search

hashicorp / packer-plugin-proxmox

Packer plugin for Proxmox Builder
https://www.packer.io/docs/builders/proxmox
Mozilla Public License 2.0
162 stars 71 forks source link

Update 1.1.8 -> 1.2.0 breaks creation of vm #303

Open jansenm opened 1 day ago

jansenm commented 1 day ago

When filing a bug, please include the following headings if possible. Any example text in this template can be deleted.

Overview of the Issue

We have a perfectly fine working setup with source "proxmox-iso" that is actually pretty simple. We just create the hardware, install minimal software (rocky linux) and small provision shell step (cleanup). Has been working wonderfully for quite some time.

After updating from 1.1.8 to 1.2.0 it fails and i am absolutely unable to tell why. The error message is not helping.

09:48:38  ==> jenkins-agent.proxmox-iso.rocky9: Force set, checking for existing artifact on PVE cluster
09:48:38  ==> jenkins-agent.proxmox-iso.rocky9: No existing artifact found
09:48:38  ==> jenkins-agent.proxmox-iso.rocky9: Creating VM
==> jenkins-agent.proxmox-iso.rocky9: Error creating VM: error creating VM: 403 Permission check failed, error status: {"data":null} (params: map[agent:1 bios:seabios cores:8 cpu:host description:Packer ephemeral build VM kvm:true machine:pc memory:16384 name:packer-673c50e6-54ec-e0a4-a58f-40e4d672db48 net0:virtio=AE:23:53:E3:CC:E8,bridge=vmbr0,tag=254 numa:false onboot:false ostype:l26 scsi0:local:iso/Rocky-9.4-x86_64-minimal.iso,media=cdrom scsihw:virtio-scsi-pci sockets:1 tags: virtio0:qtSFS01_templates:32,cache=writethrough,format=raw,replicate=0 virtio1:qtSFS01_templates:128,cache=writethrough,format=raw,replicate=0 vmid:992])
09:48:38  Build 'jenkins-agent.proxmox-iso.rocky9' errored after 49 milliseconds 379 microseconds: Error creating VM: error creating VM: 403 Permission check failed, error status: {"data":null} (params: map[agent:1 bios:seabios cores:8 cpu:host description:Packer ephemeral build VM kvm:true machine:pc memory:16384 name:packer-673c50e6-54ec-e0a4-a58f-40e4d672db48 net0:virtio=AE:23:53:E3:CC:E8,bridge=vmbr0,tag=254 numa:false onboot:false ostype:l26 scsi0:local:iso/Rocky-9.4-x86_64-minimal.iso,media=cdrom scsihw:virtio-scsi-pci sockets:1 tags: virtio0:qtSFS01_templates:32,cache=writethrough,format=raw,replicate=0 virtio1:qtSFS01_templates:128,cache=writethrough,format=raw,replicate=0 vmid:992])

Reproduction Steps

Not sure. Use 1.1.8 ... works, Use 1.2.0 or 1.2.1 and it doesn't work.

Plugin and Packer version

Packer v1.11.2 Proxmox Plugin 1.2.0 and 1.2.1

Simplified Packer Buildfile

build {
  name = "vemags-jenkins-agent"
  source "proxmox-iso.rocky9" {
    template_description = "Template für einen Jenkins Agent"
    template_name        = "template-jenkins-agent"
    vm_id                = "992"
    sockets = 1
    cores   = 8
    memory  = 16384
  }
}
source "proxmox-iso" "rocky9" {
  node                     = var.proxmox_node
  proxmox_url              = var.proxmox_url
  insecure_skip_tls_verify = var.proxmox_insecure_skip_tls_verify
  username                 = var.proxmox_username
  token                    = var.proxmox_token
  pool                     = var.proxmox_pool
  http_directory = "http"
  iso_file    = "local:iso/Rocky-9.4-x86_64-minimal.iso"
  unmount_iso = true
  ssh_handshake_attempts = 100
  ssh_password           = "temporary-password-hopefully-bombastic"
  ssh_username           = "ansible"
}

Operating system and Environment details

Local OS: OpenSuse Tumbleweed, Rocky Linux 9 Proxmox Version: 8.1.4

Log Fragments and crash.log files

The log from packer is above. We can't find anything on the proxmox server. The connection to the proxmox server works. If the template exists it gets deleted before the attempt to create the vm. At this point my only theory is that with 1.2.0 packer tries to create the VM with some changed configuration and we have not configured the token with all the necessary rights.

And for sure ... with a user with all rights the code works. So i wonder. What changed between 1.1.8 and 1.2.0 that requires additional rights that are NOT necessary to actually create the vm. Because it works with 1.1.8. So the plugin apparently does something thats not actually needed to create the vm and we havent configured the corrects rights for it to do so.

I read all the release notes and changelogs but come up empty. I tried to give some addition rights but to no avail. It keeps falling.

So here my question? What kind of check was added that makes it fail?

mpywell commented 1 day ago

Hi @jansenm this permissions regression is addressed in #286, pending a new version release.

@lbajolet-hashicorp