I am facing one issue.
I am trying to install ALB controller using terraform and it failed got error like failed to download chart.
below is error I got ,
Below is my Terraform code which I am working on,
resource "helm_release" "lb" {
name = "aws-load-balancer-controller"
repository = "https://aws.github.io/eks-charts"
chart = "aws-load-balancer-controller"
namespace = "kube-system"
set {
name = "region"
value = var.region
}
set {
name = "image.tag"
value = "2.4.2"
}
set {
name = "image.repository"
value = "602401143452.dkr.ecr.${var.region}.amazonaws.com/amazon/aws-load-balancer-controller"
}
set {
name = "serviceAccount.create"
value = "true"
}
set {
name = "serviceAccount.name"
value = "aws-load-balancer-controller"
}
set {
name = "clusterName"
value = data.aws_eks_cluster.mycluster.name
}
}
Could you add verify=false and re-run terraform?
resource "helm_release" "lb" {
...
verify = false
...
}
Related
I'm using Terraform with GCP ... I have the groups variable that I have not been able to get to work. Here's the definitions:
resource "google_compute_instance_group" "vm_group" {
name = "vm-group"
zone = "us-central1-c"
project = "myproject-dev"
instances = [google_compute_instance.east_vm.id, google_compute_instance.west_vm.id]
named_port {
name = "http"
port = "8080"
}
named_port {
name = "https"
port = "8443"
}
lifecycle {
create_before_destroy = true
}
}
data "google_compute_image" "debian_image" {
family = "debian-9"
project = "debian-cloud"
}
resource "google_compute_instance" "west_vm" {
name = "west-vm"
project = "myproject-dev"
machine_type = "e2-micro"
zone = "us-central1-c"
boot_disk {
initialize_params {
image = data.google_compute_image.debian_image.self_link
}
}
network_interface {
network = "default"
}
}
resource "google_compute_instance" "east_vm" {
name = "east-vm"
project = "myproject-dev"
machine_type = "e2-micro"
zone = "us-central1-c"
boot_disk {
initialize_params {
image = data.google_compute_image.debian_image.self_link
}
}
network_interface {
network = "default"
}
}
And here are the variables:
http_forward = true
https_redirect = true
create_address = true
project = "myproject-dev"
backends = {
"yobaby" = {
description = "my app"
enable_cdn = false
security_policy = ""
custom_request_headers = null
custom_response_headers = null
iap_config = {
enable = false
oauth2_client_id = ""
oauth2_client_secret = ""
}
log_config = {
enable = false
sample_rate = 0
}
groups = [{group = "google_compute_instance_group.vm_group.id"}]
}
}
... this is my latest attempt to get a group value that works, but this one won't work for me either; I still get
Error 400: Invalid value for field 'resource.backends[0].group': 'google_compute_instance_group.vm_group.id'. The URL is malformed., invalid
I've tried this with DNS FQDNs and variations on the syntax above; still no go.
Thanks much for any advice whatsoever!
There are couple clues that can lead in this direction based from the error message reported by Terraform Error 400: Invalid value for field 'resource.backends[0].group': 'google_compute_instance_group.vm_group.id'. The URL is malformed., invalid:
Error code 400 means the request was actually sent to the server, who rejected it as malformed (HTTP error code 400 is for client-side errors); this implies that Terraform itself has no problem with the syntax, i.e., the configuration file is correct and actionable from TF's PoV
Value of field resource.backends[0].group is reported as being literally 'google_compute_instance_group.vm_group.id' which strongly suggests that a variable substitution did not take place.
The quotes around the code block makes it into a literal value instead of a variable reference. The solution is to change this:
groups = [{group = "google_compute_instance_group.vm_group.id"}]
To this:
groups = [{group = google_compute_instance_group.vm_group.id}]
I gave up on Terraform and used gcloud scripts to do what I needed to do, based on this posting.
Background
I have a Terraform script that creates several different AWS resources and links them together. One component is the aws_elastic_beanstalk_environment. It has the required parameters, and lots of settings for configuration. The beginning of the file is thus:
data "aws_elastic_beanstalk_application" "myapp" {
name = "beanstalkapp"
}
resource "aws_elastic_beanstalk_environment" "beanstalk" {
name = "beanstalk-environment"
application = data.aws_elastic_beanstalk_application.myapp.name
solution_stack_name = "64bit Amazon Linux 2 v5.2.5 running Node.js 12"
setting {
namespace = "aws:ec2:instances"
name = "InstanceTypes"
value = "t2.micro"
}
setting {
namespace = "aws:elasticbeanstalk:environment"
name = "EnvironmentType"
value = "LoadBalanced"
}
setting {
namespace = "aws:elasticbeanstalk:environment"
name = "LoadBalancerType"
value = "application"
}
setting {
namespace = "aws:elasticbeanstalk:environment"
name = "ServiceRole"
value = "aws-elasticbeanstalk-service-role"
}
setting {
namespace = "aws:autoscaling:launchconfiguration"
name = "IamInstanceProfile"
value = "aws-elasticbeanstalk-ec2-role"
}
setting {
namespace = "aws:ec2:vpc"
name = "VPCId"
value = var.createNewVPC ? aws_vpc.vpc_new[0].id : var.vpc_id_existing
}
setting {
namespace = "aws:ec2:vpc"
name = "Subnets"
value = var.createNewSubnets ? "${aws_subnet.subnet_private_a_new[0].id},${aws_subnet.subnet_private_b_new[0].id}" : "${var.subnet_private_a_id},${var.subnet_private_b_id}"
}
setting {
namespace = "aws:ec2:vpc"
name = "ELBSubnets"
value = var.createNewSubnets ? "${aws_subnet.subnet_public_a_new[0].id},${aws_subnet.subnet_public_b_new[0].id}" : "${var.subnet_public_a_id},${var.subnet_public_b_id}"
}
setting {
namespace = "aws:autoscaling:asg"
name = "MinSize"
value = "2"
}
setting {
namespace = "aws:autoscaling:asg"
name = "MaxSize"
value = "2"
}
setting {
namespace = "aws:elasticbeanstalk:application"
name = "Application Healthcheck URL"
value = "/"
}
setting {
namespace = "aws:elasticbeanstalk:application:environment"
name = "DB_HOST"
value = data.aws_db_instance.myDB.address
}
setting {
namespace = "aws:elasticbeanstalk:application:environment"
name = "DB_USER"
value = random_password.rds_username.result
}
setting {
namespace = "aws:elasticbeanstalk:application:environment"
name = "DB_PASS"
value = random_password.rds_password.result
}
setting {
namespace = "aws:elasticbeanstalk:application:environment"
name = "DB_PORT"
value = data.aws_db_instance.myDB.port
}
setting {
namespace = "aws:elasticbeanstalk:application:environment"
name = "CACHE_ADDRESS"
value = data.aws_elasticache_cluster.myCache.cluster_address
}
setting {
namespace = "aws:elasticbeanstalk:application:environment"
name = "CACHE_PORT"
value = var.cache_port
}
}
Problem
When running the script with -target=aws_elastic_beanstalk_environment.beanstalk, the beanstalk deploys just fine.
When running the script to deploy the full stack, the other components are created and then I get
Error: Missing required argument
on beanstalk.tf line 6, in resource "aws_elastic_beanstalk_environment" "beanstalk":
6: resource "aws_elastic_beanstalk_environment" "beanstalk" {
The argument "setting.1.value" is required, but no definition was found.
I'm probably as adapt at deciphering cryptic error messages as the next guy, but this seems like something in the guts of Terraform that is choking. I was on 0.13.5 and had the error, so I upgraded to 0.14.6. The only difference is now it displays the line about "setting.1.value".
Any ideas on what this means or how to solve it?
This is the setting block that causes the problem:
setting {
namespace = "aws:elasticbeanstalk:application:environment"
name = "CACHE_ADDRESS"
value = data.aws_elasticache_cluster.myCache.cluster_address
}
If I replace the value with a static value, everything works.
I believe this to be an issue with Terraform itself returning the proper value of the cluster_address.
The issue arises because this ElastiCache is a Redis instance, but the cluster_address property is only for Memcached.
It seems that Terraform should have a better error messge for this.
So if you see a weird "setting.x.value" error, it probably means that you are trying to use something that only applies to some of the options available for the resource.
I am trying to pass mat_ip of google compute instances created in module "microservice-instance" to another module "database". Since I am creating more than one instance, I am getting following error for output variable in module "microservice-instance".
Error: Missing resource instance key
on modules/microservice-instance/ms-outputs.tf line 3, in output "nat_ip": 3: value = google_compute_instance.apps.network_interface[*].access_config[0].nat_ip
Because google_compute_instance.apps has "count" set, its attributes must be accessed on specific instances.
For example, to correlate with indices of a referring resource, use:
google_compute_instance.apps[count.index]
I have looked at following and using the same way of accessing attribute but its not working. Here is code -
main.tf
provider "google" {
credentials = "${file("../../service-account.json")}"
project = var.project
region =var.region
}
# Include modules
module "microservice-instance" {
count = var.appserver_count
source = "./modules/microservice-instance"
appserver_count = var.appserver_count
}
module "database" {
count = var.no_of_db_instances
source = "./modules/database"
nat_ip = module.microservice-instance.nat_ip
no_of_db_instances = var.no_of_db_instances
}
./modules/microservice-instance/microservice-instance.tf
resource "google_compute_instance" "apps" {
count = var.appserver_count
name = "apps-${count.index + 1}"
# name = "apps-${random_id.app_name_suffix.hex}"
machine_type = "f1-micro"
boot_disk {
initialize_params {
image = "ubuntu-os-cloud/ubuntu-1804-lts"
}
}
network_interface {
network = "default"
access_config {
// Ephemeral IP
}
}
}
./modules/microservice-instance/ms-outputs.tf
output "nat_ip" {
value = google_compute_instance.apps.network_interface[*].access_config[0].nat_ip
}
./modules/database/database.tf
resource "random_id" "db_name_suffix" {
byte_length = 4
}
resource "google_sql_database_instance" "postgres" {
name = "postgres-instance-${random_id.db_name_suffix.hex}"
database_version = "POSTGRES_11"
settings {
tier = "db-f1-micro"
ip_configuration {
dynamic "authorized_networks" {
for_each = var.nat_ip
# iterator = ip
content {
# value = ni.0.access_config.0.nat_ip
value = each.key
}
}
}
}
}
You are creating var.appserver_count number of google_compute_instance.apps resources. So you will have:
google_compute_instance.apps[0]
google_compute_instance.apps[1]
...
google_compute_instance.apps[var.appserver_count - 1]
Therefore, in your output, instead of:
output "nat_ip" {
value = google_compute_instance.apps.network_interface[*].access_config[0].nat_ip
}
you have to reference individual apps resources or all of them using [*], for example:
output "nat_ip" {
value = google_compute_instance.apps[*].network_interface[*].access_config[0].nat_ip
}
When I execute the command terraform apply it throws the Error. Every configurations and connectivity from my local machine works fine. I checked using the below command.
gcloud auth login and
Verified using gcloud config list.
