OCI Government Regions

twmcelroy · March 4, 2020, 10:35pm

I am working with packer in OCI government regions (us-luke-1 and us-langley-1). However even if my CLI profile is set to a government region, packer calls the commercial endpoints.

2020/03/04 14:48:07 ui error: ==> oracle-oci: Problem creating instance: Post https://iaas.us-langley-1.oraclecloud.com/20160918/instances: dial tcp: lookup iaas.us-langley-1.oraclecloud.com: getaddrinfow: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server.
2020/03/04 14:48:07 [INFO] (telemetry) ending oracle-oci
2020/03/04 14:48:07 ui error: Build ‘oracle-oci’ errored: Problem creating instance: Post https://iaas.us-langley-1.oraclecloud.com/20160918/instances: dial tcp: lookup iaas.us-langley-1.oraclecloud.com: getaddrinfow: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server.
2020/03/04 14:48:07 machine readable: error-count string{“1”}
2020/03/04 14:48:07 ui error:
==> Some builds didn’t complete successfully and had errors:
2020/03/04 14:48:07 machine readable: oracle-oci,error string{“Problem creating instance: Post https://iaas.us-langley-1.oraclecloud.com/20160918/instances: dial tcp: lookup iaas.us-langley-1.oraclecloud.com: getaddrinfow: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server.”}
2020/03/04 14:48:07 ui error: --> oracle-oci: Problem creating instance: Post https://iaas.us-langley-1.oraclecloud.com/20160918/instances: dial tcp: lookup iaas.us-langley-1.oraclecloud.com: getaddrinfow: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server.

It needs to point to https://iaas.us-langley-1.oraclegovcloud.com instead. Has anyone else found a way to override this or does it just need to be a new release of the OCI packer builder? Btw this is filed under hashicorp/packer #8842

rramge · April 10, 2020, 9:43am

Hi,

sorry for the late reply, I just joined the forums here… is this topic still relevant to you, or did you find a solution in the meantime? If you still struggle, let me know and I will look into your problem.

Cheers,

Ralf

twmcelroy · April 10, 2020, 2:29pm

I am still interested. I am building them in commercial and moving then exporting into government regions. However, I think this could be easily expanded into oracle’s other regions like government (and DoD). I think it is just a fix for the endpoint that if the region is one of the government regions (Luke and Langley) it goes to oraclegovcloud.com instead of oraclecloud.com. I can lend my knowledge of OCI, I just don’t know how packer is build

rramge · April 11, 2020, 1:34am

Hi,

I just delved into the source code and had a look.

Assuming your builder configuration in the JSON template is correct, I agree it has to be an issue regarding the endpoint. As you might have noticed, the endpoints are not a configuration parameter (you only specify the region). The endpoints are not a part of Packer… they are constructed in the OCI go SDK which is, like the oci-builder itself, written by Oracle.

The relevant code can be found in the SDK (https://github.com/oracle/oci-go-sdk) in common/common.go. The langley and luke regions get mapped to oraclegovcloud.com in there and it’s pretty obvious:

— 8< —
[…]
//RegionUSLangley1 region for langley
RegionUSLangley1 Region = “us-langley-1”
//RegionUSLuke1 region for luke
RegionUSLuke1 Region = “us-luke-1”
[…]
var realm = map[string]string{
“oc1”: “oraclecloud.com”,
“oc2”: “oraclegovcloud.com”,
“oc3”: “oraclegovcloud.com”,
“oc4”: “oraclegovcloud.uk”,
}
[…]

    RegionUSLangley1:    "oc2",
    RegionUSLuke1:       "oc2",
    RegionUSGovAshburn1: "oc3",
    RegionUSGovChicago1: "oc3",
    RegionUSGovPhoenix1: "oc3",
    RegionUKGovLondon1:  "oc4",

— 8< —

So my best guess at the moment is that you might use a deprecated version of the oci builder because the current version of the SDK should cover this and construct the endpoint URLs correctly.

Can you give it a try? If it doesn’t work, we should ask Oracle.

Cheers,

Ralf

twmcelroy · April 13, 2020, 10:27pm

Thank you for digging in. I’ll give this a try tonight or tomorrow. Thanks for digging through all the code!

twmcelroy · April 14, 2020, 6:29pm

Same error. Now may I didn’t upgrade the builder except I don’t know how. I did make sure i was on the latest version of packer v1.5.5.
How do I check the version of the OCI builder?

Error: Build ‘oracle-oci’ errored: Problem creating instance: Post https://iaas.us-luke-1.oraclecloud.com/20160918/instances: dial tcp: lookup iaas.us-luke-1.oraclecloud.com: no such host

==> Some builds didn’t complete successfully and had errors:
–> oracle-oci: Problem creating instance: Post https://iaas.us-luke-1.oraclecloud.com/20160918/instances: dial tcp: lookup iaas.us-luke-1.oraclecloud.com: no such host

Thanks,
Travis

rramge · April 17, 2020, 10:32am

wrong domain. Try oraclegovcloud.com, not oraclecloud.com.

Hope that helps,

Ralf

twmcelroy · April 17, 2020, 2:12pm

Right that has always been the problem. But I dont know how to “upgrade” the builder to force it to reach out to there. You found in the code where it should pick up the region of Luke or Langley and point to oraclegovcloud.com, but I it’s not going there when I run packer build.

rramge · April 18, 2020, 9:25am

Hi,

yes, I could reproduce this behaviour now and I had a look into the source code again.

Packer 1.5.5 (and most likely all previous versions as well) was build against the very first version of the OCI Go SDK back in 2018, when only the initial four OCI regions existed after OCI got launched in November 2017. And back then, only “oraclecloud.com” existed.

Sadly, the OCI Go SDK is not pulled in freshly from Github when compiling Packer, but statically included as part of the packer source tree (subdirectory vendor/github.com/oracle(oci-go-sdk).

Since I am not a programmer, I didn’t fix it (I can’t even manage to build packer using the official documentation). Instead, I opened a bug ticket and I really hope someone takes care of it.

Ticket: https://github.com/hashicorp/packer/issues/9085

Until then, I am afraid you need to build your images in the original us-ashburn-1 region, export them to Object Storage and then import them in the Langley and Luke regions. This can be done manually using the web console or oci-cli, let me know if you need assistance here.

Cheers,

Ralf

twmcelroy · April 18, 2020, 8:38pm

Thank you for opening the bug. Crazy that it wouldn’t work on any of the new regions either. I hadn’t tested those (since I’m in the US).

rramge · April 19, 2020, 7:04am

It works on most new commercial regions, because they are deployed within the oraclecloud.com TLD. But that’s plain luck. Government clouds don’t work.

Okay, let’s cross fingers and see what happens.

azr · April 22, 2020, 1:44pm

Hello there, I opened #9104 to update the sdk, I don’t have an OCI access here, can you please tell me if that makes it better for you ? Binaries can be found here: artifacts. Thanks !

Topic		Replies	Views
Baking an image in Oracle OCI Packer	1	668	June 18, 2020
OCI instance with reserved IP- Possible? Packer	1	133	January 26, 2024
Getting this Packer Errors when assigning variable values in source block Packer	3	6974	September 24, 2021
Openstack availability zone binding Packer	2	709	November 24, 2019
ENV:PACKER_HTTP_ADDR not being set correctly Packer	6	3837	April 10, 2021

OCI Government Regions

Related topics