main.tf
terraform {
required_providers {
docker = {
source = "kreuzwerker/docker"
}
google = {
source = "hashicorp/google"
}
random = {
source = "hashicorp/random"
}
}
}
provider "docker" {}
resource "docker_image" "nginx" {
name = "nginx:latest"
keep_locally = false
}
resource "docker_container" "nginx" {
image = docker_image.nginx.latest
name = "tutorial"
ports {
internal = 80
external = 8000
}
}
在执行terraform init时,我面临仅下载docker资源的问题:
Initializing the backend...
Initializing provider plugins...
- Finding latest version of hashicorp/google...
- Finding latest version of hashicorp/random...
- Finding latest version of kreuzwerker/docker...
- Installing hashicorp/google v4.11.0...
- Installed hashicorp/google v4.11.0 (signed by HashiCorp)
- Installing hashicorp/random v3.1.0...
- Installed hashicorp/random v3.1.0 (signed by HashiCorp)
╷
│ Error: Failed to install provider
│
│ Error while installing kreuzwerker/docker v2.16.0: could not query provider registry for registry.terraform.io/kreuzwerker/docker: failed to retrieve authentication checksums for
│ provider: the request failed after 2 attempts, please try again later: Get
│ "https://github.com/kreuzwerker/terraform-provider-docker/releases/download/v2.16.0/terraform-provider-docker_2.16.0_SHA256SUMS": context deadline exceeded
在完成这篇文章后,我在本地下载了文件,并成功执行了terraform init,但未能运行terraform apply,出现以下错误:
│ Error: Could not load plugin
│
│
│ Plugin reinitialization required. Please run "terraform init".
│
│ Plugins are external binaries that Terraform uses to access and manipulate
│ resources. The configuration provided requires plugins which can't be located,
│ don't satisfy the version constraints, or are otherwise incompatible.
│
│ Terraform automatically discovers provider requirements from your
│ configuration, including providers used in child modules. To see the
│ requirements and constraints, run "terraform providers".
│
│ failed to instantiate provider "registry.terraform.io/kreuzwerker/docker" to obtain schema: fork/exec
│ .terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip: permission denied
系统详细信息:
操作系统:Ubuntu 21.10
尝试Terraform版本:
1.0.6[与教程cli中使用的版本相同https://learn.hashicorp.com/]
1.1.16【使用apt-get】
我还启动了另一个docker容器并重现了这个问题,我能够用terraform init 重现同样的问题
更新:
gahan@jarvis:~/devOps/test$ terraform init
Initializing the backend...
Initializing provider plugins...
- Finding latest version of hashicorp/random...
- Finding latest version of kreuzwerker/docker...
- Finding latest version of hashicorp/google...
- Installing hashicorp/google v4.11.0...
- Installed hashicorp/google v4.11.0 (signed by HashiCorp)
- Installing hashicorp/random v3.1.0...
- Installed hashicorp/random v3.1.0 (signed by HashiCorp)
╷
│ Error: Failed to install provider
│
│ Error while installing kreuzwerker/docker v2.16.0: could not query provider registry for registry.terraform.io/kreuzwerker/docker: failed to retrieve authentication checksums for provider: the request
│ failed after 2 attempts, please try again later: Get "https://github.com/kreuzwerker/terraform-provider-docker/releases/download/v2.16.0/terraform-provider-docker_2.16.0_SHA256SUMS": net/http: request
│ canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
╵
gahan@jarvis:~/devOps/test$ cat /etc/group | grep docker
docker:x:998:gahan
gahan@jarvis:~/devOps/test$ docker pull python:alpine3.13
alpine3.13: Pulling from library/python
5758d4e389a3: Pull complete
9292b3ab1647: Pull complete
35d95eb0acaf: Pull complete
cfda6539f3f2: Pull complete
f4471b8ea909: Pull complete
Digest: sha256:93eb0ba98b15791a071ec8bce2483e670e52c83af51962d3255b4f8f93b52d24
Status: Downloaded newer image for python:alpine3.13
docker.io/library/python:alpine3.13
非常感谢@Tapan和其他社区成员的帮助。
由于我遵循了安装后步骤的所有步骤,因此也重新迭代了权限。。
最后,我还创建了一个docker容器来重新创建问题,经过进一步的调试,即使使用wget命令报告的校验和也可以下载,但在处理terraform时,它可能使用了一些我还不知道的其他url/协议,但它与我的ISP[Airtel光纤连接]有某种冲突
因此,我使用了warp桌面客户端,并尝试使用地形命令,它为我工作没有任何问题。
@Gahan,我想问题在于权限,如果我没有错的话,docker需要sudo访问才能运行,而terraform与普通用户访问一起工作。如果你看下面的错误行
.terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip: permission denied
它正在显示";权限被拒绝";。
我想你可以尝试将user+组从sudo更改为.terraform目录的本地用户,然后尝试一下。
chown <user>:<group> .terraform
chmod 750 .terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip
更新:
这个设置在MacOS上运行得很好,我只是尝试使用上面的main.tf内容在docker中创建ngnix容器,我能够成功地初始化和应用terraform。我使用的是Mac操作系统。Terraform版本-1.1.1,Docker版本-4.4.2
接下来,我尝试在ubuntu机器(20.04 LTS(上复制相同的内容,并在尝试运行";地形应用";
错误:
Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
在进一步的挖掘中,我能够解决这个问题。
问题的主要原因是我们的自定义用户没有执行docker命令的权限。因此,当terraform尝试运行与docker相关的命令时,这将失败。我们可以执行以下步骤来解决这个
- 如果正确安装了docker,应该有一个可用的docker组。这个你可以签入/etc/group路径
$ cat /etc/group
- 将您的userid添加到docker组。在我的情况下,用户名是"tapan1991">
$ sudo usermod -aG docker $User_Name
Eg : sudo usermod -aG docker tapan1991
退出会话并再次登录
执行地形计划/应用命令
$ terraform apply
希望这能有所帮助!!
参考文献:在"上ping docker服务器时出错;地形应用";