Closed The-Lilleorg closed 3 years ago
I think the problem is that the provider issues a GET request with a Range header to retrieve only the first bytes. So check if:
curl -i -H "Range: bytes=0-7" http://mywebhead.example.com/centos7.qcow2
is working, as I can see a "Forbidden" response in the logs.
Eg. this one works for me:
curl -i -H "Range: bytes=0-7" http://ftp.uni-erlangen.de/opensuse/tumbleweed/appliances/openSUSE-Tumbleweed-JeOS.x86_64-15.1.0-OpenStack-Cloud-Snapshot20210628.qcow2
Please re-open if you have more indication it is a problem on the provider.
I had some time to get back to terraform :
curl -i -H "Range: bytes=0-7" http://proxyhost.example.com/centos7.qcow2 HTTP/1.1 206 Partial Content Server: nginx/1.14.0 (Ubuntu) Date: Mon, 19 Jul 2021 19:45:33 GMT Content-Type: application/octet-stream Content-Length: 8 Last-Modified: Wed, 09 Jun 2021 20:23:10 GMT Connection: keep-alive ETag: "60c1232e-a85c0000" Accept-Ranges: bytes Content-Disposition: attachment; filename=/data/images/centos7.qcow2 Content-Range: bytes 0-7/2824601600
root@vm07-its-prd:~# curl -i -H "Range: bytes=0-7" http://proxyhost.example.com/centos7.qcow2 HTTP/1.1 206 Partial Content Server: nginx/1.14.0 (Ubuntu) Date: Mon, 19 Jul 2021 19:47:32 GMT Content-Type: application/octet-stream Content-Length: 8 Last-Modified: Wed, 09 Jun 2021 20:23:10 GMT Connection: keep-alive ETag: "60c1232e-a85c0000" Accept-Ranges: bytes Content-Disposition: attachment; filename=/data/images/centos7.qcow2 Content-Range: bytes 0-7/2824601600
Warning: Binary output can mess up your terminal. Use "--output -" to tell
Warning: curl to output it to your terminal anyway, or consider "--output
Warning:
It gets a 206 on the reponse:
Running it with terraform:
libvirt_volume.centos7-qcow2: Destroying... [id=/ovm/images/live/cluster2_storage/centos7.qcow2] libvirt_volume.centos7-qcow2: Destruction complete after 0s libvirt_volume.centos7-qcow2: Creating... ╷ │ Error: Error while determining image type for http://proxyhost.example.com/centos7.qcow2: Can't retrieve partial header of resource to determine file type: http://proxyhost.example.com/centos7.qcow2 - 403 Forbidden
System Information
Ubuntu 20.04
Linux distribution
Ubuntu..
Terraform version
Provider and libvirt versions
If that gives you "was not built correctly", get the Git commit hash from your local provider repository:
Checklist
Utilizing the Existing remote srcs for Volumes
[ X] Make sure you explain why this option is important to you, why it should be important to everyone. Describe your use-case with detail and provide examples where possible. Allows the user to host a repo of base images / templates to build servers from.
[ ] If it is a very special case, consider using the XSLT support in the provider to tweak the definition instead of opening an issue
[x] Maintainers do not have expertise in every libvirt setting, so please, describe the feature and how it is used. Link to the appropriate documentation
Description of Issue/Question
Setup
terraform { required_providers { libvirt = { source = "multani/libvirt" version = "0.6.3-1+4" } } } provider "libvirt" { uri = "qemu+ssh://root@vmyserver.example.com/system" } resource "libvirt_pool" "cluster2" { name = "cluster2" type = "dir" path = "/ovm/images/live/cluster2_storage" } resource "libvirt_volume" "centos7-img" { name = "centos7.img" pool = libvirt_pool.cluster2.name
source = "https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img"
source = "http://mywebhead.example.com/centos7.qcow2" format = "qcow" }
Steps to Reproduce Issue
2021-06-09T16:28:54.038-0400 [DEBUG] provider.terraform-provider-libvirt_v0.6.3-1+4: 2021/06/09 16:28:54 [INFO] Created libvirt client libvirt_volume.centos7-img: Creating... 2021-06-09T16:28:54.046-0400 [INFO] Starting apply for libvirt_volume.centos7-img 2021-06-09T16:28:54.047-0400 [DEBUG] libvirt_volume.centos7-img: applying the planned Create change 2021-06-09T16:28:54.053-0400 [DEBUG] provider.terraform-provider-libvirt_v0.6.3-1+4: 2021/06/09 16:28:54 [DEBUG] Locking "cluster2" 2021-06-09T16:28:54.054-0400 [DEBUG] provider.terraform-provider-libvirt_v0.6.3-1+4: 2021/06/09 16:28:54 [DEBUG] Locked "cluster2" 2021-06-09T16:28:54.185-0400 [DEBUG] provider.terraform-provider-libvirt_v0.6.3-1+4: 2021/06/09 16:28:54 [DEBUG] Unlocking "cluster2" 2021-06-09T16:28:54.185-0400 [DEBUG] provider.terraform-provider-libvirt_v0.6.3-1+4: 2021/06/09 16:28:54 [DEBUG] Unlocked "cluster2" ╷ │ Error: Error while determining image type for http://mywebhead.example.com/centos7.qcow2: Can't retrieve partial header of resource to determine file type: http://mywebhead.example.com/centos7.qcow2 - 403 Forbidden │ │ with libvirt_volume.centos7-img, │ on test-vm.tf line 7, in resource "libvirt_volume" "centos7-img": │ 7: resource "libvirt_volume" "centos7-img" { │ ╵ 2021-06-09T16:28:54.208-0400 [DEBUG] provider.terraform-provider-libvirt_v0.6.3-1+4: 2021/06/09 16:28:54 [DEBUG] cleaning up connection for URI: qemu+ssh://root@server.example.com/system 2021-06-09T16:28:54.247-0400 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/multani/libvirt/0.6.3-1+4/linux_amd64/terraform-provider-libvirt_v0.6.3-1+4 pid=222583 2021-06-09T16:28:54.247-0400 [DEBUG] provider: plugin exited (Include debug logs if possible and relevant).
NGINX logs show a 200: when curl downloading it: 10.80.105.11 - - [09/Jun/2021:16:24:16 -0400] "GET /centos7.qcow2 HTTP/1.1" 200 109752 "-" "curl/7.68.0" 10.80.105.11 - - [09/Jun/2021:16:24:52 -0400] "GET /centos7.qcow2 HTTP/1.1" 200 2824601600 "-" "curl/7.68.0"
Additional information:
Do you have SELinux or Apparmor/Firewall enabled? Some special configuration? -Apparmor disabled on the libvirtD host -Firewall rules normal for libvirtd Have you tried to reproduce the issue without them enabled? Issue is reproducable