HashiCorp Discuss

Kubernetes Backend : Cannot reuse after restoring the k8s cluster

jympetalmd July 4, 2022, 3:09pm 1

Can’t seam to reuse the k8s backend after restoring from a backup the k8s cluster (Rancher here)… I think the certificate might have changed but is still valid (ACME), but can’t seam to make it work.

My config:

terraform {
  backend "kubernetes" {
    namespace     = "tfstate-crke"
    secret_suffix = "crke"
    host          = "https://XXXXXXXX/k8s/clusters/local"
    token         = "XXXXXXX"
  }
}

Tried with different versions:

1.0.11: Error: Failed to get existing workspaces: Get "https://XXXXXXXXX/k8s/clusters/local/api/v1/namespaces/tfstate-crke/secrets?labelSelector=tfstate%3Dtrue": x509: certificate signed by unknown authority

The certificate is valid, a curl on that URL doesn’t give me a TLS error!

1.1.8 and +: Error: Failed to initialize kubernetes configuration: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable

KUBERNETES_MASTER isn’t documented anywhere here: Backend Type: Kubernetes | Terraform by HashiCorp

Topic		Replies	Views	Activity
Error: Get "http://localhost/api/v1/namespaces/*": dial tcp 127.0.0.1:80: connect: connection refused during eks cluster upgrade Terraform	0	1054	December 11, 2023
Re-use manually created aks boostrapping resource group for k8s service? Terraform k8s , azure	0	342	June 8, 2021
Unable to import GKE BackendConfig resource Terraform k8s , hcp-terraform	0	725	January 20, 2022
Terraform Errors and How to Debug Them Kubernetes helm	3	1723	September 8, 2023
Terraform tfstate in kubernetes secret Terraform	0	929	October 12, 2020