文章/答案/技术大牛

发布

社区首页 >问答首页 >使用WinRM上传到Azure : Error: i/o超时

问使用WinRM上传到Azure : Error: i/o超时
EN

Stack Overflow用户

提问于 2020-06-05 22:13:01

回答 1查看 1.7K关注 0票数 2

我试图使用使用WinRM将目录上传到Azure。获取各种错误和超时。Win2009服务器VM部署得很好，在部署之后，我可以使用WinRM对系统执行一个Powershell远程处理会话。但是，当我添加following (如下所示)时，我会得到以下错误之一：

Error: timeout - last error: http response error: 401 - invalid content type

或此错误，取决于切换到https true/false或不安全的true/false：

Error: timeout - last error: unknown error Post https://52.176.165.48:5985/wsman: http: server gave HTTP response to HTTPS client

是否有更好的方法在VM实例化之后上传目录并执行PowerShell后部署脚本？

这是我的*.tf文件：

locals {
  virtual_machine_name = "${var.prefix}-dc1"
  virtual_machine_fqdn = "${local.virtual_machine_name}.${var.active_directory_domain}"
  custom_data_params   = "Param($RemoteHostName = \"${local.virtual_machine_fqdn}\", $ComputerName = \"${local.virtual_machine_name}\")"
  custom_data_content  = "${local.custom_data_params} ${file("${path.module}/files/winrm.ps1")}"
}
resource "azurerm_availability_set" "dcavailabilityset" {
  name                         = "dcavailabilityset"
  resource_group_name          = "${var.resource_group_name}"
  location                     = "${var.location}"
  platform_fault_domain_count  = 3
  platform_update_domain_count = 5
  managed                      = true
}

resource "azurerm_virtual_machine" "domain-controller" {
  name                          = "${local.virtual_machine_name}"
  location                      = "${var.location}"
  resource_group_name           = "${var.resource_group_name}"
  availability_set_id           = "${azurerm_availability_set.dcavailabilityset.id}"
  network_interface_ids         = ["${azurerm_network_interface.primary.id}"]
  vm_size                       = "Standard_A1"
  delete_os_disk_on_termination = false

  storage_image_reference {
    publisher = "MicrosoftWindowsServer"
    offer     = "WindowsServer"
    sku       = "2019-Datacenter"
    version   = "latest"
  }

  storage_os_disk {
    name              = "${local.virtual_machine_name}-disk1"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Standard_LRS"
  }

  os_profile {
    computer_name  = "${local.virtual_machine_name}"
    admin_username = "${var.admin_username}"
    admin_password = "${var.admin_password}"
    custom_data    = "${local.custom_data_content}"
  }

  os_profile_windows_config {
    provision_vm_agent        = true
    enable_automatic_upgrades = false

    additional_unattend_config {
      pass         = "oobeSystem"
      component    = "Microsoft-Windows-Shell-Setup"
      setting_name = "AutoLogon"
      content      = "<AutoLogon><Password><Value>${var.admin_password}</Value></Password><Enabled>true</Enabled><LogonCount>1</LogonCount><Username>${var.admin_username}</Username></AutoLogon>"
    }

    # Unattend config is to enable basic auth in WinRM, required for the provisioner stage.
    additional_unattend_config {
      pass         = "oobeSystem"
      component    = "Microsoft-Windows-Shell-Setup"
      setting_name = "FirstLogonCommands"
      content      = "${file("${path.module}/files/FirstLogonCommands.xml")}"
    }
  }

  provisioner "file" {
    source      = "BadBlood"
    destination = "C:/BadBlood"
    connection {
      host     = "${azurerm_public_ip.dc1-external.ip_address}"
      type     = "winrm"
      user     = "${var.admin_username}"
      password = "${var.admin_password}"
      timeout  = "15m"
      https    = false
      port     = "5985"
      insecure = true
    }

  }

}

terraform

terraform-provider-azure

回答 1

Stack Overflow用户

回答已采纳

发布于 2020-06-10 02:44:05

这是决议。在Azure扩展中已经使用了一个winrm.ps1脚本来进行自动配置。我必须添加一个条目，以使端口5986侦听，因为它已经配置为侦听WinRM的https：

Write-Host "Enable HTTPS in WinRM"
$WinRmHttps = "@{Hostname=`"$RemoteHostName`"; CertificateThumbprint=`"$Thumbprint`"}"
winrm create winrm/config/Listener?Address=*+Transport=HTTPS $WinRmHttps

Write-Host "Set Basic Auth in WinRM"
$WinRmBasic = "@{Basic=`"true`"}"
winrm set winrm/config/service/Auth $WinRmBasicWrite-Host "Open Firewall Ports"
netsh advfirewall firewall add ruleenter code here name="Windows Remote Management (HTTP-In)" dir=in action=allow protocol=TCP localport=5985

netsh advfirewall firewall add rule name="Windows Remote Management (HTTPS-In)" dir=in action=allow protocol=TCP localport=5986

我不得不用Wireshark和netcat进行大量的数据包调试，才能弄清楚这一点，并从外部测试Azure。没有配置NSG规则，因为这只是一个测试实验室Azure系统。

最后，必须将文件提供程序配置为正确上载，并将https设置为true，端口5986：

  provisioner "file" {
    source      = "${path.module}/files/badblood.zip"
    destination = "C:/terraform/badblood.zip"
    connection {
      host     = "${azurerm_public_ip.dc1-external.ip_address}"
      type     = "winrm"
      user     = "${var.admin_username}"
      password = "${var.admin_password}"
      timeout  = "15m"
      https    = true
      port     = "5986"
      insecure = true
    }

票数 2

页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持

原文链接：

https://stackoverflow.com/questions/62224835

复制

相似问题

问使用WinRM上传到Azure : Error: i/o超时
EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问使用WinRM上传到Azure : Error: i/o超时EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问使用WinRM上传到Azure : Error: i/o超时
EN