Bonjour,
je n'arrive pas à configuré le backend s3 afin qu'il utilise l'api d'OVH, j'ai l'erreur suivante:
INFO[0006] time=2024-03-31T01:00:40+01:00 level=warning msg=Encryption is not enabled on the S3 remote state bucket an_ovh_project_id-graveline-terragrunt. Terraform state files may contain secrets, so we STRONGLY recommend enabling encryption! prefix=[xxxx/ovh-infra/infrastructure/my_cloud_subscription/prod/world/network]
Remote state S3 bucket an_ovh_project_id-graveline-terragrunt does not exist or you don't have permissions to access it. Would you like Terragrunt to create it? (y/n)
ERRO[0006] 1 error occurred:
* RequestError: send request failed
caused by: Get "https://an_ovh_project_id-graveline-terragrunt.s3.gra.amazonaws.com/my_cloud_subscription/prod/world/network/terraform.tfstate": dial tcp: lookup an_ovh_project_id-graveline-terragrunt.s3.gra.amazonaws.com on 127.0.0.53:53: no such host
ERRO[0006] Unable to determine underlying exit code, so Terragrunt will exit with error code 1
mon projet terragrunt est structurée comme suit:
.
├── my_cloud_subscription
│ ├── prod
│ │ ├── canada
│ │ │ └── zone.hcl
│ │ ├── env.hcl
│ │ ├── europe
│ │ │ ├── france
│ │ │ │ ├── graveline
│ │ │ │ │ ├── city.hcl
│ │ │ │ │ └── GRA9
│ │ │ │ │ ├── datacenter.hcl
│ │ │ │ │ └── vnet
│ │ │ │ │ └── terragrunt.hcl
│ │ │ │ └── state.hcl
│ │ │ └── zone.hcl
│ │ ├── united_state
│ │ │ └── zone.hcl
│ │ └── world
│ │ ├── city.hcl
│ │ ├── datacenter.hcl
│ │ ├── network
│ │ │ └── terragrunt.hcl
│ │ ├── state.hcl
│ │ └── zone.hcl
│ ├── subscription.hcl
│ └── subscription.secret.yaml
└── root.hcl
et le fichier root.hcl est décrit ci-après
locals {
subscription_vars = read_terragrunt_config(find_in_parent_folders("subscription.hcl"))
subscription_secret_vars = yamldecode(sops_decrypt_file(find_in_parent_folders("subscription.secret.yaml")))
env_vars = read_terragrunt_config(find_in_parent_folders("env.hcl"))
zone_vars = read_terragrunt_config(find_in_parent_folders("zone.hcl"))
state_vars = read_terragrunt_config(find_in_parent_folders("state.hcl"))
city_vars = read_terragrunt_config(find_in_parent_folders("city.hcl"))
datacenter_vars = read_terragrunt_config(find_in_parent_folders("datacenter.hcl"))
config = {
project_id = local.subscription_vars.locals.project_id
projectName = local.subscription_vars.locals.projectName
application_key = local.subscription_secret_vars.application_key
application_secret = local.subscription_secret_vars.application_secret
consumer_key = local.subscription_secret_vars.consumer_key
environment = local.env_vars.locals.environment
ovh_api_zone = local.zone_vars.locals.ovh_api_zone
zone = local.zone_vars.locals.zone
state = local.state_vars.locals.state
city = local.city_vars.locals.city
region_short_name = local.city_vars.locals.region_short_name
datacenter = local.datacenter_vars.locals.datacenter
bucket_name = "${local.subscription_vars.locals.project_id}-${local.city_vars.locals.city}-terragrunt"
aws_access_key = "unused"
aws_secret_key = "unused"
}
}
generate "provider" {
path = "provider.tf"
if_exists = "overwrite_terragrunt"
contents = < ########################################################################################
# Provider / OVH
########################################################################################
provider "ovh" {
endpoint = "${local.config.ovh_api_zone}"
application_key = "${local.config.application_key}"
application_secret = "${local.config.application_secret}"
consumer_key = "${local.config.consumer_key}"
}
########################################################################################
# User / Credential
########################################################################################
resource "ovh_cloud_project_user" "s3_admin_user" {
service_name = "${local.config.project_id}"
description = "That is used to create S3 access key"
role_name = "objectstore_operator"
}
resource "ovh_cloud_project_user_s3_credential" "s3_admin_cred" {
service_name = "${local.config.project_id}"
user_id = ovh_cloud_project_user.s3_admin_user.id
}
########################################################################################
# Provider / AWS
########################################################################################
provider "aws" {
region = "${local.config.region_short_name}"
access_key = ovh_cloud_project_user_s3_credential.s3_admin_cred.access_key_id
secret_key = ovh_cloud_project_user_s3_credential.s3_admin_cred.secret_access_key
#OVH implementation has no STS service
skip_credentials_validation = true
skip_requesting_account_id = true
# the gra region is unknown to AWS hence skipping is needed.
skip_region_validation = true
endpoints {
s3 = var.s3_endpoint
}
}
########################################################################################
# Bucket
########################################################################################
resource "aws_s3_bucket" "b" {
bucket = "${local.config.bucket_name}"
}
########################################################################################
# Output
########################################################################################
output "access_key" {
description = "the access key that have been created by the terraform script"
value = ovh_cloud_project_user_s3_credential.s3_admin_cred.access_key_id
}
output "secret_key" {
description = "the secret key that have been created by the terraform script"
value = ovh_cloud_project_user_s3_credential.s3_admin_cred.secret_access_key
sensitive = true
}
EOF
}
remote_state {
backend = "s3"
config = {
bucket = "${local.config.bucket_name}"
key = "${path_relative_to_include()}/terraform.tfstate"
region = "${local.config.region_short_name}"
access_key = "${local.config.aws_access_key}"
secret_key = "${local.config.aws_secret_key}"
endpoints = {
s3 = "https://s3.gra.io.cloud.ovh.net"
}
skip_credentials_validation = true
skip_requesting_account_id = true
skip_region_validation = true
}
generate = {
path = "backend.tf"
if_exists = "overwrite_terragrunt"
}
}
inputs = merge(local.config)
Merci pour votre aide
Public Cloud OVHcloud - Comment utiliser terrgragunt et remote storage avec OVH?
Willkommen in der OVHcloud Community
Stellen Sie Fragen, suchen Sie nach Informationen, veröffentlichen Sie Inhalte und interagieren Sie mit anderen Mitgliedern der OVHcloud Community.
Frage
Comment utiliser terrgragunt et remote storage avec OVH?
Von
Positive Bewertungen (0)
635 Ansichten
Related questions
- Dimensionnement serveur MySQL
45099 
07.11.2018 12:32
- [RESOLU] Connexion impossible en SSH
37661 05.06.2019 20:05
- Bonjour, Je n'est reçus aucun mot de passe root lors de mon achat!
32955 05.02.2018 20:47
- Gitlab private docker registry
32735 16.03.2018 13:05
- Ssh connection timed out port 22
32097 11.12.2019 08:21
- Configuration IP failover avec netplan (Ubuntu 17.10)
31515 12.01.2018 23:23
- Problème connexion ssh
31349 04.02.2018 09:46
- IP Failover sur Debian 9
30942 18.11.2016 20:40
- Instance Public Cloud en "error"
28559 15.12.2025 10:04
- Connexion OpenStack Swift Object Storage
24619 11.04.2019 10:09
An Diskussion teilnehmen
Most recent in same Forum
- Problème de facturation suite à la création de plusieurs "Personal SQL" non demandés
- Account Creation Confirm Button Doesn't Work
- Cloud Archive: rsync renvoie des erreurs "file failed verification -- update retained"
- Comment donner acces au developer sur OVH pour creer un site internet sans qu'il puisse avoir acces a tous les comptes sur OVH
- Est-ce qu'OVH bloque l'accès à Internet depuis un VLAN interne lors du passage par une VM pontée (avec une adresse IP publique) ?