Adding a worker doesn't add a node in RKE cluster about terraform-openstack-rke HOT 6 CLOSED

Hi,
I feel this comes from a misusage of keypair/ssh agent. The module will create a key for you if you dont specify a ssh_keypair_name, why are you creating one first ?

In any case, if you create a new key, it wont be in ssh-agent and the module wont be able to connect to nodes. I'm surprised this code works even for creating cluster... Are you able to connect via ssh to newly created vm ?

from terraform-openstack-rke.

There is no real reason I create the key pair first, but I don't think it should be a problem, I don't mind it being explicit rather than being implicitly created by the module. I did have to add the key to my SSH agent manually (during the wait_for_ssh period) to get the cluster to create (couldn't get it to work with use_ssh_agent = false using the ssh_keypair_name), and can connect to the cluster through SSH fine after that. The main reason why I have been doing it this way was because when I set it up I couldn't get it to work with (or didn't try) the other methods. I feel like this is still very strange behavior though, why shouldn't this work and why does the command complete successfully? I can give it another shot with use_ssh_agent = false, but I tried that about a week ago and I couldn't get it to create a cluster at all.

Edit: Without using the agent I get:

Error: timeout - last error: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

from terraform-openstack-rke.

I was not sure of your workflow but I agree this should definitely work.
I did not manage to reproduce you issue, though. Can you provide a debug log and confirm that you can connect to the newly spawned node during the module.rke.rke_cluster.cluster creation ?

from terraform-openstack-rke.

I've tried to reproduce this issue and have found there to be something going on with the usage of TF_VAR_os_password (or not).

The key is also in @steffansluis, output.
failed to run Kubelet: could not init cloud provider \"openstack\": Authentication failed]". This relates not to SSH, but to authentication to OpenStack. -- The cloud provider (driver) fails to authenticate.

Emperically I have found that if I have OS_PASSWORD set, the cluster terraform is able to connect to and start the machines. But TF_VAR_os_password is needed to be set to allow the cloud provider to work.

note:
Terraform will use use the default OpenStack client, and therefore connect successfully if only OS_PASSWORD is set. That's why it then only fails when trying to use the cloud-provider.

from terraform-openstack-rke.

@dhrp thanks for pointing this out !

If you want to use cloud provider, you need to set os_auth_url and os_password TF variables. That's because we cant retrieve them from identity_auth_scope_v3 data source.

USAGE.md file already state that, but I might add something in the README.

@steffansluis did you set TF variables when trying to scale up cluster ?

from terraform-openstack-rke.

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

from terraform-openstack-rke.