search

rancher / terraform-provider-rancher2

Terraform Rancher2 provider
https://www.terraform.io/docs/providers/rancher2/
Mozilla Public License 2.0
253 stars 216 forks source link

[BUG] Cannot create bootstrap resource #1262

Open nnewc opened 8 months ago

nnewc commented 8 months ago

Rancher Server Setup

Information about the Cluster

User Information

Provider Information

Describe the bug

Cannot create rancher_bootstrap resource

To Reproduce

provider "rancher2" {
  alias = "bootstrap"

  api_url   = var.rancher_api_url
  bootstrap = true
  insecure = true
}

resource "rancher2_bootstrap" "admin" {
  depends_on = [ helm_release.rancher ]
  provider = rancher2.bootstrap
  password = var.rancher_admin_password
  telemetry = true
}

Actual Result

module.rancher.rancher2_bootstrap.admin: Creating...
2023-11-02T20:59:41.747-0500 [INFO]  Starting apply for module.rancher.rancher2_bootstrap.admin
2023-11-02T20:59:41.747-0500 [DEBUG] module.rancher.rancher2_bootstrap.admin: applying the planned Create change
2023-11-02T20:59:41.747-0500 [DEBUG] provider.terraform-provider-rancher2_v3.2.0: 2023/11/02 20:59:41 [INFO] Doing login
2023-11-02T20:59:41.747-0500 [DEBUG] provider.terraform-provider-rancher2_v3.2.0: 2023/11/02 20:59:41 Getting from  https://10.7.2.188.nip.io/ping
2023-11-02T20:59:41.905-0500 [DEBUG] provider.terraform-provider-rancher2_v3.2.0: 2023/11/02 20:59:41 Time to get req:  157  ms
module.rancher.rancher2_bootstrap.admin: Still creating... [10s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [20s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [30s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [40s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [50s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [1m0s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [1m10s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [1m20s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [1m30s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [1m40s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [1m50s elapsed]
module.rancher.rancher2_bootstrap.admin: Still creating... [2m0s elapsed]
2023-11-02T21:01:41.936-0500 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2023-11-02T21:01:41.936-0500 [ERROR] vertex "module.rancher.rancher2_bootstrap.admin" error: [ERROR] Timeout trying to login with admin user: Doing user login: error Unauthorized
╷
│ Error: [ERROR] Timeout trying to login with admin user: Doing user login: error Unauthorized
│
│   with module.rancher.rancher2_bootstrap.admin,
│   on modules/rancher/bootstrap.tf line 9, in resource "rancher2_bootstrap" "admin":
│    9: resource "rancher2_bootstrap" "admin" {
│
╵
2023-11-02T21:01:41.967-0500 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-11-02T21:01:41.969-0500 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/rancher/rancher2/3.2.0/darwin_arm64/terraform-provider-rancher2_v3.2.0 pid=11011
2023-11-02T21:01:41.969-0500 [DEBUG] provider: plugin exited

Rancher is reachable via curl:

$ curl https://10.7.2.188.nip.io/ping  -kv
*   Trying 10.7.2.188:443...
* Connected to 10.7.2.188.nip.io (10.7.2.188) port 443 (#0)
* ALPN: offers h2
* ALPN: offers http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server accepted h2
* Server certificate:
*  subject: [NONE]
*  start date: Nov  1 19:32:26 2023 GMT
*  expire date: Jan 30 19:32:26 2024 GMT
*  issuer: O=dynamiclistener-org; CN=dynamiclistener-ca@1698867070
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Using HTTP2, server supports multiplexing
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* h2h3 [:method: GET]
* h2h3 [:path: /ping]
* h2h3 [:scheme: https]
* h2h3 [:authority: 10.7.2.188.nip.io]
* h2h3 [user-agent: curl/7.84.0]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0x15200bc00)
> GET /ping HTTP/2
> Host: 10.7.2.188.nip.io
> user-agent: curl/7.84.0
> accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200 
< date: Fri, 03 Nov 2023 22:02:11 GMT
< content-type: text/plain; charset=utf-8
< content-length: 4
< cache-control: no-cache, no-store, must-revalidate
< x-api-cattle-auth: false
< x-content-type-options: nosniff
< strict-transport-security: max-age=15724800; includeSubDomains
< 
* Connection #0 to host 10.7.2.188.nip.io left intact
pong

Expected Result

bootstrap resource is created

Additional context

Cluster is using CIS profile. Looking for any additional steps to debug this issue.

whindes commented 1 month ago

I get the above error also, but other times I get a stacktrace error: `Stack trace from the terraform-provider-rancher2_v4.1.0 plugin:

