google_container_cluster.primary: Post XXXXX x509: certificate signed by unknown authority #2109
Comments
ghost
mentioned this issue
|
Do you have any debug logs we could look at for this? Also, are you working from behind a proxy? |
|
I will post logs here shortly and yes I am working behind the proxy. But I am able to create GCE instances and other google services. Problem is only with GKE cluster |
|
Hm. If there's any way to try the same config not behind a proxy, that'd be really helpful. I don't want to point fingers at the proxy prematurely, but also "SSL error" and "proxy" historically has really only had one outcome, in my experience. |
|
Understood. I will try outside of proxy and get back to you on this shortly |
|
I had the same issue, as a workaround I user 'insecure = true' and that helps. |
|
could you please tell ,where do you set 'insecure = true' ? |
|
so I logged into Jenkins box where I am having the issue. ran gcloud init and created the cluster using gcloud command. I was able to create. it is failing only when I run via terraform. |
|
I think the |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks! |
ghost
locked and limited conversation to collaborators
This issue was originally opened by @jawlitkp as hashicorp/terraform#18899. It was migrated here as a result of the provider split. The original body of the issue is below.
Hi There,
I am getting below error when I try to create gke cluster using Jenkins. I am exporting "GOOGLE_APPLICATION_CREDENTIALS" in my Jenkins file. please note along with cluster I am also creating gce instances and not issue there. only it fails for cluster creation.
in my Jenkins file I have below :
sh "export GOOGLE_APPLICATION_CREDENTIALS=*******.json"
in my provider.tf I have :
provider "google" {
project = "${lookup(var.data["global"], "project")}"
region = "${lookup(var.data["global"], "region")}"
credentials = "${file("XXXX.json")}"
}
provider "google" {
project = "${lookup(var.data["global"], "host_project")}"
region = "${lookup(var.data["global"], "region")}"
credentials = "${file("XXXX.json")}"
alias = "sharedproject"
}
Terraform Version
Terraform v0.11.8
Debug Output
�[1m�[31mError: �[0m�[0m�[1mError applying plan:
1 error(s) occurred:
module.gke_cluster.google_container_cluster.primary: 1 error(s) occurred:
google_container_cluster.primary: Post https://XXXXXclusters?alt=json&prettyPrint=false: x509: certificate signed by unknown authority
Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.�[0m
The text was updated successfully, but these errors were encountered: