Last active
July 3, 2017 20:42
-
-
Save astral303/5f6b8720489d2e0cf9ed2a59dc8c7a54 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| * aws_ebs_volume[ebs0] action create[2017-06-28T00:29:34+00:00] INFO: Processing aws_ebs_volume[ebs0] action create (xyz::_xyz line 10) | |
| ================================================================================ | |
| Error executing action `create` on resource 'aws_ebs_volume[ebs0]' | |
| ================================================================================ | |
| Aws::EC2::Errors::InvalidVolumeNotFound | |
| --------------------------------------- | |
| The volume 'vol-1118028b1c1a11ff1' does not exist. | |
| Cookbook Trace: | |
| --------------- | |
| /tmp/kitchen/cache/cookbooks/aws/resources/ebs_volume.rb:166:in `volume_by_id' | |
| /tmp/kitchen/cache/cookbooks/aws/resources/ebs_volume.rb:217:in `block (2 levels) in create_volume' | |
| /tmp/kitchen/cache/cookbooks/aws/resources/ebs_volume.rb:216:in `loop' | |
| /tmp/kitchen/cache/cookbooks/aws/resources/ebs_volume.rb:216:in `block in create_volume' | |
| /tmp/kitchen/cache/cookbooks/aws/resources/ebs_volume.rb:215:in `create_volume' | |
| /tmp/kitchen/cache/cookbooks/aws/resources/ebs_volume.rb:57:in `block (2 levels) in class_from_file' | |
| /tmp/kitchen/cache/cookbooks/aws/resources/ebs_volume.rb:56:in `block in class_from_file' | |
| Resource Declaration: | |
| --------------------- | |
| # In /tmp/kitchen/cache/cookbooks/xyz/recipes/_xyz.rb | |
| 10: aws_ebs_volume 'ebs0' do | |
| 11: size size_gigs | |
| 12: device device_id | |
| 13: delete_on_termination false | |
| 14: volume_type 'gp2' | |
| 15: encrypted true | |
| 16: kms_key_id 'x' | |
| 17: action [:create, :attach] | |
| 18: end | |
| 19: | |
| Compiled Resource: | |
| ------------------ | |
| # Declared in /tmp/kitchen/cache/cookbooks/xyz/recipes/_xyz.rb:10:in `from_file' | |
| aws_ebs_volume("ebs0") do | |
| action [:create, :attach] | |
| retries 0 | |
| retry_delay 2 | |
| default_guard_interpreter :default | |
| declared_type :aws_ebs_volume | |
| cookbook_name "xyz | |
| recipe_name "_xyz" | |
| size 50 | |
| device "/dev/sdf" | |
| delete_on_termination false | |
| volume_type "gp2" | |
| encrypted true | |
| kms_key_id "arn:aws:kms:..." | |
| region "us..." | |
| end | |
| System Info: | |
| ------------ | |
| chef_version=12.21.1 | |
| platform=amazon | |
| platform_version=2017.03 | |
| ruby=ruby 2.3.1p112 (2016-04-26 revision 54768) [x86_64-linux] | |
| program_name=chef-client worker: ppid=29834;start=00:29:19; | |
| executable=/opt/chef/bin/chef-client |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We think we know what went wrong now. The KMS key we were using to create the EBS volume did not permissions to be created by the AWS user that chef was using. Unhelpfully, the AWS API returns a successful volume object when this happens, but it seems that in the next couple of seconds, the AWS backend realizes that you've requested a volume to be encrypted in a way that you don't have permission to do, and it just deletes the EBS volume automatically, as if it never (briefly) existed.
In lieu of the AWS EBS create API returning something useful, maybe we can add a blurb to the error message thrown to include this possibility (when KMS key is present in the options)?