我正在尝试使用 Terraform 在 AWS 上启动 EC2 实例。到目前为止,配置良好,实例正常运行。SSH 也可以通过 Terraform 安全组等进入实例。
但是我想以非交互模式通过 Terraform 中的 remote-exec provisioner 安装一些命令。
这部分有效,直到我随机被这个“等待内核升级”弹出窗口击中。Terraform 然后冻结并永远等待,因为它需要用户输入。
我该如何设置来忽略该消息?
这是我的aws.tf:
# EC2 instance
resource "aws_instance" "spring_boot_server" {
ami = var.ami_ubuntu_22_04_lts
instance_type = var.instance_type
tags = {
Name = "SpringBootServer-${local.project_name}"
}
# Add a reference to the security group created below
security_groups = [aws_security_group.allow_ssh.name]
# To be able to SSH into this instance
key_name = var.ssh_key_name
connection {
type = "ssh"
user = "ubuntu"
private_key = file("~/.aws/aws/keypairs/devops.pem")
host = self.public_ip
}
provisioner "remote-exec" {
inline = [
# Update package lists and upgrade packages without prompts
"sudo apt update -y",
"sudo apt upgrade -y",
# Add and install Adoptium OpenJDK repository without prompts
"wget -qO - https://packages.adoptium.net/artifactory/api/gpg/key/public | sudo tee /etc/apt/keyrings/adoptium.asc > /dev/null",
"echo \"deb [signed-by=/etc/apt/keyrings/adoptium.asc] https://packages.adoptium.net/artifactory/deb $(awk -F= '/^VERSION_CODENAME/{print$2}' /etc/os-release) main\" | sudo tee /etc/apt/sources.list.d/adoptium.list > /dev/null",
"sudo apt update -y",
# Install Java JDK 17 without prompts and print installed Java version
"sudo apt install temurin-17-jdk -y",
"java --version",
# Add and install Jenkins repository without prompts
"curl -fsSL https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key | sudo tee /usr/share/keyrings/jenkins-keyring.asc > /dev/null",
"echo deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc] https://pkg.jenkins.io/debian-stable binary/ | sudo tee /etc/apt/sources.list.d/jenkins.list > /dev/null",
"sudo apt-get update -y",
# Install Jenkins without prompts
"sudo apt-get install jenkins -y",
# Start Jenkins service and print the status to verify that it has started
"sudo systemctl start jenkins",
"sudo systemctl status jenkins",
# Print the initial Jenkins password
"sudo cat /var/lib/jenkins/secrets/initialAdminPassword",
]
}
}
# Create a security group to allow SSH access
resource "aws_security_group" "allow_ssh" {
name = "allow-ssh"
description = "Allow SSH inbound traffic"
## SSH inbound rule
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Jenkins (port 8080) inbound rule
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Outbound rule for all traffic (0.0.0.0/0 means allow all outbound traffic)
egress {
from_port = 0
to_port = 0
# This indicates all protocols
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}