terraform-provider-kubernetes icon indicating copy to clipboard operation
terraform-provider-kubernetes copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Invalid client config when trying to replace cluster nodes.

Open ciwa09 opened this issue 3 years ago • 0 comments

Issue: Failing to replace a k8s node using Kubernetes provider.

Terraform Version, Provider Version and Kubernetes Version

Terraform version: Terraform v0.14.11
Kubernetes provider version: 2.11.0
Kubernetes version: 1.22.7

Affected Resource(s)

  • provider "kubernetes"

Terraform Configuration Files

 provider "kubernetes" {
 host = rke_cluster.cluster.api_server_url
 username = rke_cluster.cluster.kube_admin_user

client_certificate = rke_cluster.cluster.client_cert
 client_key = rke_cluster.cluster.client_key
 cluster_ca_certificate = rke_cluster.cluster.ca_crt
}

$ terraform state show module.rancher.rke_cluster.cluster
 # module.rancher.rke_cluster.cluster:
 resource "rke_cluster" "cluster" {
 api_server_url = "https://x.x.x.12:6443"
 ca_crt = (sensitive value)
 certificates = (sensitive value)
 client_cert = (sensitive value)
 client_key = (sensitive value)

Debug Output

https://gist.github.com/ciwa09/fe182aeabc1c9583a6f68529dfda60a0

Panic Output

Steps to Reproduce

Kill one of the Kubernetes nodes and try to replace with new node. Node role: etcd, Controlplane, worker Apply terraform plan. fails with this error:

Error: Provider configuration: cannot load Kubernetes client config

Expected Behavior

What should have happened?

Actual Behavior

What actually happened?

Important Factoids

If i hard code as shown below the host = rke_cluster.cluster.api_server_url the plan works fine.

Not working config:

 provider "kubernetes" {
 host = rke_cluster.cluster.api_server_url
 username = rke_cluster.cluster.kube_admin_user

client_certificate = rke_cluster.cluster.client_cert
 client_key = rke_cluster.cluster.client_key
 cluster_ca_certificate = rke_cluster.cluster.ca_crt
}

Working Config:

 provider "kubernetes" {
 host = "https://x.x.x.12:6443"
 username = rke_cluster.cluster.kube_admin_user

client_certificate = rke_cluster.cluster.client_cert
 client_key = rke_cluster.cluster.client_key
 cluster_ca_certificate = rke_cluster.cluster.ca_crt
}

Terraform state output

$ terraform state show module.rancher.rke_cluster.cluster
 # module.rancher.rke_cluster.cluster:
 resource "rke_cluster" "cluster" {
 api_server_url = "https://x.x.x.12:6443"
 ca_crt = (sensitive value)
 certificates = (sensitive value)
 client_cert = (sensitive value)
 client_key = (sensitive value)

References

  • GH-1234

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

ciwa09 avatar Jun 29 '22 19:06 ciwa09