Terraform错误“错误锁定状态:获取状态锁:发生2次错误”

Question

概述

当我研究Terraform的状态锁定时，有些部分我不明白。

• terraform v0.14.6

# Specify the provider and access details
provider "aws" {
  region  = "ap-northeast-1"
  profile = "default"
}

terraform {
  backend "s3" {
    key            = "terraform.tfstate"
    bucket         = "terraform-sample-yuta"
    region         = "ap-northeast-1"
    dynamodb_table = "terraform-state-lock-dynamo"
  }
}

resource "aws_dynamodb_table" "dynamodb-terraform-state-lock" {
  name           = "terraform-state-lock-dynamo"
  hash_key       = "LockID"
  read_capacity  = 20
  write_capacity = 20

  attribute {
    name = "LockID"
    type = "S"
  }

  tags = {
    Name = "DynamoDB State Lock Table"
  }
}

resource "aws_instance" "web" {
  instance_type = "t3.small"
  # Amazon Linux2
  ami   = "ami-0992fc94ca0f1415a"
  count = 1
  tags = {
    Name = "EC2 instance terraform"
  }
}

我执行此main.tf、terraform plan main.tf，并发生以下错误。

$ terraform plan

Error: Error locking state: Error acquiring the state lock: 2 errors occurred:
    * ResourceNotFoundException: Requested resource not found
    * ResourceNotFoundException: Requested resource not found



Terraform acquires a state lock to protect the state from being written
by multiple users at the same time. Please resolve the issue above and try
again. For most commands, you can disable locking with the "-lock=false"
flag, but this is not recommended.

具有类似的错误，Terraform错误:错误锁定状态:获得状态锁的错误:发生了2个错误：

因此，我已经预先创建了DynamoDB。但是，又发生了另一个错误。

Acquiring state lock. This may take a few moments...
aws_instance.web[0]: Refreshing state... [id=i-084998a0833bc68cb]
aws_dynamodb_table.dynamodb-terraform-state-lock: Creating...

Error: error creating DynamoDB Table: ResourceInUseException: Table already exists: terraform-state-lock-dynamo

我可以使用-lock=false标志解决这个问题，但不建议这样做。

请给我一些建议，不要使用-lock=false标志。

Answer 1

在我看来，这个错误来自于本地锁。

-rw-r--r--   1 myusername  staff  1002 Feb 17 13:02 .terraform.lock.hcl
drwxr-xr-x   4 myusername  staff   128 Feb 17 18:19 .terraform/

删除这些文件，因为你在初始阶段，我认为你清理，然后再试一次。

我能够实现这个精确的设置，下面是我的步骤：

1. 创建DynamoDB表和S3桶

resource "aws_s3_bucket" "terraform_state" {
  bucket = "terraform-up-and-running-statezpl"
  # Enable versioning so we can see the full revision history of our
  # state files
  versioning {
    enabled = true
  }
  # Enable server-side encryption by default
  server_side_encryption_configuration {
    rule {
      apply_server_side_encryption_by_default {
        sse_algorithm = "AES256"
      }
    }
  }
}

resource "aws_dynamodb_table" "terraform_locks" {
  name         = "terraform-up-and-running-locks"
  billing_mode = "PAY_PER_REQUEST"
  hash_key     = "LockID"
  attribute {
    name = "LockID"
    type = "S"
  }
}
output "s3_bucket_arn" {
  value       = aws_s3_bucket.terraform_state.arn
  description = "The ARN of the S3 bucket"
}
output "dynamodb_table_name" {
  value       = aws_dynamodb_table.terraform_locks.name
  description = "The name of the DynamoDB table"
}

1.1 terraform init and apply

aws_s3_bucket.terraform_state: Creating...
aws_dynamodb_table.terraform_locks: Creating...
aws_dynamodb_table.terraform_locks: Creation complete after 8s [id=terraform-up-and-running-locks]
aws_s3_bucket.terraform_state: Creation complete after 9s [id=terraform-up-and-running-statezpl]

1. 然后，当您共享代码段时，我配置了我的后端。

terraform {
  backend "s3" {
    key            = "terraform.tfstate"
    bucket         = "terraform-up-and-running-statezpl"
    region         = "us-east-1"
    dynamodb_table = "terraform-up-and-running-locks"
  }
}

2.1 terraform init

Initializing the backend...
Acquiring state lock. This may take a few moments...
Do you want to copy existing state to the new backend?
  Pre-existing state was found while migrating the previous "local" backend to the
  newly configured "s3" backend. No existing state was found in the newly
  configured "s3" backend. Do you want to copy this state to the new "s3"
  backend? Enter "yes" to copy and "no" to start with an empty state.

  Enter a value: yes

Releasing state lock. This may take a few moments...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.

Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file

Terraform has been successfully initialized!

作者在本文中讨论了如何管理地形状态相当不错的资源，即使是在这个案例中，也没有很多不同的用例。