Skip to content
    • Welcome to the Linux Foundation Forum!

    Lab 4.1 - terraform apply fails without exception

    Posts: 24
    in LFS268 Class Forum

    Been trying to get through this lab for a couple of days now, following the steps to the letter. It might be me or it might just be poorly written. Did anyone else have the same experience with this?

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Comments

    • Posts: 22
      edited January 2024

      I have the same issues and no clue how to fix it... yet

    • Posts: 22

      Anyone?
      If LF368 is blocked at the beginning while creating the setup it is useless.

    • Posts: 22

      I can't continue....help

      1.  Error: Error creating service account: googleapi: Error 403: Request had insufficient authentication scopes.
      2.  Details:
      3.  [
      4.    {
      5.      "@type": "type.googleapis.com/google.rpc.ErrorInfo",
      6.      "domain": "googleapis.com",
      7.      "metadata": {
      8.        "method": "google.iam.admin.v1.IAM.CreateServiceAccount",
      9.        "service": "iam.googleapis.com"
      10.      },
      11.      "reason": "ACCESS_TOKEN_SCOPE_INSUFFICIENT"
      12.    }
      13.  ]
      14.  
      15.  More details:
      16.  Reason: insufficientPermissions, Message: Insufficient Permission
      17.  
      18.  
      19.    with module.jx.module.gsm[0].google_service_account.gsm_sa,
      20.    on .terraform/modules/jx/modules/gsm/main.tf line 25, in resource "google_service_account" "gsm_sa":
      21.    25: resource "google_service_account" "gsm_sa" {
    • Posts: 42

      I am experiencing the same Error with the IAM policy.

    • Posts: 42

      I'm also looking at the following guides from the official Jenkins-X doc for ideas: https://jenkins-x.io/v3/admin/platforms/google/ and https://jenkins-x.io/v3/admin/platforms/minikube/.

    • Posts: 42

      I also see the Enable Registry API section in the lab 4.1 PDF which mentions IAM roles.

    • Posts: 42
      edited December 2024

      I just got this step of the lab to work for me. I'm running Debian 12 on my laptop. I originally installed the gcloud command line tool via the google-cloud-sdk snap package. I researched it a bit, and the google-cloud-cli snap package is actually more up to date than the google-cloud-sdk package. I eventually ended up installing the gcloud cli tool via the official Google tar package for it. Everything at this step worked fine after that for me. The google-cloud-cli snap package might still work but I couldn't use gcloud components install gke-gcloud-auth-plugin to install the gke auth plugin. There's probably a way to still do that with snap I don't know.

    • Posts: 42

      I think also the Enable Registry API section helps too with the IAM role messages. I restarted the lab from scratch, and got the same IAM error warnings. Everything seems to work fine for this lab for me after I have gcloud setup and the Enable Registry API.

    • Posts: 4

      I'm officially stuck at page 10 of lab 4.1. After running Terraform apply I always get the following error message:

      │ Error: googleapi: Error 403: Insufficient regional quota to satisfy request: resource "SSD_TOTAL_GB": request requires '300.0' and is short '50.0'. project
      has a quota of '250.0' with '250.0' available. View and manage quotas at https://console.cloud.google.com/iam-admin/quotas?usage=USED&project=lab-jenkinsx.
      │ Details:
      │ [
      │ {
      │ "@type": "type.googleapis.com/google.rpc.RequestInfo",
      │ "requestId": "0xd67ee50a9f1aee93"
      │ },
      │ {
      │ "@type": "type.googleapis.com/google.rpc.ErrorInfo",
      │ "domain": "container.googleapis.com",
      │ "reason": "INSUFFICIENT_QUOTA_REGIONAL"
      │ }
      │ ]
      │ , forbidden

      │ with module.jx.module.cluster.google_container_cluster.jx_cluster,
      │ on .terraform/modules/jx/modules/cluster/main.tf line 24, in resource "google_container_cluster" "jx_cluster":
      │ 24: resource "google_container_cluster" "jx_cluster" {

      I have checked all the terraform configuration files to make sure there are is no SSD storage declared. I am not able to request more SSD storage. Any help with this issue will be greatly appreciated.

    • Posts: 4

      I was finally able to finish this lab without errors by doing the following:

      1. Reducing to 2 the number of cluster nodes in the variables.tf file:

        variable "initial_cluster_node_count" {
        description = "initial number of cluster nodes"
        type = number
        default = 2
        }

        variable "initial_primary_node_pool_node_count" {
        description = "initial number of pool nodes"
        type = number
        default = 1
        }

        variable "autoscaler_min_node_count" {
        description = "Minimum number of cluster nodes"
        type = number
        default = 2
        }

        variable "autoscaler_max_node_count" {
        description = "Maximum number of cluster nodes"
        type = number
        default = 4

      2. Running the following additional commands on the gcloud CLI, before running "terraform init":

        gcloud services enable iam.googleapis.com \
        iamcredentials.googleapis.com \
        cloudresourcemanager.googleapis.com \
        --project=lab-jenkinsx

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Quick Links

    Categories

    Upcoming Training