terraform plan error : command command "sh" produced invalid JSON: unexpected end of JSON input

[oroomans]

Issue Report Template

Tectonic Version

Environment

Bare/metal - vmware

Expected Behavior

terraform plan should run without errors

Actual Behavior

fails with unexpected error. When run from another OS (ubuntu), this error is not present with the same terraform.tfvars file

Reproduction Steps

1. Generate tfvars file
2. Run terrarforms plan against this file.

Other Information

Content of tfvars file :

{ "tectonic_admin_email": "xxx@bbb.com", "tectonic_admin_password": "blahblah", "tectonic_base_domain": "unused", "tectonic_cluster_cidr": "192.168.208.0/22", "tectonic_cluster_name": "nrb", "tectonic_container_linux_version": "1632.3.0", "tectonic_dns_name": "", "tectonic_kube_apiserver_service_ip": "192.168.113.1", "tectonic_kube_dns_service_ip": "192.168.113.10", "tectonic_kube_etcd_service_ip": "192.168.113.15", "tectonic_license_path": "./license.txt", "tectonic_metal_controller_domain": "coreosmaster.bbb.com", "tectonic_metal_controller_domains": [ "aaa.bbb.com" ], "tectonic_metal_controller_macs": [ "00:50:56:89:xx:xx" ], "tectonic_metal_controller_names": [ "aaa" ], "tectonic_metal_ingress_domain": "coreosworkers.bbb.com", "tectonic_metal_matchbox_ca": "-----BEGIN END CERTIFICATE-----", "tectonic_metal_matchbox_client_cert": "-----BEGIN -----END CERTIFICATE-----\n", "tectonic_metal_matchbox_client_key": "-----BEGIN END RSA PRIVATE KEY-----\n", "tectonic_metal_matchbox_http_url": "http://xxx.bbb.com:8080", "tectonic_metal_matchbox_rpc_endpoint": "xxx.bbb.com:8081", "tectonic_metal_worker_domains": [ "aaa.bbb.com", "bbb.bbb.com", "ccc.bbb.com" ], "tectonic_metal_worker_macs": [ "00:50:56:89:xx:xx", "00:50:56:89:yy:yy", "00:50:56:89:zz:zz" ], "tectonic_metal_worker_names": [ "aaa", "bbb", "ccc" ], "tectonic_pull_secret_path": "./pull_secret.json", "tectonic_service_cidr": "192.168.113.0/24", "tectonic_ssh_authorized_key": "ssh-dss " }

[oroomans]

Error at the console :

Error refreshing state: 1 error(s) occurred:

• module.container_linux.data.external.version: 1 error(s) occurred:

• module.container_linux.data.external.version: data.external.version: command "sh" produced invalid JSON: unexpected end of JSON input

[squat]

You mentioned:

When run from another OS (ubuntu), this error is not present with the same terraform.tfvars file

What is the problematic OS?

[oroomans]

Hi, the error is appearing on RHEL 7

I ran terraform on my ubuntu workstation, it's working fine, but when my VMs boots, they don't find the ipxe.boot file. So I tought that the problem was maybe that it should run on the same machine as the matchbox installation, but I'm unable to launch terraform on this machine due to the mentioned error.

On Tue, Feb 27, 2018 at 4:58 PM, Lucas Servén notifications@github.com wrote:

You mentioned:

When run from another OS (ubuntu), this error is not present with the same terraform.tfvars file What is the problematic OS?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/coreos/tectonic-forum/issues/280#issuecomment-368927272, or mute the thread https://github.com/notifications/unsubscribe-auth/AeabyslyrYAApHAME5CeZ2gGbVPHY63oks5tZCYkgaJpZM4SVLR8 .

[squat]

please note that the module that is failing assumes curl and sed are installed on your host. Does your RHEL box include those packages?

[oroomans]

Yes it does. We are working with various proxies, the one on my workstation is not the same as the one on the server. Does this step needs an internet connexion ? Same for the final process, how is the boot.ipxe provisionned ? is it provisionned through matchbox if the mac address resquesting is in the provisionned list, with a link from the assets ? Or does it needs to be downloaded from internet dynamically ?

[root@ ~]# rpm -qa | grep -E "sed|curl" sed-4.2.2-5.el7.x86_64 libcurl-7.29.0-42.el7_4.1.x86_64 python-pycurl-7.19.0-19.el7.x86_64 curl-7.29.0-42.el7_4.1.x86_64

On Wed, Feb 28, 2018 at 8:47 AM, Lucas Servén notifications@github.com wrote:

please note that the module that is failing assumes curl and sed are installed on your host. Does your RHEL box include those packages?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/coreos/tectonic-forum/issues/280#issuecomment-369149738, or mute the thread https://github.com/notifications/unsubscribe-auth/AeabytV9ZpKkGKfha_IWUCy4M_1-g5uYks5tZQR7gaJpZM4SVLR8 .

