Please take a moment to review the following information. Engaging with HashiCorp Support as described here will help us to properly handle your support requests.
Points of Engagement
Customers are encouraged to use the following points of engagement with HashiCorp Support:
- Log into the support portal and open a new ticket
- Email support@hashicorp.com — please send emails from an organizational email address whenever possible as Gmail or other public email addresses will not be properly associated with your organization's support plan
You can track your existing requests and the requests of others within your organization in the support portal. It is the preferred point of engagement for all customer support requests, but email can always be used if this works better for your team.
Please use an email address associated with your organization when signing up for a support portal account so that emailed support requests are responded to based on your organization's support plan.
Submitting Requests
Please try to provide the following minimum details whenever you submit a ticket:
- Product version
- Platform (including cloud provider and operating system)
- A detailed description of the issue (with steps to reproduce if appropriate)
- Relevant configuration (be sure to redact any sensitive information)
- Relevant logs, output, or URLs
Product Versions
Local Version
You can retrieve any HashiCorp tool version by passing the --version flag. For example, if you would like to retrieve your local version of Terraform:
terraform --version
Remote Version
If you are using one of our hosted products please be sure to include your remote version as well. This can be found in the Settings view for a given environment or build.
Configuration
Effectively troubleshooting an issue can require information about your specific product configuration. The following are examples of the relevant configuration details which you can share when it will help us to better resolve your issue.
The same configuration details which apply to the OSS tools will typically also apply to enterprise tools.
Consul
Configuration details relevant to the issue for Consul and Consul Enterprise include:
- Version from consul version
- Number of Consul servers and client agents
- Relevant platform (physical/virtual), cloud provider(s), along with operating systems and versions
- Agent configuration
- Service definitions
- Health check definitions
- Relevant local environment variables
- A general idea of your Consul usage patterns and workload is often helpful; this includes factors such as:
- Key/Value store usage
- Read or write-heavy workload?
- Using Consul Template?
- Relevant prepared queries
Nomad
Configuration details relevant to the issue for Nomad and Nomad Enterprise include:
- Version from nomad version
- Relevant operating system and version
- Job files or snippets from job files
- Relevant Nomad agent configuration
- Relevant local environment variables
Packer
Configuration details relevant to Packer and Packer Enterprise issues include:
- Version from packer version
- Relevant operating system and version
- The actual Packer template or the simplest example template and scripts needed to reproduce the issue
- Relevant local environment variables
- Remote environment variables
Terraform
Configuration details relevant to Terraform and Terraform Enterprise issues include:
- Version from terraform version
- Relevant operating system and version
- Terraform configuration (.tf) files
- Relevant local environment variables
Vagrant
Configuration details for Vagrant issues include:
- Version from vagrant version
- Relevant operating system and version
- Vagrantfile
- Relevant local environment variables
Vault
Configuration details for Vault and Vault Enterprise issues include:
- Version from vault version
- Relevant operating system and version
- Vault server configuration
- Relevant local environment variables
Output and Logs
You can share output and logs with us through an attachment in the support issue as needed. The same log and output details which apply to the OSS tools typically also apply to enterprise tools.
NOTE: Debug level logs can include information about your system including environment variables and user information. If you store sensitive information in the environment or in your user account, please scan or scrub the debug log of this information before sharing with HashiCorp support. You can also encrypt the logs using the HashiCorp public key shown in the Secure Communications section.
Consul
Consul and Consul Enterprise log output to syslog or a log file and HashiCorp Support could request that you share the relevant log file detail with us. Other useful Consul output you could be asked to share include the following:
- Output from consul info
- Output from consul monitor with debug level logging enabled and executed from a particular agent like this: consul monitor --log-level=debug
- Enable debug endpoint for goroutine logging and retrieve goroutine dump with: curl -s -X GET http://<consul_server>:8500/debug/pprof/goroutine?debug=1
- Enable debug endpoint for heap logging and retrieve heap dump with: curl -s -X GET http://<consul_server>:8500/debug/pprof/heap?debug=1
Consul also gathers runtime telemetry which contain useful performance data which can be helpful to share.
