switch wait_for_cluster_cmd from curl to wget to allow use hashicorp/terraform docker image

[daroga0002]

I'm submitting a...

• bug report
• [x ] feature request
• support request - read the FAQ first!
• kudos, thank you, warm fuzzy

What is the current behavior?

Currently after creating eks cluster there is local-exec loop checking availability of API endpoint

terraform-aws-eks/variables.tf

Lines 201 to 205 in 10ca272

	variable "wait_for_cluster_cmd" {
	description = "Custom local-exec command to execute for determining if the eks cluster is healthy. Cluster endpoint will be available as an environment variable called ENDPOINT"
	type = string
	default = "until curl -k -s $ENDPOINT/healthz >/dev/null; do sleep 4; done"
	}

This behaviour is working totally fine, but it require installed curl, but if you are using some automation and using official Hashicorp docker images ( hashicorp/terraform ) curl is not installed there. Instead looks that there is wget:

$ docker run -ti --entrypoint='' hashicorp/terraform sh
/ # curl
sh: curl: not found
/ # wget
BusyBox v1.31.1 () multi-call binary.

Usage: wget [-c|--continue] [--spider] [-q|--quiet] [-O|--output-document FILE]
        [-o|--output-file FILE] [--header 'header: value'] [-Y|--proxy on/off]
        [-P DIR] [-S|--server-response] [-U|--user-agent AGENT] [-T SEC] URL...

Retrieve files via HTTP or FTP

        --spider        Only check URL existence: $? is 0 if exists
        -c              Continue retrieval of aborted transfer
        -q              Quiet
        -P DIR          Save to DIR (default .)
        -S              Show server response
        -T SEC          Network read timeout is SEC seconds
        -O FILE         Save to FILE ('-' for stdout)
        -o FILE         Log messages to FILE
        -U STR          Use STR for User-Agent header
        -Y on/off       Use proxy
/ # 

This can be workaround by using following input module variable:

wait_for_cluster_cmd = "until wget --no-check-certificate -O - -q $ENDPOINT/healthz >/dev/null; do sleep 4; done"

So instead using by default curl I am proposing to switch default to wget which will make module working by default using dockerized terraform

If this is a bug, how to reproduce? Please include a code sample if relevant.

This is not bug, it is rather enhancement to support official Hashicorp terraform docker image

What's the expected behavior?

It will be working in exactly same way as of now but will not require additional curl binary.

Are you able to fix this problem and submit a PR? Link here if you have already.

Yes I am able to create PR

Environment details

• Affected module version: v8.2.0
• OS: docker container, exactly hashicorp/terraform:0.12.18 but probably applicable to all hashicorp/terraform images
• Terraform version: 0.12.18

[max-rocket-internet]

Resolved in #750

[BalajiSivarajRajan]

I used the script to create EKS cluster but it failed with the same error (mentiioned below). I used the latest version of the script that is avaialble in the Github repo. Please let whether this is fixed.

Terraform v0.12.26

• provider.aws v2.70.0
• provider.kubernetes v1.12.0
• provider.local v1.4.0
• provider.null v2.1.2
• provider.random v2.3.0
• provider.template v2.1.2

Error: Error running command 'for i in seq 1 60; do wget --no-check-certificate -O - -q $ENDPOINT/healthz >/dev/null && exit 0 || true; sleep 5; done; echo TIMEOUT && exit 1': exec: "/bin/sh": file does not exist. Output:

[daroga0002]

@BalajiSivarajRajan in your case looks that this is caused because you missing /bin/sh shell which is used for local-exec here:

terraform-aws-eks/cluster.tf

Lines 62 to 77 in db9bb0b

	resource "null_resource" "wait_for_cluster" {
	count = var.create_eks && var.manage_aws_auth ? 1 : 0
	depends_on = [
	aws_eks_cluster.this[0],
	aws_security_group_rule.cluster_private_access,
	]
	provisioner "local-exec" {
	command = var.wait_for_cluster_cmd
	interpreter = var.wait_for_cluster_interpreter
	environment = {
	ENDPOINT = aws_eks_cluster.this[0].endpoint
	}
	}
	}

you can customize your interpreter via module variable:
wait_for_cluster_interpreter << choosing interpreter (default is /bin/sh)
wait_for_cluster_cmd. << command used to check API endpoint availability (default to wget)

as per docs:
https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/README.md

[jlpettersson]

On the other hand, on Mac OS X, curl is default and wget is not installed by default

module.eks-cluster.null_resource.wait_for_cluster[0]: Still creating... [3m30s elapsed]
module.eks-cluster.null_resource.wait_for_cluster[0] (local-exec): /bin/sh: wget: command not found
module.eks-cluster.null_resource.wait_for_cluster[0] (local-exec): /bin/sh: wget: command not found

I would prefer to add curl to the hashicorp image

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.