描述
我目前面临一个问题,我的Terraform基础设施设置使用亚特兰蒂斯和Terragrunt。当Terragrunt试图创建多个工作空间时,问题就出现了,每个工作空间都需要不同版本的Terraform。为了解决这个问题,Terragrunt利用
tfenv install
以并行安装必要的Terraform版本。
但是,这种并发执行会在安装过程中导致与权限相关的错误,从而导致以下问题:
/home/user/.tfenv/lib/tfenv-exec.sh: line 43: /home/user/.tfenv/versions/1.6.2/terraform: Permission denied
/home/user/.tfenv/lib/tfenv-exec.sh: line 43: exec: /home/user/.tfenv/versions/1.6.2/terraform: cannot execute: Permission denied
我已经在tfenv GitHub存储库中创建了一个问题
here
.
为了缓解这个问题,我正在探索为
tfenv安装
确保
序列化安装
Terraform版本。
该脚本应确保即使多个工作区并行执行,Terraform版本的任何安装都是按顺序完成的。这是为了防止在同时尝试多个安装时可能出现的争用情况。
我如何看待流量:
-
亚特兰蒂斯称之为“tfenv包装器”
-
包装器检查是否存在锁:
a.如果没有锁,则此调用获取锁并进行到步骤3。
b.如果存在锁,则此调用将等待该锁变为可用,并进行到步骤4。
-
带有锁的调用安装所需版本的tfenv并释放锁。
-
不带锁的调用会检查活动锁安装的版本。如果它与所需版本匹配,则可以安全退出。如果没有,则等待锁变为可用,并进入步骤3。
我已经起草了一个剧本,但它似乎没有正确地解决这个问题。这是我创建的脚本:
#!/bin/bash
LOCK_FILE="/tmp/tfenv-wrapper.lock"
PROCESS_COUNTER_FILE="/tmp/tfenv-process-counter"
MAX_CONCURRENT_PROCESSES=2
# Function to acquire a lock
function acquire_lock() {
exec 100>"$LOCK_FILE"
flock -x 100
}
# Function to release the lock
function release_lock() {
flock -u 100
}
# Function to get the current process count
function get_process_count() {
pgrep -f "tfenv install" | grep -v $$ | wc -l
}
# Function to update the process count
function update_process_count() {
get_process_count > "$PROCESS_COUNTER_FILE"
}
# Set up the EXIT trap to release the lock and remove the lock file on script exit
trap 'release_lock' EXIT
# Infinite loop to keep the script running
while true; do
# Acquire the lock
acquire_lock
echo "Lock acquired."
# Read the number of running processes from the counter file
num_processes=$(get_process_count)
echo "Number of tfenv processes: $num_processes"
# If the number of running processes exceeds the limit, wait
while [ "$num_processes" -ge "$MAX_CONCURRENT_PROCESSES" ]; do
echo "Maximum number of concurrent 'tfenv' processes reached. Waiting for processes to complete."
sleep 2
num_processes=$(get_process_count)
done
# Increment the process counter
((num_processes++))
update_process_count
# Release the lock
release_lock
echo "Released lock."
# Wait for any 'tfenv' process launched outside this script to complete
while [ "$(get_process_count)" -gt 0 ]; do
sleep 2
done
# Acquire the lock again before decrementing the counter
acquire_lock
echo "Lock acquired."
# Decrement the process counter
((num_processes--))
update_process_count
# Release the lock
release_lock
echo "Released lock."
done
因此,只要有“锁”,这个脚本就应该一直运行,并等待“锁”空闲,然后安装它需要的版本(如果“以前”有锁的进程还没有安装)
如果有任何见解、建议或替代解决方案来控制的并发性,我将不胜感激
tfenv安装
命令,并避免与权限相关的错误。非常感谢。
