search

dmacvicar / terraform-provider-libvirt

Terraform provider to provision infrastructure with Linux's KVM using libvirt
Apache License 2.0
1.54k stars 457 forks source link

Error: failed to dial libvirt: dial tcp - But I am using qemu+ssh://... #962

Closed mariojmdavid closed 1 year ago

mariojmdavid commented 1 year ago

System Information

Linux distribution

ubuntu 22.04 LTS

Terraform version

terraform -v
Terraform v1.2.6
on linux_amd64
+ provider registry.terraform.io/dmacvicar/libvirt v0.6.14
+ provider registry.terraform.io/hashicorp/template v2.2.0

Provider and libvirt versions

terraform-provider-libvirt -version
+ provider registry.terraform.io/dmacvicar/libvirt v0.6.14

Checklist

Description of Issue/Question

My main.tf

terraform {
  required_providers {
    libvirt = {
      source  = "dmacvicar/libvirt"
    }
  }
}

provider "libvirt" {
  uri = "qemu+ssh://user@FQDN/system?keyfile=/home/david/.ssh/id_rsa&sshauth=privkey"
}
...

The virsh host is assessed through an ssh tunnel

virsh -c qemu+ssh://ruser@FQDN/system list

Works properly

The issue

terraform plan
data.template_file.network_config_ctl001: Reading...
data.template_file.user_data_ctl001: Reading...
data.template_file.network_config_ctl001: Read complete after 0s [id=f34e650f79102b24d45d807c467b02ded08cec12e76dfb8a69d2fc8519bf59e7]
data.template_file.user_data_ctl001: Read complete after 0s [id=66ad50ac899f9ade41c6fbbefe05677c6ab0548421a19ebb683591114a81d986]
╷
│ Error: failed to dial libvirt: dial tcp: lookup FQDN on 127.0.0.53:53: no such host
│ 
│   with provider["registry.terraform.io/dmacvicar/libvirt"],
│   on libvirt.tf line 9, in provider "libvirt":
│    9: provider "libvirt" {

it tries to "dial tcp" instead of going to ssh, as is set in uri = "qemu+ssh://

Setup

relevant part above

Steps to Reproduce Issue

apparently with ubuntu 22.04, and above mentioned versions of terraform and libvirt provider connecting to remote virsh host through qemu+ssh://

Additional information:

Do you have SELinux or Apparmor/Firewall enabled? Some special configuration?

none enabled

3nprob commented 1 year ago

The issue is probably with your DNS configuration:

It's failing to connect to 127.0.0.53 (I assume your configured DNS) on port 53 to resolve FQDN. (I guess it tried on udp first?)

Check:

$ cat /etc/resolv.conf
$ nslookup FQDN 127.0.0.53
$ nslookup FQDN # check for Server
git-noise commented 1 year ago

127.0.0.53 is usually the internal stub resolver set by systemd-resolved, It seems indeed to be an issue with your DNS. You may not want to modify /etc/resolv.conf manually though and rather check if DNS resolution is working as expected.

mariojmdavid commented 1 year ago

thanks indeed that was the problem I have in my .ssh/config

Host virt-*.domain ProxyCommand ssh -q root@ -W %h:%p

and added

Host virt-31-a.domain ProxyCommand ssh -q root@ -W %h:%p

the FQDN