-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failed to retireve image info for instance for non-admin user #62
Comments
Here is a more complete log. $ incus project ls
+----------------------+--------+----------+-----------------+-----------------+----------+---------------+---------------------------------------------+---------+
| NAME | IMAGES | PROFILES | STORAGE VOLUMES | STORAGE BUCKETS | NETWORKS | NETWORK ZONES | DESCRIPTION | USED BY |
+----------------------+--------+----------+-----------------+-----------------+----------+---------------+---------------------------------------------+---------+
| user-60001 (current) | YES | YES | YES | YES | NO | YES | User restricted project for "keesb" (60001) | 55 |
+----------------------+--------+----------+-----------------+-----------------+----------+---------------+---------------------------------------------+---------+ $ incus image ls local:ubuntu/focal/cloud
+-----------------------+--------------+--------+---------------------------------------------+--------------+-----------------+-----------+-----------------------+
| ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCHITECTURE | TYPE | SIZE | UPLOAD DATE |
+-----------------------+--------------+--------+---------------------------------------------+--------------+-----------------+-----------+-----------------------+
| ubuntu/focal/cloud | 85e9afc8d65b | no | Ubuntu focal amd64 (cloud) (20240423_07:42) | x86_64 | CONTAINER | 128.90MiB | 2024/04/29 16:46 CEST |
+-----------------------+--------------+--------+---------------------------------------------+--------------+-----------------+-----------+-----------------------+
| ubuntu/focal/cloud/vm | ba068bd18db5 | no | Ubuntu focal amd64 (cloud) (20240423_07:42) | x86_64 | VIRTUAL-MACHINE | 266.59MiB | 2024/04/29 16:45 CEST |
+-----------------------+--------------+--------+---------------------------------------------+--------------+-----------------+-----------+-----------------------+ $ cat main.tf
resource "incus_instance" "u22" {
name = "u22"
image = "local:ubuntu/focal/cloud"
profiles = ["default"]
} $ INCUS_SOCKET=/var/lib/incus/unix.socket.user tofu apply
OpenTofu used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
OpenTofu will perform the following actions:
# incus_instance.u22 will be created
+ resource "incus_instance" "u22" {
+ config = {}
+ ephemeral = false
+ image = "local:ubuntu/focal/cloud"
+ ipv4_address = (known after apply)
+ ipv6_address = (known after apply)
+ limits = {}
+ mac_address = (known after apply)
+ name = "u22"
+ profiles = [
+ "default",
]
+ running = true
+ status = (known after apply)
+ target = (known after apply)
+ type = "container"
+ wait_for_network = true
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
OpenTofu will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
incus_instance.u22: Creating...
╷
│ Error: Failed to retireve image info for instance "u22"
│
│ with incus_instance.u22,
│ on main.tf line 1, in resource "incus_instance" "u22":
│ 1: resource "incus_instance" "u22" {
│
│ Image not found
╵ $ incus launch local:ubuntu/focal/cloud u22
Launching u22
$ |
Could you please try to use the image's fingerprint and post the output:
$ TF_LOG=debug INCUS_SOCKET=/var/lib/incus/unix.socket.user tofu apply |
Still failing $ INCUS_SOCKET=/var/lib/incus/unix.socket.user tofu apply
OpenTofu used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
+ create
OpenTofu will perform the following actions:
# incus_instance.u22 will be created
+ resource "incus_instance" "u22" {
+ config = {}
+ ephemeral = false
+ image = "local:85e9afc8d65b"
+ ipv4_address = (known after apply)
+ ipv6_address = (known after apply)
+ limits = {}
+ mac_address = (known after apply)
+ name = "u22"
+ profiles = [
+ "default",
]
+ running = true
+ status = (known after apply)
+ target = (known after apply)
+ type = "container"
+ wait_for_network = true
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
OpenTofu will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
incus_instance.u22: Creating...
