我正在尝试使用terraform(0.12.24)和多个Docker提供程序(插件版本2.7.0)执行简单的部署。我使用下面的terraform模板的目的是将两个不同的容器部署到两个不同的启用Docker的主机上。
# Configure the Docker provider
provider "docker" {
host = "tcp://192.168.1.10:2375/"
}
provider "docker" {
alias = "worker"
host = "tcp://127.0.0.1:2375/"
}
# Create a container
resource "docker_container" "hello" {
image = docker_image.world.latest
name = "hello"
}
resource "docker_container" "test" {
provider = docker.worker
image = docker_image.world.latest
name = "test"
}
resource "docker_image" "world" {
name = "hello-world:latest"
}
docker命令在没有root特权的情况下成功运行。两台机器192.168.1.10和127.0.0.1的Docker守护进程都在2375上侦听,可以从主机访问,并且可以响应通过curl执行的直接Docker REST API调用(创建,拉出等)。手动拉取图像在两个主机中也都有效,我这样做是为了确保两个主机中都存在最新的hello-world图像。
但是,terraform部署(适用terraform)失败,并出现以下错误:
docker_container.hello: Creating...
docker_container.test: Creating...
docker_container.hello: Creation complete after 1s [id=77e515b4269aed255d4becac61f40d38e09838cdf8285294bf51f3c7cddbf2bf]
Error: Unable to create container with image sha256:a29f45ccde2ac0bde957b1277b1501f471960c8ca49f1588c6c885941640ae60: Unable to pull image sha256:a29f45ccde2ac0bde957b1277b1501f471960c8ca49f1588c6c885941640ae60: error pulling image sha256:a29f45ccde2ac0bde957b1277b1501f471960c8ca49f1588c6c885941640ae60: Error response from daemon: pull access denied for sha256, repository does not exist or may require 'docker login'
on test.tf line 17, in resource "docker_container" "test":
17: resource "docker_container" "test" {
为什么当使用多个Docker主机时,为什么我无法创建带有映像的容器,无法提取映像错误,从而无法提取映像?
docker_container.test引用docker_image.world,但是它们使用不同的提供程序(default和docker.worker):
resource "docker_container" "test" {
provider = docker.worker
image = docker_image.world.latest
name = "test"
}
resource "docker_image" "world" {
name = "hello-world:latest"
}
这是致命的,因为docker_image.world使用提供的default在tcp://192.168.1.10:2375 /上运行docker pull(在tcp ://1212.0.1:2375 /)。
这可以通过使用提供程序docker.world_worker创建一个docker_image来匹配docker_container.test来解决,如下所示:
resource "docker_container" "test" {
provider = docker.world_worker
image = docker_image.world.latest
name = "test"
}
resource "docker_image" "world_worker" {
provider = docker.world_worker
name = "hello-world:latest"
}
最初在问题中使用的模板存在一些问题。首先,使用了运行时间短的hello-world容器,这导致至少一个服务退出并显示Terraform错误消息。然后,在@Alain O'Dea的重要帮助下(请参阅相关答案和评论),我创建了以下修改后的模板,该模板可以工作并实现我的目标。
# Configure the Docker provider
provider "docker" {
host = "tcp://192.168.1.10:2375/"
}
provider "docker" {
alias = "worker"
host = "tcp://127.0.0.1:2375/"
}
# Create a container
resource "docker_container" "hello" {
image = docker_image.world.latest
name = "hello"
}
resource "docker_container" "test" {
provider = docker.worker
image = docker_image.world_image.latest
name = "test"
}
resource "docker_image" "world" {
name = "prom/prometheus:latest"
}
resource "docker_image" "world_image" {
provider = docker.worker
name = "nextcloud:latest"
}