search

vatesfr / terraform-provider-xenorchestra

Xen Orchestra provider for Terraform
MIT License
151 stars 32 forks source link

WebSocket insecure flag #132

Closed Vagrantin closed 3 years ago

Vagrantin commented 3 years ago

Hello, XO version : 5.54.0 Terraform-provider : 0.16.0 Terraform : 0.14.7

I’m implementing this plugin and my XO has an expired certificate, also all http connections are upgraded to ssl as far as I understand.

when I use the clear socket "ws" to in this format,

# Configure the XenServer Provider
provider "xenorchestra" {
  # Must be ws or wss
  url      = "ws://dlt-sin-xenadm" # Or set XOA_URL environment variable
  username = ""             # Or set XOA_USER environment variable
  password = ""              # Or set XOA_PASSWORD environment variable
}

I’m getting this error message at terraform plan -input=false step, so I assume only ssl is allow, even more because when I’m connecting to the web UI, I’m automatically upgraded to https,

Error: jsonrpc2: code -32000 message: unknown error from the peer

2021-03-09T02:08:17.102Z [WARN]  plugin.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing" on windows_Server_2016.tf line 12, in provider "xenorchestra":  12: provider "xenorchestra"

When I switch to wss

# Configure the XenServer Provider
provider "xenorchestra" {
  # Must be ws or wss
  url      = "wss://dlt-sin-xenadm" # Or set XOA_URL environment variable
  username = ""             # Or set XOA_USER environment variable
  password = ""              # Or set XOA_PASSWORD environment variable
}

I’m getting this error ( which is expected ):

2021-03-09T02:14:53.994Z [WARN]  plugin.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
Error: x509: certificate has expired or is not yet valid: current time 2021-03-09T02:14:53Z is after 2020-02-15T05:36:07Z on windows_Server_2016.tf line 12, in provider "xenorchestra":  12: provider "xenorchestra"

And finally when using wss with insecure parameter:

# Configure the XenServer Provider
provider "xenorchestra" {
  # Must be ws or wss
  url      = "wss://dlt-sin-xenadm" # Or set XOA_URL environment variable
  username = ""             # Or set XOA_USER environment variable
  password = ""              # Or set XOA_PASSWORD environment variable
  insecure = true
}

I’m getting this error, which is less expected or lead to another issue…:

Error: jsonrpc2: code -32000 message: unknown error from the peer on windows_Server_2016.tf line 12, in provider "xenorchestra": 12: provider "xenorchestra"

Thanks for the great work ! Matth

ddelnano commented 3 years ago

Hey @Vagrantin.

The error you are receiving seems to be an error related to terraform's refreshing. So I don't believe this is related to the insecure flag or your certificate at all.

Can you please run terraform with the TF_LOG=debug environment variable set and attach those logs to this issue? In addition please check the Xen Orchestra logs (with journalctl -u xo-server) that will highlight what the jsonrpc error is originating from and paste your terraform code here.

Vagrantin commented 3 years ago

Hi @ddelnano,

Thanks you hints, help me find the issue was in my Terraform file. Sorry for the inconvenience and thanks for the help ! With kind regards Matt

ddelnano commented 3 years ago

No problem, glad I could help!