Rancher Server Setup Rancher version: 2.8.3 Installation option (Docker install/Helm Chart): Helm If Helm Chart, Kubernetes Cluster and version (RKE1, RKE2, k3s, EKS, etc): RKE2 Information about the Cluster Kubernetes version: 1.30.0 Cluster Type (Local/Downstream): Local User Information What is the role of the user logged in? (Admin/Cluster Owner/Cluster Member/Project Owner/Project Member/Custom): Admin Provider Information What is the version of the Rancher v2 Terraform Provider in use? 4.1.0 What is the version of Terraform in use? 1.8.2

panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x2 addr=0x8 pc=0x105803b9c]

goroutine 104 [running]: github.com/rancher/norman/clientbase.(APIOperations).DoByID(0x0, {0x106505c32, 0x7}, {0x106514027, 0xb}, {0x106b6e8a0, 0x140002a27e0}) /go/pkg/mod/github.com/rancher/norman@v0.0.0-20230426211126-d3552b018687/clientbase/ops.go:250 +0x5c github.com/rancher/rancher/pkg/client/generated/management/v3.(SettingClient).ByID(0x1400086b2d8, {0x106514027, 0xb}) /go/pkg/mod/github.com/rancher/rancher/pkg/client@v0.0.0-20230901132600-5e1ee2611616/generated/management/v3/zz_generated_setting.go:120 +0x68 github.com/rancher/terraform-provider-rancher2/rancher2.(Config).getK8SDefaultVersion(0x14000246e40) /go/src/github.com/rancher/terraform-provider-rancher2/rancher2/config.go:135 +0x100 github.com/rancher/terraform-provider-rancher2/rancher2.(Config).ManagementClient(0x14000246e40) /go/src/github.com/rancher/terraform-provider-rancher2/rancher2/config.go:285 +0x208 github.com/rancher/terraform-provider-rancher2/rancher2.(Config).RestartClients(0x14000246e40) /go/src/github.com/rancher/terraform-provider-rancher2/rancher2/config.go:251 +0x11c github.com/rancher/terraform-provider-rancher2/rancher2.(Config).UpdateToken(0x14000f8e340?, {0x14000124870?, 0x1065000e4?}) /go/src/github.com/rancher/terraform-provider-rancher2/rancher2/config.go:240 +0x4c github.com/rancher/terraform-provider-rancher2/rancher2.bootstrapDoLogin(0x140006e55f0?, {0x107031e80?, 0x14000246e40}) /go/src/github.com/rancher/terraform-provider-rancher2/rancher2/resource_rancher2_bootstrap.go:289 +0x3f4 github.com/rancher/terraform-provider-rancher2/rancher2.resourceRancher2BootstrapCreate(0x106cc6320?, {0x107031e80?, 0x14000246e40}) /go/src/github.com/rancher/terraform-provider-rancher2/rancher2/resource_rancher2_bootstrap.go:27 +0x4c github.com/hashicorp/terraform-plugin-sdk/helper/schema.(Resource).Apply(0x14000549540, 0x14000fa24b0, 0x14000f7afe0, {0x107031e80, 0x14000246e40}) /go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk@v1.17.2/helper/schema/resource.go:320 +0x3dc github.com/hashicorp/terraform-plugin-sdk/helper/schema.(Provider).Apply(0x1400013c000, 0x140006e58a0, 0x106525166?, 0xf?) /go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk@v1.17.2/helper/schema/provider.go:294 +0x6c github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(GRPCProviderServer).ApplyResourceChange(0x14000930120, {0x14000fa4000?, 0x0?}, 0x14000fa4000) /go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk@v1.17.2/internal/helper/plugin/grpc_provider.go:895 +0x6a0 github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0x106f63ea0?, 0x14000930120}, {0x107065df0, 0x14000f9ac00}, 0x14000f8df80, 0x0) /go/pkg/mod/github.com/hashicorp/terraform-plugin-sdk@v1.17.2/internal/tfplugin5/tfplugin5.pb.go:3305 +0x170 google.golang.org/grpc.(Server).processUnaryRPC(0x140004dc000, {0x10706ffc0, 0x14000702b60}, 0x140011e6c60, 0x140013259e0, 0x108260ac0, 0x0) /go/pkg/mod/google.golang.org/grpc@v1.56.1/server.go:1337 +0xc64 google.golang.org/grpc.(Server).handleStream(0x140004dc000, {0x10706ffc0, 0x14000702b60}, 0x140011e6c60, 0x0) /go/pkg/mod/google.golang.org/grpc@v1.56.1/server.go:1714 +0x82c google.golang.org/grpc.(Server).serveStreams.func1.1() /go/pkg/mod/google.golang.org/grpc@v1.56.1/server.go:959 +0x84 created by google.golang.org/grpc.(*Server).serveStreams.func1 /go/pkg/mod/google.golang.org/grpc@v1.56.1/server.go:957 +0x16c

Error: The terraform-provider-rancher2_v4.1.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely helpful if you could report the crash with the plugin's maintainers so that it can be fixed. The output above should help diagnose the issue.`

dipakparmar commented 3 weeks ago

@nnewc @whindes Getting the same were you able to figure it out the issue?