Kubernetes Backend : Cannot reuse after restoring the k8s cluster

[jympetalmd]

Can't seam to reuse the k8s backend after restoring from a backup the k8s cluster (Rancher here)... I think the certificate might have changed but is still valid (ACME), but can't seam to make it work.

My config:

terraform {
  backend "kubernetes" {
    namespace     = "tfstate-crke"
    secret_suffix = "crke"
    host          = "https://XXXXXXXX/k8s/clusters/local"
    token         = "XXXXXXX"
  }
}

Tried with different versions:

1.0.11: Error: Failed to get existing workspaces: Get "https://XXXXXXXXX/k8s/clusters/local/api/v1/namespaces/tfstate-crke/secrets?labelSelector=tfstate%3Dtrue": x509: certificate signed by unknown authority

• The certificate is valid, a curl on that URL doesn't give me a TLS error!

1.1.8 and +: Error: Failed to initialize kubernetes configuration: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable

• KUBERNETES_MASTER isn't documented anywhere here: https://www.terraform.io/language/settings/backends/kubernetes

[crw]

Hi @jympetalmd, have you tried asking this question in the community forums? The structure of this sounds a bit more like a usage question than a bug report. Let me know if there is an open forum thread, or if you think this is a bug in the backend. Thanks!

[jympetalmd]

Hi @crw, I've open a forum post, but as per the cryptic error message and the missing env. var from the official documentation, I think it's a bug, I have resorted to using a .kubeconfig file, but it's less 'clean'

[jympetalmd]

Link for forum post: https://discuss.hashicorp.com/t/kubernetes-backend-cannot-reuse-after-restoring-the-k8s-cluster/41579