티스토리 뷰
<참조>
https://docs.microsoft.com/ko-kr/azure/terraform/terraform-create-vm-scaleset-network-disks-hcl
https://docs.microsoft.com/en-us/azure/terraform/terraform-create-vm-scaleset-network-disks-hcl
Azure 가상 머신 확장 집(scale sets)합을 사용하면 동일한 VM을 구성할 수 있다. VM 인스턴스 수는 수요 또는 일정에 따라 조정할 수 있다. 자세한 내용은 Azure Portal에 설정된 가상 머신 자동 조정을 참조한다.
이 자습서에서는 Azure Cloud Shell을 사용하여 다음 작업을 수행하는 방법을 알아본다.
- Terraform 배포 설정
- Terraform 배포용 변수 및 출력 사용
- 네트워크 인프라 만들기 및 배포
- 가상 머신 확장 집합을 만들어 배포하고 네트워크에 연결
- jumpbox를 만들어 배포하고 SSH를 통해 VM에 연결
|
참고 이 문서에서 사용되는 Terraform 구성 파일의 최신 버전은 GitHub의 Awesome Terraform 리포지토리에 있다. (원문의 내용을 커스터마이징하며 진행하므로 내용상 차이가 있을 수 있음을 참고한다.)
|
디렉토리 구조 만들기
먼저 실습을 위한 디렉토리를 생성하고 VS Code로 연다.
|
도움말 실습환경 구성에 대한 정보를 보려면 01 Azure 실습을 위한 Visual Studio Code 환경 구성을 참조한다.
|
vsss 디렉토리를 만들고 해당 디렉토리로 이동한다.
|
mkdir vmss cd mvss
|
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson$ mkdir vmss
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson$ cd vmss/
디렉토리 구조 만들기
이 섹션에서는 Terraform에서 만든 리소스를 사용자 지정하는 변수를 정의한다.
1. variables.tf라는 파일을 만든다.
2. 다음 코드를 붙여넣고 저장한다.
variable "location" {
description = "The location where resources will be created"
default = "koreacentral"
}
variable "tags" {
description = "A map of the tags to use for the resources that are deployed"
type = "map"
default = {
environment = "codelab"
}
}
variable "resource_group_name" {
description = "The name of the resource group in which the resources will be created"
default = "myResourceGroup"
}
출력 정의 파일 만들기
이 섹션에서는 Terraform에서 만든 리소스를 사용자 지정하는 변수를 정의한다.
1. output.tf 라는 파일을 만든다.
2. 다음 코드를 붙여넣고 저장한다.
output "vmss_public_ip" {
value = azurerm_public_ip.vmss.fqdn
}
템플릿에 네트워크 인프라 정의
이 섹션에서는 새 Azure 리소스 그룹에 다음과 같은 네트워크 인프라를 만든다.
- 주소 공간이 10.0.0.0/16인 VNET(가상 네트워크) 1개
- 주소 공간이 10.0.2.0/24인 서브넷 1개
- 2개의 공용 IP 주소. 하나는 가상 머신 확장 집합 부하 분산 장치에서 사용되고 다른 하나는 SSH jumpbox에 연결하는 데 사용된다.
1. vmss.tf라는 파일을 만들어 가상 머신 확장 집합 인프라를 설명한다.
2. 파일 끝에 다음 코드를 붙여넣고 저장한다. 가상 머신의 FQDN(정규화된 도메인 이름)을 표시한다.
resource "azurerm_resource_group" "vmss" {
name = var.resource_group_name
location = var.location
tags = var.tags
}
resource "random_string" "fqdn" {
length = 6
special = false
upper = false
number = false
}
resource "azurerm_virtual_network" "vmss" {
name = "vmss-vnet"
address_space = ["10.0.0.0/16"]
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
tags = var.tags
}
resource "azurerm_subnet" "vmss" {
name = "vmss-subnet"
resource_group_name = azurerm_resource_group.vmss.name
virtual_network_name = azurerm_virtual_network.vmss.name
address_prefix = "10.0.2.0/24"
}
resource "azurerm_public_ip" "vmss" {
name = "vmss-public-ip"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
allocation_method = "Static"
domain_name_label = random_string.fqdn.result
tags = var.tags
}
네트워크 인프라 프로비전
구성 파일(.tf)을 만든 디렉터리에서 다음 단계를 수행한다.
1. Terraform을 초기화한다.
|
terraform init |
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ terraform init
Initializing the backend...
Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "azurerm" (hashicorp/azurerm) 1.44.0...
- Downloading plugin for provider "random" (hashicorp/random) 2.2.1...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.azurerm: version = "~> 1.44"
* provider.random: version = "~> 2.2"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
2. 다음 명령을 실행하여 Azure에 정의된 인프라를 배포한다.
|
terraform apply |
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ terraform apply
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# azurerm_public_ip.vmss will be created
+ resource "azurerm_public_ip" "vmss" {
+ allocation_method = "Static"
+ domain_name_label = (known after apply)
+ fqdn = (known after apply)
+ id = (known after apply)
+ idle_timeout_in_minutes = 4
+ ip_address = (known after apply)
+ ip_version = "IPv4"
+ location = "koreacentral"
+ name = "vmss-public-ip"
+ public_ip_address_allocation = (known after apply)
+ resource_group_name = "myResourceGroup"
+ sku = "Basic"
+ tags = {
+ "environment" = "codelab"
}
}
# azurerm_resource_group.vmss will be created
+ resource "azurerm_resource_group" "vmss" {
+ id = (known after apply)
+ location = "koreacentral"
+ name = "myResourceGroup"
+ tags = {
+ "environment" = "codelab"
}
}
# azurerm_subnet.vmss will be created
+ resource "azurerm_subnet" "vmss" {
+ address_prefix = "10.0.2.0/24"
+ enforce_private_link_endpoint_network_policies = false
+ enforce_private_link_service_network_policies = false
+ id = (known after apply)
+ ip_configurations = (known after apply)
+ name = "vmss-subnet"
+ resource_group_name = "myResourceGroup"
+ virtual_network_name = "vmss-vnet"
}
# azurerm_virtual_network.vmss will be created
+ resource "azurerm_virtual_network" "vmss" {
+ address_space = [
+ "10.0.0.0/16",
]
+ id = (known after apply)
+ location = "koreacentral"
+ name = "vmss-vnet"
+ resource_group_name = "myResourceGroup"
+ tags = {
+ "environment" = "codelab"
}
+ subnet {
+ address_prefix = (known after apply)
+ id = (known after apply)
+ name = (known after apply)
+ security_group = (known after apply)
}
}
# random_string.fqdn will be created
+ resource "random_string" "fqdn" {
+ id = (known after apply)
+ length = 6
+ lower = true
+ min_lower = 0
+ min_numeric = 0
+ min_special = 0
+ min_upper = 0
+ number = false
+ result = (known after apply)
+ special = false
+ upper = false
}
Plan: 5 to add, 0 to change, 0 to destroy.
Warning: Quoted type constraints are deprecated
on variables.tf line 8, in variable "tags":
8: type = "map"
Terraform 0.11 and earlier required type constraints to be given in quotes,
but that form is now deprecated and will be removed in a future version of
Terraform. To silence this warning, remove the quotes around "map" and write
map(string) instead to explicitly indicate that the map elements are strings.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
random_string.fqdn: Creating...
random_string.fqdn: Creation complete after 0s [id=mtjsaj]
azurerm_resource_group.vmss: Creating...
azurerm_resource_group.vmss: Creation complete after 0s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup]
azurerm_virtual_network.vmss: Creating...
azurerm_public_ip.vmss: Creating...
azurerm_public_ip.vmss: Creation complete after 7s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip]
azurerm_virtual_network.vmss: Still creating... [10s elapsed]
azurerm_virtual_network.vmss: Creation complete after 11s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet]
azurerm_subnet.vmss: Creating...
azurerm_subnet.vmss: Still creating... [10s elapsed]
azurerm_subnet.vmss: Creation complete after 11s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet]
Apply complete! Resources: 5 added, 0 changed, 0 destroyed.
Outputs:
vmss_public_ip = mtjsaj.koreacentral.cloudapp.azure.com
2. Terraform은 output.tf 파일에 정의된 대로 출력을 프린트한다. 다음 스크린샷과 같이 FQDN은 <ID>.<location>.cloudapp.azure.com 형식을 사용한다.
3. Azure Portal의 myResourceGroup 리소스 그룹을 선택하여 Terraform에서 만든 리소스를 확인한다.
가상 머신 확장 집합 추가
이 섹션에서는 다음 리소스를 템플릿에 추가하는 방법에 대해 알아본다.
- 하나의 Azure Load Balancer 및 애플리케이션을 제공하여 이 문서의 앞에서 구성된 공용 IP 주소에 연결하는 규칙
- Azure 백 엔드 주소 풀 및 이를 부하 분산 장치에 할당
- 애플리케이션에서 사용되고 부하 분산 장치에 구성된 상태 프로브 포트
- 이 문서의 앞부분에서 배포한 VNET에서 실행 중인, 부하 분산 장치 뒤에 있는 가상 머신 확장 집합
- cloud-init를 사용하는 가상 머신 확장의 노드에 있는 Nginx
1. vmss.tf 구성 파일을 연다.
2. 파일 끝에 다음 코드를 붙여넣고 저장한다.
resource "azurerm_lb" "vmss" {
name = "vmss-lb"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
frontend_ip_configuration {
name = "PublicIPAddress"
public_ip_address_id = azurerm_public_ip.vmss.id
}
tags = var.tags
}
resource "azurerm_lb_backend_address_pool" "bpepool" {
resource_group_name = azurerm_resource_group.vmss.name
loadbalancer_id = azurerm_lb.vmss.id
name = "BackEndAddressPool"
}
resource "azurerm_lb_probe" "vmss" {
resource_group_name = azurerm_resource_group.vmss.name
loadbalancer_id = azurerm_lb.vmss.id
name = "ssh-running-probe"
port = var.application_port
}
resource "azurerm_lb_rule" "lbnatrule" {
resource_group_name = azurerm_resource_group.vmss.name
loadbalancer_id = azurerm_lb.vmss.id
name = "http"
protocol = "Tcp"
frontend_port = var.application_port
backend_port = var.application_port
backend_address_pool_id = azurerm_lb_backend_address_pool.bpepool.id
frontend_ip_configuration_name = "PublicIPAddress"
probe_id = azurerm_lb_probe.vmss.id
}
resource "azurerm_virtual_machine_scale_set" "vmss" {
name = "vmscaleset"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
upgrade_policy_mode = "Manual"
sku {
name = "Standard_DS1_v2"
tier = "Standard"
capacity = 2
}
storage_profile_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
}
storage_profile_os_disk {
name = ""
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
storage_profile_data_disk {
lun = 0
caching = "ReadWrite"
create_option = "Empty"
disk_size_gb = 10
}
os_profile {
computer_name_prefix = "vmlab"
admin_username = var.admin_user
admin_password = var.admin_password
custom_data = file("web.conf")
}
os_profile_linux_config {
disable_password_authentication = false
}
network_profile {
name = "terraformnetworkprofile"
primary = true
ip_configuration {
name = "IPConfiguration"
subnet_id = azurerm_subnet.vmss.id
load_balancer_backend_address_pool_ids = [azurerm_lb_backend_address_pool.bpepool.id]
primary = true
}
}
tags = var.tags
}
2. 확장 집합의 일부인 가상 머신의 cloud-init 구성 역할을 수행할 web.conf 파일을 만들고 다음 코드를 붙여넣고 저장한다.
#cloud-config
packages:
- nginx
3. variables.tf 구성 파일을 연다.
4. 파일 끝에 다음 코드를 붙여넣고 저장한다. .
variable "application_port" {
description = "The port that you want to expose to the external load balancer"
default = 80
}
variable "admin_user" {
description = "User name to use as the admin account on the VMs that will be part of the VM Scale Set"
default = "azureuser"
}
variable "admin_password" {
description = "Default password for admin account"
default = "Passw0rd"
}
5. 가상 머신 확장 집합 배포를 시각화할 Terraform 계획을 만든다. .
