Question 288989 in Azure Question posted in
The official documentation to get you started can be found here.

error with azure terraform script to create vm

i have a terraform code in main.tf and outputs.tf and i have an error about key vault, this section is available on my azure dashboard :

module.virtual_machine.azurerm_key_vault_secret.client_credentials_login: Still creating... [6m20s elapsed]
module.virtual_machine.azurerm_key_vault_secret.client_credentials_password: Still creating... [6m20s elapsed]

│ Error: checking for presence of existing Secret "toto-login" (Key Vault "https://kvapplitest2sbx.vault.azure.net/"): autorest/Client#Do: Preparing request failed: StatusCode=0 -- Original Error: Get "https://kvapplitest2sbx.vault.azure.net/secrets/toto-login/?api-version=7.4": dial tcp: lookup kvapplitest2sbx.vault.azure.net: no such host
│
│   with module.virtual_machine.azurerm_key_vault_secret.client_credentials_login,
│   on ....modulesvirtual_machine14_keyvault.tf line 13, in resource "azurerm_key_vault_secret" "client_credentials_login":
│   13: resource "azurerm_key_vault_secret" "client_credentials_login" {
│

my file of terraform main.tf is :

terraform {
  required_version = ">= 1.0.0"
}

provider "azurerm" {
  skip_provider_registration = true
  features {}
}

provider "azurerm" {
  skip_provider_registration = true
  alias                      = "gallery"
  subscription_id            = sort(data.azurerm_subscriptions.osfactory.subscriptions.*.subscription_id)[0]
  features {}
}

data "azurerm_subscriptions" "osfactory" {
  display_name_prefix = "Suez IT OSFactory"
}

data "azurerm_resource_group" "cloud_bundle_rg" {
  name = "rg-applitest2-sbx" # To be updated
}

module "virtual_machine" {
  source = "../../modules/virtual_machine"
  providers = {
    azurerm.gallery = azurerm.gallery
  }
  cloudbundle_info = data.azurerm_resource_group.cloud_bundle_rg
  index            = 123
  size             = "Standard_D2s_v3"
  os_disk_type     = "Standard_LRS"
  role             = "example"
  ad_domain        = "green.local"
  os = {
    type    = "Windows"
    version = "2022"
  }
}

my file outputs.tf is :

output "virtual_machine_outputs" {
  value       = module.virtual_machine
  description = "Virtual machine outputs."
}

can you tell me why there are an error please,

Tags:

2

Answers


  1. 0

    The error message you’re encountering is related to the creation of a secret in Azure Key Vault using Terraform. It seems like Terraform is unable to find the specified Key Vault host, as indicated by the error: dial tcp: lookup kvapplitest2sbx.vault.azure.net: no such host.

    Here are some steps and considerations to troubleshoot this issue:

    1. Verify Key Vault DNS Name: Ensure that the DNS name kvapplitest2sbx.vault.azure.net is correct. It’s possible that there is a typo or misconfiguration in the name of the Key Vault.

    2. Check Key Vault Existence: Verify that the Key Vault kvapplitest2sbx exists in your Azure environment and that it is accessible. You can do this through the Azure Portal or Azure CLI.

    3. Network Issues: The error could be due to network-related issues preventing Terraform from accessing the Key Vault URL. Check if there are any network configurations or firewall settings that might be blocking the connection.

    4. Azure Provider Configuration: Your Terraform configuration shows two provider "azurerm" blocks with one using an alias gallery. Ensure that the Key Vault is accessible under the subscription and context these provider blocks are set to use.

    5. Permissions and Access Policies: Ensure that the Terraform service principal (or the account running Terraform) has the necessary permissions to access and manage secrets in the Key Vault. You need to set access policies in Key Vault to allow this.

    6. Terraform State Refresh: Sometimes, Terraform’s state can get out of sync. You can try refreshing the state using the command terraform refresh and see if it resolves the issue.

    7. Key Vault Secret Resource Configuration: Check the configuration in your 14_keyvault.tf file to ensure that the resource azurerm_key_vault_secret is correctly set up. The error is pointing to this configuration.

    8. Review the Terraform Version and Providers: You are using Terraform version >= 1.0.0 (Up today, the last version is 1.6.4). Ensure that this version is compatible with your AzureRM provider version and the resources you are using. Sometimes, updating to a newer version can resolve unforeseen issues.

    9. Azure Service Endpoints: If you are using Azure Service Endpoints or Private Endpoints for Key Vault, ensure they are configured correctly and that Terraform can access them.

    If after checking these aspects the issue persists, you might need to look into more detailed logs or consider reaching out to Azure support for more specific guidance, especially if it seems like a network or Azure service-related issue.

    Login or Signup to reply.
  2. 0

    I tried to provision your requirement by overcoming the error you mentioned I was able to provision your requirement successfully by configuring the resources as expected.

    The error you’re encountering in your Terraform configuration seems to be related to the Azure Key Vault which indicates a problem with resolving the DNS for the Key Vault service.

    The error message "no such host" typically means that the DNS name kvapplitest2sbx.vault.azure.net could not be resolved. This could be due to a typo in the Key Vault URL, a misconfiguration in DNS, or an issue with your network connection.

    My terraform configuration:

    main.tf:

    provider "azurerm" {
    features {}
}

data "azurerm_resource_group" "cloud_bundle_rg" {
  name = "sakavya"
}

module "virtual_machine" {
  source              = "./modules/virtual_machine"
  resource_group_name = data.azurerm_resource_group.cloud_bundle_rg.name
  key_vault_name      = "kvapplitest2sbxvk"
  vm_size             = "Standard_D2s_v3"
  admin_username      = "adminuser"
  admin_password      = "P@ssword1234!"  # Please use a secure method to handle passwords
}

    /modules/virtual_machine/main.tf:

    resource "azurerm_virtual_network" "vm_vnet" {
  name                = "vmvkVnet"
  address_space       = ["10.0.0.0/16"]
  location            = "East US"
  resource_group_name = var.resource_group_name
}

resource "azurerm_subnet" "vm_subnet" {
  name                 = "internal"
  resource_group_name  = var.resource_group_name
  virtual_network_name = azurerm_virtual_network.vm_vnet.name
  address_prefixes     = ["10.0.2.0/24"]
}

resource "azurerm_network_interface" "vm_nic" {
  name                = "vmvkNic"
  location            = "East US"
  resource_group_name = var.resource_group_name

  ip_configuration {
    name                          = "internal"
    subnet_id                     = azurerm_subnet.vm_subnet.id
    private_ip_address_allocation = "Dynamic"
  }
}

resource "azurerm_linux_virtual_machine" "vm" {
  name                = "vk-VM"
  location            = "East US"
  resource_group_name = var.resource_group_name
  network_interface_ids = [azurerm_network_interface.vm_nic.id]
  size                = "Standard_DS1_v2"

  os_disk {
    caching              = "ReadWrite"
    storage_account_type = "Standard_LRS"
  }

  source_image_reference {
    publisher = "Canonical"
    offer     = "UbuntuServer"
    sku       = "18.04-LTS"
    version   = "latest"
  }

  admin_username = "adminuser"
  admin_password = "Password1234!"
  disable_password_authentication = false
}

resource "azurerm_key_vault" "kv" {
  name                = var.key_vault_name
  location            = "East US"
  resource_group_name = var.resource_group_name
  tenant_id           = "Your Tenent ID"
  sku_name            = "standard"
}

resource "azurerm_key_vault_secret" "client_credentials_login" {
  name         = "totovk-login"
  value        = "Your strong password"
  key_vault_id = azurerm_key_vault.kv.id
}

    /modules/virtual_machine/variables.tf:

    variable "resource_group_name" {
  description = "The name of the resource group."
  type        = string
}

variable "key_vault_name" {
  description = "The name of the Azure Key Vault."
  type        = string
}

variable "vm_size" {
  description = "The size of the Azure VM."
  type        = string
}

variable "admin_username" {
  description = "The administrator username for the VM."
  type        = string
}

variable "admin_password" {
  description = "The administrator password for the VM."
  type        = string
}

    Output:

    enter image description here

    enter image description here

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search