Comments (6)
Hi,
I feel this comes from a misusage of keypair/ssh agent. The module will create a key for you if you dont specify a ssh_keypair_name
, why are you creating one first ?
In any case, if you create a new key, it wont be in ssh-agent and the module wont be able to connect to nodes. I'm surprised this code works even for creating cluster... Are you able to connect via ssh to newly created vm ?
from terraform-openstack-rke.
There is no real reason I create the key pair first, but I don't think it should be a problem, I don't mind it being explicit rather than being implicitly created by the module. I did have to add the key to my SSH agent manually (during the wait_for_ssh period) to get the cluster to create (couldn't get it to work with use_ssh_agent = false
using the ssh_keypair_name
), and can connect to the cluster through SSH fine after that. The main reason why I have been doing it this way was because when I set it up I couldn't get it to work with (or didn't try) the other methods. I feel like this is still very strange behavior though, why shouldn't this work and why does the command complete successfully? I can give it another shot with use_ssh_agent = false
, but I tried that about a week ago and I couldn't get it to create a cluster at all.
Edit: Without using the agent I get:
Error: timeout - last error: Error connecting to bastion: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
from terraform-openstack-rke.
I was not sure of your workflow but I agree this should definitely work.
I did not manage to reproduce you issue, though. Can you provide a debug log and confirm that you can connect to the newly spawned node during the module.rke.rke_cluster.cluster
creation ?
from terraform-openstack-rke.
I've tried to reproduce this issue and have found there to be something going on with the usage of TF_VAR_os_password (or not).
The key is also in @steffansluis, output.
failed to run Kubelet: could not init cloud provider \"openstack\": Authentication failed]"
. This relates not to SSH, but to authentication to OpenStack. -- The cloud provider (driver) fails to authenticate.
Emperically I have found that if I have OS_PASSWORD set, the cluster terraform is able to connect to and start the machines. But TF_VAR_os_password is needed to be set to allow the cloud provider to work.
note:
Terraform will use use the default OpenStack client, and therefore connect successfully if only OS_PASSWORD is set. That's why it then only fails when trying to use the cloud-provider.
from terraform-openstack-rke.
@dhrp thanks for pointing this out !
If you want to use cloud provider, you need to set os_auth_url
and os_password
TF variables. That's because we cant retrieve them from identity_auth_scope_v3 data source.
USAGE.md file already state that, but I might add something in the README.
@steffansluis did you set TF variables when trying to scale up cluster ?
from terraform-openstack-rke.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
from terraform-openstack-rke.
Related Issues (19)
- Octavia support HOT 2
- Cant downscale HOT 1
- On new installation get version conflict ..? HOT 1
- fails when not using ssh-agent HOT 4
- conditional cloud provider
- Disable kubeconfig file write
- Worker nodes array HOT 3
- Use terraform-docs
- add taint
- use_ssh_agent HOT 3
- Receiving errors HOT 6
- Code quality checks fail
- Terraform 0.13
- Install fails because no docker engine is installed HOT 5
- failed to run Kubelet: could not init cloud provider "openstack": Authentication failed HOT 1
- openstack built-in cloud provider is now deprecated. Please use 'external' cloud provider for openstack HOT 1
- Creating PVs fails when Openstack has multiple compute AZs, but only one storage AZ HOT 6
- [bug] Error when enabling loadbalancer HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-openstack-rke.