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
random_string.fqdn: Refreshing state... [id=mtjsaj]
azurerm_resource_group.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup]
azurerm_virtual_network.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet]
azurerm_public_ip.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip]
azurerm_subnet.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet]
------------------------------------------------------------------------
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# azurerm_lb.vmss will be created
+ resource "azurerm_lb" "vmss" {
+ id = (known after apply)
+ location = "koreacentral"
+ name = "vmss-lb"
+ private_ip_address = (known after apply)
+ private_ip_addresses = (known after apply)
+ resource_group_name = "myResourceGroup"
+ sku = "Basic"
+ tags = {
+ "environment" = "codelab"
}
+ frontend_ip_configuration {
+ id = (known after apply)
+ inbound_nat_rules = (known after apply)
+ load_balancer_rules = (known after apply)
+ name = "PublicIPAddress"
+ outbound_rules = (known after apply)
+ private_ip_address = (known after apply)
+ private_ip_address_allocation = (known after apply)
+ public_ip_address_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip"
+ public_ip_prefix_id = (known after apply)
+ subnet_id = (known after apply)
}
}
# azurerm_lb_backend_address_pool.bpepool will be created
+ resource "azurerm_lb_backend_address_pool" "bpepool" {
+ backend_ip_configurations = (known after apply)
+ id = (known after apply)
+ load_balancing_rules = (known after apply)
+ loadbalancer_id = (known after apply)
+ name = "BackEndAddressPool"
+ resource_group_name = "myResourceGroup"
}
# azurerm_lb_probe.vmss will be created
+ resource "azurerm_lb_probe" "vmss" {
+ id = (known after apply)
+ interval_in_seconds = 15
+ load_balancer_rules = (known after apply)
+ loadbalancer_id = (known after apply)
+ name = "ssh-running-probe"
+ number_of_probes = 2
+ port = 80
+ protocol = (known after apply)
+ resource_group_name = "myResourceGroup"
}
# azurerm_lb_rule.lbnatrule will be created
+ resource "azurerm_lb_rule" "lbnatrule" {
+ backend_address_pool_id = (known after apply)
+ backend_port = 80
+ disable_outbound_snat = false
+ enable_floating_ip = false
+ frontend_ip_configuration_id = (known after apply)
+ frontend_ip_configuration_name = "PublicIPAddress"
+ frontend_port = 80
+ id = (known after apply)
+ idle_timeout_in_minutes = (known after apply)
+ load_distribution = (known after apply)
+ loadbalancer_id = (known after apply)
+ name = "http"
+ probe_id = (known after apply)
+ protocol = "Tcp"
+ resource_group_name = "myResourceGroup"
}
# azurerm_virtual_machine_scale_set.vmss will be created
+ resource "azurerm_virtual_machine_scale_set" "vmss" {
+ automatic_os_upgrade = false
+ id = (known after apply)
+ license_type = (known after apply)
+ location = "koreacentral"
+ name = "vmscaleset"
+ overprovision = true
+ resource_group_name = "myResourceGroup"
+ single_placement_group = true
+ tags = {
+ "environment" = "codelab"
}
+ upgrade_policy_mode = "Manual"
+ identity {
+ identity_ids = (known after apply)
+ principal_id = (known after apply)
+ type = (known after apply)
}
+ network_profile {
+ ip_forwarding = false
+ name = "terraformnetworkprofile"
+ primary = true
+ ip_configuration {
+ application_gateway_backend_address_pool_ids = []
+ application_security_group_ids = []
+ load_balancer_backend_address_pool_ids = (known after apply)
+ load_balancer_inbound_nat_rules_ids = (known after apply)
+ name = "IPConfiguration"
+ primary = true
+ subnet_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet"
}
}
+ os_profile {
+ admin_password = (sensitive value)
+ admin_username = "azureuser"
+ computer_name_prefix = "vmlab"
+ custom_data = "1c9d44e3837fb1bba343e034c142cbe4a22a0eac"
}
+ os_profile_linux_config {
+ disable_password_authentication = false
}
+ sku {
+ capacity = 2
+ name = "Standard_DS1_v2"
+ tier = "Standard"
}
+ storage_profile_data_disk {
+ caching = "ReadWrite"
+ create_option = "Empty"
+ disk_size_gb = 10
+ lun = 0
+ managed_disk_type = (known after apply)
}
+ storage_profile_image_reference {
+ offer = "UbuntuServer"
+ publisher = "Canonical"
+ sku = "16.04-LTS"
+ version = "latest"
}
+ storage_profile_os_disk {
+ caching = "ReadWrite"
+ create_option = "FromImage"
+ managed_disk_type = "Standard_LRS"
+ vhd_containers = []
}
}
Plan: 5 to add, 0 to change, 0 to destroy.
Warning: Quoted type constraints are deprecated
on variables.tf line 8, in variable "tags":
8: type = "map"
Terraform 0.11 and earlier required type constraints to be given in quotes,
but that form is now deprecated and will be removed in a future version of
Terraform. To silence this warning, remove the quotes around "map" and write
map(string) instead to explicitly indicate that the map elements are strings.
------------------------------------------------------------------------
Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
명령의 출력은 다음 스크린샷과 유사해야 한다.
6. Azure에서 새 리소스를 배포한다.
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ terraform apply
random_string.fqdn: Refreshing state... [id=mtjsaj]
azurerm_resource_group.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup]
azurerm_virtual_network.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet]
azurerm_public_ip.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip]
azurerm_subnet.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# azurerm_lb.vmss will be created
+ resource "azurerm_lb" "vmss" {
+ id = (known after apply)
+ location = "koreacentral"
+ name = "vmss-lb"
+ private_ip_address = (known after apply)
+ private_ip_addresses = (known after apply)
+ resource_group_name = "myResourceGroup"
+ sku = "Basic"
+ tags = {
+ "environment" = "codelab"
}
+ frontend_ip_configuration {
+ id = (known after apply)
+ inbound_nat_rules = (known after apply)
+ load_balancer_rules = (known after apply)
+ name = "PublicIPAddress"
+ outbound_rules = (known after apply)
+ private_ip_address = (known after apply)
+ private_ip_address_allocation = (known after apply)
+ public_ip_address_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip"
+ public_ip_prefix_id = (known after apply)
+ subnet_id = (known after apply)
}
}
# azurerm_lb_backend_address_pool.bpepool will be created
+ resource "azurerm_lb_backend_address_pool" "bpepool" {
+ backend_ip_configurations = (known after apply)
+ id = (known after apply)
+ load_balancing_rules = (known after apply)
+ loadbalancer_id = (known after apply)
+ name = "BackEndAddressPool"
+ resource_group_name = "myResourceGroup"
}
# azurerm_lb_probe.vmss will be created
+ resource "azurerm_lb_probe" "vmss" {
+ id = (known after apply)
+ interval_in_seconds = 15
+ load_balancer_rules = (known after apply)
+ loadbalancer_id = (known after apply)
+ name = "ssh-running-probe"
+ number_of_probes = 2
+ port = 80
+ protocol = (known after apply)
+ resource_group_name = "myResourceGroup"
}
# azurerm_lb_rule.lbnatrule will be created
+ resource "azurerm_lb_rule" "lbnatrule" {
+ backend_address_pool_id = (known after apply)
+ backend_port = 80
+ disable_outbound_snat = false
+ enable_floating_ip = false
+ frontend_ip_configuration_id = (known after apply)
+ frontend_ip_configuration_name = "PublicIPAddress"
+ frontend_port = 80
+ id = (known after apply)
+ idle_timeout_in_minutes = (known after apply)
+ load_distribution = (known after apply)
+ loadbalancer_id = (known after apply)
+ name = "http"
+ probe_id = (known after apply)
+ protocol = "Tcp"
+ resource_group_name = "myResourceGroup"
}
# azurerm_virtual_machine_scale_set.vmss will be created
+ resource "azurerm_virtual_machine_scale_set" "vmss" {
+ automatic_os_upgrade = false
+ id = (known after apply)
+ license_type = (known after apply)
+ location = "koreacentral"
+ name = "vmscaleset"
+ overprovision = true
+ resource_group_name = "myResourceGroup"
+ single_placement_group = true
+ tags = {
+ "environment" = "codelab"
}
+ upgrade_policy_mode = "Manual"
+ identity {
+ identity_ids = (known after apply)
+ principal_id = (known after apply)
+ type = (known after apply)
}
+ network_profile {
+ ip_forwarding = false
+ name = "terraformnetworkprofile"
+ primary = true
+ ip_configuration {
+ application_gateway_backend_address_pool_ids = []
+ application_security_group_ids = []
+ load_balancer_backend_address_pool_ids = (known after apply)
+ load_balancer_inbound_nat_rules_ids = (known after apply)
+ name = "IPConfiguration"
+ primary = true
+ subnet_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet"
}
}
+ os_profile {
+ admin_password = (sensitive value)
+ admin_username = "azureuser"
+ computer_name_prefix = "vmlab"
+ custom_data = "1c9d44e3837fb1bba343e034c142cbe4a22a0eac"
}
+ os_profile_linux_config {
+ disable_password_authentication = false
}
+ sku {
+ capacity = 2
+ name = "Standard_DS1_v2"
+ tier = "Standard"
}
+ storage_profile_data_disk {
+ caching = "ReadWrite"
+ create_option = "Empty"
+ disk_size_gb = 10
+ lun = 0
+ managed_disk_type = (known after apply)
}
+ storage_profile_image_reference {
+ offer = "UbuntuServer"
+ publisher = "Canonical"
+ sku = "16.04-LTS"
+ version = "latest"
}
+ storage_profile_os_disk {
+ caching = "ReadWrite"
+ create_option = "FromImage"
+ managed_disk_type = "Standard_LRS"
+ vhd_containers = []
}
}
Plan: 5 to add, 0 to change, 0 to destroy.
