-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
resource/aws_lb: Add Cross Zone Load Balancing support for NLBs #3537
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @mpilar, this is looking pretty good! Would you have time to also add a test that enables/disables this flag and ensure it gets set correctly? If not, no problem. 👍
@@ -157,6 +157,7 @@ func TestAccAWSLBBackwardsCompatibility(t *testing.T) { | |||
resource.TestCheckResourceAttr("aws_alb.lb_test", "tags.%", "1"), | |||
resource.TestCheckResourceAttr("aws_alb.lb_test", "tags.Name", "TestAccAWSALB_basic"), | |||
resource.TestCheckResourceAttr("aws_alb.lb_test", "enable_deletion_protection", "false"), | |||
resource.TestCheckResourceAttr("aws_alb.lb_test", "enable_cross_zone_load_balancing", "false"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should create a test that ensures enabling/disabling works as expected 😄
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any hints as to where I could look for an example? It's my first time digging into a largeish golang codebase.
Is it sufficient to add the directive to testAccAWSLBConfig_networkLoadBalancerEIP
as true
and assert on that test?
(See added commit)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was unable to run the acceptance tests after the commit. As soon as I have a break I will.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My general workflow does usually involve adding a directive/parameter to the test configuration function for the new attribute. Generally speaking though, its usually easiest to just create a whole new acceptance test and configuration function so you don't wind up with needing to pass in way too many directives to a function. Copy paste of an existing is okay and generally encouraged for this situation as the testing is more important than any (potential) later refactoring. 👍
@bflad there's a bug I ran into when running the new acceptance test. I will hunt it down. |
@bflad I did run into an unrelated (random) issue where the EIP de-allocation failed because of the permission denied (since AWS controls the ENI).
I have tried finding where best to fix this but haven't been able to replicate it. I did capture a debug log of it happening. |
@@ -980,6 +984,7 @@ resource "aws_route_table_association" "a" { | |||
resource "aws_lb" "test" { | |||
name = "%s" | |||
load_balancer_type = "network" | |||
enable_cross_zone_load_balancing = true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See my note above -- we'll probably want to just copy paste the handling of the new attribute to a new test and config or at least pass the true/false value for this attributes is a directive into the above config function and use enable_cross_zone_load_balancing = %v
😄
@bflad I made a new test and am running into some odd behavior, I thought I had a hang of the harness and how it works but this is baffling me. I captured a TRACE to see if I can figure out what's going on, but when the test runs it successfully creates the LB then destroys everything and doesn't create the second environment (or as I would prefer, update the env to the second configuration). This happens regardless of whether I make it cross-zone first or second. I am fairly sure it's some mistake I am making with the test harness but can't figure it out. e: I obfuscated the requests by removing my AWS key, also went ahead and rotated the key because I am paranoid. E: I can't believe it took me so long to figure out I had typed |
Caught my typo after an embarrasingly long time. I need more sleep in my life. TF_ACC=1 go test ./aws -v -run=TestAccAWSLB_networkLoadbalancer_updateCrossZone -timeout 15m === RUN TestAccAWSLB_networkLoadbalancer_updateCrossZone --- PASS: TestAccAWSLB_networkLoadbalancer_updateCrossZone (346.29s) PASS ok github.com/terraform-providers/terraform-provider-aws/aws 347.665s
Flagged as WIP to add HTTP2 as well. |
I would prefer to treat that functionality in a separate PR please (smaller is easier to review) |
@bflad then the PR should be good as is, or do you think it needs more? The next commit has:
It's ready just waiting for all Acceptance tests to finish running (10 down, 5 to go). I decided to run them all after changing the timeouts and making the test fixtures more consistent. I will split the changes into separate PRs. |
@@ -362,6 +368,14 @@ func resourceAwsLbUpdate(d *schema.ResourceData, meta interface{}) error { | |||
}) | |||
} | |||
|
|||
// It's important to know that Idle timeout is only supported for Network Loadbalancers |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comment references Idle timeout (probably meant to be cross zone flag)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @mpilar for your work here! I'm going to pull this in now. You and @appilon can sort out the details of the next PR for HTTP/2 handling (please also fix that code comment). 😉
1 failure is unrelated
Tests failed: 1 (1 new), passed: 48
=== RUN TestAccAWSLBListenerRule_multipleConditionThrowsError
--- PASS: TestAccAWSLBListenerRule_multipleConditionThrowsError (2.52s)
=== RUN TestAccAWSLBCookieStickinessPolicy_basic
--- PASS: TestAccAWSLBCookieStickinessPolicy_basic (42.18s)
=== RUN TestAccAWSLBCookieStickinessPolicy_missingLB
--- PASS: TestAccAWSLBCookieStickinessPolicy_missingLB (52.27s)
=== RUN TestAccAWSLBCookieStickinessPolicy_drift
--- PASS: TestAccAWSLBCookieStickinessPolicy_drift (56.56s)
=== RUN TestAccAWSLBTargetGroup_networkLB_TargetGroup
--- PASS: TestAccAWSLBTargetGroup_networkLB_TargetGroup (84.00s)
=== RUN TestAccAWSLBSSLNegotiationPolicy_missingLB
--- PASS: TestAccAWSLBSSLNegotiationPolicy_missingLB (84.81s)
=== RUN TestAccAWSLBTargetGroup_generatedName
--- PASS: TestAccAWSLBTargetGroup_generatedName (46.93s)
=== RUN TestAccAWSLBSSLNegotiationPolicy_basic
--- PASS: TestAccAWSLBSSLNegotiationPolicy_basic (102.12s)
=== RUN TestAccAWSLBTargetGroup_basic
--- PASS: TestAccAWSLBTargetGroup_basic (137.18s)
=== RUN TestAccAWSLBTargetGroupBackwardsCompatibility
--- PASS: TestAccAWSLBTargetGroupBackwardsCompatibility (138.11s)
=== RUN TestAccAWSLBTargetGroupAttachmentBackwardsCompatibility
--- PASS: TestAccAWSLBTargetGroupAttachmentBackwardsCompatibility (158.83s)
=== RUN TestAccAWSLBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSLBTargetGroup_changeNameForceNew (148.50s)
=== RUN TestAccAWSLBTargetGroup_defaults_application
--- PASS: TestAccAWSLBTargetGroup_defaults_application (65.30s)
=== RUN TestAccAWSLBTargetGroup_namePrefix
--- PASS: TestAccAWSLBTargetGroup_namePrefix (193.44s)
=== RUN TestAccAWSLBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSLBTargetGroup_changeVpcForceNew (139.35s)
=== RUN TestAccAWSLBTargetGroup_stickinessWithTCPEnabledShouldError
