我正在尝试使用Terraform在AWS中构建Docker Swarm集群。我已经成功启动了Swarm管理器,但是我正在尝试找出如何最好地将Join密钥传递给工作器(将在管理器之后创建)。
我想以某种方式运行docker swarm join-token worker -q命令,该命令可以设置为Terraform变量。这样,工作人员可以使用remote_exec命令,例如docker swarm join ${var.swarm_token} ${aws_instance.swarm-manager.private_ip}
我怎样才能做到这一点?
我的配置如下:
resource "aws_instance" "swarm-manager" {
ami = "${var.manager_ami}"
instance_type = "${var.manager_instance}"
tags = {
Name = "swarm-manager${count.index + 1}"
}
provisioner "remote-exec" {
inline = [
"sleep 30",
"docker swarm init --advertise-addr ${aws_instance.swarm-manager.private_ip}"
"docker swarm join-token worker -q" // This is the value I want to store as a variable/output/etc
]
}
}
谢谢
最佳答案
您可以在远程配置脚本的补充中使用external data source。
这可以部署到您的群管理器中,并在配置它们后获取 token 。
如果您有N个群组管理员,则在创建管理员之后可能必须立即全部完成。外部数据源返回纯字符串映射,因此需要使用使您能够为每个节点选择正确结果的键,或者将整个集合作为定界字符串返回,并使用element()和split()获取正确的项。
resource "aws_instance" "swarm_manager" {
ami = "${var.manager_ami}"
instance_type = "${var.manager_instance}"
tags = {
Name = "swarm-manager${count.index + 1}"
}
provisioner "remote-exec" {
inline = [
"sleep 30",
"docker swarm init --advertise-addr ${aws_instance.swarm-manager.private_ip}"
]
}
}
data "external" "swarm_token" {
program = ["bash", "${path.module}/get_swarm_tokens.sh"]
query = {
swarms = ["${aws_instance.swarm_manager.*.private_ip}"]
}
}
resource "aws_instance" "swarm_node" {
count = "${var.swarm_size}"
ami = "${var.node_ami}"
tags = {
Name = "swarm-node-${count.index}"
}
provisioner "remote-exec" {
inline = [
"# Enrol me in the right swarm, distributed over swarms available",
"./enrol.sh ${element(split("|", data.swarm_token.result.tokens), count.index)}"
]
}
}