Skip to content

Unable to provision EC2 instances: "Tag key must have a value" #933

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
julian-perge opened this issue Aug 9, 2023 · 2 comments · Fixed by #936
Closed

Unable to provision EC2 instances: "Tag key must have a value" #933

julian-perge opened this issue Aug 9, 2023 · 2 comments · Fixed by #936

Comments

@julian-perge
Copy link

Describe the bug

If runner_tags is empty, the amazonec2-tags has a leading comma that causes the API request to AWS to fail with the error message mentioned in the title. See JSON request below for the error.

If runner_tags is empty, output has leading comma since the sed command doesn't remove it in gitlab-runner.tftpl:

"amazonec2-tags=,__PARENT_TAG__",

If runner_tags is not empty, or the leading comma is manually removed by going into the agent EC2 instance and editing /etc/gitlab-runners/config.toml, the error no longer shows up:

# module var.runner_tags
  runner_tags = {
    "testing" = "new runner who dis"
  }

# output from user_data with tags
"amazonec2-tags=testing,new runner who dis,__PARENT_TAG__",

Manual edit that works for us after agents were provisioned and running:

# before
"amazonec2-tags=,gitlab-runner-parent-id,runner-123123",

# after
"amazonec2-tags=gitlab-runner-parent-id,runner-123123",

To Reproduce

Steps to reproduce the behavior:

  1. Apply a module with empty runner_tags
  2. Wait for amazon to provision the runner
  3. See error in CloudTrail logs

Expected behavior

The API requests are successful and the runner is registered, and does not show any errors in CloudTrail or CloudWatch logs about being able to provision the runners.

Additional context

The weird and difficult part about this issue, is that this only showed up 3-4 weeks after we switched to Spot Fleets.

  • We switched to Spot Fleets around 2023-07-12, and today was the first time we encountered this specific error.
  • We even destroyed and applied fresh modules with no other changes, and this error kept showing up.
Redacted request JSON to AWS 
{
    "eventVersion": "1.08",
    "userIdentity": {
        // redacted
    },
    "eventTime": "2023-08-09T17:31:22Z",
    "eventSource": "ec2.amazonaws.com",
    "eventName": "CreateFleet",
    "awsRegion": "us-east-1",
    "sourceIPAddress": "#####",
    "userAgent": "aws-sdk-go/1.44.153 (go1.12.9; linux; amd64)",
    "errorCode": "Client.InvalidTagKey.Malformed",
    "errorMessage": "Tag key must have a value",
    "requestParameters": {
        "CreateFleetRequest": {
            "TargetCapacitySpecification": {
                "DefaultTargetCapacityType": "spot",
                "TotalTargetCapacity": 1
            },
            "Type": "instant",
            "SpotOptions": {
                "AllocationStrategy": "price-capacity-optimized",
                "MaxTotalPrice": 0.5
            },
            "LaunchTemplateConfigs": {
                "LaunchTemplateSpecification": {
                    "LaunchTemplateName": "gitlab-runner-agent-worker-20230809172259696900000029",
                    "Version": "$Latest"
                },
                "Overrides": [
                    {
                        "tag": 1,
                        "SubnetId": "subnet-#####",
                        "InstanceType": "t3.large"
                    },
                    {
                        "tag": 2,
                        "SubnetId": "subnet-#####",
                        "InstanceType": "t3.large"
                    },
                    {
                        "tag": 3,
                        "SubnetId": "subnet-#####",
                        "InstanceType": "t3.large"
                    }
                ],
                "tag": 1
            },
            "TagSpecification": [
                {
                    "ResourceType": "instance",
                    "tag": 1,
                    "Tag": [
                        {
                            "Value": "runner-#####",
                            "tag": 1,
                            "Key": "Name"
                        },
                        {
                            "Value": "gitlab-runner-parent-id",
                            "tag": 2,
                            "Key": ""
                        }
                    ]
                },
                {
                    "ResourceType": "volume",
                    "tag": 2,
                    "Tag": [
                        {
                            "Value": "runner-#####",
                            "tag": 1,
                            "Key": "Name"
                        },
                        {
                            "Value": "gitlab-runner-parent-id",
                            "tag": 2,
                            "Key": ""
                        }
                    ]
                },
                {
                    "ResourceType": "network-interface",
                    "tag": 3,
                    "Tag": [
                        {
                            "Value": "runner-#####",
                            "tag": 1,
                            "Key": "Name"
                        },
                        {
                            "Value": "gitlab-runner-parent-id",
                            "tag": 2,
                            "Key": ""
                        }
                    ]
                },
                {
                    "ResourceType": "fleet",
                    "tag": 4,
                    "Tag": [
                        {
                            "Value": "runner-#####",
                            "tag": 1,
                            "Key": "Name"
                        },
                        {
                            "Value": "gitlab-runner-parent-id",
                            "tag": 2,
                            "Key": ""
                        }
                    ]
                }
            ]
        }
    }
}
@kayman-mk
Copy link
Collaborator

Seems a little bit strange as you should always set the var.environment which is also added to the tags. So runner_tags should never be empty.

@kayman-mk kayman-mk mentioned this issue Aug 14, 2023
Merged
@julian-perge
Copy link
Author

Thank you for the response and quick PR @kayman-mk ! We do indeed set var.environment in our module for clarification.

kayman-mk added a commit that referenced this issue Aug 31, 2023
@kayman-mk
fix: remove empty elements from tag list (#936)
3b4a95e 
## Description

In rare cases the `amazonec2-tags` may contain empty elements which show
up as `,__PARENT_TAG__` which is not a valid value for AWS API to create
an instance.

The problem is that `runner_tags` must be removed if it is empty.
Otherwise the empty element is inserted into the final string which
results in a preceding `,`.

Closes #933 

## Verification

Verified manually with
- no tags --> `__PARENT_TAG__`
- with tags --> `tag1,value1,__PARENT_TAG`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: remove empty elements from tag list Hapag-Lloyd/terraform-aws-gitlab-runner
2 participants
@julian-perge @kayman-mk