search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io
Other
43.12k stars 9.58k forks source link

SSH Timeout when using remote-exec provisioner #18386

Closed mrhockeymonkey closed 6 years ago

mrhockeymonkey commented 6 years ago

Terraform Version

Terraform v0.11.7
+ provider.azurerm v1.8.0

Terraform Configuration Files

# Configure the Azure Provider
provider "azurerm" {
  subscription_id = "${var.subscription_id}"
  client_id       = "${var.client_id}"
  client_secret   = "${var.client_secret}"
  tenant_id       = "${var.tenant_id}"
}

# Create a resource group
resource "azurerm_resource_group" "hashibiz2-prod" {
  name     = "hashibiz2-prod"
  location = "uksouth"
}

resource "azurerm_virtual_network" "hashibiz2-net" {
  name                = "hashibiz2-net"
  address_space       = ["10.0.0.0/16"]
  location            = "${var.location}"
  resource_group_name = "${azurerm_resource_group.hashibiz2-prod.name}"
}

resource "azurerm_subnet" "hashibiz2-web" {
  name                 = "hashibiz2-web"
  resource_group_name  = "${azurerm_resource_group.hashibiz2-prod.name}"
  virtual_network_name = "${azurerm_virtual_network.hashibiz2-net.name}"
  address_prefix       = "10.0.2.0/24"
}

resource "azurerm_public_ip" "hashibiz2-pubip" {
  name                         = "hashibiz2-vm1-pubip"
  location                     = "${var.location}"
  resource_group_name          = "${azurerm_resource_group.hashibiz2-prod.name}"
  public_ip_address_allocation = "dynamic"
}

resource "azurerm_network_security_group" "hashibiz2-netsec" {
  name                = "hashibiz2-netsec"
  location            = "${var.location}"
  resource_group_name = "${azurerm_resource_group.hashibiz2-prod.name}"

  security_rule {
    name                       = "SSH"
    priority                   = 1001
    direction                  = "Inbound"
    access                     = "Allow"
    protocol                   = "Tcp"
    source_port_range          = "*"
    destination_port_range     = "22"
    source_address_prefix      = "*"
    destination_address_prefix = "*"
  }
}

resource "azurerm_network_interface" "hashibiz2-nic" {
  name                = "hashibiz2-vm1-nic"
  location            = "${var.location}"
  resource_group_name = "${azurerm_resource_group.hashibiz2-prod.name}"

  ip_configuration {
    name                          = "hashibiz2-vm2-nic-cfg"
    subnet_id                     = "${azurerm_subnet.hashibiz2-web.id}"
    private_ip_address_allocation = "dynamic"
    public_ip_address_id          = "${azurerm_public_ip.hashibiz2-pubip.id}"
  }
}

resource "azurerm_virtual_machine" "hashibiz2-vm" {
  name                = "hashibiz2-vm1"
  location            = "${var.location}"
  resource_group_name = "${azurerm_resource_group.hashibiz2-prod.name}"

  network_interface_ids         = ["${azurerm_network_interface.hashibiz2-nic.id}"]
  vm_size                       = "Standard_DS1_v2"
  delete_os_disk_on_termination = true

  storage_os_disk {
    name              = "hashibiz2-vm1-disk"
    caching           = "ReadWrite"
    create_option     = "FromImage"
    managed_disk_type = "Premium_LRS"
  }
  storage_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "16.04.0-LTS"
    version   = "latest"
  }
  os_profile {
    computer_name  = "hashibiz2-vm1"
    admin_username = "azureuser"
  }
  os_profile_linux_config {
    disable_password_authentication = true

    ssh_keys {
      path     = "/home/azureuser/.ssh/authorized_keys"
      key_data = "${file("~/.ssh/id_rsa.pub")}"
    }
  }
  provisioner "remote-exec" {
    inline = [
      "wget https://github.com/gohugoio/hugo/releases/download/v0.42.2/hugo_0.42.2_Linux-64bit.deb",
      "sudo dpkg -i hugo_0.42.2_Linux-64bit.deb",
      "hugo version",
    ]

    connection {
      type        = "ssh"
      user        = "azureuser"
      private_key = "${file("~/.ssh/id_rsa")}"
    }
  }
}

Debug Output

trace log

Crash Output

azurerm_virtual_machine.hashibiz2-vm: Still creating... (6m50s elapsed)
azurerm_virtual_machine.hashibiz2-vm (remote-exec): Connecting to remote host via SSH...
azurerm_virtual_machine.hashibiz2-vm (remote-exec):   Host:
azurerm_virtual_machine.hashibiz2-vm (remote-exec):   User: azureuser
azurerm_virtual_machine.hashibiz2-vm (remote-exec):   Password: false
azurerm_virtual_machine.hashibiz2-vm (remote-exec):   Private key: true
azurerm_virtual_machine.hashibiz2-vm (remote-exec):   SSH Agent: false
azurerm_virtual_machine.hashibiz2-vm (remote-exec):   Checking Host Key: false
azurerm_virtual_machine.hashibiz2-vm: Still creating... (7m0s elapsed)

Error: Error applying plan:

1 error(s) occurred:

* azurerm_virtual_machine.hashibiz2-vm: timeout - last error: dial tcp :22: connect: connection refused

Expected Behavior

Provisioner should have established an SSH connection and run the commands specified.

Actual Behavior

SSH timesout after 5 minutes of trying.

Steps to Reproduce

  1. terraform init
  2. terraform apply

Additional Context

This configuration, i think, is pretty basic and is almost identical to what is documented here. Ive shuffled things around and tried many times but no luck. I notice also that the host field for the connection is blank. I have tried filling this in manually as so but this did not resolve the issue.

  provisioner "remote-exec" {
    inline = [
      "wget https://github.com/gohugoio/hugo/releases/download/v0.42.2/hugo_0.42.2_Linux-64bit.deb",
      "sudo dpkg -i hugo_0.42.2_Linux-64bit.deb",
      "hugo version",
    ]

    connection {
      host        = "${azurerm_public_ip.hashibiz2-pubip.ip_address}" # <---
      type        = "ssh"
      user        = "azureuser"
      private_key = "${file("~/.ssh/id_rsa")}"
    }
  }

Probably worth mentioning I have tried this from windows using an SSH key generated by putty. I am now running this from ubuntu 14 (running as part of windows subsystem for linux) and with a key generated using ssh-keygen. the result is the same

Also If i comment out only the provisioner and allow the vm to be created I CAN ssh manually onto the created box so I don't think its a key issue.

References

ghost commented 6 years ago

This issue has been automatically migrated to terraform-providers/terraform-provider-azurerm#1494 because it looks like an issue with that provider. If you believe this is not an issue with the provider, please reply to terraform-providers/terraform-provider-azurerm#1494.

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.