Warning: Quoted type constraints are deprecated
on variables.tf line 8, in variable "tags":
8: type = "map"
Terraform 0.11 and earlier required type constraints to be given in quotes,
but that form is now deprecated and will be removed in a future version of
Terraform. To silence this warning, remove the quotes around "map" and write
map(string) instead to explicitly indicate that the map elements are strings.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
azurerm_lb.vmss: Creating...
azurerm_lb.vmss: Creation complete after 0s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb]
azurerm_lb_probe.vmss: Creating...
azurerm_lb_backend_address_pool.bpepool: Creating...
azurerm_lb_backend_address_pool.bpepool: Creation complete after 0s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool]
azurerm_virtual_machine_scale_set.vmss: Creating...
azurerm_lb_probe.vmss: Creation complete after 0s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/probes/ssh-running-probe]
azurerm_lb_rule.lbnatrule: Creating...
azurerm_lb_rule.lbnatrule: Creation complete after 1s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http]
Error: compute.VirtualMachineScaleSetsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidParameter" Message="The supplied password must be between 6-72 characters long and must satisfy at least 3 of password complexity requirements from the following:\r\n1) Contains an uppercase character\r\n2) Contains a lowercase character\r\n3) Contains a numeric digit\r\n4) Contains a special character\r\n5) Control characters are not allowed" Target="adminPassword"
on vmss.tf line 76, in resource "azurerm_virtual_machine_scale_set" "vmss":
76: resource "azurerm_virtual_machine_scale_set" "vmss" {
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ terraform apply
random_string.fqdn: Refreshing state... [id=mtjsaj]
azurerm_resource_group.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup]
azurerm_public_ip.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip]
azurerm_virtual_network.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet]
azurerm_lb.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb]
azurerm_subnet.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet]
azurerm_lb_backend_address_pool.bpepool: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool]
azurerm_lb_probe.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/probes/ssh-running-probe]
azurerm_lb_rule.lbnatrule: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# azurerm_virtual_machine_scale_set.vmss will be created
+ resource "azurerm_virtual_machine_scale_set" "vmss" {
+ automatic_os_upgrade = false
+ id = (known after apply)
+ license_type = (known after apply)
+ location = "koreacentral"
+ name = "vmscaleset"
+ overprovision = true
+ resource_group_name = "myResourceGroup"
+ single_placement_group = true
+ tags = {
+ "environment" = "codelab"
}
+ upgrade_policy_mode = "Manual"
+ identity {
+ identity_ids = (known after apply)
+ principal_id = (known after apply)
+ type = (known after apply)
}
+ network_profile {
+ ip_forwarding = false
+ name = "terraformnetworkprofile"
+ primary = true
+ ip_configuration {
+ application_gateway_backend_address_pool_ids = []
+ application_security_group_ids = []
+ load_balancer_backend_address_pool_ids = [
+ "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool",
]
+ load_balancer_inbound_nat_rules_ids = (known after apply)
+ name = "IPConfiguration"
+ primary = true
+ subnet_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet"
}
}
+ os_profile {
+ admin_password = (sensitive value)
+ admin_username = "azureuser"
+ computer_name_prefix = "vmlab"
+ custom_data = "1c9d44e3837fb1bba343e034c142cbe4a22a0eac"
}
+ os_profile_linux_config {
+ disable_password_authentication = false
}
+ sku {
+ capacity = 2
+ name = "Standard_DS1_v2"
+ tier = "Standard"
}
+ storage_profile_data_disk {
+ caching = "ReadWrite"
+ create_option = "Empty"
+ disk_size_gb = 10
+ lun = 0
+ managed_disk_type = (known after apply)
}
+ storage_profile_image_reference {
+ offer = "UbuntuServer"
+ publisher = "Canonical"
+ sku = "16.04-LTS"
+ version = "latest"
}
+ storage_profile_os_disk {
+ caching = "ReadWrite"
+ create_option = "FromImage"
+ managed_disk_type = "Standard_LRS"
+ vhd_containers = []
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Warning: Quoted type constraints are deprecated
on variables.tf line 8, in variable "tags":
8: type = "map"
Terraform 0.11 and earlier required type constraints to be given in quotes,
but that form is now deprecated and will be removed in a future version of
Terraform. To silence this warning, remove the quotes around "map" and write
map(string) instead to explicitly indicate that the map elements are strings.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
azurerm_virtual_machine_scale_set.vmss: Creating...
azurerm_virtual_machine_scale_set.vmss: Still creating... [10s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [20s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [30s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [40s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [50s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [1m0s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [1m10s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [1m20s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [1m30s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [1m40s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [1m50s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still creating... [2m1s elapsed]
azurerm_virtual_machine_scale_set.vmss: Creation complete after 2m3s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Outputs:
vmss_public_ip = mtjsaj.koreacentral.cloudapp.azure.com
|
참고 위 terraform apply 실행이력을 보면 실패가 확인되는데, 이는 처음에 variables.tf 내 admin_password의 초기 패스워드 값에 대문자 없이 설정을 했기 때문이었으며, 새로 수정하고 다시 terraform apply를 실행하여 정상적으로 진행되었다.
|
7. 브라우저를 열고 명령에 의해 반환된 FQDN에 연결한다.
SSH jumpbox 추가
SSH jumpbox는 네트워크의 다른 서버에 액세스하기 위해 "점프"하는 단일 서버다. 이 단계에서는 다음 리소스를 구성한다.
-
가상 머신 확장 집합과 동일한 서브넷에 연결된 네트워크 인터페이스(또는 Jumpbox)
-
이 네트워크 인터페이스와 연결된 가상 컴퓨터. 이 'jumpbox'는 원격으로 액세스할 수 있다. 연결되면 확장 집합의 가상 머신에 SSH를 추가할 수 있다.
1. vmss.tf 구성 파일을 연다.