[squat]

@oroomans yes, the Terraform step requires a connection to the internet by default in order to determine the latest Container Linux version to select. You can side step this by explicitly declaring the Container Linux channel and version to install. https://github.com/coreos/tectonic-installer/blob/master/config.tf#L282-L302

The serving of all other assets depends on your configuration. If you are using the default Matchbox devnet scripts to run Matchbox and DNSmasq then iPXE (to bootstrap PXE machines) will be served directly by DNSmasq as it is included in that container. The iPXE embedded scripts will be served statically by Matchbox. Note that the nodes will have to download Container Linux images to be able to boot and several containers for Kubernetes so these nodes should have access to the internet. A completely offline Tectonic install is outside of the scope requires more components.

[oroomans]

Thanks.

I actually did the bare metal install from this link for matchbox : https://coreos.com/matchbox/docs/latest/deployment.html.

I also did a dnsmasq config, for pxe,tftp and dhcp.

I actually did specify the version and downloaded it with coreos-get script, and put it in the matchbox folder as described in the same doc.

If I understand well the process, the nodes should provisionned the os trough the pxe, then they will download all their content (containers etc) from internet ? Is there a way to make this work with a proxy config or do they require direct internet access ? Thanks.

On Wed, Feb 28, 2018 at 9:36 AM, Lucas Servén notifications@github.com wrote:

@oroomans https://github.com/oroomans yes, the Terraform step requires a connection to the internet by default in order to determine the latest Container Linux version to select. You can side step this by explicitly declaring the Container Linux channel and version to install. https://github.com/coreos/tectonic-installer/blob/ master/config.tf#L282-L302

The serving of all other assets depends on your configuration. If you are using the default Matchbox devnet scripts to run Matchbox and DNSmasq then iPXE (to bootstrap PXE machines) will be served directly by DNSmasq as it is included in that container. The iPXE embedded scripts will be served statically by Matchbox. Note that the nodes will have to download Container Linux images to be able to boot and several containers for Kubernetes so these nodes should have access to the internet. A completely offline Tectonic install is outside of the scope requires more components.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/coreos/tectonic-forum/issues/280#issuecomment-369160380, or mute the thread https://github.com/notifications/unsubscribe-auth/AeabygHIa40Aa9DDc8FtKxqOXoPcq0Bsks5tZQ_1gaJpZM4SVLR8 .

[squat]

It does not matter that you already downloaded the Container Linux image for Matchbox; Terraform has no idea about that. The reason you are getting that module error is because Terraform is trying to determine the latest available Container Linux version because it defaults to latest but this HTTP request is failing. If you specify the version and channel in your tfvars then you will no longer see that error.

A complete offline install is more involved and requires you to prefetch all required containers and serve them from a caching proxy, e.g. squid. This is out of the scope of this issue.

[oroomans]

That's exactly what I have done in the tfvars : [root@ tectonic_1.8.4-tectonic.3]# cat build/nrb/terraform.tfvars | grep -E "stable|version" "tectonic_container_linux_version": "1632.3.0", "tectonic_container_linux_channel": "stable",

but the problem still persists.

On Wed, Feb 28, 2018 at 10:13 AM, Lucas Servén notifications@github.com wrote:

It does not matter that you already downloaded the Container Linux image for Matchbox; Terraform has no idea about that. The reason you are getting that module error is because Terraform is trying to determine the latest available Container Linux version because it defaults to latest but this HTTP request is failing. If you specify the version and channel in your tfvars then you will no longer see that error.

A complete offline install is more involved and requires you to prefetch all required containers and serve them from a caching proxy, e.g. squid. This is out of the scope of this issue.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/coreos/tectonic-forum/issues/280#issuecomment-369170273, or mute the thread https://github.com/notifications/unsubscribe-auth/AeabyvS4dYjb2aU6cajFfnpt3IrplnLDks5tZRiwgaJpZM4SVLR8 .

[squat]

Yes you’re right; looking at it again I am realizing that because Terraform always evaluates both sides of a ternary expression, the HTTP request will be made regardless. I will submit a PR to modify the module so that we can avoid the request by specifying the versions explicitly. For the time being, the Terraform step of the installer must be run from a machine will outbound internet access.

[oroomans]

Ok thanks.

For the pxe part I will try with the container that you provide for this if possible, to see if this works for the provisionning, as I can run the terraform from my workstation from now.

On Wed, Feb 28, 2018 at 10:31 AM, Lucas Servén notifications@github.com wrote:

Yes you’re right; looking at it again I am realizing that because Terraform always evaluates both sides of a ternary expression, the HTTP request will be made regardless. I will submit a PR to modify the module so that we can avoid the request by specifying the versions explicitly. For the time being, the Terraform step of the installer must be run from a machine will outbound internet access.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/coreos/tectonic-forum/issues/280#issuecomment-369177251, or mute the thread https://github.com/notifications/unsubscribe-auth/AeabyvzHNDcWvIKnRYvJM0lCwaht-OfCks5tZRzTgaJpZM4SVLR8 .