我的 k8s 集群中的其他节点池有以下资源定义:
resource "azurerm_kubernetes_cluster_node_pool" "extra" {
for_each = var.node_pools
kubernetes_cluster_id = azurerm_kubernetes_cluster.k8s.id
name = each.key
vm_size = each.value["vm_size"]
node_count = each.value["count"]
node_labels = each.value["labels"]
vnet_subnet_id = var.subnet.id
}
这是terraform plan的输出:
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply":
# module.aks.azurerm_kubernetes_cluster_node_pool.extra["general"] has been changed
~ resource "azurerm_kubernetes_cluster_node_pool" "extra" {
+ availability_zones = []
id = "/subscriptions/3913c9fe-c571-4af9-bc9a-533202d41061/resourcegroups/amic-resources/providers/Microsoft.ContainerService/managedClusters/amic-k8s-01/agentPools/general"
name = "general"
+ node_taints = []
+ tags = {}
# (18 unchanged attributes hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions to undo or respond to these changes.
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement
Terraform will perform the following actions:
# module.aks.azurerm_kubernetes_cluster_node_pool.extra["general"] must be replaced
-/+ resource "azurerm_kubernetes_cluster_node_pool" "extra" {
- availability_zones = [] -> null
- enable_auto_scaling = false -> null
- enable_host_encryption = false -> null
- enable_node_public_ip = false -> null
~ id = "/subscriptions/3913c9fe-c571-4af9-bc9a-533202d41061/resourcegroups/amic-resources/providers/Microsoft.ContainerService/managedClusters/amic-k8s-01/agentPools/general" -> (known after apply)
~ kubernetes_cluster_id = "/subscriptions/3913c9fe-c571-4af9-bc9a-533202d41061/resourcegroups/amic-resources/providers/Microsoft.ContainerService/managedClusters/amic-k8s-01" -> "/subscriptions/3913c9fe-c571-4af9-bc9a-533202d41061/resourceGroups/amic-resources/providers/Microsoft.ContainerService/managedClusters/amic-k8s-01" # forces replacement
- max_count = 0 -> null
~ max_pods = 30 -> (known after apply)
- min_count = 0 -> null
name = "general"
- node_taints = [] -> null
~ orchestrator_version = "1.20.7" -> (known after apply)
~ os_disk_size_gb = 128 -> (known after apply)
- tags = {} -> null
# (9 unchanged attributes hidden)
}
Plan: 1 to add, 0 to change, 1 to destroy.
如您所见,由于 kubernetes_cluster_id 发生更改,terraform 尝试强制替换我的节点池,即使该值实际上根本没有任何变化。
我已经能够通过忽略 lifecycle block 中的 kubernetes_cluster_id 更改来解决此问题,但我仍然对为什么 terraform 检测到那里的更改感到困惑。
那么为什么 Terraform 在这种情况下发现了变化,而没有变化呢?
最佳答案
我并不自豪,但我设法通过使用“replace ” terraform 字符串函数解决了这个错误。
resource "azurerm_kubernetes_cluster_node_pool" "extra" {
[...]
# Use this once the bug gets fixed in the provider, and delete the workaround.
# kubernetes_cluster_id = azurerm_kubernetes_cluster.k8s.id
kubernetes_cluster_id = replace(azurerm_kubernetes_cluster.k8s.id, "resourceGroups", "resourcegroups")
[...]
}
注意:我不会将 /resourceGroups/ 替换为 /resourcegroups/,因为 replace 函数将默认认为这是一个正则表达式替换,这可能最终会重复你的正斜杠。 (我自己没有测试过)
关于azure - Terraform 强制替换 AKS 节点池而不进行任何更改,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/67825862/