Please ensure that log detail for Consul Enterprise features (such as the snapshot daemon) is shared whenever the issue involves a Consul Enterprise feature.
Nomad
Nomad and Nomad Enterprise log output to syslog or a log file and HashiCorp Support could request that you share the relevant log file detail with us. Other useful output from Nomad includes the output from:
- nomad status [job]
- nomad alloc-status [job_id]
- nomad plan [job_file]
It can also be helpful to have debug level logging which can be enabled as described in the Nomad Agent Configuration documentation.
Packer
Helpful output and logging from Packer or Packer Enterprise to share includes the following:
- Debug level logging by setting the PACKER_LOG=1 environment variable before building or by using packer build -debug
More details are available in the Debugging Packer Builds documentation.
Terraform
Terraform and Terraform Enterprise have detailed logs which can be enabled by setting the TF_LOG environment variable to any value. This will cause detailed logs to appear on stderr.
If Terraform ever crashes (a "panic" in the Go runtime), it saves a log file with the debug logs from the session as well as the panic message and backtrace to crash.log.
More details are available in the Debugging Terraform documentation.
Private Terraform Enterprise
If running a private installation of Terraform Enterprise, please include a support bundle if possible. To generate a support bundle, connect to the PTFE instance via SSH and run:
sudo hashicorp-support
You will see output similar to:
==> Creating HashiCorp Support Bundle in /var/lib/hashicorp-support
==> Wrote support tarball to /var/lib/hashicorp-support/hashicorp-support.tar.gz
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: PGP
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2019-04-14
==> Wrote encrypted support tarball to /var/lib/hashicorp-support/hashicorp-support.tar.gz.enc
Please send your support bundle to HashiCorp support.
Attach the hashicorp-support.tar.gz.enc
file to your support request.
Important: Encryption and sensitive data
The support bundle contains logging and telemetry data from various components in Private Terraform Enterprise. It may also include log data from Terraform or Packer builds executed on your PTFE installation. For your privacy and security, the entire contents of the support bundle are encrypted with a 2048 bit RSA key.
- Make sure to attach the file ending in
.tar.gz.enc
as the contents of.tar.gz
are not encrypted! - The GPG key used to encrypt the bundle is imported for the
root
user only. If you usesudo -sH
, change$HOME
, or take a similar action, the encryption step will fail. To assumeroot
usesudo -s
instead.
Scrubbing Secrets
If there is extremely sensitive data in the Terraform or Packer build logs you may opt to omit these logs from your bundle. However, this may impede our efforts to diagnose any problems you are encountering. To create a custom support bundle, run the following commands:
sudo -s
hashicorp-support
cd /var/lib/hashicorp-support
tar -xzf hashicorp-support.tar.gz
rm hashicorp-support.tar.gz*
rm nomad/*build-worker*
tar -czf hashicorp-support.tar.gz *
gpg2 -e -r "Terraform Enterprise Support" \
--cipher-algo AES256 \
--compress-algo ZLIB \
-o hashicorp-support.tar.gz.enc \
hashicorp-support.tar.gz
Essentially:
- Create a support bundle using the normal procedure.
- Extract the contents and remove the potentially sensitive files.
- Create a new
tar.gz.enc
.
Vagrant
Relevant Vagrant output and logs which are useful to share for Vagrant issues include:
- vagrant command output
- Debug level logging with the VAGRANT_LOG environment variable or through the --debug command line flag, for example: VAGRANT_LOG=debug vagrant up
See the Vagrant Debugging documentation for more details.
Vault
Vault and Vault Enterprise log output to syslog or a log file and HashiCorp Support could request that you share the relevant log file detail with us. Some additional Vault commands for which output could also be helpful include:
- Output from vault status
- Output from relevant vault command line or HTTP API calls
Secure Communications
If you would like to secure your communications with us, you can use the PGP key published on our Security page or Keybase.