允许使用Terraform创建的GCP虚拟机实例进行SSH访问

Question

允许使用Terraform创建的GCP虚拟机实例进行SSH访问

google-cloud-platformterraformterraform-provider-gcp

6

我正在尝试使用Terraform在GCP上创建虚拟机实例。实例已经被创建，但是我似乎无法访问实例的SSH。我的tf文件：

# Cloud Provider
provider "google" {
  version     = "3.5.0"
  credentials = file("./terraform-service-account.json")
  project     = "terraform-279210"
  region      = "us-central1"
  zone        = "us-central1-c"
}

# Virtual Private Network
resource "google_compute_network" "vpc_network" {
  name = "terraform-network"
}

# VM Instance
resource "google_compute_instance" "demo-vm-instance" {
  name         = "demo-vm-instance"
  machine_type = "f1-micro"
  tags         = ["demo-vm-instance"]
  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-9"
    }
  }
  metadata = {
    ssh-keys = "demouser:${file("./demouser.pub")}"
  }
  network_interface {
    network = google_compute_network.vpc_network.name
    access_config {
    }
  }
}

ssh -i demouser.pub demouser@<vm-external-ip> 返回：

ssh: connect to host <vm-external-ip> port 22: Operation timed out

似乎防火墙规则阻止了通过22端口的TCP连接，因为nc -zv <vm-external-ip> 22 无法成功。

- Moazzem Hossen

1

你为SSH创建了防火墙规则吗？ - hoque

你能告诉我如何获取SSH密钥吗？ - user15224751

创建虚拟机时，请提供SSH公钥。 metadata = { ssh-keys = "demouser:${file("./demouser.pub")}" } - Moazzem Hossen

1个回答

网页内容由stack overflow 提供, 点击上面的

可以查看英文原文，
原文链接

- hoque · Accepted Answer

使用以下内容创建防火墙规则。

resource "google_compute_firewall" "ssh-rule" {
  name = "demo-ssh"
  network = google_compute_network.vpc_network.name
  allow {
    protocol = "tcp"
    ports = ["22"]
  }
  target_tags = ["demo-vm-instance"]
  source_ranges = ["0.0.0.0/0"]
}