╷
│ Error: Failed to retireve image info for instance "u22"
│
│ with incus_instance.u22,
│ on main.tf line 1, in resource "incus_instance" "u22":
│ 1: resource "incus_instance" "u22" {
│
│ Image "85e9afc8d65bc996e464f7df1a8a974634124089c3dabf0e78656dd30f63a8fb" not found
╵ |
I tried to reconstruct your error, and I was able to create an instance by using Could you please use the following command so that I can see all the debug information:
|
Here is the debug log |
I think you forgot to set the correct p
I think the problem is that you are not setting the project in your Terraform/Opentofu resources. It is designed to use the However, in your case this fails because you can only create resources for the Can you please try this? resource "incus_instance" "u22" {
name = "u22"
image = "local:85e9afc8d65b"
project = "user-60001"
profiles = ["default"]
} |
Here is the new debug log with the addition of And here is another debug log. This time I have first deleted the image with that fingerprint from the |
I am having a hard time reproducing your problem. I have tested your original Terraform code on a fresh installation of Debian 12 and Ubuntu 24.04 with a user-only project (user only is part of the Could you please provide me the output of: $ incus info |
Can it be related to the fact that my user is a FreeIPA user? I'll try to test it with a "local" user account. |
Confirmed. For a local user works fine. For a FreeIPA user does not. So, now we have to figure out why that is. FreeIPA uid/gid comes from |
@stgraber Do you have any idea why there is this problem with a FreeIPA user when interacting with Incus? |
@maveonair When running as an unprivileged user, you don't deal with the It's mostly transparent on the CLI as the
|
Yes. That's what I said a few comments earlier. @keestux tested it with a local user where specifying the user-specific project works, but it doesn't work when he uses his FreeIPA user. |
@stgraber I already do that (as earlier suggested by @maveonair). That certainly helps with a "local" user, but not for a FreeIPA user. |
What do you get for the FreeIPA user when you do |
$ incus project ls
+----------------------+--------+----------+-----------------+-----------------+----------+---------------+---------------------------------------------+---------+
| NAME | IMAGES | PROFILES | STORAGE VOLUMES | STORAGE BUCKETS | NETWORKS | NETWORK ZONES | DESCRIPTION | USED BY |
+----------------------+--------+----------+-----------------+-----------------+----------+---------------+---------------------------------------------+---------+
| user-60001 (current) | YES | YES | YES | YES | NO | YES | User restricted project for "keesb" (60001) | 64 |
+----------------------+--------+----------+-----------------+-----------------+----------+---------------+---------------------------------------------+---------+ $ sudo incus project ls
+-------------------+--------+----------+-----------------+-----------------+----------+---------------+----------------------------------------------+---------+
| NAME | IMAGES | PROFILES | STORAGE VOLUMES | STORAGE BUCKETS | NETWORKS | NETWORK ZONES | DESCRIPTION | USED BY |
+-------------------+--------+----------+-----------------+-----------------+----------+---------------+----------------------------------------------+---------+
| default (current) | YES | YES | YES | YES | YES | YES | Default Incus project | 16 |
+-------------------+--------+----------+-----------------+-----------------+----------+---------------+----------------------------------------------+---------+
| user-1001 | YES | YES | YES | YES | NO | YES | User restricted project for "local01" (1001) | 2 |
+-------------------+--------+----------+-----------------+-----------------+----------+---------------+----------------------------------------------+---------+
| user-60001 | YES | YES | YES | YES | NO | YES | User restricted project for "keesb" (60001) | 64 |
+-------------------+--------+----------+-----------------+-----------------+----------+---------------+----------------------------------------------+---------+ |
First, monitor logging when the FreeIPA user (uid 60001) does the tofu apply DEBUG [2024-06-01T14:16:27+02:00] Event listener server handler started id=51d3def8-113b-4743-a748-108b2963a742 local=/var/lib/incus/unix.socket remote=@
DEBUG [2024-06-01T14:17:07+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0 username=root
DEBUG [2024-06-01T14:17:07+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0/networks username=root
DEBUG [2024-06-01T14:17:07+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0/storage-pools username=root
DEBUG [2024-06-01T14:17:07+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0 username=root
DEBUG [2024-06-01T14:17:07+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0/profiles/default username=root
DEBUG [2024-06-01T14:17:07+02:00] Handling API request ip=@ method=GET protocol=unix url="/1.0/storage-pools?recursion=1" username=root
DEBUG [2024-06-01T14:17:07+02:00] Handling API request ip=@ method=GET protocol=unix url="/1.0/networks?recursion=1" username=root
DEBUG [2024-06-01T14:17:08+02:00] Handling API request ip=@ method=PUT protocol=unix url=/1.0/profiles/default username=root
INFO [2024-06-01T14:17:08+02:00] Action: profile-updated, Source: /1.0/profiles/default, Requestor: unix/root (@)
DEBUG [2024-06-01T14:17:08+02:00] Matched trusted cert fingerprint=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:17:08+02:00] Matched trusted cert fingerprint=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:17:08+02:00] Handling API request ip=@ method=GET protocol=tls url=/1.0 username=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf
DEBUG [2024-06-01T14:17:08+02:00] Matched trusted cert fingerprint=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:17:08+02:00] Matched trusted cert fingerprint=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:17:08+02:00] Handling API request ip=@ method=GET protocol=tls url=/1.0 username=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf
DEBUG [2024-06-01T14:17:08+02:00] Handling API request ip=@ method=GET protocol=tls url=/1.0/images/aliases/f58b52a245ef username=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf
DEBUG [2024-06-01T14:17:08+02:00] Matched trusted cert fingerprint=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:17:08+02:00] Matched trusted cert fingerprint=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:17:08+02:00] Matched trusted cert fingerprint=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:17:08+02:00] Handling API request ip=@ method=GET protocol=tls url=/1.0/images/f58b52a245ef username=ec4af657b0be602bf6b5f1aa588b0ca0d17bb390b4c3744ec20fe8f3188b2fbf |
Next, the monitoring when a local user (uid 1001) does the tofu apply DEBUG [2024-06-01T14:18:53+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0 username=root
DEBUG [2024-06-01T14:18:53+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0/networks username=root
DEBUG [2024-06-01T14:18:53+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0/storage-pools username=root
DEBUG [2024-06-01T14:18:53+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0 username=root
DEBUG [2024-06-01T14:18:53+02:00] Handling API request ip=@ method=GET protocol=unix url=/1.0/profiles/default username=root
DEBUG [2024-06-01T14:18:53+02:00] Handling API request ip=@ method=GET protocol=unix url="/1.0/storage-pools?recursion=1" username=root
DEBUG [2024-06-01T14:18:53+02:00] Handling API request ip=@ method=GET protocol=unix url="/1.0/networks?recursion=1" username=root
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=PUT protocol=unix url=/1.0/profiles/default username=root
INFO [2024-06-01T14:18:54+02:00] Action: profile-updated, Source: /1.0/profiles/default, Requestor: unix/root (@)
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url=/1.0 username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/images/aliases/f58b52a245ef?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/images/f58b52a245ef?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/events?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Event listener server handler started id=7c0bf00d-2f2c-44df-9003-ee89cb6d484e local=/var/lib/incus/unix.socket remote=@
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=POST protocol=tls url="/1.0/instances?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Responding to instance create
DEBUG [2024-06-01T14:18:54+02:00] New operation class=task description="Creating instance" operation=3e41fb56-df1e-436a-97d1-4396117b0800 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Lock acquired for image fingerprint=f58b52a245efc700780b12046aa21741f5113d3e92dab20d77ebd28b629dc0ce
DEBUG [2024-06-01T14:18:54+02:00] Started operation class=task description="Creating instance" operation=3e41fb56-df1e-436a-97d1-4396117b0800 project=user-1001
INFO [2024-06-01T14:18:54+02:00] ID: 3e41fb56-df1e-436a-97d1-4396117b0800, Class: task, Description: Creating instance CreatedAt="2024-06-01 14:18:54.204139609 +0200 CEST" Err= Location=none MayCancel=false Metadata="map[]" Resources="map[containers:[/1.0/instances/u22?project=user-1001] instances:[/1.0/instances/u22?project=user-1001]]" Status=Pending StatusCode=Pending UpdatedAt="2024-06-01 14:18:54.204139609 +0200 CEST"
INFO [2024-06-01T14:18:54+02:00] ID: 3e41fb56-df1e-436a-97d1-4396117b0800, Class: task, Description: Creating instance CreatedAt="2024-06-01 14:18:54.204139609 +0200 CEST" Err= Location=none MayCancel=false Metadata="map[]" Resources="map[containers:[/1.0/instances/u22?project=user-1001] instances:[/1.0/instances/u22?project=user-1001]]" Status=Running StatusCode=Running UpdatedAt="2024-06-01 14:18:54.204139609 +0200 CEST"
DEBUG [2024-06-01T14:18:54+02:00] Acquiring lock for image fingerprint=f58b52a245efc700780b12046aa21741f5113d3e92dab20d77ebd28b629dc0ce
DEBUG [2024-06-01T14:18:54+02:00] Instance operation lock created action=create instance=u22 project=user-1001 reusable=false
INFO [2024-06-01T14:18:54+02:00] Creating instance ephemeral=false instance=u22 instanceType=container project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/operations/3e41fb56-df1e-436a-97d1-4396117b0800?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Adding device device=eth0 instance=u22 instanceType=container project=user-1001 type=nic
INFO [2024-06-01T14:18:54+02:00] Created instance ephemeral=false instance=u22 instanceType=container project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Adding device device=root instance=u22 instanceType=container project=user-1001 type=disk
INFO [2024-06-01T14:18:54+02:00] Action: instance-created, Source: /1.0/instances/u22?project=user-1001 location=none storage-pool=pool2 type=container
DEBUG [2024-06-01T14:18:54+02:00] CreateInstanceFromImage started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] EnsureImage started driver=btrfs fingerprint=f58b52a245efc700780b12046aa21741f5113d3e92dab20d77ebd28b629dc0ce pool=pool2
DEBUG [2024-06-01T14:18:54+02:00] Setting image volume size driver=btrfs fingerprint=f58b52a245efc700780b12046aa21741f5113d3e92dab20d77ebd28b629dc0ce pool=pool2 size=
DEBUG [2024-06-01T14:18:54+02:00] Checking image volume size driver=btrfs fingerprint=f58b52a245efc700780b12046aa21741f5113d3e92dab20d77ebd28b629dc0ce pool=pool2
DEBUG [2024-06-01T14:18:54+02:00] EnsureImage finished driver=btrfs fingerprint=f58b52a245efc700780b12046aa21741f5113d3e92dab20d77ebd28b629dc0ce pool=pool2
DEBUG [2024-06-01T14:18:54+02:00] Checking volume size driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Set new volume size driver=btrfs instance=u22 pool=pool2 project=user-1001 size=
DEBUG [2024-06-01T14:18:54+02:00] UpdateInstanceBackupFile started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] CreateInstanceFromImage finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Success for operation class=task description="Creating instance" operation=3e41fb56-df1e-436a-97d1-4396117b0800 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] UpdateInstanceBackupFile finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Instance operation lock finished action=create err="<nil>" instance=u22 project=user-1001 reusable=false
INFO [2024-06-01T14:18:54+02:00] ID: 3e41fb56-df1e-436a-97d1-4396117b0800, Class: task, Description: Creating instance CreatedAt="2024-06-01 14:18:54.204139609 +0200 CEST" Err= Location=none MayCancel=false Metadata="map[]" Resources="map[containers:[/1.0/instances/u22?project=user-1001] instances:[/1.0/instances/u22?project=user-1001]]" Status=Success StatusCode=Success UpdatedAt="2024-06-01 14:18:54.204139609 +0200 CEST"
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/instances/u22/state?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] GetInstanceUsage started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] GetInstanceUsage finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=PUT protocol=tls url="/1.0/instances/u22/state?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] New operation class=task description="Starting instance" operation=1784bf2b-a189-4632-956c-93cbae3aef37 project=user-1001
INFO [2024-06-01T14:18:54+02:00] ID: 1784bf2b-a189-4632-956c-93cbae3aef37, Class: task, Description: Starting instance CreatedAt="2024-06-01 14:18:54.383641647 +0200 CEST" Err= Location=none MayCancel=false Metadata="map[]" Resources="map[instances:[/1.0/instances/u22?project=user-1001]]" Status=Running StatusCode=Running UpdatedAt="2024-06-01 14:18:54.383641647 +0200 CEST"
DEBUG [2024-06-01T14:18:54+02:00] Started operation class=task description="Starting instance" operation=1784bf2b-a189-4632-956c-93cbae3aef37 project=user-1001
INFO [2024-06-01T14:18:54+02:00] ID: 1784bf2b-a189-4632-956c-93cbae3aef37, Class: task, Description: Starting instance CreatedAt="2024-06-01 14:18:54.383641647 +0200 CEST" Err= Location=none MayCancel=false Metadata="map[]" Resources="map[instances:[/1.0/instances/u22?project=user-1001]]" Status=Pending StatusCode=Pending UpdatedAt="2024-06-01 14:18:54.383641647 +0200 CEST"
DEBUG [2024-06-01T14:18:54+02:00] Start started instance=u22 instanceType=container project=user-1001 stateful=false
INFO [2024-06-01T14:18:54+02:00] Starting instance action=start created="2024-06-01 12:18:54.219910737 +0000 UTC" ephemeral=false instance=u22 instanceType=container project=user-1001 stateful=false used="1970-01-01 00:00:00 +0000 UTC"
DEBUG [2024-06-01T14:18:54+02:00] Instance operation lock created action=start instance=u22 project=user-1001 reusable=false
DEBUG [2024-06-01T14:18:54+02:00] MountInstance started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] MountInstance finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/operations/1784bf2b-a189-4632-956c-93cbae3aef37?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:54+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:54+02:00] Starting device device=eth0 instance=u22 instanceType=container project=user-1001 type=nic
DEBUG [2024-06-01T14:18:54+02:00] UpdateInstanceBackupFile started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Starting device device=root instance=u22 instanceType=container project=user-1001 type=disk
DEBUG [2024-06-01T14:18:54+02:00] UpdateInstanceBackupFile finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Skipping unmount as in use driver=btrfs pool=pool2 refCount=1 volName=user-1001_u22
DEBUG [2024-06-01T14:18:54+02:00] Handling API request ip=@ method=GET protocol=unix url="/internal/containers/u22/onstart?project=user-1001" username=root
DEBUG [2024-06-01T14:18:54+02:00] Scheduler: container u22 started: re-balancing
DEBUG [2024-06-01T14:18:54+02:00] Success for operation class=task description="Starting instance" operation=1784bf2b-a189-4632-956c-93cbae3aef37 project=user-1001
DEBUG [2024-06-01T14:18:54+02:00] Start finished instance=u22 instanceType=container project=user-1001 stateful=false
DEBUG [2024-06-01T14:18:54+02:00] Instance operation lock finished action=start err="<nil>" instance=u22 project=user-1001 reusable=false
INFO [2024-06-01T14:18:54+02:00] Started instance action=start created="2024-06-01 12:18:54.219910737 +0000 UTC" ephemeral=false instance=u22 instanceType=container project=user-1001 stateful=false used="1970-01-01 00:00:00 +0000 UTC"
INFO [2024-06-01T14:18:54+02:00] Action: instance-started, Source: /1.0/instances/u22?project=user-1001, Requestor: tls/4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 (@)
INFO [2024-06-01T14:18:54+02:00] ID: 1784bf2b-a189-4632-956c-93cbae3aef37, Class: task, Description: Starting instance CreatedAt="2024-06-01 14:18:54.383641647 +0200 CEST" Err= Location=none MayCancel=false Metadata="map[]" Resources="map[instances:[/1.0/instances/u22?project=user-1001]]" Status=Success StatusCode=Success UpdatedAt="2024-06-01 14:18:54.383641647 +0200 CEST"
DEBUG [2024-06-01T14:18:56+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:56+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/instances/u22/state?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:56+02:00] GetInstanceUsage started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:56+02:00] GetInstanceUsage finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:58+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:58+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/instances/u22/state?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:58+02:00] GetInstanceUsage started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:58+02:00] GetInstanceUsage finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:58+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/instances/u22?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:58+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:58+02:00] Handling API request ip=@ method=GET protocol=tls url="/1.0/instances/u22/state?project=user-1001" username=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2
DEBUG [2024-06-01T14:18:58+02:00] Matched trusted cert fingerprint=4dbc389f43c7a50ca55048528bde4bbe24577049407fea00aee723eaa03642d2 subject="CN=root@winkel,O=Linux Containers"
DEBUG [2024-06-01T14:18:58+02:00] GetInstanceUsage started driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:58+02:00] GetInstanceUsage finished driver=btrfs instance=u22 pool=pool2 project=user-1001
DEBUG [2024-06-01T14:18:58+02:00] Event listener server handler stopped listener=7c0bf00d-2f2c-44df-9003-ee89cb6d484e local=/var/lib/incus/unix.socket remote=@ |
So the different is pretty clear, in both cases we can see the checks that
(I'm sending a fix for the profile update as that shouldn't happen every time). After that initial chunk is where we see a clear difference. In the first case (not working), we see it hitting all the URLs without the In the second case (working), we see it hitting all the URLs with I'm not seeing any Incus issue here, it seems to really be a client issue, that is, Terraform not specifying the project that it's supposed to be acting on. Can you post the |
A very simple resource "incus_instance" "u22" {
name = "u22"
image = "local:85e9afc8d65b"
project = "user-60001"
profiles = ["default"]
} Of course with |
Okay, so that So it'd just use the default configuration for the Can you do |
Yes that worked. But how? I don't understand, because that user only has one project, namely its own Unfortunately I forgot to test it once more before entering the |
Strange. I can't make it fail anymore. I'll close the issue. |
OK. The typo is one thing (occurs four times).
The real issue is that I'm getting this error for a simple example. I have added an alias to a local image. Then
this example:
The user is member of the
incus
group, notincus-admin
.If I run this with an
incus-admin
user it succeeds.The text was updated successfully, but these errors were encountered: