Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encrypting disks #2

Closed
Tom-Mann opened this issue Nov 20, 2017 · 10 comments
Closed

Encrypting disks #2

Tom-Mann opened this issue Nov 20, 2017 · 10 comments

Comments

@Tom-Mann
Copy link

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

Run terraform -v to show the version. If you are not running the latest version of Terraform, please upgrade because your issue may have already been fixed.
v.0.10.8

Affected Resource(s)

Please list the resources as a list, for example:

  • opentelekomcloud_blockstorage_volume_v2
  • opentelekomcloud_compute_instance_v2

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

#a command to attach the relevant data volume to the machine
resource "opentelekomcloud_compute_volume_attach_v2" "volumeData_attach" {
count = "${var.diskData_size_gb > 0 ? var.vm_engine_count : 0}"
instance_id = "${element(opentelekomcloud_compute_instance_v2.engine_node..id, count.index)}"
volume_id = "${element(opentelekomcloud_blockstorage_volume_v2.volumeData.
.id, count.index)}"
}

#Create the Data volume
resource "opentelekomcloud_blockstorage_volume_v2" "volumeData" {
count = "${var.diskData_size_gb > 0 ? var.vm_engine_count : 0}"
name = "ComputeNode_dsgr_${format("%02d", count.index+1)}.${var.Environment}.TSystems-Datadisk${format("%02d", count.index+1)}"
size = "${var.diskData_size_gb}"
metadata = {
"__system__encrypted" = 1
"__system__cmkid" = "9ef7e21c-8a9c-4f46-be5f-41bec99c54be"
}
}

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://www.terraform.io/docs/internals/debugging.html. Please do NOT paste the debug output in the issue; just paste a link to the Gist.

terraform completes fine,

Panic Output

If Terraform produced a panic, please provide a link to a GitHub Gist containing the output of the crash.log.

Expected Behavior

encrypted disk is attached to server

Actual Behavior

terraform completed fine, viewing the machine you could see 2 drives one system and one encrypted data, however the volume screen showed the device was in state attaching, after around 10 minutes this timed out and the drive was removed from the machine info.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform apply
  2. check if volume is in state attaching after script completes, if not destroy and repeat (happens every other time for me)

Important Factoids

Are there anything atypical about your accounts that we should know? For example: Which version of OpenTelekomCloud? Tight ACLs?

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

@gator1
Copy link
Owner

gator1 commented Nov 20, 2017

Could you describe how you get the key, system__cmkid?

@Tom-Mann
Copy link
Author

I created a key inside of key management service and used the ID.

@gator1
Copy link
Owner

gator1 commented Nov 21, 2017

I can't really duplicate. I can get something similar but not identical with a bad or missing __system__cmkid. In order to debug, I would need all of your terraform code (so *.tf in current directory), and any input variable definitions you are using (or .tfvars file if you are using that).
If you don't want to put anything in the public, mail them to me at [email protected]

@Tom-Mann
Copy link
Author

have emailed you.

@gator1
Copy link
Owner

gator1 commented Nov 21, 2017

How is the code different from this?
https://github.com/weihj1999/tfexample/blob/master/grid-engine.tf

@Tom-Mann
Copy link
Author

Tom-Mann commented Nov 21, 2017 via email

@gator1
Copy link
Owner

gator1 commented Nov 22, 2017

I couldn't reproduce. The support people couldn't either. You need to provide the full code including your credentials for me to be able to debug, code snippet like this won't be enough.

@gator1
Copy link
Owner

gator1 commented Nov 22, 2017

My guess is that you either get a wrong key, you don't have privilege to use the key, or the dependency was not set up. But I need your full code to debug further.

@Tom-Mann
Copy link
Author

Tom-Mann commented Nov 22, 2017 via email

@Tom-Mann
Copy link
Author

Tom-Mann commented Nov 22, 2017 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants