`terraform init` 无法安装提供程序 kreuzwerker/docker

`terraform init` Failed to install provider kreuzwerker/docker

main.tf

terraform {
  required_providers {
    docker = {
      source  = "kreuzwerker/docker"
    }
    google = {
      source = "hashicorp/google"
    }
    random = {
      source = "hashicorp/random"
    }
  }
}

provider "docker" {}

resource "docker_image" "nginx" {
  name         = "nginx:latest"
  keep_locally = false
}

resource "docker_container" "nginx" {
  image = docker_image.nginx.latest
  name  = "tutorial"
  ports {
    internal = 80
    external = 8000
  }
}

执行 terraform init 后,我遇到了仅下载 docker 资源的问题:

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/google...
- Finding latest version of hashicorp/random...
- Finding latest version of kreuzwerker/docker...
- Installing hashicorp/google v4.11.0...
- Installed hashicorp/google v4.11.0 (signed by HashiCorp)
- Installing hashicorp/random v3.1.0...
- Installed hashicorp/random v3.1.0 (signed by HashiCorp)
╷
│ Error: Failed to install provider
│ 
│ Error while installing kreuzwerker/docker v2.16.0: could not query provider registry for registry.terraform.io/kreuzwerker/docker: failed to retrieve authentication checksums for
│ provider: the request failed after 2 attempts, please try again later: Get
│ "https://github.com/kreuzwerker/terraform-provider-docker/releases/download/v2.16.0/terraform-provider-docker_2.16.0_SHA256SUMS": context deadline exceeded

在遵循 this post 之后,我在本地下载了文件,我成功地执行了 terraform init 但未能 运行 terraform apply 并出现以下错误:

│ Error: Could not load plugin
│ 
│ 
│ Plugin reinitialization required. Please run "terraform init".
│ 
│ Plugins are external binaries that Terraform uses to access and manipulate
│ resources. The configuration provided requires plugins which can't be located,
│ don't satisfy the version constraints, or are otherwise incompatible.
│ 
│ Terraform automatically discovers provider requirements from your
│ configuration, including providers used in child modules. To see the
│ requirements and constraints, run "terraform providers".
│ 
│ failed to instantiate provider "registry.terraform.io/kreuzwerker/docker" to obtain schema: fork/exec
│ .terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip: permission denied

系统详细信息:

OS: Ubuntu 21.10

尝试过的 Terraform 版本:

我还启动了另一个 docker 容器并重现了这个问题,我能够用 terraform init

重现同样的问题

更新:

gahan@jarvis:~/devOps/test$ terraform init

Initializing the backend...

Initializing provider plugins...
- Finding latest version of hashicorp/random...
- Finding latest version of kreuzwerker/docker...
- Finding latest version of hashicorp/google...
- Installing hashicorp/google v4.11.0...
- Installed hashicorp/google v4.11.0 (signed by HashiCorp)
- Installing hashicorp/random v3.1.0...
- Installed hashicorp/random v3.1.0 (signed by HashiCorp)
╷
│ Error: Failed to install provider
│ 
│ Error while installing kreuzwerker/docker v2.16.0: could not query provider registry for registry.terraform.io/kreuzwerker/docker: failed to retrieve authentication checksums for provider: the request
│ failed after 2 attempts, please try again later: Get "https://github.com/kreuzwerker/terraform-provider-docker/releases/download/v2.16.0/terraform-provider-docker_2.16.0_SHA256SUMS": net/http: request
│ canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
╵

gahan@jarvis:~/devOps/test$ cat /etc/group | grep docker
docker:x:998:gahan

gahan@jarvis:~/devOps/test$ docker pull python:alpine3.13
alpine3.13: Pulling from library/python
5758d4e389a3: Pull complete 
9292b3ab1647: Pull complete 
35d95eb0acaf: Pull complete 
cfda6539f3f2: Pull complete 
f4471b8ea909: Pull complete 
Digest: sha256:93eb0ba98b15791a071ec8bce2483e670e52c83af51962d3255b4f8f93b52d24
Status: Downloaded newer image for python:alpine3.13
docker.io/library/python:alpine3.13

@Gahan,我想问题出在权限上,如果我没记错的话,docker 需要对 运行 的 sudo 访问权限,其中 terraform 可以正常用户访问。如果你看下面一行错误

.terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip: permission denied

显示“权限被拒绝”。

我想你可以尝试将 .terraform 目录的用户+组从 sudo 更改为你的本地用户,然后试一试。

chown <user>:<group> .terraform
chmod 750 .terraform/providers/registry.terraform.io/kreuzwerker/docker/2.16.0/linux_amd64/terraform-provider-docker_2.16.0_linux_amd64.zip

更新:

此设置在 MacOS 下运行良好,我只是尝试使用以上 main.tf 内容在 docker 中创建 ngnix 容器,并且我能够初始化和应用地形成功。我正在使用 Mac OS。 Terraform 版本 - 1.1.1,Docker 版本 - 4.4.2

接下来,我尝试在 ubuntu 机器 (20.04 LTS) 上复制相同内容,当我尝试 运行 “terraform apply”

时遇到了与上述类似的问题

错误:

 Error: Error pinging Docker server: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied

经过进一步挖掘,我能够解决它。

问题的主要原因是我们的自定义用户无权执行 docker 的命令。所以当 terraform 尝试 运行 docker 相关命令时,这会失败。我们可以执行以下步骤来解决这个问题

  1. 如果 docker 安装正确,应该会有一个 docker 组可用。这个你可以在 /etc/group path
  2. 中查看
$ cat /etc/group
  1. 将您的用户 ID 添加到 docker 组。在我的例子中,用户名是 'tapan1991'
$ sudo usermod -aG docker $User_Name

Eg : sudo usermod -aG docker tapan1991
  1. 退出会话并重新登录

  2. 执行 terraform plan/apply 命令

$ terraform apply

希望对您有所帮助!!

参考:

非常感谢@Tapan 和其他社区成员的帮助。

因为我遵循了 post 安装步骤的所有步骤,所以还有 re-iterated 权限..

最后我还创建了一个 docker 容器来重现问题,并且在进一步调试时发现即使使用 wget 命令报告的校验和也可以下载,而在 terraform 上工作它可能正在使用其他一些我还不知道的 url/protocol 但它在某种程度上与我的 ISP [Airtel 光纤连接] 冲突。

As result I used warp desktop client and tried to use the terraform command which worked for me without any issue.