在 terraform 中是否有与 gcloud compute instances create-with-container 命令等效的命令?
Is there any equivalent in terraform to the gcloud compute instances create-with-container command?
我正在尝试在 Google Compute Engine 中创建一个 VM,它会自动运行我上传到 Google Container Registry 的容器(如此处所述https://cloud.google.com/compute/docs/containers/deploying-containers#how_deploying_containers_on_works)
gcloud compute instances create-with-container [INSTANCE_NAME] \
--container-image [DOCKER_IMAGE]
到目前为止有效,但我在 Terraform 中没有看到任何等效项。
据我所见,google_compute_image 对我没有帮助。
我使用 terraformer 对运行 Nginx 容器的计算引擎实例 instance-container 进行了反向改造。
这是结果地形文件
resource "google_compute_instance" "tfer--instance-002D-container" {
boot_disk {
auto_delete = "true"
device_name = "instance-container"
initialize_params {
image = "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-stable-80-12739-91-0"
size = "10"
type = "pd-standard"
}
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/your-project-id/zones/asia-east1-b/disks/instance-container"
}
can_ip_forward = "false"
deletion_protection = "false"
enable_display = "false"
labels = {
container-vm = "cos-stable-80-12739-91-0"
}
machine_type = "g1-small"
metadata = {
gce-container-declaration = "spec:\n containers:\n - name: instance-container\n image: nginx\n stdin: false\n tty: false\n restartPolicy: Always\n\n# This container declaration format is not public API and may change without notice. Please\n# use gcloud command-line tool or Google Cloud Console to run Containers on Google Compute Engine."
google-logging-enabled = "true"
}
name = "instance-container"
network_interface {
access_config {
nat_ip = "104.199.164.22"
network_tier = "PREMIUM"
}
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/your-project-id/global/networks/default"
network_ip = "10.140.15.223"
subnetwork = "https://www.googleapis.com/compute/v1/projects/your-project-id/regions/asia-east1/subnetworks/default"
subnetwork_project = "your-project-id"
}
project = "your-project-id"
scheduling {
automatic_restart = "true"
on_host_maintenance = "MIGRATE"
preemptible = "false"
}
service_account {
email = "your-project-id-compute@developer.gserviceaccount.com"
scopes = ["https://www.googleapis.com/auth/monitoring.write", "https://www.googleapis.com/auth/service.management.readonly", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/servicecontrol", "https://www.googleapis.com/auth/trace.append", "https://www.googleapis.com/auth/devstorage.read_only"]
}
shielded_instance_config {
enable_integrity_monitoring = "true"
enable_secure_boot = "false"
enable_vtpm = "true"
}
zone = "asia-east1-b"
}
与普通实例资源比较后,它看起来依赖于元数据 gce-container-declaration 和 labels 来完成这项工作。
然而,正如元数据中的评论所说,
This container declaration format is not public API and may change without notice.
Please use gcloud command-line tool or Google Cloud Console to run Containers on Google Compute Engine.
在您的 issue 被 Terraform Google 云平台提供商解决之前,此时使用 gcloud 命令更可靠。
我正在尝试在 Google Compute Engine 中创建一个 VM,它会自动运行我上传到 Google Container Registry 的容器(如此处所述https://cloud.google.com/compute/docs/containers/deploying-containers#how_deploying_containers_on_works)
gcloud compute instances create-with-container [INSTANCE_NAME] \
--container-image [DOCKER_IMAGE]
到目前为止有效,但我在 Terraform 中没有看到任何等效项。
据我所见,google_compute_image 对我没有帮助。
我使用 terraformer 对运行 Nginx 容器的计算引擎实例 instance-container 进行了反向改造。
这是结果地形文件
resource "google_compute_instance" "tfer--instance-002D-container" {
boot_disk {
auto_delete = "true"
device_name = "instance-container"
initialize_params {
image = "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-stable-80-12739-91-0"
size = "10"
type = "pd-standard"
}
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/your-project-id/zones/asia-east1-b/disks/instance-container"
}
can_ip_forward = "false"
deletion_protection = "false"
enable_display = "false"
labels = {
container-vm = "cos-stable-80-12739-91-0"
}
machine_type = "g1-small"
metadata = {
gce-container-declaration = "spec:\n containers:\n - name: instance-container\n image: nginx\n stdin: false\n tty: false\n restartPolicy: Always\n\n# This container declaration format is not public API and may change without notice. Please\n# use gcloud command-line tool or Google Cloud Console to run Containers on Google Compute Engine."
google-logging-enabled = "true"
}
name = "instance-container"
network_interface {
access_config {
nat_ip = "104.199.164.22"
network_tier = "PREMIUM"
}
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/your-project-id/global/networks/default"
network_ip = "10.140.15.223"
subnetwork = "https://www.googleapis.com/compute/v1/projects/your-project-id/regions/asia-east1/subnetworks/default"
subnetwork_project = "your-project-id"
}
project = "your-project-id"
scheduling {
automatic_restart = "true"
on_host_maintenance = "MIGRATE"
preemptible = "false"
}
service_account {
email = "your-project-id-compute@developer.gserviceaccount.com"
scopes = ["https://www.googleapis.com/auth/monitoring.write", "https://www.googleapis.com/auth/service.management.readonly", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/servicecontrol", "https://www.googleapis.com/auth/trace.append", "https://www.googleapis.com/auth/devstorage.read_only"]
}
shielded_instance_config {
enable_integrity_monitoring = "true"
enable_secure_boot = "false"
enable_vtpm = "true"
}
zone = "asia-east1-b"
}
与普通实例资源比较后,它看起来依赖于元数据 gce-container-declaration 和 labels 来完成这项工作。
然而,正如元数据中的评论所说,
This container declaration format is not public API and may change without notice.
Please use gcloud command-line tool or Google Cloud Console to run Containers on Google Compute Engine.
在您的 issue 被 Terraform Google 云平台提供商解决之前,此时使用 gcloud 命令更可靠。