_ids = [azurerm_network_interface.nic[each.key].id]
availability_set_id = var.availability_set_name != "" ? azurerm_availability_set.avset[0].id : null
admin_username = var.admin_username
admin_password = var.admin_password
disable_password_authentication = false
dynamic "os_disk" {
for_each = {
for index, os_disk in each.value.os_disk : os_disk.name => os_disk
}
content {
name = os_disk.value.name
caching = os_disk.value.caching
storage_account_type = os_disk.value.storage_account_type
disk_size_gb = os_disk.value.disk_size_gb
}
}
dynamic "source_image_reference" {
for_each = {
for index, source_image_reference in each.value.source_image_reference : source_image_reference.publisher => source_image_reference
}
content {
publisher = source_image_reference.value.publisher
offer = source_image_reference.value.offer
sku = source_image_reference.value.sku
version = source_image_reference.value.version
}
}
}
# Optional availability set
resource "azurerm_availability_set" "avset" {
count = var.availability_set_name != "" ? 1 : 0
name = var.availability_set_name
location = var.location
resource_group_name = var.resource_group_name
managed = true
platform_fault_domain_count = 2 # For managed disks this can only be in the range of 1-2
}
# Data disks
resource "azurerm_managed_disk" "disk" {
for_each = {
for index, data_disk in var.data_disks : data_disk.name => data_disk
}
name = each.value.name
location = var.location
resource_group_name = var.resource_group_name
create_option = "Empty"
storage_account_type = each.value.storage_account_type
disk_size_gb = each.value.disk_size_gb
}
resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attach" {
for_each = {
for index, data_disk in var.data_disks : data_disk.name => data_disk
}
managed_disk_id = azurerm_managed_disk.disk[each.key].id
virtual_machine_id = values(azurerm_linux_virtual_machine.vm)[0].id
lun = each.value.lun
caching = each.value.caching
}
我正在从调用/子模块传递:
locals {
primary_location = "UK South"
environment = "dev"
rg_name = "rg-temp"
}
module "linux_vm" {
source = "../"
location = local.primary_location
resource_group_name = local.rg_name
vm_size = "Standard_B2ms"
admin_username = "xadmin " # Default user to create?
admin_password = "TerraPass11."
availability_set_name = ""
tags = {}
virtual_machines = {
"usm-001" = {
name = "usm-001"
computer_name = "usm-001"
os_disk = [
{
name = "usm-001-osdisk-001"
caching = "None"
storage_account_type = "StandardSSD_LRS"
disk_size_gb = 128
create_option = "FromImage"
}
]
source_image_reference = [
{
publisher = "alienvault"
offer = "unified-security-management-anywhere"
sku = "unified-security-management-anywhere"
version = "latest"
}
]
nic_name = "nic-dev-usm-001"
ip_configuration = {
name = "usm-001"
subnet_id = "/subscriptions/e286703f-8ba4-4a0d-xxxx-xxxxxxxxxxxx/resourceGroups/shared-networks/providers/Microsoft.Network/virtualNetworks/shared-vnet-10/subnets/1-24"
private_ip_address_allocation = "Static"
private_ip_address = "10.10.1.20"
}
}
}
data_disks = [
{
name = "data-disk-001-usm-001"
caching = "None"
create_option = "Empty"
storage_account_type = "StandardSSD_LRS"
disk_size_gb = 50
lun = 1
}
]
}
但是它抱怨与存储有关的事情? (我认为它对dataDisks特别不满意?)。
│ Error: creating Linux Virtual Machine (Subscription: "e286703f-8ba4-4a0d-xxxx-xxxxxxxxxxxx"
│ Resource Group Name: "rg-temp"
│ Virtual Machine Name: "usm-001"): performing CreateOrUpdate: unexpected status 400 (400 Bad Request) with error: InvalidParameter: StorageProfile.dataDisks.lun does not have required value(s) for image specified in storage profile.
