Problem
A new Terraform Enterprise FDO (Docker) installation does not start up. When running docker compose attach, the following errors are logged.
docker-compose up
Starting terraform-enterprise_tfe_1 ... done
Attaching to terraform-enterprise_tfe_1
tfe_1 | Running as builtin tfe user, ensuring ownership of scratch directories...
tfe_1 | 2024-07-18 21:12:13,979 WARN No file matches via include "/etc/supervisor/conf.d/*.conf"
tfe_1 | 2024-07-18 21:12:13,982 INFO RPC interface 'supervisor' initialized
tfe_1 | 2024-07-18 21:12:13,982 CRIT Server 'unix_http_server' running without any HTTP authentication checking
tfe_1 | 2024-07-18 21:12:13,982 INFO supervisord started with pid 1
tfe_1 | 2024-07-18 21:12:14,985 INFO spawned: 'fluent-bit' with pid 24
tfe_1 | 2024-07-18 21:12:14,986 INFO spawned: 'terraform-enterprise' with pid 25
tfe_1 | 2024-07-18 21:12:15,139 INFO waiting for fluent-bit, terraform-enterprise to die
tfe_1 | 2024-07-18 21:12:16,149 INFO success: fluent-bit entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
tfe_1 | 2024-07-18 21:12:16,149 INFO stopped: terraform-enterprise (terminated by SIGTERM)
tfe_1 | 2024-07-18 21:12:16,149 INFO reaped unknown pid 31 (exit status 0)
tfe_1 | Fluent Bit v3.0.7
tfe_1 | * Copyright (C) 2015-2024 The Fluent Bit Authors
tfe_1 | * Fluent Bit is a CNCF sub-project under the umbrella of Fluentd
tfe_1 | * https://fluentbit.io
tfe_1 |
tfe_1 | ___________.__ __ __________.__ __ ________
tfe_1 | \_ _____/| | __ __ ____ _____/ |_ \______ \__|/ |_ ___ _\_____ \
tfe_1 | | __) | | | | \_/ __ \ / \ __\ | | _/ \ __\ \ \/ / _(__ <
tfe_1 | | \ | |_| | /\ ___/| | \ | | | \ || | \ / / \
tfe_1 | \___ / |____/____/ \___ >___| /__| |______ /__||__| \_/ /______ /
tfe_1 | \/ \/ \/ \/ \/
tfe_1 |
tfe_1 | [2024/07/18 21:12:17] [error] could not open configuration file, aborting.
tfe_1 | 2024-07-18 21:12:17,009 INFO stopped: fluent-bit (exit status 1)
terraform-enterprise_tfe_1 exited with code 0
Checking the container logs (i.e docker logs terraform-enterprise_tfe_1) may also produce the same error.
Prerequisites (if applicable)
- Terraform Enterprise >= v202404-2
Cause
- The error could not open configuration file, aborting is not part of the underlining issue
- This error is suggesting there is an error with Fluent Bit process forwarding contents each of the process log file. More information surrounding that can be ascertained from this article.
- The root cause of this issue stems from not having the required TLS certificate files (bundle.pem, cert.pem, key.pem) configured correct as .pem as reference here. For example, the terraform-enterprise.log file may have errors related to reading the TLS-related files.
2024-07-29T21:14:04.530Z [ERROR] terraform-enterprise: startup: error="failed retrieving configuration: : open /etc/ssl/private/terraform-enterprise/bundle.pem: no such file or directory" - All three TLS certificate files (unless there is no bundle.pem) must also be stored locally in a certs directory
Solutions:
-
Ensure the necessary TLS certificate files bundle.pem, cert.pem, key.pem are created appropriately and store locally in the certs directory
-
This certs directory should be directly accessible when executing the docker compose-up --detach command. The
docker compose up --detachcommand reads the cert directory. - Be certain to adhere to the install requirements and follow the install procedure to avoid errors against the expected install environment configurations during the initial setup
Outcome
The docker compose up --detach command should spin up the Terraform Enterprise container. You can then run docker compose exec tfe tfe-health-check-status check the health of the application until it starts reporting healthy.
Additional Information
-
Terraform Enterprise FDO Docker install Requirements
- Terraform Enterprise FDO Docker install Procedures