Terraform 不断删除 virtual_network_subnet_id 并在后续运行中为 azurerm_linux_function_app 重新添加 vnet 集成

问题描述 投票:0回答:2

我使用带有 vnet 集成的 azurerm_linux_function_app 创建了一个 terraform 脚本(使用 azurerm_app_service_virtual_network_swift_connection)。如果我运行 Terraform 脚本,一切都会按预期工作,但如果我再次运行 Terraform,它会建议通过删除 virtual_network_subnet_id 来就地更新函数应用程序,这会破坏 vnet 集成。如果我再次运行 terraform,它建议再次创建 azurerm_app_service_virtual_network_swift_connection,一切正常,并且此循环继续。

resource "azurerm_subnet" "this" {
  name                 = "name"
  resource_group_name  = azurerm_resource_group.rg.name
  virtual_network_name = azurerm_virtual_network.vnet.name
  address_prefixes     = ["10.0.5.128/26"]
  service_endpoints    = ["Microsoft.AzureCosmosDB"]
  delegation {
    name = "name-delegation"

    service_delegation {
      name    = "Microsoft.Web/serverFarms"
      actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
    }
  }
}

resource "azurerm_linux_function_app" "this" {
  name                       = "name"
  resource_group_name        = azurerm_resource_group.rg.name
  location                   = azurerm_resource_group.rg.location
  storage_account_name       = azurerm_storage_account.this.name
  storage_account_access_key = azurerm_storage_account.this.primary_access_key
  service_plan_id            = azurerm_service_plan.this.id
  https_only                 = true
  site_config {
    vnet_route_all_enabled = true
    cors {
      allowed_origins = ["https://portal.azure.com"]
    }
    application_stack {
      node_version = "18"
    }
  }
  app_settings = {
  }
  depends_on = [azurerm_cosmosdb_account.db]
}

resource "azurerm_app_service_virtual_network_swift_connection" "this" {
  app_service_id = azurerm_linux_function_app.this.id
  subnet_id      = azurerm_subnet.this.id
}
terraform azure-functions terraform-provider-azure subnet vnet
2个回答
0
投票

很高兴问题得到解决,作为一种解决方法,而不是删除快速连接

您可以在 terraform 代码中使用此 SO 线程中提到的生命周期块,以避免您的快速连接再次更新,请参阅下文:-

我的 Terraform 代码:-

我从这个官方 Terraform 文档引用了以下 terraform 代码,并通过添加 Depends on 和生命周期块来修改代码。


# We strongly recommend using the required_providers block to set the
# Azure Provider source and version being used
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=3.58.0"
    }
  }
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
  
subscription_id = "subid"
tenant_id = "tenantid"
client_id = "clientid"
client_secret = "clientsecret"
features {
  resource_group {
    prevent_deletion_if_contains_resources = false
  }
}

}

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurerm_virtual_network" "example" {
  name                = "example-virtual-network"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  depends_on = [ azurerm_resource_group.example ]
}

resource "azurerm_subnet" "example" {
  name                 = "example-subnet"
  resource_group_name  = azurerm_resource_group.example.name
  virtual_network_name = azurerm_virtual_network.example.name
  address_prefixes     = ["10.0.1.0/24"]
  

  delegation {
    name = "example-delegation"

    service_delegation {
      name    = "Microsoft.Web/serverFarms"
      actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
    }
  }
  depends_on = [ azurerm_virtual_network.example ]
}

resource "azurerm_app_service_plan" "example" {
  name                = "example-app-service-plan"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  depends_on = [ azurerm_resource_group.example ]

  sku {
    tier = "Standard"
    size = "S1"
  }
}

resource "azurerm_storage_account" "example" {
  name                     = "siliconstrg54332"
  resource_group_name      = azurerm_resource_group.example.name
  location                 = azurerm_resource_group.example.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
  depends_on = [ azurerm_resource_group.example ]
}

resource "azurerm_function_app" "example" {
  name                       = "siliconfunc-0987"
  location                   = azurerm_resource_group.example.location
  resource_group_name        = azurerm_resource_group.example.name
  app_service_plan_id        = azurerm_app_service_plan.example.id
  storage_account_name       = azurerm_storage_account.example.name
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  depends_on = [azurerm_app_service_plan.example]
}
resource "azurerm_app_service_virtual_network_swift_connection" "this" {
  app_service_id = azurerm_function_app.example.id
  subnet_id      = azurerm_subnet.example.id

depends_on = [azurerm_subnet.example, azurerm_function_app.example]
  lifecycle {
    ignore_changes = [
      subnet_id,
    ]
  }
}

