linuxacademy / content-deploying-to-aws-ansible-terraform Goto Github PK

Hi,

I got error in the last video of "Bringing It All Together" and can not plan or apply, but in video you can. Have any solution to troubleshoot code for resolve this problem?

Terraform v0.14.9
ansible 2.9.6
python version = 3.8.5 (default, Jan 27 2021, 15:41:15) [GCC 9.3.0]

--- instances.tf---
resource "aws_instance" "jenkins-worker-oregon" {
provider = aws.region-worker
count = var.workers-count
ami = data.aws_ssm_parameter.linuxAmiOregon.value
instance_type = var.instance-type
key_name = aws_key_pair.worker-key.key_name
associate_public_ip_address = true
vpc_security_group_ids = [aws_security_group.jenkins-sg-oregon.id]
subnet_id = aws_subnet.subnet_1_oregon.id

tags = {
Name = join("_", ["jenkins_worker_tf", count.index + 1])
}
depends_on = [aws_main_route_table_association.set-worker-default-rt-assoc, aws_instance.jenkins-master]

provisioner "local-exec" {
command = <<EOF
aws --profile ${var.profile} ec2 wait instance-status-ok --region ${var.region-worker} --instance-ids ${self.id}
ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook --extra-vars 'passed_in_hosts=tag_Name_${self.tags.Name} master_ip=${aws_instance.jenkins-master.private_ip}' ~/terraform-aws/ansible_templates/install_jenkins_worker.yml
EOF
}

provisioner "remote-exec" {
when = destroy
inline = [
"java -jar /home/ec2-user/jenkins-cli.jar -auth @/home/ec2-user/jenkins_auth -s http://${aws_instance.jenkins-master.private_ip}:8080 delete-node ${self.private_ip}"
]
connection {
type = "ssh"
user = "ec2-user"
private_key = file("~/.ssh/id_rsa")
host = self.public_ip
}
}
}

--- Error ---
nhutpm@nhutpm:~/terraform-aws$ terraform validate

Error: Invalid reference from destroy provisioner

on instances.tf line 84, in resource "aws_instance" "jenkins-worker-oregon":
84: inline = [
85: "java -jar /home/ec2-user/jenkins-cli.jar -auth @/home/ec2-user/jenkins_auth -s http://${aws_instance.jenkins-master.private_ip}:8080 delete-node ${self.private_ip}"
86: ]

Destroy-time provisioners and their connection configurations may only
reference attributes of the related resource, via 'self', 'count.index', or
'each.key'.

References to other resources during the destroy phase can cause dependency
cycles and interact poorly with create_before_destroy.

Hi Khalid,

I can't resolve this issue on TF during final deployment :

Error: Invalid reference from destroy provisioner
on instances.tf line 74, in resource "aws_instance" "jenkins-worker-ireland":
74: inline = [
75: "java -jar /home/ec2-user/jenkins-cli.jar -auth @/home/ec2-user/jenkins_auth -s http://${aws_instance.jenkins-master.private_ip}:8080 delete-node ${self.private_ip}"
76: ]
Destroy-time provisioners and their connection configurations may only
reference attributes of the related resource, via 'self', 'count.index', or
'each.key'.
References to other resources during the destroy phase can cause dependency
cycles and interact poorly with create_before_destroy.

any idea, i'm new on terraform.
Your course is very useful and dope, thanks a lot!

Karim

Hi,

It seems the definition of aws_route53_record.cert_validation is missing from dns.tf?

resource "aws_route53_record" "cert_validation" {
  provider = aws.region-master
  for_each = {
    for val in aws_acm_certificate.jenkins-lb-https.domain_validation_options : val.domain_name => {
      name   = val.resource_record_name
      record = val.resource_record_value
      type   = val.resource_record_type
    }
  }
  name    = each.value.name
  records = [each.value.record]
  ttl     = 60
  type    = each.value.type
  zone_id = data.aws_route53_zone.dns.zone_id
}

I've followed the course and all resources deploy fine except this one.
terraform apply just hangs trying to create it.
When creating the cert validation record resource, it cant see the name, record or type attributes, I get the error

"unresolved reference name" for each one. I've checked all the code is as per the course. Any idea?

resource "aws_route53_record" "cert_validation" {
provider = aws.region-master
for_each = {
for val in aws_acm_certificate.jenkins-lb-https.domain_validation_val : val.domain_name => {
name = val.resource_record_name
record = val.resource_record_value
type = val.resource_record_type
}
}
name = each.value.name
records = [each.value.record]
ttl = 60
type = each.value.type
zone_id = data.aws_route53_zone.dns.zone_id
}

Hello,

I'm having the following error trying to test the example of the video.
I need to point out that the first execution/creation of an ec2 instance was successful.

aws_instance.jenkins-worker-oregon[0]: Creating...

Error: Error launching source instance: Unsupported: Your requested instance type (t2.micro) is not supported in your requested Availability Zone (us-west-2d). Please retry your request by not specifying an Availability Zone or choosing us-west-2a, us-west-2b, us-west-2c.
	status code: 400, request id: eb1473b6-a476-43b4-bb7e-1d90f61fa9b5

cheers!

Maybe with some version or other of Jenkins a new dependency was added from "daemonize" - here is the output I get running this lab: specifically install_jenkins.yaml playbook fails:

TASK [install Jenkins] *********************************************************
fatal: [54.145.170.3]: FAILED! => {"changed": false, "changes": {"installed": ["jenkins"]}, "msg": "Error: Package: jenkins-
2.316-1.1.noarch (jenkins)\n Requires: daemonize\n", "rc": 1, "results": ["Loaded plugins: extras_suggestions,
langpacks, priorities, update-motd\nResolving Dependencies\n--> Running transaction check\n---> Package
jenkins.noarch 0:2.316-1.1 will be installed\n--> Processing Dependency: daemonize for package: jenkins-2.316 -1.1.noarch\n--> Finished Dependency Resolution\n You could try using --skip-broken to work around the problem\n You
could try running: rpm -Va --nofiles --nodigest\n"]}

It turns out daemonize is part of the epel release, so that has to be added as well.

to get this to work I edited install_jenkins.yaml to add a task before the "install dependencies" to install the epel release, and then added daemonize to the dependencies:
...

# install_jenkins.yaml modified
---
- hosts: "{{ passed_in_hosts }}"
  become: yes
  remote_user: ec2-user
  become_user: root
  tasks:
    - name: install epel
      shell: /usr/bin/amazon-linux-extras install epel -y
 
    - name: install dependencies
      yum:
        name: "{{ package }} "
        state: present
      vars:
        package:
        - wget
        - java-1.8.0-openjdk-devel
        - git
        - daemonize
... rest of file...

This worked for me.