0

主文件

terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
    }
    google = {
      source = "hashicorp/google"
    }
    random = {
      source = "hashicorp/random"
    }
  }
}

provider "docker" {}

resource "docker_image" "nginx" {
  name         = "nginx:latest"
  keep_locally = false
}

resource "docker_container" "nginx" {
  image = docker_image.nginx.latest
  name  = "tutorial"
  ports {
    internal = 80
    external = 8000
  }
}

执行后terraform init,我面临仅下载 docker 资源的问题:

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/google...
- Finding latest version of hashicorp/random...
- Finding latest version of kreuzwerker/docker...
- Installing hashicorp/google v4.11.0...
- Installed hashicorp/google v4.11.0 (signed by HashiCorp)
- Installing hashicorp/random v3.1.0...
- Installed hashicorp/random v3.1.0 (signed by HashiCorp)
╷
│ Error: Failed to install provider
│ 
│ Error while installing kreuzwerker/docker v2.16.0: could not query provider registry for registry.terraform.io/kreuzwerker/docker: failed to retrieve authentication checksums for
│ provider: the request failed after 2 attempts, please try again later: Get
│ "https://github.com/kreuzwerker/terraform-provider-docker/releases/download/v2.16.0/terraform-provider-docker_2.16.0_SHA256SUMS": context deadline exceeded

在关注这篇文章之后,我在本地下载了文件,我成功执行了 terraform init 但未能运行 terraform apply 并出现以下错误:

│ Error: Could not load plugin
│ 
│ 
│ Plugin reinitialization required. Please run "terraform init".
│ 
│ Plugins are external binaries that Terraform uses to access and manipulate
│ resources. The configuration provided requires plugins which can't be located,
│ don't satisfy the version constraints, or are otherwise incompatible.
│ 
│ Terraform automatically discovers provider requirements from your
│ configuration, including providers used in child modules. To see the
│ requirements and constraints, run "terraform providers".
│ 
│ failed to instantiate provider "registry.terraform.io/kreuzwerker/docker" to obtain schema: fork/exec
│ .terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip: permission denied

系统详情:

操作系统:Ubuntu 21.10

尝试了 Terraform 版本:

  • 1.0.6 [在 https://learn.hashicorp.com/ 教程 cli 中使用的相同版本]

  • 1.1.16 [使用 apt-get]

我还启动了另一个 docker 容器并重现了该问题,并且能够使用 terraform init 重现相同的问题

更新:

gahan@jarvis:~/devOps/test$ terraform init

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/random...
- Finding latest version of kreuzwerker/docker...
- Finding latest version of hashicorp/google...
- Installing hashicorp/google v4.11.0...
- Installed hashicorp/google v4.11.0 (signed by HashiCorp)
- Installing hashicorp/random v3.1.0...
- Installed hashicorp/random v3.1.0 (signed by HashiCorp)
╷
│ Error: Failed to install provider
│ 
│ Error while installing kreuzwerker/docker v2.16.0: could not query provider registry for registry.terraform.io/kreuzwerker/docker: failed to retrieve authentication checksums for provider: the request
│ failed after 2 attempts, please try again later: Get "https://github.com/kreuzwerker/terraform-provider-docker/releases/download/v2.16.0/terraform-provider-docker_2.16.0_SHA256SUMS": net/http: request
│ canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
╵

gahan@jarvis:~/devOps/test$ cat /etc/group | grep docker
docker:x:998:gahan

gahan@jarvis:~/devOps/test$ docker pull python:alpine3.13
alpine3.13: Pulling from library/python
5758d4e389a3: Pull complete 
9292b3ab1647: Pull complete 
35d95eb0acaf: Pull complete 
cfda6539f3f2: Pull complete 
f4471b8ea909: Pull complete 
Digest: sha256:93eb0ba98b15791a071ec8bce2483e670e52c83af51962d3255b4f8f93b52d24
Status: Downloaded newer image for python:alpine3.13
docker.io/library/python:alpine3.13
4

2 回答 2

1

非常感谢@Tapan和其他社区成员的帮助。

由于我遵循了安装后步骤的所有步骤,因此也重新迭代了权限..

最后,我还创建了一个 docker 容器来重新创建问题,并在进一步调试时发现,即使wget可以下载命令报告的校验和,但在处理 terraform 时,它可能正在使用其他一些我还不知道的 url/协议但它在某种程度上与我的 ISP [Airtel 光纤连接] 冲突。

结果,我使用了warp 桌面客户端并尝试使用对我有用的 terraform 命令,没有任何问题。

于 2022-02-27T08:17:33.713 回答
0

@Gahan,我想问题出在权限上,如果我没记错的话,docker 需要 sudo 访问权限才能运行,而 terraform 与普通用户访问权限一起工作。如果您错误地查看以下行

.terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip: permission denied

它显示“权限被拒绝”。

我想您可以尝试将用户+组从 sudo 更改为 .terraform 目录的本地用户并试一试。

chown <user>:<group> .terraform
chmod 750 .terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip

更新 :

此设置在 MacOS 上运行良好,我只是尝试使用上面的 main.tf 内容在 docker 中创建 ngnix 容器,并且我能够成功初始化和应用 terraform。我正在使用 Mac 操作系统。Terraform 版本 - 1.1.1,Docker 版本 - 4.4.2

接下来,我尝试在 ubuntu 机器(20.04 LTS)上复制相同的内容,并在尝试运行“terraform apply”时遇到了与上述类似的问题

错误:

 Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied

在进一步挖掘中,我能够解决它。

问题的主要原因是我们的自定义用户无权执行 docker 的命令。因此,当 terraform 尝试运行 docker 相关命令时,会失败。我们可以执行以下步骤来解决这个问题

  1. 如果您正确安装了 docker,应该有一个可用的 docker 组。这你可以检查 /etc/group 路径
$ cat /etc/group
  1. 将您的用户 ID 添加到 docker 组。在我的情况下,用户名是“tapan1991”
$ sudo usermod -aG docker $User_Name

Eg : sudo usermod -aG docker tapan1991

  1. 从会话中注销并再次登录

  2. 执行 terraform plan/apply 命令

$ terraform apply

希望这可以帮助!!

参考:在“terraform apply”上 ping docker 服务器时出错

于 2022-02-23T10:48:49.963 回答