[terraform] [helm-provider] [ресурс] дает мне срок, превышенный при включении tls - PullRequest
Новая
       11

[terraform] [helm-provider] [ресурс] дает мне срок, превышенный при включении tls

0 голосов
/ 25 апреля 2019

Я получаю helm_release.istio_init: context deadline exceeded при попытке установить istio-init в мой кластер kubernetes

Я использую провайдер helm версии 0.9.1 с включенным tls ... 

provider "helm" {
  kubernetes {
    host                    = "${var.cluster["endpoint"]}"
    client_certificate      = "${base64decode(var.cluster["client_certificate"])}"
    client_key              = "${base64decode(var.cluster["client_key"])}"
    cluster_ca_certificate  = "${base64decode(var.cluster["cluster_ca_certificate"])}"
  }
  install_tiller  = "false"
  tiller_image    = "gcr.io/kubernetes-helm/tiller:v2.13.1"
  service_account = "${kubernetes_service_account.terraform-tiller.metadata.0.name}"
  namespace       = "${kubernetes_service_account.terraform-tiller.metadata.0.namespace}"
  enable_tls      = "true"
  insecure        = "false"
  client_key = "${file("${data.external.generate_certs.result["terraform_key"]}")}"
  client_certificate = "${file("${data.external.generate_certs.result["terraform_cert"]}")}"
  ca_certificate = "${file("${data.external.generate_certs.result["cert"]}")}"
}

# Installing istio
# Installing istio repository

# defining istio system namespace
resource "kubernetes_namespace" "istio_system" {
  metadata {
    name = "istio-system"
  }
}

data "helm_repository" "istio" {
  name = "istio"
  url = "https://storage.googleapis.com/istio-release/releases/1.1.3/charts/"
}

# Installing istio-init resource
resource "helm_release" "istio_init" {
  depends_on = ["data.external.install_tiller"]
  namespace = "istio-system"
  repository = "${data.helm_repository.istio.metadata.0.name}"
  name       = "istio-init"
  chart = "istio-init"
}

Я пробовал с insecure флагом в true и работает, но это не идея.

Мой ожидаемый результат - istio-init установлен, но у меня есть context deadline exceeded

Это вывод плана terraform 

terraform plan -out planning/plan.out
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

data.helm_repository.istio: Refreshing state...

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + helm_release.istio_init
      id:               <computed>
      chart:            "istio-init"
      disable_webhooks: "false"
      force_update:     "false"
      metadata.#:       <computed>
      name:             "istio-init"
      namespace:        "istio-system"
      recreate_pods:    "false"
      repository:       "istio"
      reuse:            "false"
      reuse_values:     "false"
      status:           "DEPLOYED"
      timeout:          "300"
      verify:           "false"
      version:          "1.1.3"
      wait:             "true"


Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

This plan was saved to: planning/plan.out

To perform exactly these actions, run the following command to apply:
    terraform apply "planning/plan.out"

Это вывод команды применения 

$ TF_LOG=DEBUG terraform apply "planning/plan.out"
2019/04/25 10:36:02 [INFO] Terraform version: 0.11.13
2019/04/25 10:36:02 [INFO] Go runtime version: go1.12
2019/04/25 10:36:02 [INFO] CLI args: []string{"/usr/local/Cellar/terraform/0.11.13/bin/terraform", "apply", "planning/plan.out"}
2019/04/25 10:36:02 [DEBUG] Attempting to open CLI config file: /Users/felipe/.terraformrc
2019/04/25 10:36:02 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2019/04/25 10:36:02 [INFO] CLI command args: []string{"apply", "planning/plan.out"}
2019/04/25 10:36:02 [INFO] command: initializing local backend from plan (not set)
2019/04/25 10:36:02 [DEBUG] checking for provider in "."
2019/04/25 10:36:02 [DEBUG] checking for provider in "/usr/local/Cellar/terraform/0.11.13/bin"
2019/04/25 10:36:02 [DEBUG] checking for provider in ".terraform/plugins/darwin_amd64"
2019/04/25 10:36:02 [DEBUG] found provider "terraform-provider-helm_v0.9.1_x4"
2019/04/25 10:36:02 [DEBUG] found provider "terraform-provider-kubernetes_v1.6.2_x4"
2019/04/25 10:36:02 [DEBUG] found valid plugin: "helm", "0.9.1", "/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-helm_v0.9.1_x4"
2019/04/25 10:36:02 [DEBUG] found valid plugin: "kubernetes", "1.6.2", "/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-kubernetes_v1.6.2_x4"
2019/04/25 10:36:02 [DEBUG] checking for provisioner in "."
2019/04/25 10:36:02 [DEBUG] checking for provisioner in "/usr/local/Cellar/terraform/0.11.13/bin"
2019/04/25 10:36:02 [DEBUG] checking for provisioner in ".terraform/plugins/darwin_amd64"
2019/04/25 10:36:02 [INFO] command: backend initialized: *local.Local
2019/04/25 10:36:02 [DEBUG] checking for provider in "."
2019/04/25 10:36:02 [DEBUG] checking for provider in "/usr/local/Cellar/terraform/0.11.13/bin"
2019/04/25 10:36:02 [DEBUG] checking for provider in ".terraform/plugins/darwin_amd64"
2019/04/25 10:36:02 [DEBUG] found provider "terraform-provider-helm_v0.9.1_x4"
2019/04/25 10:36:02 [DEBUG] found provider "terraform-provider-kubernetes_v1.6.2_x4"
2019/04/25 10:36:02 [DEBUG] found valid plugin: "helm", "0.9.1", "/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-helm_v0.9.1_x4"
2019/04/25 10:36:02 [DEBUG] found valid plugin: "kubernetes", "1.6.2", "/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-kubernetes_v1.6.2_x4"
2019/04/25 10:36:02 [DEBUG] checking for provisioner in "."
2019/04/25 10:36:02 [DEBUG] checking for provisioner in "/usr/local/Cellar/terraform/0.11.13/bin"
2019/04/25 10:36:02 [DEBUG] checking for provisioner in ".terraform/plugins/darwin_amd64"
2019/04/25 10:36:02 [INFO] backend/local: starting Apply operation
2019/04/25 10:36:02 [INFO] terraform: building graph: GraphTypeApply
iresNew:false, Sensitive:false, Type:0x0}, "status":*terraform.ResourceAttrDiff{Old:"", New:"DEPLOYED", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "timeout":*terraform.ResourceAttrDiff{Old:"", New:"300", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "verify":*terraform.ResourceAttrDiff{Old:"", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "version":*terraform.ResourceAttrDiff{Old:"", New:"1.1.3", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "wait":*terraform.ResourceAttrDiff{Old:"", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)}
2019/04/25 10:36:02 [DEBUG] Resource state not found for "helm_release.istio_init": helm_release.istio_init
2019/04/25 10:36:02 [TRACE] Graph after step *terraform.AttachStateTransformer:

helm_release.istio_init - *terraform.NodeApplyableResource
2019/04/25 10:36:02 [DEBUG] ReferenceTransformer: "helm_release.istio_init" references: []
2019/04/25 10:36:02 [DEBUG] ReferenceTransformer: "provider.helm" references: []
2019-04-25T10:36:02.359-0400 [DEBUG] plugin: starting plugin: path=/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-helm_v0.9.1_x4 args=[/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-helm_v0.9.1_x4]
2019-04-25T10:36:02.363-0400 [DEBUG] plugin: waiting for RPC address: path=/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-helm_v0.9.1_x4
2019-04-25T10:36:02.399-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: plugin address: timestamp=2019-04-25T10:36:02.398-0400 address=/var/folders/rx/lrb60s6929j3ldg6tlwtcf4m0000gn/T/plugin586870690 network=unix
2019-04-25T10:36:02.405-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: 2019/04/25 10:36:02 [DEBUG] TLS settings: 
[OMITED]
2019-04-25T10:36:02.813-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: 2019/04/25 10:36:02 [DEBUG] Fetched istio/istio-init to /Users/felipe/.helm/cache/archive/istio-init-1.1.3.tgz
2019-04-25T10:36:03.097-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: 2019/04/25 10:36:03 [DEBUG] Fetched istio/istio-init to /Users/felipe/.helm/cache/archive/istio-init-1.1.3.tgz
2019/04/25 10:36:03 [DEBUG] apply: helm_release.istio_init: executing Apply
helm_release.istio_init: Creating...
  chart:            "" => "istio-init"
  disable_webhooks: "" => "false"
  force_update:     "" => "false"
  metadata.#:       "" => "<computed>"
  name:             "" => "istio-init"
  namespace:        "" => "istio-system"
  recreate_pods:    "" => "false"
  repository:       "" => "istio"
  reuse:            "" => "false"
  reuse_values:     "" => "false"
  status:           "" => "DEPLOYED"
  timeout:          "" => "300"
  verify:           "" => "false"
  version:          "" => "1.1.3"
  wait:             "" => "true"
2019-04-25T10:36:04.632-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: 2019/04/25 10:36:04 [DEBUG] Created tunnel using local port: '50275'
2019-04-25T10:36:04.632-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: 2019/04/25 10:36:04 [DEBUG] Found TLS settings: configuring helm client with TLS
2019-04-25T10:36:09.634-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: 2019/04/25 10:36:09 [DEBUG] could not get release context deadline exceeded
2019/04/25 10:36:09 [ERROR] root: eval: *terraform.EvalApplyPost, err: 1 error(s) occurred:

* helm_release.istio_init: context deadline exceeded
2019/04/25 10:36:09 [ERROR] root: eval: *terraform.EvalSequence, err: 1 error(s) occurred:

* helm_release.istio_init: context deadline exceeded

2019/04/25 10:36:09 [DEBUG] plugin: waiting for all plugin processes to complete...
Error: Error applying plan:

1 error(s) occurred:

* helm_release.istio_init: 1 error(s) occurred:

* helm_release.istio_init: context deadline exceeded

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.


2019-04-25T10:36:09.645-0400 [DEBUG] plugin.terraform-provider-helm_v0.9.1_x4: 2019/04/25 10:36:09 [ERR] plugin: plugin server: accept unix /var/folders/rx/lrb60s6929j3ldg6tlwtcf4m0000gn/T/plugin586870690: use of closed network connection
2019-04-25T10:36:09.648-0400 [DEBUG] plugin: plugin process exited: path=/Users/felipe/workspace/terraform-spec/helm/.terraform/plugins/darwin_amd64/terraform-provider-helm_v0.9.1_x4

1 Ответ

0 голосов
/ 10 июня 2019

Я уже имел эту ошибку раньше, и это обычно означает, что я не использую румпель. Я вижу, вы установили 

install_tiller  = "false"

, что означает, что вам нужно запустить его локально.

Я запускаю это: 

tiller -storage secret
...