Comments (5)
My nodes are setup to use publickey verification. Would that be the issue? I'm not fond of enabling ssh password authentication for my root accounts.
Ah.. yes, that could be a problem. If ssh server allows only keys authentication then the current version of the provider won't be able to connect as it explicitly uses the password auth. I think adding the key auth as a main method and password as a fallback is doable 🤔
In a meantime you could try adding a separate PAM user account on PVE host to use with terraform, probably with Administrator rights, there are some examples in PVE Wiki. Then allow password auth over ssh for this user.
Also all nodes have different root passwords, so i'm wondering how that would be handled when i'm going to be provisioning across multiple nodes.
Clustered PVE is the area that I haven't really explored. I guess it would require an Authentication Server (either integrated in PVE, or external LDAP), so you can share a same user account across multiple hosts. I don't think this type of user accounts would work without tweaking pam / ssh server configs on each PVE host... But if we add the ssh key auth I mentioned earlier then this won't be an issue.
from terraform-provider-proxmox.
Hey @brutesque! 👋🏼
I think there are few things you could check.
First, the provider is using password authentication for SSH. I know, the documentation is not super clear why and how SSH is used, and updating it is on my radar. Essentially, we must use real Linux user accounts (i.e. PAM) via username:password credentials with the provider if operating on VM resources. While provider supports authentication with tokens or non-PAM users, it can't be used with SSH, and we still need SSH to do a few operations with VM disks.
Secondly, I have a slight suspicious that the issues you're having could be due to #217 introduced in v0.12.0. Though I don't see much of relevant errors in your logs, it worth double-checking. Could you try v0.11.0 to see if it works better in your environment?
from terraform-provider-proxmox.
Hi, thanks for the quick response!
I have tried version 0.11.0, but it gave me the same result.
I think i've setup password authentication correctly (it's using it for all the other resources).
I have this part in my main.tf
provider "proxmox" {
virtual_environment {
insecure = true
}
}
And i'm injecting a credentials.env
into the docker container environment that runs the terraform command:
PROXMOX_VE_ENDPOINT=https://pve-12core-xeon.redacted.com:8006/
PROXMOX_VE_USERNAME=root@pam
PROXMOX_VE_PASSWORD=myrootpassword
My nodes are setup to use publickey verification. Would that be the issue? I'm not fond of enabling ssh password authentication for my root accounts. Also all nodes have different root passwords, so i'm wondering how that would be handled when i'm going to be provisioning across multiple nodes.
from terraform-provider-proxmox.
Using key auth sounds like a good way to go.
from terraform-provider-proxmox.
Closing this in favour of #307
from terraform-provider-proxmox.
Related Issues (20)
- Support for "hardware mapping" as dedicated Terraform resource & data source HOT 4
- SOCKS5 proxy support for SSH HOT 4
- Host parameter inappropriately required in usb block for proxmox_virtual_environment_vm HOT 2
- :robot: Renovate Dashboard
- Action Required: Fix Renovate Configuration
- Issue on NULL DNS values - Proxmox VE 8.1.4 HOT 5
- Add option to override MinTLS version
- Useless VM reboot during apply after importing
- timeout_start_vm ignored, fails in 10s HOT 4
- Provider panic when empty ip_config is present in initialization section, when provisioning container HOT 1
- Broken links detected 🔗
- Broken links detected 🔗
- Broken links detected 🔗
- Broken links detected 🔗
- Incorrect indentations in terraform registry doc HOT 3
- Error: `sudo: command not found` when deploying VMs HOT 3
- Missing pool id forces replacement on Pool import HOT 2
- container datasource
- Please consider adding migrage+clone functionality.
- Broken links detected 🔗
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-proxmox.