Terraform error 405 Not allowed. Saves VPN

This morning builds in jenkins stopped working, they crashed with an error.

Hidden text

Terraform and earlier allowed provider version constraints inside the provider configuration block, but that is now deprecated and will be removed in a future version of Terraform. To silence this warning, move the provider version constraint into the required_providers block.

Error: Failed to install provider

Error while installing hashicorp/vsphere v2.0.2: could not query provider registry for registry.terraform.io/hashicorp/vsphere: failed to retrieve authentication checksums for provider: 405 Not allowed

Error: Failed to install provider

Error while installing hashicorp/dns v3.2.1: could not query provider registry for registry.terraform.io/hashicorp/dns: failed to retrieve authentication checksums for provider: 405 Not allowed

Tutor, how to quickly raise the vpn and return the terraforms to the system!

https://habr.com/ru/post/653997/image

Let’s move on releases.hashicorp.com/terraform and get Error 405 Not allowed. They spread their hands.


You need to quickly raise the vpn and push the route to hashicorp.
Purchased VDS in Finland (not advertising). Then we went to vds and ran the script.

wget https://git.io/vpn -O openvpn-install.sh && bash openvpn-install.sh

Convenient thanks

gitlab

Created two clients:

The first one is created when the script is run;

the second and then rolling the openvpn-install.sh script again.
Slightly change the openvpn server config

vi /etc/openvpn/server/server.conf 
закомментили все #push маршруты
Добавили свой 
push route "151.101.37.183 255.255.255.255"

We restarted the vpn service on the server.

systemctl restart openvpn-server@server.service

Next, we went to the jenkins agent (in my case). And they installed openvpn (server and client are in one bottle)

centos 
sudo yum install epel-release -y
sudo yum install openvpn -y
ubuntu 
sudo apt install openvpn 

Then we create a file in /etc/openvpn/openi.conf (It is very important that it ends with i.conf) and transfer our openvpn configs generated by the script into it.

Comment from myself:

Hidden text

I was stupid for a long time and could not see what the cant was until I looked at /usr/lib/systemd/system/openvpn@.service
And in it I saw:
ExecStart=/usr/sbin/openvpn –cd /etc/openvpn/ –config %i.conf
Really Carl? Why ??? /etc/openvpn/ when /etc/openvpn/client/ %i.conf has so many questions and few answers.


systemctl start openvpn@openi

systemctl enable openvpn@openi

As a result, the assembly returned to normal. Next, we think about how to cram everything into the Nexus at such a pace.
By the way, who has a problem with a large number of machines, you can put the client somewhere (at least on Mikrotik) and indicate on the gateway the route through it to the hashicorp (151.101.37.183).
Maybe tomorrow we will add a couple more routes there.
Who has any ideas for solving the problem with terraform?

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *