Definition of 'Microsoft.Network/loadBalancers@2021-02-01' results in cycle error #4258
-
Bicep version Describe the bug The resulting Bicep template (below) loses its simplicity and starts to suffer from christmas-tree like code. Why should the author need to specify both: backendAddressPools: [
{
name: backendAddressPoolName
properties: {}
}
] and resource backEndAddrPool 'backendAddressPools' = {
name: backendAddressPoolName
properties: {}
} in @description('The address to allow NSG access to')
param endpointAddress string
var vnetAddressPrefix = '10.240.0.0/24'
var location = resourceGroup().location
resource nsg 'Microsoft.Network/networkSecurityGroups@2021-02-01' = {
name: 'kubernetes-nsg'
location: location
properties: {
securityRules: [
{
name: 'kubernetes-allow-ssh'
properties: {
access: 'Allow'
destinationAddressPrefix: '*'
destinationPortRange: '22'
direction: 'Inbound'
protocol: 'Tcp'
sourceAddressPrefix: endpointAddress
sourcePortRange: '*'
priority: 1001
}
}
{
name: 'kubernetes-allow-api-server'
properties: {
access: 'Allow'
destinationAddressPrefix: '*'
destinationPortRange: '6443'
direction: 'Inbound'
protocol: 'Tcp'
sourceAddressPrefix: endpointAddress
sourcePortRange: '*'
priority: 1002
}
}
]
}
}
resource pip 'Microsoft.Network/publicIPAddresses@2021-02-01' = {
name: 'kubernetes-pip'
location: location
sku: {
name: 'Standard'
tier: 'Regional'
}
properties: {
publicIPAllocationMethod: 'Static'
publicIPAddressVersion: 'IPv4'
}
}
var backendAddressPoolName = 'kubernetes-lb-pool'
resource lb 'Microsoft.Network/loadBalancers@2021-02-01' = {
name: 'kubernetes-lb'
location: location
sku: {
name: 'Standard'
tier: 'Regional'
}
properties: {
frontendIPConfigurations: [
{
name: 'LoadBalancerFrontEnd'
properties: {
privateIPAllocationMethod: 'Dynamic'
publicIPAddress: {
id: pip.id
}
}
}
]
backendAddressPools: [
{
name: backendAddressPoolName // using backEndAddrPool.name results in a cyclical dependency error, however current definition deploys successfully to Azure
properties: {}
}
]
}
resource backEndAddrPool 'backendAddressPools' = {
name: backendAddressPoolName
properties: {}
}
}
resource vnet 'Microsoft.Network/virtualNetworks@2021-02-01' = {
name: 'kubernetes-vnet'
location: location
properties: {
addressSpace: {
addressPrefixes: [
vnetAddressPrefix
]
}
subnets: [
{
name: 'kubernetes-subnet'
properties: {
addressPrefix: vnetAddressPrefix
networkSecurityGroup: {
id: nsg.id
}
}
}
]
}
} To Reproduce |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
TL;DR In this case, you shouldn't need to have the extra resource definition inside of the load balancer for the resource backEndAddrPool 'backendAddressPools' = {
name: backendAddressPoolName
properties: {}
} I believe you can simply delete the above resource reference?! More info: One thing about the AZ.Network provider is that some resources reference themselves, especially Load balancers, Application Gateways and FrontDoor, plus quite possibly others. Examples of this are:
When you do the above references, it can look something like this, since you need the id (even though they reference themselves): var loadBalancingRulesID = [for item in Services: {
name: item.RuleName
properties: {
frontendIPConfiguration: {
id: '${resourceId('Microsoft.Network/loadBalancers/', '${Deployment}-lb${LB.Name}')}/frontendIPConfigurations/${item.LBFEName}'
}
backendAddressPool: {
id: '${resourceId('Microsoft.Network/loadBalancers/', '${Deployment}-lb${LB.Name}')}/backendAddressPools/${LB.ASName}'
}
probe: {
id: '${resourceId('Microsoft.Network/loadBalancers/', '${Deployment}-lb${LB.Name}')}/probes/${item.ProbeName}'
}
protocol: 'tcp'
frontendPort: item.LBFEPort
backendPort: item.LBBEPort
}
}] I agree in those cases, it would be nice to be able to generate those ID's that point to itself using a resource reference. However just some clarification ... since all your rules are empty, including the backEndPools, none of this applies to your template for the AKS LB or App Gateway?
I believe in your case explicitly using the above resource is redundant? So the following should be all that you need. var backendAddressPoolName = 'kubernetes-lb-pool'
resource lb 'Microsoft.Network/loadBalancers@2021-02-01' = {
name: 'kubernetes-lb'
location: location
sku: {
name: 'Standard'
tier: 'Regional'
}
properties: {
frontendIPConfigurations: [
{
name: 'LoadBalancerFrontEnd'
properties: {
privateIPAllocationMethod: 'Dynamic'
publicIPAddress: {
id: pip.id
}
}
}
]
backendAddressPools: [
{
name: backendAddressPoolName
properties: {}
}
]
}
} If I have missed something here, please let me know? |
Beta Was this translation helpful? Give feedback.
TL;DR
In this case, you shouldn't need to have the extra resource definition inside of the load balancer for the
I believe you can simply delete the above resource reference?!
More info:
One thing about the AZ.Network provider is that some resources reference themselves, especially Load balancers, Application Gateways and FrontDoor, plus quite possibly others.
Examples of this are: