search

FlexibleEngineCloud / terraform-provider-flexibleengine

Terraform flexibleengine provider
https://www.terraform.io/docs/providers/flexibleengine/
Mozilla Public License 2.0
30 stars 53 forks source link

Some resources doesn't use proxy configuration #602

Closed agoulamhoussen closed 3 years ago

agoulamhoussen commented 3 years ago

Hi,

I'm using the Flexible Engine provider since a couple of years now behind my corporate proxy, and it works just fine. When we tried to migrate our code to use flexibleengine_obs_bucket instead of flexibleengine_s3_bucket, to make use of bucket creation with multi_az = true , we noticed that flexibleengine_obs_bucket doesn't work when Internet is only available through a proxy. As we use Terraform to fully automate our infrastructure, we use a bunch of resources (ECS, EVS, EIP, NAT Gateway, Subnet, ELB,DNS, ...), which still work perfectly.

This is a blocker for us, as we're expected to create multi-AZ buckets and we can't get rid of the corporate proxy.

Terraform Version

Terraform v1.0.5 Provider flexibleenginecloud/flexibleengine v1.23.0 (Terraform used in a linux environment - Ubuntu 18.04/20.04)

Affected Resource(s)

Possibly (not tested):

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "flexibleengine_obs_bucket" "my_bucket" {
  bucket = "my-unique-bucket"
  acl    = "private"
  multi_az = true
}

Debug Output

flexibleengine_obs_bucket.my_bucket: Creating...
╷
│ Error: Put "https://my-unique-bucket.oss.eu-west-0.prod-cloud-ocb.orange-business.com:443": dial tcp 90.84.40.147:443: connect: connection refused
│ 
│   with flexibleengine_obs_bucket.alnour_bucket,
│   on main.tf line 45, in resource "flexibleengine_obs_bucket" "my_bucket":
│   45: resource "flexibleengine_obs_bucket" "my_bucket" {
│

Expected Behavior

Resource should have been created successfully using proxy settings in environment (HTTP_PROXY/http_proxy/HTTPS_PROXY/https_proxy/NO_PROXY/no_proxy)

Actual Behavior

Connection refused by network (dial tcp 90.84.40.147:443: connect: connection refused) when behind corporate proxy.

Steps to Reproduce

  1. Configure Terraform environment to have Internet only available through a proxy
  2. terraform apply

Important Factoids

I'm not a Golang developer and have a hard time reading Golang code, but from what I can see in the code, the issue might be in obsclient (from github.com/huaweicloud/golangsdk/openstack/obs ), which doesn't seem to take into account environment variables. flexibleengine_s3_bucket rely on AWS library which load those environment variables whenever present; other resources seems to rely on another client implementation (terraform-provider-flexibleengine/flexibleengine/config.go?) which also loads proxy environment variables.

As a workaround, I would suggest to update flexibleengine_s3_bucket to create buckets matching the new policy in effect since this month, stating that projects should not use anymore mono-AZ storage for buckets and that multi-AZ buckets are now the new default.

References

Not that I'm aware of.

ShiChangkuo commented 3 years ago

@agoulamhoussen Thanks for raising this issue.

Your analysis is correct,the obsclient is different from other clients. I will fix it asap.