Issues in creating a 3 node yugabyte cluster in private subnet of vpc

[jainhitesh9998]

Hi, I've tried to deploy a 3 node yugabyte cluster in private subnet within a VPC,
the configuration means that the cluster will be accessible only to applications within the VPC.

these are the properties I've added for the setup

use_public_ip_for_ssh = "false"
associate_public_ip_address = "false"

with terraform 12.29 I'm getting this error (log snippet):

module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[1]: Still creating... [5m0s elapsed] module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[2]: Still creating... [5m0s elapsed] module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[0]: Still creating... [5m10s elapsed] module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[2]: Still creating... [5m10s elapsed] module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[1]: Still creating... [5m10s elapsed] Error: timeout - last error: SSH authentication failed (centos@:22): ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain Error: timeout - last error: SSH authentication failed (centos@:22): ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain Error: timeout - last error: SSH authentication failed (centos@:22): ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain

with terraform 13.2 I'm getting this error (log snippet):

module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[2]: Still creating... [10s elapsed]
module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[0]: Still creating... [10s elapsed]
module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[1]: Provisioning with 'file'...
module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[0]: Provisioning with 'file'...
module.yugabyte-db-cluster.aws_instance.yugabyte_nodes[2]: Provisioning with 'file'...
Error: host for provisioner cannot be empty
Error: host for provisioner cannot be empty
Error: host for provisioner cannot be empty`

[bhavin192]

Hello @jainhitesh9998. The current implementation of this module depends on the ability to connect to the provisioned VMs over SSH. After connecting, it downloads YugabyteDB, sets up all the flags etc. In case of private subnets the terraform apply command needs to be run from a machine which has access to those subnets (can be an EC2 or a machine with VPN to AWS VPC).

[jainhitesh9998]

Hi Bhavin, i was having access to the VM using only private ip addresses within the subnet, (they were not assigned any public IP) I had made some changes in the main.tf file after which it was able to ssh into the machines and setup the cluster.

connection {
host = var.use_public_ip_for_ssh == "true" ? self.public_ip : self.private_ip
type = "ssh"
user = var.ssh_user
private_key = file(var.ssh_private_key)
}

I'll may be test it again send a pull request in a few days.

[bhavin192]

@jainhitesh9998 aha! you are right. Yes, please send a PR with above changes.

[jainhitesh9998]

@bhavin192 I have sent a PR for the same