Introduction
The purpose of this document is to help customers review their own support bundles without the assistance of Terraform Support. This allows the customer to self diagnose problems.
The support bundle can be generated from the Installer dashboard on port 8800 of the instance.
On the dashboard, click on the Support tab. On the next page, click the Download Support Bundle button, which downloads the support bundle directly to your web browser.
If you are unable to generate a bundle from the dashboard, connect to the instance via SSH and generate a bundle by running replicatedctl support-bundle or tfe-admin support-bundle for Active-Active deployments.
Use Case
Customer is encountering errors in TFE but the errors in the User Interface are not specific enough to allow for identification of root cause or further troubleshooting without log review.
Procedure
Note: For installations using Terraform Enterprise v202205-01 through v202308-1, all container names now follow the naming convention of "tfe-<service>"
Example:
ptfe_atlas > tfe-atlas ptfe_archivist > tfe-archivistNote - older version can have "ptfe" prefix
More information can be found in the release notes with a change here.
Examine the logs in [bundle]/primary/app/logs. Each of the Docker containers has its own stderr and stdout files here.
Searching recursively in the expanded support bundle directories for your error will allow you to see further context to the error you are encountering.
Depending on where in the application flow the problem is occurring, identify the logs for the relevant container. These are the most important and cover the majority of issues:
ptfe_atlas is the TFE web application itself that receives requests from users via web browser or API call.
ptfe_ingress is the container that copies the files to TFE that are to be processed either from the VCS repository or local client system.
ptfe_archivist handles the writing of configurations, state files and provider files to the S3 compatible storage buckets.
ptfe_sidekiq is responsible for inbound API call handling, including VCS webhook calls.
ptfe_nomad is where Sentinel policies are executed(TFE v202212-1 and later, this is handled by the tfe-task-worker container).
ptfe_postgresql_setup will show any errors connecting to Postgres.
ptfe_vault is the internal Vault server that decrypts/encrypts all sensitive data
When TFE actually needs to execute the Terraform executable like it would at a command line, it generates a new temporary Docker container to execute and do the work. These logs are contained in the ptfe_build_worker logs. Most TF syntax or provider errors will appear here.