生命周期块:-

resource "azurerm_app_service_virtual_network_swift_connection" "this" {
  app_service_id = azurerm_function_app.example.id
  subnet_id      = azurerm_subnet.example.id

depends_on = [azurerm_subnet.example, azurerm_function_app.example]
  lifecycle {
    ignore_changes = [
      subnet_id,
    ]
  }
}

输出:-

enter image description here

enter image description here

当我再次运行该计划时,它没有要求我更新 Swift 连接或功能应用程序,除了要求我添加标签作为成本中心,请参阅下面:-

enter image description here

您可以通过添加此来添加标签

tags = { costCenter = "My Cost Center" }

在我的资源块中添加此内容后,当我运行计划时,我得到了所需的状态,请参阅下面:-

enter image description here

使用此官方 Terraform 文档引用的标签的完整代码,并使用 Depends on 和生命周期块进行修改。

# We strongly recommend using the required_providers block to set the
# Azure Provider source and version being used
terraform {
  required_providers {
    azurerm = {
      source  = "hashicorp/azurerm"
      version = "=3.58.0"
    }
  }
}

# Configure the Microsoft Azure Provider
provider "azurerm" {
  
subscription_id = "subid"
tenant_id = "tenantid"
client_id = "clientid"
client_secret = "clientsecret"
features {
  resource_group {
    prevent_deletion_if_contains_resources = false
  }
}

}

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurerm_virtual_network" "example" {
  name                = "example-virtual-network"
  address_space       = ["10.0.0.0/16"]
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  tags = {
    costCenter = "My Cost Center"
  }
  depends_on = [ azurerm_resource_group.example ]
}

resource "azurerm_subnet" "example" {
  name                 = "example-subnet"
  resource_group_name  = azurerm_resource_group.example.name
  virtual_network_name = azurerm_virtual_network.example.name
  address_prefixes     = ["10.0.1.0/24"]
  

  delegation {
    name = "example-delegation"

    service_delegation {
      name    = "Microsoft.Web/serverFarms"
      actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
    }
  }
  depends_on = [ azurerm_virtual_network.example ]
}

resource "azurerm_app_service_plan" "example" {
  name                = "example-app-service-plan"
  location            = azurerm_resource_group.example.location
  resource_group_name = azurerm_resource_group.example.name
  depends_on = [ azurerm_resource_group.example ]

  sku {
    tier = "Standard"
    size = "S1"
  }
  tags = {
    costCenter = "My Cost Center"
}
}

resource "azurerm_storage_account" "example" {
  name                     = "siliconstrg54332"
  resource_group_name      = azurerm_resource_group.example.name
  location                 = azurerm_resource_group.example.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
  
  tags = {
    costCenter = "My Cost Center"
  }
  depends_on = [ azurerm_resource_group.example ]
}

resource "azurerm_function_app" "example" {
  name                       = "siliconfunc-0987"
  location                   = azurerm_resource_group.example.location
  resource_group_name        = azurerm_resource_group.example.name
  app_service_plan_id        = azurerm_app_service_plan.example.id
  storage_account_name       = azurerm_storage_account.example.name
  storage_account_access_key = azurerm_storage_account.example.primary_access_key
  tags = {
    costCenter = "My Cost Center"
  }
  depends_on = [azurerm_app_service_plan.example]
}
resource "azurerm_app_service_virtual_network_swift_connection" "this" {
  app_service_id = azurerm_function_app.example.id
  subnet_id      = azurerm_subnet.example.id

depends_on = [azurerm_subnet.example, azurerm_function_app.example]
  lifecycle {
    ignore_changes = [
      subnet_id,
    ]
  }
}
0
投票

接受的答案是错误的。事实上,以下代码提供了 VNET 与函数应用程序的集成。

resource "azurerm_app_service_virtual_network_swift_connection" "this" {
  app_service_id = azurerm_function_app.example.id
  subnet_id      = azurerm_subnet.example.id
}

但是,不应该忽略对 

subnet_id
的更改。应在 
azurerm_function_app
资源上添加以下内容,从而忽略对 VNET 与函数应用程序集成的更改:

  lifecycle {
    ignore_changes = [virtual_network_subnet_id]
  }
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.