hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io
Other
43.14k stars 9.58k forks source link

Kubernetes Backend : Cannot reuse after restoring the k8s cluster #31324

Open jympetalmd opened 2 years ago

jympetalmd commented 2 years ago

Can't seam to reuse the k8s backend after restoring from a backup the k8s cluster (Rancher here)... I think the certificate might have changed but is still valid (ACME), but can't seam to make it work.

My config:

terraform {
  backend "kubernetes" {
    namespace     = "tfstate-crke"
    secret_suffix = "crke"
    host          = "https://XXXXXXXX/k8s/clusters/local"
    token         = "XXXXXXX"
  }
}

Tried with different versions:

1.0.11: Error: Failed to get existing workspaces: Get "https://XXXXXXXXX/k8s/clusters/local/api/v1/namespaces/tfstate-crke/secrets?labelSelector=tfstate%3Dtrue": x509: certificate signed by unknown authority

1.1.8 and +: Error: Failed to initialize kubernetes configuration: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable

crw commented 2 years ago

Hi @jympetalmd, have you tried asking this question in the community forums? The structure of this sounds a bit more like a usage question than a bug report. Let me know if there is an open forum thread, or if you think this is a bug in the backend. Thanks!

jympetalmd commented 2 years ago

Hi @crw, I've open a forum post, but as per the cryptic error message and the missing env. var from the official documentation, I think it's a bug, I have resorted to using a .kubeconfig file, but it's less 'clean'

jympetalmd commented 2 years ago

Link for forum post: https://discuss.hashicorp.com/t/kubernetes-backend-cannot-reuse-after-restoring-the-k8s-cluster/41579