alexsomesan
commented
3 years ago Thanks for the very comprehensive reproduction material! I wish all issues would be this clearly documented. It makes it really easy to pinpoint the issue in no time.
Unfortunately, this provider doesn't support creating the cluster on which it operates in the same apply operation. In other words the cluster has to already be operational and available at plan time when using this provider. The reason for this is that this provider needs to make API calls to the cluster during the plan phase and the linode_lke_cluster resource has not yet been created at that point (it will have been created during the upcoming apply) and thus the client cert and key attributes don't yet have values and the alpha provider correctly reports "no client config" (yet).
By contrast, the original Kubernetes provider does need to make API calls at plan time and that is why it (sometimes) works in this kind of setup. However, Terraform itself doesn't guarantee reliable operation in this type of scenario where provider configuration attributes are set from attributes of other resources and those resources are not yet created. It's documented here.
I would suggest you to break off the provisioning of the LKE cluster in a separate apply step and use a remote state datasource to reference it's state so you can collect the configuration attributes when configuring this provider. Alternatively, you can also keep everything in one configuration like in your example, but create the LKE cluster in a partial apply using this command:
terraform apply -target linode_lke_cluster.demo-lkeOnce that's done, you should be able to just do a normal terraform plan and see the plan for the kubernetes_manifest resources.
I hope that clarifies the issue well enough. Let me know if you have further questions or need more information.
superherointj
ghost
Can't connect to Linode LKE using credentials (instead of kubeconfig file).
Brief
I'm configuring kubernetes-alpha provider credentials as:
But won't work. It errors as:
Error: Failed to construct REST clientDemo at:
https://github.com/superherointj/tfprovider-kubernetes-alpha-linode-demo Thanks for having a look.
Steps to reproduce:
$ git clone https://github.com/superherointj/tfprovider-kubernetes-alpha-linode-demo.git$ cd tfprovider-kubernetes-alpha-linode-demomain.tfto yourTerraform Cloudorganization & workspace.linode_tokenvariable to your valid Linode token either at environment variable or Terraform Cloud's workspace variables (I use this).$ terraform init$ terraform planThen,
terraform planexits as:Error: Failed to construct REST client
on samples.tf line 11, in resource "kubernetes_manifest" "test-configmap": 11: resource "kubernetes_manifest" "test-configmap" {
cannot create REST client: no client config
Notes
Kubernetes-Alpha provider works fine when using
config_path = "./kubeconfig.yaml"(file directly). But kubeconfig has no client-certificate-data or client-key-data.Kubernetes (official/standard) provider works perfectly with only host, cluster_ca_certificate, token from Linode's LKE. But
kubernetes-alphawon't.Linode's LKE resource outputs a hashed kube_config. Requiring to base64decode kubeconfig before yamldecode.
Sample Linode's LKE kubeconfig file: https://pastebin.com/8LWX6Cwz
In LKE's kubeconfig
client-certificate-dataandclient-key-datadon't exist. There is only certificate-authority-data, token, server (host). How to fill in client_certificate and client_key?To pass test
terraform planwon't error.terraform applyquerying kubernetes cluster should return:namespace demo_namespace=> Kubernetes provider works.ConfigMap test-config=> Kubernetes-Alpha provider works.Questions
Thanks.