search

josenk / terraform-provider-esxi

Terraform-provider-esxi plugin
GNU General Public License v3.0
540 stars 154 forks source link

Adding provisioner to a resource fails ssh login #118

Closed dglinder closed 4 years ago

dglinder commented 4 years ago

Describe the bug Adding a remote exec provisioner causes SSH connection errors.

To Reproduce Steps to reproduce the behavior:

  1. Starting with the example in the README.md (https://github.com/josenk/terraform-provider-esxi/blob/master/README.md#how-to-use-and-configure-a-maintf-file)

  2. Add this code between the provider "esxi" and resource "esxi_guest" "vmtest":

resource "null_resource" "esxi_network" {
  provisioner "remote-exec" {
    inline = [
      "whoami > /tmp/test.out"
    ]
  }
}

  1. Run terraform init && terraform destroy --auto-approve && terraform apply -auto-approve

  2. The terraform apply output repeats this until it times out:

null_resource.esxi_network (remote-exec): Connecting to remote host via SSH...
null_resource.esxi_network (remote-exec):   Host:
null_resource.esxi_network (remote-exec):   User: root
null_resource.esxi_network (remote-exec):   Password: false
null_resource.esxi_network (remote-exec):   Private key: false
null_resource.esxi_network (remote-exec):   Certificate: false
null_resource.esxi_network (remote-exec):   SSH Agent: false
null_resource.esxi_network (remote-exec):   Checking Host Key: false

NOTE: Even with the inline = [ ... ] block commented out, the error still occurs.

Expected behavior The command is executed on the ESXi system and the /tmp/test.out is created.

Terraform files Here is the Terraform file I'm using:

terraform {
  required_version = ">= 0.12"
}

provider "esxi" {
  esxi_hostname      = "esx.local"
  esxi_hostport      = "22"
  esxi_hostssl       = "443"
  esxi_username      = "root"
  esxi_password      = "REDACTED"
}

resource "null_resource" "esxi_network" {
  provisioner "remote-exec" {
  }
}

resource "esxi_guest" "vmtest" {
  guest_name         = "vmtest"
  disk_store         = "datastore1"

  network_interfaces {
    virtual_network = "VM Network"
  }
}

Desktop (please complete the following information):

dglinder commented 4 years ago

Additional context Running this main.cf:

terraform {
  required_version = ">= 0.12"
}

provider "esxi" {
  esxi_hostname      = "esx.lab.linder.org"
  esxi_hostport      = "22"
  esxi_hostssl       = "443"
  esxi_username      = "root"
  esxi_password      = "q7-19ezx"
}

resource "null_resource" "esxi_network" {
  provisioner "remote-exec" {
    inline = [
      "whoami > /tmp/test.out",
    ]
  }
}

resource "esxi_guest" "vmtest" {
  guest_name         = "vmtest"
  disk_store         = "datastore1"
  network_interfaces {
    virtual_network = "VM Network"
  }
}

And executing these commands with TRACE level logging:

export TF_LOG=TRACE
export TF_LOG_PATH=/tmp/tf.log
terraform init
terraform destroy -auto-approve
rm -f /tmp/tf.log
terraform apply -auto-approve

I let it repeat the SSH connection until 10 seconds have elapsed, then press Ctrl-C until it exits.

The tf.log file is attached. tf.log

josenk commented 4 years ago

The Provisioner block needs to be inside the resource esxi_guest block.

Your resource esxi_guest block doesn't have a clone_from_vm or ovf_source, so that VM will be built with no OS. remote_exec will only run if the resource block is able to build a VM and it's IP address is set. Use terraform show.

dglinder commented 4 years ago

Thanks @josenk , I'll look into that. I was using this example from this repo: https://github.com/TribalNightOwl/okd4-esxi-infra

josenk commented 4 years ago

Can you ssh into your source (when it's powered up)? If you cannot, I don't think you can expect to ssh into the newly created vm...

dglinder commented 4 years ago

At this point I'm not attempting to run a command on the new VM, rather these commands need to run on the ESXi host itself. By enabling Terraform logging it looks like it is attempting to ssh to the ESXi server, but that is failing for some reason.

I ran out of time this weekend to play with this - I'll try to test further as time permits.

josenk commented 4 years ago

This forum is for the esxi provider plugin to create vms, storage and resource pools. Sorry, I don't support remote-exec provisioner. If you have a problem using the provider, please open a new issue.