Terraform Enterprise (Replicated) Private Registry Shows All Modules As "Setup Failed"

Avatar
William Lee
  • Updated

Problem

All modules within the Terraform Enterprise private registry display a "Setup Failed" status, preventing their use.

Prerequisites

  • Root or sudo access to the Terraform Enterprise instance server.
  • Terraform Enterprise Replicated Deployment

Cause

This issue is caused by corruption of the Registry Session keys that connect Terraform Enterprise to the registry containers. You can confirm this by checking the container logs for a recurring error message indicating a name resolution failure.

The specific container log to check depends on your Terraform Enterprise version:

  • For versions before v202205-1, check the ptfe_atlas container logs.
  • For versions v202205-1 and later, check the tfe-atlas container logs.

The error message will appear similar to the following output.

[DEBUG] Failed to open TCP connection to ptfe_registry_api:3121 (getaddrinfo: Name does not resolve) excluded from capture: DSN not set

Solutions

Solution 1: Reset Corrupted Registry Session Keys

This procedure involves inspecting the session keys and regenerating them if they are corrupted.

  1. SSH to the Terraform Enterprise server and run the following command to export the application configuration.

    # replicatedctl app-config export --hidden
  2. In the command output, locate the values for the registry_session_secret_key and registry_session_encryption_key settings.
  3. Verify the keys. Both keys should be 32-character strings containing only valid hexadecimal characters (0-9, a-f). If they contain other characters or have a different length, they are corrupted.

  4. If the keys are corrupted, overwrite them with new, valid values. The replicatedctl command will prompt you to enter the new values. You can use a password generator to create two 32-character hexadecimal strings.

    # replicatedctl app-config set registry_session_secret_key
# replicatedctl app-config set registry_session_encryption_key

  5. Restart the Terraform Enterprise application to apply the changes.

    # replicatedctl app stop
# replicatedctl app start

Outcome

After Terraform Enterprise restarts, the private registry should function correctly, and modules will no longer show the "Setup Failed" status.

Articles in this section

See more

Related articles