lkwg82
commented
6 months ago For next time, please add version of terraform, use syntax highlighting it really helps to read code an minify the potential bug example.
TLDR usage bug and maybe non defensive implementation of missing health check in provider
Longer
I could reproduce the behaviour, but it starts with the config of your example.
The example tries to start a container python:latest and should wait for a healthy state.
See
If
true, then the Docker container is waited for being healthy state after creation. Iffalse, then the container health state is not checked. Defaults tofalse. https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/container#wait
Lets have a look at the healthcheck in the image (executed by the container):
$ docker history python:latest
IMAGE CREATED CREATED BY SIZE COMMENT
fc7a60e86bae 4 weeks ago CMD ["python3"] 0B buildkit.dockerfile.v0
<missing> 4 weeks ago RUN /bin/sh -c set -eux; wget -O get-pip.p… 10.1MB buildkit.dockerfile.v0
<missing> 4 weeks ago ENV PYTHON_GET_PIP_SHA256=9cc01665956d22b3bf… 0B buildkit.dockerfile.v0
<missing> 4 weeks ago ENV PYTHON_GET_PIP_URL=https://github.com/py… 0B buildkit.dockerfile.v0
<missing> 4 weeks ago ENV PYTHON_PIP_VERSION=23.2.1 0B buildkit.dockerfile.v0
<missing> 4 weeks ago RUN /bin/sh -c set -eux; for src in idle3 p… 0B buildkit.dockerfile.v0
<missing> 4 weeks ago RUN /bin/sh -c set -eux; wget -O python.ta… 60.7MB buildkit.dockerfile.v0
<missing> 4 weeks ago ENV PYTHON_VERSION=3.12.1 0B buildkit.dockerfile.v0
<missing> 4 weeks ago ENV GPG_KEY=7169605F62C751356D054A26A821E680… 0B buildkit.dockerfile.v0
<missing> 4 weeks ago RUN /bin/sh -c set -eux; apt-get update; a… 18.6MB buildkit.dockerfile.v0
<missing> 4 weeks ago ENV LANG=C.UTF-8 0B buildkit.dockerfile.v0
<missing> 4 weeks ago ENV PATH=/usr/local/bin:/usr/local/sbin:/usr… 0B buildkit.dockerfile.v0
<missing> 2 weeks ago /bin/sh -c set -ex; apt-get update; apt-ge… 587MB
<missing> 2 weeks ago /bin/sh -c apt-get update && apt-get install… 177MB
<missing> 2 weeks ago /bin/sh -c set -eux; apt-get update; apt-g… 48.4MB
<missing> 2 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0B
<missing> 2 weeks ago /bin/sh -c #(nop) ADD file:7d8adf68670e8dc2a… 116MBNo healthcheck as it would be implemented it according to https://docs.docker.com/engine/reference/builder/#healthcheck
So lets recheck it with a proper healthcheck:
main.tf
resource "docker_image" "ubuntu" {
name = "python:latest"
keep_locally = true # convinience for iterations
}
resource "docker_container" "container" {
image = docker_image.ubuntu.image_id
name = "ubuntu1e-${replace(timestamp(),":","")}" # unique name for iterations
wait = true
tty = true # need to use interactive container, very unusual
healthcheck {
interval = "1s"
start_period = "1s"
retries = 1
test = [ "CMD", "/bin/true"]
}
}this results in no crash with this output:
Terraform will perform the following actions:
# docker_container.container will be created
+ resource "docker_container" "container" {
+ attach = false
+ bridge = (known after apply)
+ command = (known after apply)
+ container_logs = (known after apply)
+ container_read_refresh_timeout_milliseconds = 15000
+ entrypoint = (known after apply)
+ env = (known after apply)
+ exit_code = (known after apply)
+ hostname = (known after apply)
+ id = (known after apply)
+ image = "sha256:fc7a60e86baeb42215d3f91f262880a3a9b4efd00c91f6597e65d9e1c7745ec9"
+ init = (known after apply)
+ ipc_mode = (known after apply)
+ log_driver = (known after apply)
+ logs = false
+ must_run = true
+ name = (known after apply)
+ network_data = (known after apply)
+ read_only = false
+ remove_volumes = true
+ restart = "no"
+ rm = false
+ runtime = (known after apply)
+ security_opts = (known after apply)
+ shm_size = (known after apply)
+ start = true
+ stdin_open = false
+ stop_signal = (known after apply)
+ stop_timeout = (known after apply)
+ tty = true
+ wait = true
+ wait_timeout = 60
+ healthcheck {
+ interval = "1s"
+ retries = 1
+ start_period = "1s"
+ test = [
+ "CMD",
+ "/bin/true",
]
+ timeout = "0s"
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
docker_container.container: Creating...
docker_container.container: Creation complete after 2s [id=77a986cccd6e1b9ee952f411f7ae901510f3869cb5bd2c9224fea3e53f1caab2]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.IMHO: no one would use an interactive container u did, this is bleeding edge or hacking around ;).
code: - terraform { required_providers { docker = { source = "kreuzwerker/docker" version = "3.0.2" } } }
provider "docker" { host = "unix:///var/run/docker.sock" } resource "docker_image" "ubuntu" { name = "python:latest" } resource "docker_container" "container" { image = docker_image.ubuntu.image_id name = "ubuntu1e" wait = true } resource "docker_network" "private_network" { name = "inet2" driver = "bridge" }
error: - docker_container.container: Creating... ╷ │ Error: Plugin did not respond │ │ with docker_container.container, │ on Docker_Create_Container_Main.tf line 1, in resource "docker_container" "container": │ 1: resource "docker_container" "container" { │ │ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ApplyResourceChange call. The plugin logs may contain more details. ╵
Stack trace from the terraform-provider-docker_v3.0.2 plugin:
panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0xc5b6f7]
goroutine 16 [running]: github.com/terraform-providers/terraform-provider-docker/internal/provider.resourceDockerContainerCreate.func1(0x7?) github.com/terraform-providers/terraform-provider-docker/internal/provider/resource_docker_container_funcs.go:508 +0x1b7 created by github.com/terraform-providers/terraform-provider-docker/internal/provider.resourceDockerContainerCreate github.com/terraform-providers/terraform-provider-docker/internal/provider/resource_docker_container_funcs.go:521 +0x2b6e
Error: The terraform-provider-docker_v3.0.2 plugin crashed!
This is always indicative of a bug within the plugin. It would be immensely helpful if you could report the crash with the plugin's maintainers so that it can be fixed. The output above should help diagnose the issue.