Terraform自动标度组--为什么没有任何实例被启动？

Question

我正在尝试设置一个应用程序负载均衡器，它指向一个自动标度组，该组维护一组使用terraform的set服务器，如下所示：

##################################################################
# Application Load Balancer
##################################################################

module "lb" {
  source  = "terraform-aws-modules/alb/aws"
  version = "~> 5.0"

  name               = "server-load-balancer"
  internal           = false
  load_balancer_type = "application"

  vpc_id          = module.vpc.vpc_id
  security_groups = [module.lb-security-group.this_security_group_id]
  subnets         = module.vpc.public_subnets

  //  # See notes in README (ref: https://github.com/terraform-providers/terraform-provider-aws/issues/7987)
  //  access_logs = {
  //    bucket = module.log_bucket.this_s3_bucket_id
  //  }



  http_tcp_listeners = [
    # Forward action is default, either when defined or undefined
    {
      port               = 80
      protocol           = "HTTP"
      target_group_index = 0
      # action_type        = "forward"
    },

  ]



  target_groups = [
    {
      # name                 = "server-alb"
      backend_protocol     = "HTTP"
      backend_port         = 8080
      target_type          = "instance"
      deregistration_delay = 10
      vpc_id               = module.vpc.vpc_id
      health_check = {
        enabled             = true
        interval            = 30
        path                = "/"
        port                = "8080"
        healthy_threshold   = 3
        unhealthy_threshold = 3
        timeout             = 6
        protocol            = "HTTP"
        matcher             = "200-299"
      }
      tags = {
        InstanceTargetGroupTag = "webservers"
      }
    },
  ]

  tags = {
    Name = "Load Balancer"
  }

}

##################################################################
# Security Groups
##################################################################

module "lb-security-group" {
  source = "terraform-aws-modules/security-group/aws"

  name        = "load-balancer-security-group"
  description = "Security group for the Application Load Balancer on the public subnet."
  vpc_id      = module.vpc.vpc_id

  ingress_cidr_blocks = ["0.0.0.0/0"]
  ingress_rules       = ["ssh-tcp", "http-80-tcp", "https-443-tcp"]
  egress_rules        = ["all-all"]
  tags = {
    Name        = "Security Group"
    Environment = var.environment_tag
  }
}


module "autoscaler-security-group" {
  source = "terraform-aws-modules/security-group/aws"

  name        = "autoscaler-security-group"
  description = "Security group for the autoscaler on the private subnet."
  vpc_id      = module.vpc.vpc_id

  ingress_cidr_blocks = var.private_subnet_cidrs
  ingress_rules       = ["http-8080-tcp", "ssh-tcp", "http-80-tcp", "https-443-tcp"]
  egress_rules = ["all-all"]
  tags = {
    Name        = "Security Group"
    Environment = var.environment_tag
  }
}


##################################################################
# Launch configurations and autoscaling group
##################################################################

module "autoscaler" {

  source  = "terraform-aws-modules/autoscaling/aws"
  version = "~> 3.0"

  name              = "server-autoscaler"
  enable_monitoring = true

  # Launch configuration
  #
  # launch_configuration = "my-existing-launch-configuration" # Use the existing launch configuration
  # create_lc = false # disables creation of launch configuration
  lc_name = "server-lc"

  image_id                     = data.aws_ami.server.id
  instance_type                = var.instance_type
  security_groups              = [module.autoscaler-security-group.this_security_group_id]
  target_group_arns            = module.lb.target_group_arns
  associate_public_ip_address  = false
  recreate_asg_when_lc_changes = true
  force_delete                 = false


  user_data = data.template_file.init.rendered

  root_block_device = [
    {
      volume_size = "5"
      volume_type = "gp2"
    },
  ]

  # Auto scaling group
  asg_name            = "server-asg"
  vpc_zone_identifier = module.vpc.private_subnets
  health_check_type   = "EC2"
  # Time in Millisec
  health_check_grace_period = 300
  min_size                  = 1
  max_size                  = 2
  desired_capacity          = 1
  min_elb_capacity = 1
  wait_for_capacity_timeout = 0

  # service_linked_role_arn   = aws_iam_service_linked_role.autoscaling.arn

  tags = [
    {
      key                 = "Environment"
      value               = var.environment_tag
      propagate_at_launch = true
    },
    {
      key                 = "Project"
      value               = var.project
      propagate_at_launch = true
    },
  ]
}

如您所见，我指定：

  # Auto scaling group
  asg_name            = "server-asg"
  vpc_zone_identifier = module.vpc.private_subnets
  health_check_type   = "EC2"
  # Time in Millisec
  health_check_grace_period = 300
  min_size                  = 1
  max_size                  = 2
  desired_capacity          = 1
  min_elb_capacity = 1
  wait_for_capacity_timeout = 0

在自动标度组中，我认为这意味着至少会有一个实例被启动和维护，而terraform将等待实例恢复正常后才能继续前进。然而，我发现terraform成功地完成了，但是在自动标度组中从来没有启动过实例，所以当我转到URL时，会得到503个错误。

我在AWS控制台中看到，我可以注册目标，但是我想用terraform来做所有事情。我看了看这里的github示例，我并没有看到他们在做什么不同的事情。

为什么我的自动标度组没有启动任何实例？任何帮助都将不胜感激。

Answer 1

我试图在我的沙箱环境中启动您的代码。

我注意到，由于您正在使用的卷大小很小，所以没有启动这些实例。我在ASG控制台中遇到了错误：

启动一个新的EC2实例。状态原因:大小为5GB的卷比快照'snap-028531a83139c57d1‘要小一些，预期大小为>= 8GB。启动EC2实例失败。

使用8GB就足以在ASG中启动实例：

  root_block_device = [
    {
      volume_size = "8"
      volume_type = "gp2"
    },
  ]