问题描述
我已将 ECS 与容量提供程序一起用于部署我的应用程序,并为容量提供程序使用的 ASG 启用了缩减保护.在 Terraform destroy 我看到 terraform 试图销毁 ECS 集群,在尝试 10 分钟后它失败并输出,错误:删除 ECS 集群时出错:ClusterContainsContainerInstancesException:无法在容器实例处于活动状态或耗尽时删除集群.
I have used ECS with capacity provider for deployment of my application and have enabled scale-in protection for ASG used by capacity provider. During Terraform destroy I see terraform trying to destroy ECS cluster and after trying for 10 minutes it fails and outputs,Error: Error deleting ECS cluster: ClusterContainsContainerInstancesException: The Cluster cannot be deleted while Container Instances are active or draining.
我在这里做错了什么,
相关的 Terraform 脚本,
Relevant Terraform script,
对于 ECS
#ecs auto-scaling
resource "aws_appautoscaling_target" "ecs_target" {
max_capacity = var.ecs_max_size -- (8)
min_capacity = var.ecs_min_size -- (2)
resource_id = "service/${aws_ecs_cluster.kong.name}/${aws_ecs_service.kong.name}"
scalable_dimension = "ecs:service:DesiredCount"
service_namespace = "ecs"
}
resource "aws_appautoscaling_policy" "ecs_asg_cpu_policy" {
name = local.name
policy_type = "TargetTrackingScaling"
resource_id = aws_appautoscaling_target.ecs_target.resource_id
scalable_dimension = aws_appautoscaling_target.ecs_target.scalable_dimension
service_namespace = aws_appautoscaling_target.ecs_target.service_namespace
target_tracking_scaling_policy_configuration {
predefined_metric_specification {
predefined_metric_type = "ECSServiceAverageCPUUtilization"
}
target_value = 70
}
}
FOR 容量提供者
resource "aws_autoscaling_group" "kong" {
name = local.name
launch_configuration = aws_launch_configuration.kong.name
vpc_zone_identifier = data.aws_subnet_ids.private.ids
min_size = var.asg_min_size --(1)
max_size = var.asg_max_size --(4)
desired_capacity = var.asg_desired_capacity --(2)
protect_from_scale_in = true
tags = [
{
"key" = "Name"
"value" = local.name
"propagate_at_launch" = true
},
{
"key" = "AmazonECSManaged"
"value" = ""
"propagate_at_launch" = true
}
]
}
resource "aws_ecs_capacity_provider" "capacity_provider" {
name = local.name
auto_scaling_group_provider {
auto_scaling_group_arn = aws_autoscaling_group.kong.arn
managed_termination_protection = "ENABLED"
managed_scaling {
maximum_scaling_step_size = 4
minimum_scaling_step_size = 1
instance_warmup_period = 120
status = "ENABLED"
target_capacity = 75
}
}
}
resource "aws_ecs_cluster" "kong" {
name = local.name
capacity_providers = [
aws_ecs_capacity_provider.capacity_provider.name,
]
tags = merge(
{
"Name" = local.name,
"Environment" = var.environment,
"Description" = var.description,
"Service" = var.service,
},
var.tags
)
provisioner "local-exec" {
when = destroy
command = "aws autoscaling update-auto-scaling-group --auto-scaling-group-name ${self.name} --min-size 0 --desired-capacity 0"
}
}
地形版本:Terraform v0.14.7
Terraform version:Terraform v0.14.7
- provider registry.terraform.io/hashicorp/aws v3.46.0
推荐答案
这是 GitHub 中报告的长期存在的问题:
This is a long lasting issue reported in GitHub:
目前,似乎没有任何解决方案,除了手动干预或使用带有 AWS CLI 的 local-exec 临时来帮助 TF.
For now, there does not seem to be any solution to that, except manual interventions or using local-exec provisional with AWS CLI to aid TF.
这篇关于在 Terraform destroy 期间,terraform 在销毁 Auto-scaling 组之前尝试销毁 ECS 集群并且失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!