│
│ with module.linux_vm.azurerm_linux_virtual_machine.vm["usm-001"],
│ on ../main.tf line 18, in resource "azurerm_linux_virtual_machine" "vm":
│ 18: resource "azurerm_linux_virtual_machine" "vm" {
针对标准 Ubuntu Marketplace 服务器映像选择运行此程序可以正常工作,我最终得到一个带有 x1 操作系统磁盘和 x1 连接的空数据磁盘的 Linux 虚拟机。
Azure 上的市场 AlienVault 图像并没有真正提供太多信息。我尝试在 UI 中运行 Azure 部署向导来查看它创建的 ARM 模板类型,我将其视为整个模板的一部分:
"dataDisks1": {
"value": [
{
"lun": 0,
"createOption": "fromImage",
"deleteOption": "Detach",
"caching": "None",
"writeAcceleratorEnabled": false,
"id": null,
"name": null,
"storageAccountType": null,
"diskSizeGB": null,
"tier": null,
"diskEncryptionSet": null
}
]
},
为什么需要使用
FromImage我的理解是,如果你将Terrafrom Azure数据磁盘
create_optionFromImagesource_image_reference很遗憾,AlienVault 网站上没有我能看到的任何类型的 Terraform 文档。
有人有过这样的经历吗?
感谢任何人可能提供的任何指导。
谢谢。
1个回答
0
投票
投票
使用 Terraform 从 Azure Marketplace 部署 AlienVault USM
你好Scott,似乎你已经找到了问题的解决方案,我只是将其发布在这里,以方便其他在 SO 上面临类似问题的人。如果需要,请随时添加任何要点/您的意见。
您在评论中提到的内容正在步入正轨,因为如果供应商发布了 Marketplace 映像,他们可能会在部署该映像时指定需要与该映像关联的某些计划,这通常发生在
azurerm_virtual_machine 中azurerm_linux_virtual_machine。有时,操作系统规范也可能是这些情况的问题。
我根据建议尝试了一个演示 terraform 代码,这对于可能尝试配置相同图像虚拟机的社区人员很有帮助。
配置:
resource "azurerm_virtual_machine" "vm" {
name = "usm-001"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
network_interface_ids = [azurerm_network_interface.nic.id]
vm_size = "Standard_B2ms"
storage_os_disk {
name = "usm-001-osdisk-001"
caching = "None"
create_option = "FromImage"
managed_disk_type = "StandardSSD_LRS"
}
os_profile {
computer_name = "usm-001"
admin_username = "xadmin"
admin_password = "TerraPass11." # Use a strong password
}
os_profile_linux_config {
disable_password_authentication = false
}
storage_image_reference {
publisher = "alienvault"
offer = "unified-security-management-anywhere"
sku = "unified-security-management-anywhere"
version = "latest"
}
plan {
name = "unified-security-management-anywhere"
product = "unified-security-management-anywhere"
publisher = "alienvault"
}
}
resource "azurerm_managed_disk" "data_disk" {
name = "data-disk-001"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
create_option = "Empty"
storage_account_type = "StandardSSD_LRS"
disk_size_gb = 50
depends_on = [ azurerm_virtual_machine.vm ]
}
resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attach" {
managed_disk_id = azurerm_managed_disk.data_disk.id
virtual_machine_id = azurerm_virtual_machine.vm.id
lun = 1 # Logical Unit Number for the data disk
caching = "None"
depends_on = [ azurerm_virtual_machine.vm, azurerm_managed_disk.data_disk ]
}
部署:
参考:
最新问题
- 将 Redux DevTools 添加到裸 React Native Proj
- 如何在 Firefox 中将图像复制到剪贴板
- 安装cargo-flash时提示“找不到系统库libudev”如何解决?
- 如何列出修改过的文件?
- JTextPane/JEditorPane 显示 HTML <!--comment-->
- CGAL Delauny Triangulation 的优化,因为 C++ 非常慢
- 如何使用SQL Developer根据值出现的次数获取值
- 为什么两个 Date() 构造函数返回自 2024 年 1 月 31 日和 2024 年 2 月 2 日以来相同的毫秒数? [重复]
- Cloudflare R2 可跨 AWS 区域移动数据
- 选择 n:m 关系中不相关的
- 使用 LC3 模拟器计算二进制数中 1 的数量
- Windows 防火墙阻止了 IntelliJ IDEA 的某些功能
- “gh auth login”是否创建 GITHUB_TOKEN 或 GH_TOKEN?
- 如何让图像在其容器内生长以创建缩放效果?
- Java Spring Boot 和 Hibernate 6 中的自定义序列名称策略
- Golang request.Body.Close() 返回一个空文档
- 无法在单个 dex 文件中容纳请求的类(# 方法:86965 > 65536)
- 如何修复这个 ParameterizedType 错误,该错误在调试模式下工作正常,但在发布模式下却不起作用?
- 使用 C# 指定 DateTime 对象并转换为 Unix 格式
- 我如何在vue js中引用body标签“正确的方式”
© www.soinside.com 2019 - 2024. All rights reserved.