I have attached the main and variable tf files below
resource "google_project" "my_project" {
name = "${var.project_name}"
project_id = "${var.project_id}"
}
provider "google" {
project = "${var.project_id}"
region = "${var.region}"
zone = "${var.zone}"
}
resource "google_project_services" "project" {
project = "${var.project_id}"
services = ["composer.googleapis.com", "iam.googleapis.com", "cloudresourcemanager.googleapis.com"]
}
resource "google_pubsub_topic" "topic" {
name = "${var.topic}"
project = "${var.project_id}"
}
resource "google_pubsub_subscription" "push_subscriptions" {
count = "${length(var.push_subscriptions)}"
name = "${lookup(var.push_subscriptions[count.index], "name")}"
topic = "${google_pubsub_topic.topic.name}"
project = "${var.project_id}"
depends_on = ["google_pubsub_topic.topic"]
}
resource "google_pubsub_subscription" "pull_subscriptions" {
count = "${length(var.pull_subscriptions)}"
name = "${lookup(var.pull_subscriptions[count.index], "name")}"
topic = "${google_pubsub_topic.topic.name}"
project = "${var.project_id}"
depends_on = ["google_pubsub_topic.topic"]
}
Variables.tf file
variable "project_id" {
default = "media-intelligence-244309"
}
variable "region" {
default = "asia-south1"
}
variable "zone" {
default = "asia-south1-b"
}
variable "project_name" {
default = "media-intelligence"
}
variable "topic" {
default = "topic-1"
}
variable "push_subscriptions" {
type = "list"
default = []
}
variable "pull_subscriptions" {
type = "list"
default = []
}
Error: Error applying plan:
3 error(s) occurred:
google_project_services.project: 1 error(s) occurred:
google_project_services.project: Error authoritatively enabling Project media-244309 Services: Get https://cloudresourcemanager.googleapis.com/v1/projects/media-244309?alt=json&prettyPrint=false: oauth2: cannot fetch token: 400 Bad Request
Response: {
"error": "invalid_grant",
"error_description": "Robot is disabled."
}
I am having an error with a terraform code, while deploy a GCP composer resource:
google_composer_environment.composer-beta: googleapi: Error 400: Property key must be of the form section-name. The section may not contain opening square brackets, closing square brackets or hyphens, and the name may not contain a semicolon or equals sign. The entire property key may not contain periods., badRequest
The issue arises while this GCP resource is being deployed: https://www.terraform.io/docs/providers/google/r/composer_environment.html
This is my code:
Variables.tf file:
variable "composer_airflow_version" {
type = "map"
default = {
image_version="composer-1.6.1-airflow-1.10.1"
}
}
variable "composer_python_version" {
type = "map"
default = {
python_version="3"
}
}
my-composer.tf file:
resource "google_composer_environment" "composer-beta" {
provider= "google-beta"
project = "my-proyect"
name = "${var.composer_name}"
region = "${var.region}"
config {
node_count = "${var.composer_node_count}"
node_config {
zone = "${var.zone}"
machine_type = "${var.composer_machine_type}"
network = "${google_compute_network.network.self_link}"
subnetwork = "${lookup(var.vpc_subnets_01[0], "subnet_name")}"
}
software_config {
airflow_config_overrides="${var.composer_airflow_version}",
airflow_config_overrides="${var.composer_python_version}",
}
}
depends_on = [
"google_service_account.comp-py3-dev-worker",
"google_compute_subnetwork.subnetwork",
]
}
According to the error message, the root cause of the error seems be related to the software_config section in the terraform code. I understand that the variables "composer_airflow_version" and "composer_python_version" should be of type "map", therefore, I set up them as map format.
A really appreciate it, if someone could identify the cause of the error, and tell me the adjustment to apply. It is likely that I should apply a change in variables, but I don't know what it is. :-(
Thanks in advance,
Jose
Based on the documentations, airflow_config_overrides, pypi_packages, env_variables, image_version and python_version should be directly under software_config.
Variables.tf file:
variable "composer_airflow_version" {
default = "composer-1.6.1-airflow-1.10.1"
}
variable "composer_python_version" {
default = "3"
}
my-composer.tf file:
resource "google_composer_environment" "composer-beta" {
provider= "google-beta"
project = "my-proyect"
name = "${var.composer_name}"
region = "${var.region}"
config {
node_count = "${var.composer_node_count}"
node_config {
zone = "${var.zone}"
machine_type = "${var.composer_machine_type}"
network = "${google_compute_network.network.self_link}"
subnetwork = "${lookup(var.vpc_subnets_01[0], "subnet_name")}"
}
software_config {
image_version = "${var.composer_airflow_version}",
python_version = "${var.composer_python_version}",
}
}
depends_on = [
"google_service_account.comp-py3-dev-worker",
"google_compute_subnetwork.subnetwork",
]
}