2. 파일 끝에 다음 코드를 붙여넣고 저장한다.
resource "azurerm_public_ip" "jumpbox" {
name = "jumpbox-public-ip"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
allocation_method = "Static"
domain_name_label = "${random_string.fqdn.result}-ssh"
tags = var.tags
}
resource "azurerm_network_interface" "jumpbox" {
name = "jumpbox-nic"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
ip_configuration {
name = "IPConfiguration"
subnet_id = azurerm_subnet.vmss.id
private_ip_address_allocation = "dynamic"
public_ip_address_id = azurerm_public_ip.jumpbox.id
}
tags = var.tags
}
resource "azurerm_virtual_machine" "jumpbox" {
name = "jumpbox"
location = var.location
resource_group_name = azurerm_resource_group.vmss.name
network_interface_ids = [azurerm_network_interface.jumpbox.id]
vm_size = "Standard_DS1_v2"
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
}
storage_os_disk {
name = "jumpbox-osdisk"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "jumpbox"
admin_username = var.admin_user
admin_password = var.admin_password
}
os_profile_linux_config {
disable_password_authentication = false
}
tags = var.tags
}
3. output.tf 구성 파일을 연다.
4. 파일 끝에 다음 코드를 붙여넣고 저장한다.
output "jumpbox_public_ip" {
value = azurerm_public_ip.jumpbox.fqdn
}
5. jumpbox를 배포한다.
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ terraform apply
random_string.fqdn: Refreshing state... [id=mtjsaj]
azurerm_resource_group.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup]
azurerm_public_ip.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip]
azurerm_virtual_network.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet]
azurerm_subnet.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet]
azurerm_lb.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb]
azurerm_lb_backend_address_pool.bpepool: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool]
azurerm_lb_probe.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/probes/ssh-running-probe]
azurerm_virtual_machine_scale_set.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset]
azurerm_lb_rule.lbnatrule: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# azurerm_network_interface.jumpbox will be created
+ resource "azurerm_network_interface" "jumpbox" {
+ applied_dns_servers = (known after apply)
+ dns_servers = (known after apply)
+ enable_accelerated_networking = false
+ enable_ip_forwarding = false
+ id = (known after apply)
+ internal_dns_name_label = (known after apply)
+ internal_fqdn = (known after apply)
+ location = "koreacentral"
+ mac_address = (known after apply)
+ name = "jumpbox-nic"
+ private_ip_address = (known after apply)
+ private_ip_addresses = (known after apply)
+ resource_group_name = "myResourceGroup"
+ tags = {
+ "environment" = "codelab"
}
+ virtual_machine_id = (known after apply)
+ ip_configuration {
+ application_gateway_backend_address_pools_ids = (known after apply)
+ application_security_group_ids = (known after apply)
+ load_balancer_backend_address_pools_ids = (known after apply)
+ load_balancer_inbound_nat_rules_ids = (known after apply)
+ name = "IPConfiguration"
+ primary = (known after apply)
+ private_ip_address = (known after apply)
+ private_ip_address_allocation = "dynamic"
+ private_ip_address_version = "IPv4"
+ public_ip_address_id = (known after apply)
+ subnet_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet"
}
}
# azurerm_public_ip.jumpbox will be created
+ resource "azurerm_public_ip" "jumpbox" {
+ allocation_method = "Static"
+ domain_name_label = "mtjsaj-ssh"
+ fqdn = (known after apply)
+ id = (known after apply)
+ idle_timeout_in_minutes = 4
+ ip_address = (known after apply)
+ ip_version = "IPv4"
+ location = "koreacentral"
+ name = "jumpbox-public-ip"
+ public_ip_address_allocation = (known after apply)
+ resource_group_name = "myResourceGroup"
+ sku = "Basic"
+ tags = {
+ "environment" = "codelab"
}
}
# azurerm_virtual_machine.jumpbox will be created
+ resource "azurerm_virtual_machine" "jumpbox" {
+ availability_set_id = (known after apply)
+ delete_data_disks_on_termination = false
+ delete_os_disk_on_termination = false
+ id = (known after apply)
+ license_type = (known after apply)
+ location = "koreacentral"
+ name = "jumpbox"
+ network_interface_ids = (known after apply)
+ resource_group_name = "myResourceGroup"
+ tags = {
+ "environment" = "codelab"
}
+ vm_size = "Standard_DS1_v2"
+ identity {
+ identity_ids = (known after apply)
+ principal_id = (known after apply)
+ type = (known after apply)
}
+ os_profile {
+ admin_password = (sensitive value)
+ admin_username = "azureuser"
+ computer_name = "jumpbox"
+ custom_data = (known after apply)
}
+ os_profile_linux_config {
+ disable_password_authentication = false
}
+ storage_data_disk {
+ caching = (known after apply)
+ create_option = (known after apply)
+ disk_size_gb = (known after apply)
+ lun = (known after apply)
+ managed_disk_id = (known after apply)
+ managed_disk_type = (known after apply)
+ name = (known after apply)
+ vhd_uri = (known after apply)
+ write_accelerator_enabled = (known after apply)
}
+ storage_image_reference {
+ offer = "UbuntuServer"
+ publisher = "Canonical"
+ sku = "16.04-LTS"
+ version = "latest"
}
+ storage_os_disk {
+ caching = "ReadWrite"
+ create_option = "FromImage"
+ disk_size_gb = (known after apply)
+ managed_disk_id = (known after apply)
+ managed_disk_type = "Standard_LRS"
+ name = "jumpbox-osdisk"
+ os_type = (known after apply)
+ write_accelerator_enabled = false
}
}
Plan: 3 to add, 0 to change, 0 to destroy.
Warning: Quoted type constraints are deprecated
on variables.tf line 8, in variable "tags":
8: type = "map"
Terraform 0.11 and earlier required type constraints to be given in quotes,
but that form is now deprecated and will be removed in a future version of
Terraform. To silence this warning, remove the quotes around "map" and write
map(string) instead to explicitly indicate that the map elements are strings.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
azurerm_public_ip.jumpbox: Creating...
azurerm_public_ip.jumpbox: Creation complete after 5s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/jumpbox-public-ip]
azurerm_network_interface.jumpbox: Creating...
azurerm_network_interface.jumpbox: Creation complete after 1s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/jumpbox-nic]
azurerm_virtual_machine.jumpbox: Creating...
azurerm_virtual_machine.jumpbox: Still creating... [10s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [20s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [30s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [40s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [50s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [1m0s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [1m10s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [1m20s elapsed]
azurerm_virtual_machine.jumpbox: Still creating... [1m30s elapsed]
azurerm_virtual_machine.jumpbox: Creation complete after 1m31s [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/jumpbox]
Apply complete! Resources: 3 added, 0 changed, 0 destroyed.
Outputs:
jumpbox_public_ip = mtjsaj-ssh.koreacentral.cloudapp.azure.com
vmss_public_ip = mtjsaj.koreacentral.cloudapp.azure.com
|
참고 배포한 가상 머신 확장 집합 및 jumpbox에서 암호를 사용하여 로그인하는 기능이 사용하지 않도록 설정되었다. 가상 머신에 액세스하려면 SSH를 사용하여 로그인한다.
|
결과를 검증해 보겠다.
