无法通过 terraform OCI 、remote-exec 连接到远程主机

发布于 2025-01-10 07:49:37 字数 694 浏览 0 评论 0原文

我是 Terraform、OCI 的新手。因此，我现在尝试通过云 shell 在 OCI 中的 Linux 主机上进行 ssh，但该主机位于私有子网中。所以我尝试下面的命令但出现超时错误。

你能告诉我哪里错了吗

resource "null_resource" "remote-exec" {


    provisioner "remote-exec" {
        connection {
            agent =false
            timeout = "5m"
            host ="xx.xx.xx.x"   --- This is in a private subnet(private ip address to connect to linux env)
            user = var.host_user_name
           private_key =file("${path.module}/sshkey.pem")
        }
        inline = [
            "sleep 10",
            "sudo su - oracle",
            "source EBSapps.env run",
            "cd /u01/",
            "touch ytest.txt",
        ]
    }
}

原文

I am new to Terraform , OCI .
So I am now trying to ssh on a linux host in my OCI via cloud shell, but that host is in a private subnet. So I am trying below command but getting timeout error.

Could you please tell me where I am getting this wrong

resource "null_resource" "remote-exec" {


    provisioner "remote-exec" {
        connection {
            agent =false
            timeout = "5m"
            host ="xx.xx.xx.x"   --- This is in a private subnet(private ip address to connect to linux env)
            user = var.host_user_name
           private_key =file("${path.module}/sshkey.pem")
        }
        inline = [
            "sleep 10",
            "sudo su - oracle",
            "source EBSapps.env run",
            "cd /u01/",
            "touch ytest.txt",
        ]
    }
}

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

浪漫之都 2025-01-17 07:49:37

@Deepak ..我猜你无法使用私有IP连接到私有子网中的实例。在这种情况下，您将需要堡垒主机。在从 terraform 尝试之前，您是否从 OCI 控制台尝试过？我相信你将无法仅通过私有IP连接到实例。如果您想在 terraform 中完成设置，您需要为 bastion-host 创建资源，然后您可以通过 bastion 主机连接到私有子网实例。在这种情况下，您的远程执行块将具有堡垒主机 IP。类似于以下

 provisioner "remote-exec" {
        connection {
            agent =false
            timeout = "5m"
            host ="xx.xx.xx.x"   --- This should be bastion host IP
            user = var.host_user_name
           private_key =file("${path.module}/sshkey.pem")
        }

参考文献：

https ://medium.com/@harjulthakkar/connect-to-private-compute-instance-using-oci-bastion-service-ca96a3ceea49

https://registry.terraform.io/providers/hashicorp/ oci/latest/docs/resources/bastion_bastion

@Deepak .. I guess you cannot connect to instance in private subnet using private IP. You would need bastion host in this case. Before trying it from terraform, did you try it out from OCI console?. I believe you will not be able to connect to instance just by private IP. If you want complete setup in terraform, you would need to create resource for bastion-host and then you can get connect to private subnet instance via bastion host. In this case, you remote execution block will have bastion-host IP. Something similar to below

 provisioner "remote-exec" {
        connection {
            agent =false
            timeout = "5m"
            host ="xx.xx.xx.x"   --- This should be bastion host IP
            user = var.host_user_name
           private_key =file("${path.module}/sshkey.pem")
        }

References:

https://medium.com/@harjulthakkar/connect-to-private-compute-instance-using-oci-bastion-service-ca96a3ceea49

https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/bastion_bastion

回复收藏 0 原文

~没有更多了~