如何使用 Terraform 检索 AWS ECS 容器的公共 IP 地址

问题描述 投票:0回答:2

如何提取分配给 AWS ECS 集群/服务的容器的公共 IP 地址?

出于测试目的,我不想启动 ALB,因此我只是将服务添加到公共子网。到目前为止,我能想到的最好办法是使用 aws cli 来提取 IP 地址。我想知道是否有办法使用 Terraform 属性以某种方式拉取它。

resource "aws_ecs_cluster" "this" {
  name = "${lower(var.app_name)}-${lower(var.app_environment)}-cluster"
  
}

resource "aws_ecs_task_definition" "this" {
  family                   = "${lower(var.app_name)}-${lower(var.app_environment)}-task"
  execution_role_arn       = aws_iam_role.ecs_task_execution_role.arn
  container_definitions    = jsonencode([{
    name            = "${lower(var.app_name)}-${lower(var.app_environment)}-container"
    image           = "nginx:latest"
    portMappings    = [{ containerPort = 80 }]
  }])
  memory                   = 3072
  cpu                      = 1024
  requires_compatibilities = ["FARGATE"]
  network_mode             = "awsvpc"

  runtime_platform {
    operating_system_family = "LINUX"
    cpu_architecture        = "X86_64"
  }
}

resource "aws_ecs_service" "this" {
  name            = "${lower(var.app_name)}-${lower(var.app_environment)}-service"
  cluster         = aws_ecs_cluster.this.id
  task_definition = aws_ecs_task_definition.this.arn
  desired_count   = 1

  # Assign an Elastic IP address to the task
  network_configuration {
    assign_public_ip = true
    subnets          = [module.vpc100.public_subnet1_id,module.vpc100.public_subnet2_id]
    security_groups  = [aws_security_group.this.id]
  }

  # Configure the service to use Fargate
  launch_type = "FARGATE"

  tags = {
    Name = "${lower(var.app_name)}-${lower(var.app_environment)}-container"
  }

}

# My hack to pull the public IP address
resource "terraform_data" "publicip" {
  provisioner "local-exec" {
    command = <<EOF
        clustername=${lower(var.app_name)}-${lower(var.app_environment)}-cluster
        taskid=$(aws ecs list-tasks --cluster $clustername --query "taskArns[0]" --output text)
        eni=$(aws ecs describe-tasks --tasks $taskid --cluster example6-dev-cluster --query "tasks[0].attachments[0].details[?name=='networkInterfaceId'].value" --output text)
        publicip=$(aws ec2 describe-network-interfaces --query "NetworkInterfaces[?NetworkInterfaceId=='$eni'].Association.PublicIp" --output text)
        echo "$publicip"
    EOF
  }
  depends_on = [
    aws_ecs_service.this
  ]
}
amazon-web-services terraform amazon-ecs terraform-provider-aws
2个回答
2
投票

Terraform 无法做到这一点。 Terraform 只知道它告诉 AWS 创建一项服务。它不知道该服务正在管理的任何当前任务。 

terraform apply
完成后,您需要运行 AWS CLI 命令之类的命令。

0
投票

您可以按照以下步骤检索分配给 AWS ECS 集群/服务中的容器的公共 IP 地址:

  1. 在 aws_ecs_service 中将 
    enable_ecs_managed_tags
    设置为 
    true
    。这会将 ECS 配置为使用基本信息标记网络接口:

aws:ecs:服务名称 =

aws:ecs:集群名称 = 

resource "aws_ecs_service" "this" {
  # Your other configuration goes here
  task_definition         = aws_ecs_task_definition.this.arn
  desired_count           = 1

  enable_ecs_managed_tags = true  # It will tag the network interface with service name
  wait_for_steady_state   = true  # Terraform will wait for the service to reach a steady state 

  # Assign an Elastic IP address to the task
  network_configuration {
  # Rest of the configuration goes here
}
  1. 使用标签过滤器来识别网络接口
data "aws_network_interface" "interface_tags" {
  filter {
    name   = "tag:aws:ecs:serviceName"
    values = ["${lower(var.app_name)}-${lower(var.app_environment)}-service"]
  }
}

output "public_ip" {
    value = data.aws_network_interface.interface_tags.association[0].public_ip
}

有关更多上下文,您可以参考 GitHub 问题 如何使用 allocate_public_ip 从 aws_ecs_service 访问 IP

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.