マネジメントコンソールで EFS をマウントする EC2 インスタンスを作成すると、ユーザーデータを勝手に作ってくれるが、Terraform で作る場合には自分で書かなければいけないので、既存のインスタンスのユーザーデータを確認する方法のメモ。
$ aws ec2 describe-instance-attribute --attribute userData --instance-id i-0f2510be2315677bc | jq -r '.UserData.Value' | base64 --decode #cloud-config package_update: true package_upgrade: true runcmd: - yum install -y amazon-efs-utils - apt-get -y install amazon-efs-utils - yum install -y nfs-utils - apt-get -y install nfs-common - file_system_id_1=fs-0a662024583f1a679 - efs_mount_point_1=/mnt/efs/fs1 - mkdir -p "${efs_mount_point_1}" - test -f "/sbin/mount.efs" && printf "\n${file_system_id_1}:/ ${efs_mount_point_1} efs tls,_netdev\n" >> /etc/fstab || printf "\n${file_system_id_1}.efs.ap-northeast-1.amazonaws.com:/ ${efs_mount_point_1} nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,_netdev 0 0\n" >> /etc/fstab - test -f "/sbin/mount.efs" && grep -ozP 'client-info]\nsource' '/etc/amazon/efs/efs-utils.conf'; if [[ $? == 1 ]]; then printf "\n[client-info]\nsource=liw\n" >> /etc/amazon/efs/efs-utils.conf; fi; - retryCnt=15; waitTime=30; while true; do mount -a -t efs,nfs4 defaults; if [ $? = 0 ] || [ $retryCnt -lt 1 ]; then echo File system mounted successfully; break; fi; echo File system not available, retrying to mount.; ((retryCnt--)); sleep $waitTime; done;
なお、これをユーザーデータに入れる際には変数 ${hogehoge}
部分のエスケープが必要。変数を渡したいところもある。エスケープしたいところは $$
のようにする。
resource "aws_instance" "this" { ami = data.aws_ssm_parameter.this.value instance_type = "t3.large" subnet_id = var.public_subnet_a_id vpc_security_group_ids = [aws_security_group.this.id] key_name = var.key_name associate_public_ip_address = true iam_instance_profile = aws_iam_instance_profile.this.id tags = { Name = "${var.app_name}-bastion" } user_data = <<EOF #cloud-config package_update: true package_upgrade: true runcmd: - yum install -y amazon-efs-utils - apt-get -y install amazon-efs-utils - yum install -y nfs-utils - apt-get -y install nfs-common - file_system_id_1=${var.efs_file_system_id} - efs_mount_point_1=/mnt/efs/fs1 - mkdir -p "$${efs_mount_point_1}" - test -f "/sbin/mount.efs" && printf "\n$${file_system_id_1}:/ $${efs_mount_point_1} efs tls,_netdev\n" >> /etc/fstab || printf "\n$${file_system_id_1}.efs.ap-northeast-1.amazonaws.com:/ $${efs_mount_point_1} nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2,noresvport,_netdev 0 0\n" >> /etc/fstab - test -f "/sbin/mount.efs" && grep -ozP 'client-info]\nsource' '/etc/amazon/efs/efs-utils.conf'; if [[ $? == 1 ]]; then printf "\n[client-info]\nsource=liw\n" >> /etc/amazon/efs/efs-utils.conf; fi; - retryCnt=15; waitTime=30; while true; do mount -a -t efs,nfs4 defaults; if [ $? = 0 ] || [ $retryCnt -lt 1 ]; then echo File system mounted successfully; break; fi; echo File system not available, retrying to mount.; ((retryCnt--)); sleep $waitTime; done; EOF }