먼저 vmss_public_ip에 SSH 접속을 시도하면,
|
ssh azureuser@mtjsaj.koreacentral.cloudapp.azure.com
|
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ ssh azureuser@mtjsaj.koreacentral.cloudapp.azure.com
ssh: connect to host mtjsaj.koreacentral.cloudapp.azure.com port 22: Resource temporarily unavailable
당연히 접속이 불가하다. jumpbox를 경유해서만이 접속이 가능하기 때문이다.
이제 jumpbox로 접속을 시도한다.
|
ssh azureuser@azureuser@mtjsaj-ssh.koreacentral.cloudapp.azure.com
|
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ ssh azureuser@mtjsaj-ssh.koreacentral.cloudapp.azure.com
The authenticity of host 'mtjsaj-ssh.koreacentral.cloudapp.azure.com (52.231.9.214)' can't be established.
ECDSA key fingerprint is SHA256:iHYxFSNCxzkmpah8gckOCqVeKPSw9BVLMkCp9eqlQIA.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'mtjsaj-ssh.koreacentral.cloudapp.azure.com,52.231.9.214' (ECDSA) to the list of known hosts.
azureuser@mtjsaj-ssh.koreacentral.cloudapp.azure.com's password:
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.15.0-1069-azure x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
0 packages can be updated.
0 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
azureuser@jumpbox:~$
정상적으로 접속이 이루어진다.
이제 다시 vmss의 Private IP 정보를 얻어 SSH 접속을 시도한다. 참고로 ID/Password는 jumpbox 접속에 사용된 정보와 같다.
새로운 터미널 창에서 다음 명령을 수행하여 vmss의 Pivate IP 정보를 확인한다.
|
az vmss nic list -g myResourceGroup --vmss-name vmssName | grep -w "privateIpAddress" |
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ az vmss nic list -g myResourceGroup --vmss-name vmscaleset | grep -w "privateIpAddress"
"privateIpAddress": "10.0.2.4",
"privateIpAddress": "10.0.2.6",
확인된 IP를 대상으로 SSH 접속을 시도한다.
azureuser@jumpbox:~$ ssh testadmin@10.0.2.4
The authenticity of host '10.0.2.4 (10.0.2.4)' can't be established.
ECDSA key fingerprint is SHA256:HFuCzDhE0ur0adz7+Riig0PT+LjeHxvZWuDo6TGku6c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.2.4' (ECDSA) to the list of known hosts.
testadmin@10.0.2.4's password:
Permission denied, please try again.
testadmin@10.0.2.4's password:
Permission denied, please try again.
testadmin@10.0.2.4's password:
azureuser@jumpbox:~$ ssh azureuser@10.0.2.4
azureuser@10.0.2.4's password:
Welcome to Ubuntu 16.04.6 LTS (GNU/Linux 4.15.0-1069-azure x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
0 packages can be updated.
0 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
azureuser@vmlab000000:~$
정상적으로 접속이 이루어짐을 확인할 수 있다.
환경 정리
결과가 확인되면 terraform destroy를 통해 배포한 리소스를 제거한다.
zerobig@zerovmw10:/mnt/c/Azure_DevOps_Study/20200216 - terraform-handson/vmss$ terraform destroy
random_string.fqdn: Refreshing state... [id=mtjsaj]
azurerm_resource_group.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup]
azurerm_public_ip.jumpbox: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/jumpbox-public-ip]
azurerm_public_ip.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip]
azurerm_virtual_network.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet]
azurerm_lb.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb]
azurerm_subnet.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet]
azurerm_lb_probe.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/probes/ssh-running-probe]
azurerm_lb_backend_address_pool.bpepool: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool]
azurerm_network_interface.jumpbox: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/jumpbox-nic]
azurerm_virtual_machine_scale_set.vmss: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset]
azurerm_lb_rule.lbnatrule: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http]
azurerm_virtual_machine.jumpbox: Refreshing state... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/jumpbox]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:
# azurerm_lb.vmss will be destroyed
- resource "azurerm_lb" "vmss" {
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb" -> null
- location = "koreacentral" -> null
- name = "vmss-lb" -> null
- private_ip_addresses = [] -> null
- resource_group_name = "myResourceGroup" -> null
- sku = "Basic" -> null
- tags = {
- "environment" = "codelab"
} -> null
- frontend_ip_configuration {
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/frontendIPConfigurations/PublicIPAddress" -> null
- inbound_nat_rules = [] -> null
- load_balancer_rules = [
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http",
] -> null
- name = "PublicIPAddress" -> null
- outbound_rules = [] -> null
- private_ip_address_allocation = "Dynamic" -> null
- public_ip_address_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip" -> null
- zones = [] -> null
}
}
# azurerm_lb_backend_address_pool.bpepool will be destroyed
- resource "azurerm_lb_backend_address_pool" "bpepool" {
- backend_ip_configurations = [
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset/virtualMachines/0/networkInterfaces/terraformnetworkprofile/ipConfigurations/IPConfiguration",
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset/virtualMachines/2/networkInterfaces/terraformnetworkprofile/ipConfigurations/IPConfiguration",
] -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool" -> null
- load_balancing_rules = [
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http",
] -> null
- loadbalancer_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb" -> null
- name = "BackEndAddressPool" -> null
- resource_group_name = "myResourceGroup" -> null
}
# azurerm_lb_probe.vmss will be destroyed
- resource "azurerm_lb_probe" "vmss" {
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/probes/ssh-running-probe" -> null
- interval_in_seconds = 15 -> null
- load_balancer_rules = [
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http",
] -> null
- loadbalancer_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb" -> null
- name = "ssh-running-probe" -> null
- number_of_probes = 2 -> null
- port = 80 -> null
- protocol = "Tcp" -> null
- resource_group_name = "myResourceGroup" -> null
}
# azurerm_lb_rule.lbnatrule will be destroyed
- resource "azurerm_lb_rule" "lbnatrule" {
- backend_address_pool_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool" -> null
- backend_port = 80 -> null
- disable_outbound_snat = false -> null
- enable_floating_ip = false -> null
- enable_tcp_reset = false -> null
- frontend_ip_configuration_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/frontendIPConfigurations/PublicIPAddress" -> null
- frontend_ip_configuration_name = "PublicIPAddress" -> null
- frontend_port = 80 -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http" -> null
- idle_timeout_in_minutes = 4 -> null
- load_distribution = "Default" -> null
- loadbalancer_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb" -> null
- name = "http" -> null
- probe_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/probes/ssh-running-probe" -> null
- protocol = "Tcp" -> null
- resource_group_name = "myResourceGroup" -> null
}
# azurerm_network_interface.jumpbox will be destroyed
- resource "azurerm_network_interface" "jumpbox" {
- applied_dns_servers = [] -> null
- dns_servers = [] -> null
- enable_accelerated_networking = false -> null
- enable_ip_forwarding = false -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/jumpbox-nic" -> null
- location = "koreacentral" -> null
- mac_address = "00-0D-3A-D7-26-C6" -> null
- name = "jumpbox-nic" -> null
- private_ip_address = "10.0.2.5" -> null
- private_ip_addresses = [
- "10.0.2.5",
] -> null
- resource_group_name = "myResourceGroup" -> null
- tags = {
- "environment" = "codelab"
} -> null
