Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

terraform-provider-ibm breaks and cannot handle LB creation with count greater than 1 #2168

Closed
faseyiks opened this issue Jan 16, 2021 · 1 comment · Fixed by #2197
Closed

terraform-provider-ibm breaks and cannot handle LB creation with count greater than 1 #2168

faseyiks opened this issue Jan 16, 2021 · 1 comment · Fixed by #2197
Labels
service/VPC Infrastructure Issues related to the VPC Infrastructure

Comments

@faseyiks
Copy link

faseyiks commented Jan 16, 2021
edited
Loading

Terraform Version

0.13.5
Terraform v0.13.5

  • provider registry.terraform.io/hashicorp/null v3.0.0
  • provider registry.terraform.io/ibm-cloud/ibm v1.19.0

Affected Resource(s)

Please list the resources as a list, for example:

  • ibm_is_lb.application
  • ibm_is_lb_listener.applistener
  • ibm_is_lb_listener.applistener[0]
  • ibm_is_lb_listener.applistener[1]
  • ibm_is_lb_pool.apppool[0]
  • ibm_is_lb_pool.apppool[1]

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "ibm_is_lb" "application" {
  count          = ! var.enable_strict_layer_4 ? 1 : 0
  name           = format("%s-load-balancer-%s-%s", "application", var.tags["Environment"], local.protocol_selector)
  subnets        = var.subnets_names != "" ? [data.ibm_is_subnet.subnet[0].id] : data.ibm_is_subnets.infrasubnets.subnets.*.id
  resource_group = data.ibm_resource_group.resourcegroup.id
  type           = local.block_in_private_range ? "private" : "public"
  #tags          = var.tags
}

resource "ibm_is_lb_pool" "apppool" {
  count                           = ! var.enable_strict_layer_4 ? length(var.inbound_destination_ports[local.protocol_selector]) : 0
  lb                              = ibm_is_lb.application[0].id
  name                            = format("app-pool-%s-%s-%s", var.tags["Environment"], local.protocol_selector, count.index + 1)
  protocol                        = local.protocol_selector
  algorithm                       = lookup(var.lb_pool_params, "algorithm")
  health_delay                    = lookup(var.lb_pool_params, "delay")
  health_retries                  = lookup(var.lb_pool_params, "retries")
  health_timeout                  = lookup(var.lb_pool_params, "timeout")
  health_type                     = var.https_certificate_crn != "" ? "http" : "tcp"
  health_monitor_url              = lookup(var.lb_pool_params, "monitor_url")
  health_monitor_port             = lookup(var.lb_pool_params, "health_port")
  session_persistence_type        = lookup(var.lb_pool_params, "persistence_type", "http_cookie")
  session_persistence_cookie_name = lookup(var.lb_pool_params, "cookie_name", "http_cookie")
  depends_on                      = [ibm_is_lb.application, null_resource.app_lb_wait_for_time]
}

resource "ibm_is_lb_listener" "applistener" {
  depends_on           = [ibm_iam_authorization_policy.authorization, ibm_is_lb_pool.apppool, null_resource.app_lb_wait_for_time]
  count                = length(var.inbound_destination_ports[local.protocol_selector])
  lb                   = ibm_is_lb.application[0].id
  port                 = element(var.inbound_destination_ports[local.protocol_selector], count.index)
  protocol             = local.protocol_selector
  default_pool         = element(split(local.separator, ibm_is_lb_pool.apppool[count.index].id), 1)
  certificate_instance = var.https_certificate_crn

Expected Behavior

Terraform will provision one LB, 2 lb_pools and 2 lb_listeners

Actual Behavior

There is an issue with the LB implementation itself such that after creating the first LB_LISTENER, it then breaks terraform (obviously a race condition with the underlying update of the LB ) with the error below
Error: Error while creating Load Balanacer Listener err The load balancer with ID 'r018-78abc19d-4a20-40d2-aae7-f50fb05de2ae' cannot be updated because its status is 'UPDATE_PENDING'.
{
....
"errors": [
{
"code": "load_balancer_update_conflict",
"message": "The load balancer with ID 'rxxx-xxxxxxx-4a20-40d2-aae7-xxxxxxxxx' cannot be updated because its status is 'UPDATE_PENDING'.",
"more_info": "https://cloud.ibm.com/docs/infrastructure/vpc-on-classic?topic=vpc-on-classic-rias-error-messages#load_balancer_update_conflict"
}
],
"trace": "xxxxxx-9852-4213-bfb2-xxxxxxxxxxxxxx"
},
"RawResult": null

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. Copy the code and fill in for the variables or substitute with raw values
  2. terraform apply

Important Factoids

None

References

I have seen several links where the discussion of IBM LB implementation is discussed. I have also seen the below
#295 (comment).
It seems to me that a generic way to implement a "wait_for_status_update" on the lb_listener is required as a workaround.
@hkantare hkantare added the service/VPC Infrastructure Issues related to the VPC Infrastructure label Jan 18, 2021
This was referenced Jan 22, 2021
Closed
Merged
@hkantare
Copy link
Collaborator

Released in https://github.com/IBM-Cloud/terraform-provider-ibm/releases/tag/v1.20.0
Cloud docs will be updated soon
Registry docs:
https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service/VPC Infrastructure Issues related to the VPC Infrastructure
Projects
None yet
Milestone
No milestone
2 participants
@hkantare @faseyiks