Failed to install Aviatrix Cloud Controller at AWS using Sandbox Starter Tool
I was trying to spin up an Aviatrix Cloud Controller at AWS using Sandbox Starter Tool, but keep getting these errors:
> The controller will be launched in us-east-1. Initializing modules... Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... --> Controller launch failed, aborting.
Registry service unreachable. This may indicate a network issue, or an issue with the requested Terraform Registry. Registry service unreachable. This may indicate a network issue, or an issue with the requested Terraform Registry.
registry service is unreachable >
If anyone has faced the same issue before, kindly help me to find a solution. I ran starter Tool as docker container in my laptop and accessing to Hashicorp registry is fine from my laptop, not sure why it complains Terraform registry service is unreachable.
===Debug Message==
--> Controller SSH key already exists, skipping. --> OK. --> Now going to launch the controller. The public IP of the controller will be shared with Aviatrix for tracking purposes. --> The controller will be launched in us-east-1. Initializing modules... Initializing the backend... Initializing provider plugins... - Checking for available provider plugins... --> Controller launch failed, aborting.
Registry service unreachable. This may indicate a network issue, or an issue with the requested Terraform Registry. Registry service unreachable. This may indicate a network issue, or an issue with the requested Terraform Registry.
registry service is unreachable, check https://status.hashicorp.com/ for status updates
registry service is unreachable, check https://status.hashicorp.com/ for status updates
Could not satisfy plugin requirements Plugin reinitialization required. Please run "terraform init". Plugins are external binaries that Terraform uses to access and manipulate resources. The configuration provided requires plugins which can't be located, don't satisfy the version constraints, or are otherwise incompatible. Terraform automatically discovers provider requirements from your configuration, including providers used in child modules. To see the requirements and constraints from each module, run "terraform providers".
provider.aws: no suitable version installed version requirements: "(any version)" versions installed: none
provider.http: no suitable version installed version requirements: "(any version)" versions installed: none --> Controller launch failed, aborting.
-
I've been able to recreate your issue by denying access to the Internet from the container. Since you mention that you're able to access from the host machine. I'm wondering if there's something else involved - custom docker networking or a corporate network that detects and blocks traffic from workstation-hosted VMs or containers. I'd be interested what the response is if you 'docker exec' into the container and run curl to the terraform registry:
docker exec -it <container_id> /bin/sh
curl https://registry.terraform.io -
John Smoker Hi John, here is the exec result ..
C:\Users\zhengquann>docker exec -it c11303be7494 /bin/bash
bash-5.0# curl https://registry.terraform.io
curl: (60) SSL certificate problem: certificate is not yet valid
More details here: https://curl.haxx.se/docs/sslcerts.htmlcurl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
bash-5.0#What do you suggest to check further?
-
Hi, I have a similar but not exact issue...
Been trying for hours to get the sandbox environment going... I've followed all the prerequisites and changed my AWS keys multiple times but no luck...
This is the error from the debug window.
Initializing modules... Initializing the backend... Initializing provider plugins... The following providers do not have any version constraints in configuration, so the latest version was installed. To prevent automatic upgrades to new major versions that may contain breaking changes, it is recommended to add version = "..." constraints to the corresponding provider blocks in configuration, with the constraint strings suggested below. * provider.aws: version = "~> 3.36" * provider.http: version = "~> 2.1" Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. module.avtx_iam_role.data.http.iam_policy_ec2_role: Refreshing state... module.avtx_iam_role.data.http.iam_policy_assume_role: Refreshing state... module.avtx_controller_instance.data.http.avx_iam_id: Refreshing state... --> Controller launch failed, aborting.
error configuring Terraform AWS Provider: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid. status code: 403, request id: 18790cfb-1632-45a7-8533-dae3508fe40d on main.tf line 3, in provider "aws": 3: provider "aws" { --> Controller launch failed, aborting.Please help!
-
Facing the failure again. this time is "failed to create a new Aviatrix Transit VPC", The maximum number of VPCs has been reached.
aviatrix_vpc.aws_transit_vpcs["aws_transit_vpc"]: Still creating... [30s elapsed] aviatrix_vpc.aws_spoke_vpcs["aws_spoke2_vpc"]: Still creating... [40s elapsed] aviatrix_vpc.aws_transit_vpcs["aws_transit_vpc"]: Still creating... [40s elapsed] aviatrix_vpc.aws_transit_vpcs["aws_transit_vpc"]: Still creating... [50s elapsed] aviatrix_vpc.aws_transit_vpcs["aws_transit_vpc"]: Still creating... [1m0s elapsed] aviatrix_vpc.aws_transit_vpcs["aws_transit_vpc"]: Still creating... [1m10s elapsed] Warning: Resource targeting is in effect You are creating a plan with the -target option, which means that the result of this plan may not represent all of the changes requested by the current configuration. The -target option is not for routine use, and is provided only for exceptional situations such as recovering from errors or mistakes, or when Terraform specifically suggests to use it as part of an error message. Warning: Applied changes may be incomplete The plan was created with the -target option in effect, so some changes requested in the configuration may have been ignored and the output values may not be fully updated. Run the following command to verify that no other changes are pending: terraform plan Note that the -target option is not suitable for routine use, and is provided only for exceptional situations such as recovering from errors or mistakes, or when Terraform specifically suggests to use it as part of an error message.
failed to create a new Aviatrix Transit VPC: Rest API create_custom_vpc Get failed: failed to create vpc 10.60.0.0/16, An error occurred (VpcLimitExceeded) when calling the CreateVpc operation: The maximum number of VPCs has been reached. on aviatrix_aws.tf line 7, in resource "aviatrix_vpc" "aws_transit_vpcs": 7: resource "aviatrix_vpc" "aws_transit_vpcs" {
failed to create a new VPC: Rest API create_custom_vpc Get failed: failed to create vpc 10.62.0.0/16, An error occurred (VpcLimitExceeded) when calling the CreateVpc operation: The maximum number of VPCs has been reached. on aviatrix_aws.tf line 19, in resource "aviatrix_vpc" "aws_spoke_vpcs": 19: resource "aviatrix_vpc" "aws_spoke_vpcs" { --> Failed to launch AWS transit, aborting. -
John Smoker
I get this error while trying to spin up Aviatrix Sandbox Starter and really appreciate if you can help me. Thank you
error configuring Terraform AWS Provider: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid. status code: 403, request id: e3395de1-c2b3-43f0-90fb-564ffc39fd78 on main.tf line 3, in provider "aws": 3: provider "aws" { --> Controller launch failed, aborting
-
Hi all,
I kept getting this error below. I have remove the docker entirely and create again but to no avail.
From the docker container, I was able to perform curl on https://terraform.io too. Any suggestions?
--> The controller will be launched in us-east-1. Initializing modules... - avtx_controller_instance in aviatrix-controller-build - avtx_iam_role in aviatrix-controller-iam-roles Initializing the backend... Initializing provider plugins... - Finding hashicorp/aws versions matching "~> 3.42.0"... - Finding latest version of hashicorp/http... - Installing hashicorp/http v2.1.0... - Installed hashicorp/http v2.1.0 (signed by HashiCorp) - Installing hashicorp/aws v3.42.0... - Installed hashicorp/aws v3.42.0 (signed by HashiCorp) Terraform has created a lock file .terraform.lock.hcl to record the provider selections it made above. Include this file in your version control repository so that Terraform can guarantee to make the same selections by default when you run "terraform init" in the future. Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure. All Terraform commands should now work. If you ever set or change modules or backend configuration for Terraform, rerun this command to reinitialize your working directory. If you forget, other commands will detect it and remind you to do so if necessary. --> Controller launch failed, aborting.
Could not load plugin │ │ │ Plugin reinitialization required. Please run "terraform init". │ │ Plugins are external binaries that Terraform uses to access and manipulate │ resources. The configuration provided requires plugins which can't be │ located, │ don't satisfy the version constraints, or are otherwise incompatible. │ │ Terraform automatically discovers provider requirements from your │ configuration, including providers used in child modules. To see the │ requirements and constraints, run "terraform providers". │ │ failed to instantiate provider "registry.terraform.io/hashicorp/aws" to │ obtain schema: Unrecognized remote plugin