[Terraform] Error: error reading Instance Launch Template

문제 상황

terraform plan, terraform apply 명령 시 "Error: error reading Instance Launch Template"의 에러가 발생했다.

$ terraform plan
...
╷
│ Error: error reading Instance (i-0ec96eecd46716880) Launch Template: error reading Instance Launch Template Id Tag: RequestError: send request failed
│ caused by: Post "https://ec2.ap-northeast-2.amazonaws.com/": read tcp 10.205.102.148:51769->10.192.1.168:443: read: connection reset by peer
│ 
│   with aws_instance.bastion,
│   on main.tf line 15, in resource "aws_instance" "bastion":
│   15: resource "aws_instance" "bastion" {
│ 
╵
╷
│ Error: error reading Instance (i-0baccfde1f1fdab8f) Launch Template: error reading Instance Launch Template Id Tag: RequestError: send request failed
│ caused by: Post "https://ec2.ap-northeast-2.amazonaws.com/": read tcp 10.205.102.148:51771->10.192.1.168:443: read: connection reset by peer
│ 
│   with aws_instance.kafka[2],
│   on main.tf line 71, in resource "aws_instance" "kafka":
│   71: resource "aws_instance" "kafka" {
│ 
╵
╷
│ Error: error reading Instance (i-02252c1db6a4f986b) Launch Template: error reading Instance Launch Template Id Tag: RequestError: send request failed
│ caused by: Post "https://ec2.ap-northeast-2.amazonaws.com/": read tcp 10.205.102.148:51770->10.192.1.168:443: read: connection reset by peer
│ 
│   with aws_instance.kafka[1],
│   on main.tf line 71, in resource "aws_instance" "kafka":
│   71: resource "aws_instance" "kafka" {
│ 

 

현재 구성된 환경은 다음과 같다.

• macos Bigsur v11.0.1
• terraform v1.0.7
• aws-cli v2.1.27 -> v2.2.42 (재설치 해주었음.)
• golang v1.14.2

문제 해결을 위한 과정

먼저 현재 로그로 확인되는 정보가 부족하기 때문에, 로그 출력 레벨을 INFO -> DEBUG로 변경하였다.

$ export TF_LOG=DEBUG

 

그 후 다시 terraform plan 명령어 입력하니 다음 에러를 발견할 수 있었음.

$ terraform plan
...
2021-09-29T11:36:05.387+0900 [WARN]  Provider "registry.terraform.io/hashicorp/aws" produced an invalid plan for aws_eip.kibana, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .tags: planned value cty.MapValEmpty(cty.String) for a non-computed attribute
      - .customer_owned_ipv4_pool: planned value cty.StringVal("") for a non-computed attribute
      - .timeouts: planned for existence but config wants absence

...

 

"Provider "registry.terraform.io/hashicorp/aws" produced an invalid plan for aws_eip.kibana, but we are tolerating it because it is using the legacy plugin SDK."라는 문구로 보아 기존의 aws SDK 버전이 낮아서 생기는 문제 같았다.

 

따라서 aws terraform provider 버전을 최신 버전(3.6.0)으로 높여보았다. main.tf에 다음을 추가하면 된다.

terraform {  
  required_version = "1.0.7"  

  required_providers {  
    aws = {  
      source = "hashicorp/aws"  
      version = ">= 3.6.0"  
    }  
  }
}

// ...

 

그 후 위 코드를 반영하기 위해서 터미널에 terraform init을 입력한다.

$ terraform init

 

그 다음 terraform plan을 입력한다. 그러면 에러 문구가 다음과 같이 변경된다. (문구가 변경되지 않는다면, aws cli 버전을 업데이트하라.)

$ terraform plan

...

\-----------------------------------------------------: timestamp\=2021-09-29T12:05:22.593+0900  
2021-09-29T12:05:22.593+0900 \[INFO\] provider.terraform-provider-aws\_v3.60.0\_x5: 2021/09/29 12:05:22 \[DEBUG\] \[aws-sdk-go\] DEBUG: Request ec2/DescribeInstances Details:  
\---\[ REQUEST POST-SIGN \]\-----------------------------  
POST / HTTP/1.1  
Host: ec2.ap-northeast-2.amazonaws.com  
User-Agent: APN/1.0 HashiCorp/1.0 Terraform/1.0.7 (+https://www.terraform.io) terraform-provider-aws/3.60.0 (+[https://registry.terraform.io/providers/hashicorp/aws](https://registry.terraform.io/providers/hashicorp/aws)) aws-sdk-go/1.40.46 (go1.16; darwin; amd64)  
Content-Length: 76  
Authorization: AWS4-HMAC-SHA256 Credential\=AKIAQ3D4LJSZPLGCKAOE/20210929/ap-northeast-2/ec2/aws4\_request, SignedHeaders\=content-length;content-type;host;x-amz-date, Signature\=08114db36c1b223395a601ab7f28e6a783defef9a2f96842c523fcbabaf488e9  
Content-Type: application/x-www-form-urlencoded; charset\=utf-8  
X-Amz-Date: 20210929T030522Z  
Accept-Encoding: gzip  

Action\=DescribeInstances&InstanceId.1\=i-0baccfde1f1fdab8f&Version\=2016-11-15  

...

 

"aws-sdk-go/1.40.46 (go1.16; darwin; amd64)" 문구로 보아 현재 설치된 golang 버전(1.14)보다 SDK에서 요구하는 버전(1.16)이 더 높아서 이런 오류가 생긴 것으로 보인다. 따라서 golang 버전을 업데이트 해준다. 나는 1.16.8 버전을 재설치해 주었다.

$ go version
go version go1.16.8 darwin/amd64

 

이제 다시 terraform plan을 입력해보자.

$ terraform plan
aws_instance.agent[2]: Refreshing state... [id=i-0658836b89daee9a5]
....
....

Plan: 2 to add, 0 to change, 2 to destroy.

────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.

 

다시 정상적으로 명령어가 실행되었다. 결국 테라폼이 의존하고 있는 aws terraform provider가 요구하는 golang 버전이 높아지면서 생긴 이슈였다. 버전 업데이트를 하면 해결할 수 있다.

참고

• discuss hashicorp - "Context around the log entry “…tolerating it because it is using the legacy plugin SDK.”"
• terraform official docs - "Debugging Terraform"
• terraform docs > learn - "Lock and Upgrade Provider Versions"