terrafrom 是一款常用来实现 IaC（基础设施即代码）的工具。通常的第一个命令往往是 terrafrom init。在执行此命令时，terrafrom 会根据已经配置好的 provdier 信息去下载安装对应云厂商的 provider。比如下面是一个腾讯云的 provider：

provider "tencentcloud" {
  secret_id  = "your-secret-id"
  secret_key = "your-secret-key"
  region     = "your-region"
}

terraform {
  required_providers {
    tencentcloud = {
      source = "tencentcloudstack/tencentcloud"
      version = "1.81.70"
    }
  }
}

接着执行 terraform init：

terraform init

Initializing the backend...

Initializing provider plugins...
- Finding tencentcloudstack/tencentcloud versions matching "1.81.70"...
╷
│ Error: Failed to install provider
│
│ Error while installing tencentcloudstack/tencentcloud v1.81.70: could not query provider registry for registry.terraform.io/tencentcloudstack/tencentcloud: failed to
│ retrieve authentication checksums for provider: the request failed after 2 attempts, please try again later: Get
│ "https://github.com/tencentcloudstack/terraform-provider-tencentcloud/releases/download/v1.81.70/terraform-provider-tencentcloud_1.81.70_SHA256SUMS": net/http: request
│ canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

可以看到，由于要连接 github 去下载对应版本的 plugin。但是 github 在国内访问有网络问题，所以就发生了 timeout 的错误。

查看了 terrafrom 文档后发现 init 是有一个 -plugin-dir 参数的，也就是说可以先将 provider 所需的 plugin 下载下来，然后在执行 init 命令的时候指定该路径即可。但是在尝试之后，会报错：

terraform init -plugin-dir=/root/.terraform.d/plugins

Initializing the backend...

Initializing provider plugins...
- Finding tencentcloudstack/tencentcloud versions matching "1.81.70"...
╷
│ Error: Failed to query available provider packages
│
│ Could not retrieve the list of available versions for provider tencentcloudstack/tencentcloud: provider registry.terraform.io/tencentcloudstack/tencentcloud was not
│ found in any of the search locations
│
│   - /root/.terraform.d/plugins

最后在腾讯云官方找到了一劳永逸的解决方案。

具体来说，就是设置国内能够访问的 terrafrom registry 源。terraform 默认的 registry 源是 registry.terraform.io。只需要把这个源换成国内可访问的即可。

在用户目录下创建一个 .terraformrc 文件，写入如下内容：

provider_installation {
  network_mirror {
    url = "https://mirrors.tencent.com/terraform/"
    // 限制只有腾讯云相关Provider, 从url中指定镜像源下载
    include = ["registry.terraform.io/tencentcloudstack/*"]
  }
  direct {
    // 声明除了腾讯云相关Provider, 其它Provider依然从默认官方源下载
    exclude = ["registry.terraform.io/tencentcloudstack/*"]
  }
}

接着重新执行 init 命令即可：

terraform init

Initializing the backend...

Initializing provider plugins...
- Finding tencentcloudstack/tencentcloud versions matching "1.81.70"...
- Installing tencentcloudstack/tencentcloud v1.81.70...
- Installed tencentcloudstack/tencentcloud v1.81.70 (verified checksum)

Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.

╷
│ Warning: Incomplete lock file information for providers
│
│ Due to your customized provider installation methods, Terraform was forced to calculate lock file checksums locally for the following providers:
│   - tencentcloudstack/tencentcloud
│
│ The current .terraform.lock.hcl file only includes checksums for linux_amd64, so Terraform running on another platform will fail to install these providers.
│
│ To calculate additional checksums for another platform, run:
│   terraform providers lock -platform=linux_amd64
│ (where linux_amd64 is the platform to generate)
╵

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

timeout 的问题就此得到解决。