Error when running terraform init

This is basically the same issue as reported here and here

When I run terraform init I get the following error:

$ terraform init monitoring/S3Bucket/

Initializing the backend...

Initializing provider plugins...
- Checking for available provider plugins...

Registry service unreachable.

This may indicate a network issue, or an issue with the requested Terraform Registry.


Error: registry service is unreachable, check https://status.hashicorp.com/ for status updates

If I run it with trace enabled:

$ TF_LOG=TRACE terraform init monitoring/S3Bucket/
2019/10/02 14:28:12 [INFO] Terraform version: 0.12.9  
2019/10/02 14:28:12 [INFO] Go runtime version: go1.12.9
2019/10/02 14:28:12 [INFO] CLI args: []string{"/usr/local/bin/terraform", "init", "monitoring/S3Bucket/"}
2019/10/02 14:28:12 [DEBUG] Attempting to open CLI config file: /Users/andym/.terraformrc
2019/10/02 14:28:12 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2019/10/02 14:28:12 [INFO] CLI command args: []string{"init", "monitoring/S3Bucket/"}

2019/10/02 14:28:12 [TRACE] Meta.Backend: no config given or present on disk, so returning nil config
2019/10/02 14:28:12 [TRACE] Meta.Backend: backend has not previously been initialized in this working directory
2019/10/02 14:28:12 [DEBUG] New state was assigned lineage "ac49b1a2-143d-d1ee-1b18-348454e54c50"
2019/10/02 14:28:12 [TRACE] Meta.Backend: using default local state only (no backend configuration, and no existing initialized backend)
2019/10/02 14:28:12 [TRACE] Meta.Backend: instantiated backend of type <nil>
Initializing the backend...
2019/10/02 14:28:12 [DEBUG] checking for provider in "."
2019/10/02 14:28:12 [DEBUG] checking for provider in "/usr/local/bin"
2019/10/02 14:28:12 [DEBUG] checking for provisioner in "."
2019/10/02 14:28:12 [DEBUG] checking for provisioner in "/usr/local/bin"
2019/10/02 14:28:12 [INFO] Failed to read plugin lock file .terraform/plugins/darwin_amd64/lock.json: open .terraform/plugins/darwin_amd64/lock.json: no such file or directory
2019/10/02 14:28:12 [TRACE] Meta.Backend: backend <nil> does not support operations, so wrapping it in a local backend
2019/10/02 14:28:12 [TRACE] backend/local: state manager for workspace "default" will:
 - read initial snapshot from terraform.tfstate
 - write new snapshots to terraform.tfstate
 - create any backup at terraform.tfstate.backup
2019/10/02 14:28:12 [TRACE] statemgr.Filesystem: reading initial snapshot from terraform.tfstate
2019/10/02 14:28:12 [TRACE] statemgr.Filesystem: snapshot file has nil snapshot, but that's okay
2019/10/02 14:28:12 [TRACE] statemgr.Filesystem: read nil snapshot
2019/10/02 14:28:12 [DEBUG] checking for provider in "."
2019/10/02 14:28:12 [DEBUG] checking for provider in "/usr/local/bin"
2019/10/02 14:28:12 [DEBUG] plugin requirements: "aws"=""

2019/10/02 14:28:12 [DEBUG] Service discovery for registry.terraform.io at https://registry.terraform.io/.well-known/terraform.json
2019/10/02 14:28:12 [TRACE] HTTP client GET request to https://registry.terraform.io/.well-known/terraform.json
Initializing provider plugins...
- Checking for available provider plugins...
2019/10/02 14:28:15 [ERR] Checkpoint error: Get https://checkpoint-api.hashicorp.com/v1/check/terraform?arch=amd64&os=darwin&signature=3d2e66fa-caab-ff79-5e60-58161f6af1c8&version=0.12.9: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

2019/10/02 14:28:22 [DEBUG] Failed to request discovery document: Get https://registry.terraform.io/.well-known/terraform.json: net/http: TLS handshake timeout
Registry service unreachable.

This may indicate a network issue, or an issue with the requested Terraform Registry.


Error: registry service is unreachable, check https://status.hashicorp.com/ for status updates

If I try to get the URLs with curl they work:

$ curl "https://registry.terraform.io/.well-known/terraform.json"
{"modules.v1":"/v1/modules/","providers.v1":"/v1/providers/"}
$ curl "https://checkpoint-api.hashicorp.com/v1/check/terraform?arch=amd64&os=darwin&signature=3d2e66fa-caab-ff79-5e60-58161f6af1c8&version=0.12.9"
{"product":"terraform","current_version":"0.12.9","current_release":1568749926,"current_download_url":"https://releases.hashicorp.com/terraform/0.12.9/","current_changelog_url":"https://github.com/hashicorp/terraform/blob/v0.12.9/CHANGELOG.md","project_website":"https://www.terraform.io","alerts":[]}

If I run the init with sudo it works, but surely that’s not the real solution? The environment vars are different under sudo so that’s likely to cause complications.

I’ve tried deleting any .terraform folders in the project and in my home directory, so they should get recreated with the correct permissions shouldn’t they?

Hi @andymadge!

The fact that sudo makes this behave differently suggests an unusual configuration on your system.

It looks like you’re running Terraform on MacOS. Do you have any special user-specific network configuration on your system, such as different nameservers configured for your personal user account, or possibly a VPN connection that is only accessible to your user account and not to root?

No I haven’t got anything like that. It’s pretty much standard. No VPN in use.

If I do nslookup registry.terraform.io and sudo nslookup registry.terraform.io I get identical responses including the DNS server IP.

Yesterday I was testing from my office and today I’m working from home, but there is no change in the behaviour.

There are people on the issue having the same problem and sudo works for them so I’m certainly not alone.