- virtual_machine_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/jumpbox" -> null
- ip_configuration {
- application_gateway_backend_address_pools_ids = [] -> null
- application_security_group_ids = [] -> null
- load_balancer_backend_address_pools_ids = [] -> null
- load_balancer_inbound_nat_rules_ids = [] -> null
- name = "IPConfiguration" -> null
- primary = true -> null
- private_ip_address = "10.0.2.5" -> null
- private_ip_address_allocation = "dynamic" -> null
- private_ip_address_version = "IPv4" -> null
- public_ip_address_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/jumpbox-public-ip" -> null
- subnet_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet" -> null
}
}
# azurerm_public_ip.jumpbox will be destroyed
- resource "azurerm_public_ip" "jumpbox" {
- allocation_method = "Static" -> null
- domain_name_label = "mtjsaj-ssh" -> null
- fqdn = "mtjsaj-ssh.koreacentral.cloudapp.azure.com" -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/jumpbox-public-ip" -> null
- idle_timeout_in_minutes = 4 -> null
- ip_address = "52.231.9.214" -> null
- ip_version = "IPv4" -> null
- location = "koreacentral" -> null
- name = "jumpbox-public-ip" -> null
- public_ip_address_allocation = "Static" -> null
- resource_group_name = "myResourceGroup" -> null
- sku = "Basic" -> null
- tags = {
- "environment" = "codelab"
} -> null
- zones = [] -> null
}
# azurerm_public_ip.vmss will be destroyed
- resource "azurerm_public_ip" "vmss" {
- allocation_method = "Static" -> null
- domain_name_label = "mtjsaj" -> null
- fqdn = "mtjsaj.koreacentral.cloudapp.azure.com" -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip" -> null
- idle_timeout_in_minutes = 4 -> null
- ip_address = "52.231.52.30" -> null
- ip_version = "IPv4" -> null
- location = "koreacentral" -> null
- name = "vmss-public-ip" -> null
- public_ip_address_allocation = "Static" -> null
- resource_group_name = "myResourceGroup" -> null
- sku = "Basic" -> null
- tags = {
- "environment" = "codelab"
} -> null
- zones = [] -> null
}
# azurerm_resource_group.vmss will be destroyed
- resource "azurerm_resource_group" "vmss" {
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup" -> null
- location = "koreacentral" -> null
- name = "myResourceGroup" -> null
- tags = {
- "environment" = "codelab"
} -> null
}
# azurerm_subnet.vmss will be destroyed
- resource "azurerm_subnet" "vmss" {
- address_prefix = "10.0.2.0/24" -> null
- enforce_private_link_endpoint_network_policies = false -> null
- enforce_private_link_service_network_policies = false -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet" -> null
- ip_configurations = [
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset/virtualMachines/0/networkInterfaces/terraformnetworkprofile/ipConfigurations/IPConfiguration",
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset/virtualMachines/2/networkInterfaces/terraformnetworkprofile/ipConfigurations/IPConfiguration",
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/jumpbox-nic/ipConfigurations/IPConfiguration",
] -> null
- name = "vmss-subnet" -> null
- resource_group_name = "myResourceGroup" -> null
- service_endpoints = [] -> null
- virtual_network_name = "vmss-vnet" -> null
}
# azurerm_virtual_machine.jumpbox will be destroyed
- resource "azurerm_virtual_machine" "jumpbox" {
- delete_data_disks_on_termination = false -> null
- delete_os_disk_on_termination = false -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/jumpbox" -> null
- location = "koreacentral" -> null
- name = "jumpbox" -> null
- network_interface_ids = [
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/jumpbox-nic",
] -> null
- resource_group_name = "myResourceGroup" -> null
- tags = {
- "environment" = "codelab"
} -> null
- vm_size = "Standard_DS1_v2" -> null
- zones = [] -> null
- os_profile {
- admin_username = "azureuser" -> null
- computer_name = "jumpbox" -> null
}
- os_profile_linux_config {
- disable_password_authentication = false -> null
}
- storage_image_reference {
- offer = "UbuntuServer" -> null
- publisher = "Canonical" -> null
- sku = "16.04-LTS" -> null
- version = "latest" -> null
}
- storage_os_disk {
- caching = "ReadWrite" -> null
- create_option = "FromImage" -> null
- disk_size_gb = 30 -> null
- managed_disk_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/MYRESOURCEGROUP/providers/Microsoft.Compute/disks/jumpbox-osdisk" -> null
- managed_disk_type = "Standard_LRS" -> null
- name = "jumpbox-osdisk" -> null
- os_type = "Linux" -> null
- write_accelerator_enabled = false -> null
}
}
# azurerm_virtual_machine_scale_set.vmss will be destroyed
- resource "azurerm_virtual_machine_scale_set" "vmss" {
- automatic_os_upgrade = false -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset" -> null
- location = "koreacentral" -> null
- name = "vmscaleset" -> null
- overprovision = true -> null
- resource_group_name = "myResourceGroup" -> null
- single_placement_group = true -> null
- tags = {
- "environment" = "codelab"
} -> null
- upgrade_policy_mode = "Manual" -> null
- zones = [] -> null
- network_profile {
- accelerated_networking = false -> null
- ip_forwarding = false -> null
- name = "terraformnetworkprofile" -> null
- primary = true -> null
- dns_settings {
- dns_servers = [] -> null
}
- ip_configuration {
- application_gateway_backend_address_pool_ids = [] -> null
- application_security_group_ids = [] -> null
- load_balancer_backend_address_pool_ids = [
- "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool",
] -> null
- load_balancer_inbound_nat_rules_ids = [] -> null
- name = "IPConfiguration" -> null
- primary = true -> null
- subnet_id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet" -> null
}
}
- os_profile {
- admin_password = (sensitive value)
- admin_username = "azureuser" -> null
- computer_name_prefix = "vmlab" -> null
- custom_data = "I2Nsb3VkLWNvbmZpZw0KcGFja2FnZXM6DQogLSBuZ2lueA==" -> null
}
- os_profile_linux_config {
- disable_password_authentication = false -> null
}
- sku {
- capacity = 2 -> null
- name = "Standard_DS1_v2" -> null
- tier = "Standard" -> null
}
- storage_profile_data_disk {
- caching = "ReadWrite" -> null
- create_option = "Empty" -> null
- disk_size_gb = 10 -> null
- lun = 0 -> null
- managed_disk_type = "Standard_LRS" -> null
}
- storage_profile_image_reference {
- offer = "UbuntuServer" -> null
- publisher = "Canonical" -> null
- sku = "16.04-LTS" -> null
- version = "latest" -> null
}
- storage_profile_os_disk {
- caching = "ReadWrite" -> null
- create_option = "FromImage" -> null
- managed_disk_type = "Standard_LRS" -> null
- vhd_containers = [] -> null
}
}
# azurerm_virtual_network.vmss will be destroyed
- resource "azurerm_virtual_network" "vmss" {
- address_space = [
- "10.0.0.0/16",
] -> null
- dns_servers = [] -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet" -> null
- location = "koreacentral" -> null
- name = "vmss-vnet" -> null
- resource_group_name = "myResourceGroup" -> null
- tags = {
- "environment" = "codelab"
} -> null
- subnet {
- address_prefix = "10.0.2.0/24" -> null
- id = "/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet" -> null
- name = "vmss-subnet" -> null
}
}
# random_string.fqdn will be destroyed
- resource "random_string" "fqdn" {
- id = "mtjsaj" -> null
- length = 6 -> null
- lower = true -> null
- min_lower = 0 -> null
- min_numeric = 0 -> null
- min_special = 0 -> null
- min_upper = 0 -> null
- number = false -> null
- result = "mtjsaj" -> null
- special = false -> null
- upper = false -> null
}
Plan: 0 to add, 0 to change, 13 to destroy.
Warning: Quoted type constraints are deprecated
on variables.tf line 8, in variable "tags":
8: type = "map"
Terraform 0.11 and earlier required type constraints to be given in quotes,
but that form is now deprecated and will be removed in a future version of
Terraform. To silence this warning, remove the quotes around "map" and write
map(string) instead to explicitly indicate that the map elements are strings.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
azurerm_virtual_machine.jumpbox: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachines/jumpbox]
azurerm_lb_rule.lbnatrule: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/loadBalancingRules/http]
azurerm_virtual_machine_scale_set.vmss: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Compute/virtualMachineScaleSets/vmscaleset]
azurerm_virtual_machine_scale_set.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ute/virtualMachineScaleSets/vmscaleset, 10s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 10s elapsed]
azurerm_lb_rule.lbnatrule: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ancers/vmss-lb/loadBalancingRules/http, 10s elapsed]
azurerm_lb_rule.lbnatrule: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ancers/vmss-lb/loadBalancingRules/http, 20s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 20s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ute/virtualMachineScaleSets/vmscaleset, 20s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 30s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ute/virtualMachineScaleSets/vmscaleset, 30s elapsed]
azurerm_lb_rule.lbnatrule: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ancers/vmss-lb/loadBalancingRules/http, 30s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 40s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ute/virtualMachineScaleSets/vmscaleset, 40s elapsed]
azurerm_lb_rule.lbnatrule: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ancers/vmss-lb/loadBalancingRules/http, 40s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 50s elapsed]
azurerm_lb_rule.lbnatrule: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ancers/vmss-lb/loadBalancingRules/http, 50s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ute/virtualMachineScaleSets/vmscaleset, 50s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 1m0s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ute/virtualMachineScaleSets/vmscaleset, 1m0s elapsed]
azurerm_lb_rule.lbnatrule: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ancers/vmss-lb/loadBalancingRules/http, 1m0s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 1m10s elapsed]
azurerm_lb_rule.lbnatrule: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ancers/vmss-lb/loadBalancingRules/http, 1m10s elapsed]
azurerm_virtual_machine_scale_set.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...ute/virtualMachineScaleSets/vmscaleset, 1m10s elapsed]
azurerm_virtual_machine_scale_set.vmss: Destruction complete after 1m10s
azurerm_lb_rule.lbnatrule: Destruction complete after 1m10s
azurerm_lb_backend_address_pool.bpepool: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/backendAddressPools/BackEndAddressPool]
azurerm_lb_probe.vmss: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb/probes/ssh-running-probe]
azurerm_lb_probe.vmss: Destruction complete after 1s
azurerm_lb_backend_address_pool.bpepool: Destruction complete after 1s
azurerm_lb.vmss: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/loadBalancers/vmss-lb]
azurerm_lb.vmss: Destruction complete after 0s
azurerm_public_ip.vmss: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/vmss-public-ip]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 1m20s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 10s elapsed]
azurerm_virtual_machine.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rosoft.Compute/virtualMachines/jumpbox, 1m30s elapsed]
azurerm_virtual_machine.jumpbox: Destruction complete after 1m30s
azurerm_network_interface.jumpbox: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/networkInterfaces/jumpbox-nic]
azurerm_network_interface.jumpbox: Destruction complete after 0s
azurerm_public_ip.jumpbox: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/publicIPAddresses/jumpbox-public-ip]
azurerm_subnet.vmss: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet/subnets/vmss-subnet]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 20s elapsed]
azurerm_subnet.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...Networks/vmss-vnet/subnets/vmss-subnet, 10s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 10s elapsed]
azurerm_subnet.vmss: Destruction complete after 11s
azurerm_virtual_network.vmss: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vmss-vnet]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 30s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 20s elapsed]
azurerm_virtual_network.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...soft.Network/virtualNetworks/vmss-vnet, 10s elapsed]
azurerm_virtual_network.vmss: Destruction complete after 10s
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 40s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 30s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 50s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 40s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 1m0s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 50s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 1m10s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 1m0s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 1m20s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 1m10s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 1m30s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 1m20s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 1m40s elapsed]
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 1m30s elapsed]
azurerm_public_ip.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...twork/publicIPAddresses/vmss-public-ip, 1m50s elapsed]
azurerm_public_ip.vmss: Destruction complete after 1m51s
azurerm_public_ip.jumpbox: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...rk/publicIPAddresses/jumpbox-public-ip, 1m40s elapsed]
azurerm_public_ip.jumpbox: Destruction complete after 1m41s
azurerm_resource_group.vmss: Destroying... [id=/subscriptions/2e5d848e-xxxx-xxxx-xxxx-fd25ae915bcd/resourceGroups/myResourceGroup]
random_string.fqdn: Destroying... [id=mtjsaj]
random_string.fqdn: Destruction complete after 0s
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 10s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 20s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 30s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 40s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 50s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 1m0s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 1m10s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 1m20s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 1m30s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 1m40s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 1m50s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 2m0s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 2m10s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 2m20s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 2m30s elapsed]
azurerm_resource_group.vmss: Still destroying... [id=/subscriptions/2e5d848e-8dfe-42ae-95a5-...e915bcd/resourceGroups/myResourceGroup, 2m40s elapsed]
azurerm_resource_group.vmss: Destruction complete after 2m45s
Destroy complete! Resources: 13 destroyed.'Azure와 함께 하는 DevOps' 카테고리의 다른 글
| Azure DevOps Lab 선행 조건 (0) | 2020.03.02 |
|---|---|
| 20 Terraform을 사용하여 Packer 사용자 지정 이미지에서 Azure 가상 머신 확장 집합 만들기 (0) | 2020.02.24 |
| 18 Terraform 및 HCL를 사용하여 Azure VM 클러스터 만들기 (0) | 2020.02.10 |
| 17 모듈 레지스트리를 사용하여 Terraform으로 Azure VM 클러스터 만들기 (0) | 2020.02.03 |
| 16 Terraform을 사용하여 Azure Kubernetes Service에 Application Gateway Ingress Controller 만들기 (0) | 2020.01.28 |
댓글