1. 技术文章
  2. How to run sudo commands in terraform?

How to run sudo commands in terraform?

谁说我不能喝 提交于 2019-12-22 05:01:19

问题


My question is similar to this git hub post, but unfortunately it is unsolved:

https://github.com/hashicorp/terraform/issues/550

I want a simple way to give sudo privileges to the commands run in the provisioner "remote-exec" { } block of my terraform scripts.

I am coming from an ansible background that has the sudo: yes option that allows any commands ansible runs to run commands with sudo privileges when using the --ask-sudo-pass optional in my ansible-playbook run commands. I would like to do something like that in the provisioner "remote-exec" block of my terraform script.

Here is the provisioner "remote-exec" block I want to run:

  provisioner "remote-exec" {
    inline = [
      "sudo apt-get update",
      "sudo apt-get install -y curl"
    ]
  }

When I run this in my terraform apply I see the following lines appear in the output of this command:

openstack_compute_instance_v2.test.0 (remote-exec): [sudo] password for myUserName:
openstack_compute_instance_v2.test.1 (remote-exec): [sudo] password for myUserName:
openstack_compute_instance_v2.test.2 (remote-exec): [sudo] password for myUserName:

Then it just gives me an infinite number of these: 

openstack_compute_instance_v2.test.0: Still creating... 
openstack_compute_instance_v2.test.1: Still creating... 
openstack_compute_instance_v2.test.2: Still creating...

So how do I fix this and let terraform run sudo commands?

Note: The connection for my provisioner "remote-exec" block cannot be root, so even though that would be a simple solution its not what I can use.


回答1:


The answer was to use the following syntax in my first sudo command:

"echo yourPW | sudo -S someCommand"

This bypasses the sudo password prompt and enters the password directly into the command. I already had my sudo password as a variable "${var.pw}" so running my sudo commands was the simple matter of changing my first command to:

  provisioner "remote-exec" {
    inline = [
      "echo ${var.pw} | sudo -S apt-get update",
      "sudo apt-get install -y curl"
    ]
  }



回答2:


What about:

echo ${var.pw} | sudo -S -k apt-get update

-k means to ignore cached credentials to force sudo to always ask. This is for consistent behavior.

https://superuser.com/q/67765



来源:https://stackoverflow.com/questions/37847273/how-to-run-sudo-commands-in-terraform

标签
sudo
provisioning
terraform
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!