Running 'remote-exec' with 'aws_autoscale_group'

[Sloan Thompson]

I need to run remote-exec against each instance created by the autoscale group.  I'm defining the remote-exec and connection within the aws_autoscale_group resource block but I'm getting an empty host when remote-exec executes.  From what I can tell I don't have the ability to parse the IP's of the instances created by the autoscale group, below is a snip for the .tf file and the output from 'terraform apply'

provisioner "remote-exec" {
  inline = [
    "sudo aws s3 cp s3://...",
    "sudo aws s3 cp s3://...",
    "sudo aws s3 cp s3://...",
    "${concat("ruby /etc/chef/..."
  ]
  connection {
    user = "ubuntu"
    key_file = "${var.key_path}"
    timeout = "300s"
  }
}

aws_autoscaling_group.fabric-autoscale-group: Provisioning with 'remote-exec'...
aws_autoscaling_group.fabric-autoscale-group (remote-exec): Connecting to remote host via SSH...
aws_autoscaling_group.fabric-autoscale-group (remote-exec):   Host:
aws_autoscaling_group.fabric-autoscale-group (remote-exec):   User: ubuntu
aws_autoscaling_group.fabric-autoscale-group (remote-exec):   Password: false
aws_autoscaling_group.fabric-autoscale-group (remote-exec):   Private key: true
aws_autoscaling_group.fabric-autoscale-group (remote-exec): Connection error, will retry: dial tcp :22: connection refused
aws_autoscaling_group.fabric-autoscale-group (remote-exec): Connection error, will retry: dial tcp :22: connection refused
aws_autoscaling_group.fabric-autoscale-group (remote-exec): Connection error, will retry: dial tcp :22: connection refused

[dan phrawzty]

What you've described here is an attempt to run a remote-exec against the autoscale group itself, which explains why the host is empty (an autoscale group doesn't have an IP).  As to your larger question, which is "how do I run a remote-exec against nodes created by an ASG?", I don't think that's possible in Terraform.  Consider that Terraform has a limited subset of knowledge: only resources declared by Terraform can be, in turn, known to Terraform.  The instances which are spun up according to the ASG's algorithm are outside of Terraform, thus Terraform can have no implicit knowledge of them.

This is my take on it, at least, based on my dealing with exactly the same question this morning.  I'd really, really like somebody to show me the error of my ways (if, indeed, I'm incorrect). :)


--
dan.

[Panagiotis Moustafellos]

An autoscaling group by definition has instances are treated as
disposable by definition. Even if you expect Terraform to yield the
instance ids (plus IPs/DNS etc) to run your remote-exec provisioner
this would only apply in the first run, and only for the first few
instances that will be launched in said ASG.

I suggest implement the provisioner logic using cloud-init (or
similar) via `userdata` in the autoscaling_launch_configuration
resource.

Regards,
P.

> --
> You received this message because you are subscribed to the Google Groups
> "Terraform" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to terraform-too...@googlegroups.com.
> To post to this group, send email to terrafo...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/terraform-tool/66795cba-792d-4ae4-8a62-0f734f9c4593%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.



--
Panagiotis Moustafellos