--- PASS: TestAccAWSLBTargetGroup_stickinessWithTCPEnabledShouldError (26.22s)
=== RUN TestAccAWSLBTargetGroupAttachment_withoutPort
--- PASS: TestAccAWSLBTargetGroupAttachment_withoutPort (290.82s)
=== RUN TestAccAWSLBTargetGroup_stickinessWithTCPDisabled
--- PASS: TestAccAWSLBTargetGroup_stickinessWithTCPDisabled (72.61s)
=== RUN TestAccAWSLBTargetGroup_tags
--- PASS: TestAccAWSLBTargetGroup_tags (202.81s)
=== RUN TestAccAWSLBTargetGroup_defaults_network
--- PASS: TestAccAWSLBTargetGroup_defaults_network (101.25s)
=== RUN TestAccAWSLBListener_https
--- PASS: TestAccAWSLBListener_https (350.29s)
=== RUN TestAccAWSLBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSLBTargetGroup_changeProtocolForceNew (298.25s)
=== RUN TestAccAWSLBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSLBTargetGroup_updateHealthCheck (282.21s)
=== RUN TestAccAWSLBListener_basic
--- PASS: TestAccAWSLBListener_basic (455.36s)
=== RUN TestAccAWSLBListenerRuleBackwardsCompatibility
--- PASS: TestAccAWSLBListenerRuleBackwardsCompatibility (476.60s)
=== RUN TestAccAWSLBListenerBackwardsCompatibility
--- PASS: TestAccAWSLBListenerBackwardsCompatibility (486.55s)
=== RUN TestAccAWSLB_basic
--- PASS: TestAccAWSLB_basic (249.97s)
=== RUN TestAccAWSLBTargetGroupAttachment_basic
--- PASS: TestAccAWSLBTargetGroupAttachment_basic (494.86s)
=== RUN TestAccAWSLBListenerRule_changeListenerRuleArnForcesNew
--- PASS: TestAccAWSLBListenerRule_changeListenerRuleArnForcesNew (501.56s)
=== RUN TestAccAWSLBListenerRule_basic
--- PASS: TestAccAWSLBListenerRule_basic (504.41s)
=== RUN TestAccAWSLB_networkLoadbalancerBasic
--- PASS: TestAccAWSLB_networkLoadbalancerBasic (272.63s)
=== RUN TestAccAWSLBTargetGroup_updateSticknessEnabled
--- PASS: TestAccAWSLBTargetGroup_updateSticknessEnabled (418.42s)
=== RUN TestAccAWSLB_networkLoadbalancerEIP
--- PASS: TestAccAWSLB_networkLoadbalancerEIP (287.02s)
=== RUN TestAccAWSLB_generatedName
--- PASS: TestAccAWSLB_generatedName (299.76s)
=== RUN TestAccAWSLBBackwardsCompatibility
--- PASS: TestAccAWSLBBackwardsCompatibility (318.14s)
=== RUN TestAccAWSLB_generatesNameForZeroValue
--- PASS: TestAccAWSLB_generatesNameForZeroValue (317.02s)
=== RUN TestAccAWSLB_namePrefix
--- PASS: TestAccAWSLB_namePrefix (294.52s)
=== RUN TestAccAWSLBListenerRule_updateRulePriority
--- PASS: TestAccAWSLBListenerRule_updateRulePriority (669.66s)
=== RUN TestAccAWSLB_tags
--- PASS: TestAccAWSLB_tags (289.96s)
=== RUN TestAccAWSLBTargetGroup_changePortForceNew
--- PASS: TestAccAWSLBTargetGroup_changePortForceNew (623.73s)
=== RUN TestAccAWSLBListenerRule_priority
--- PASS: TestAccAWSLBListenerRule_priority (715.72s)
=== RUN TestAccAWSLBTargetGroup_TCP_HTTPHealthCheck
--- PASS: TestAccAWSLBTargetGroup_TCP_HTTPHealthCheck (746.18s)
=== RUN TestAccAWSLB_updatedIpAddressType
--- FAIL: TestAccAWSLB_updatedIpAddressType (266.23s)
=== RUN TestAccAWSLB_noSecurityGroup
--- PASS: TestAccAWSLB_noSecurityGroup (288.93s)
=== RUN TestAccAWSLB_networkLoadbalancer_updateCrossZone
--- PASS: TestAccAWSLB_networkLoadbalancer_updateCrossZone (370.61s)
=== RUN TestAccAWSLB_updatedSecurityGroups
--- PASS: TestAccAWSLB_updatedSecurityGroups (335.40s)
=== RUN TestAccAWSLB_networkLoadbalancer_subnet_change
--- PASS: TestAccAWSLB_networkLoadbalancer_subnet_change (311.68s)
=== RUN TestAccAWSLB_updatedSubnets
--- PASS: TestAccAWSLB_updatedSubnets (337.23s)
=== RUN TestAccAWSLB_accesslogs
--- PASS: TestAccAWSLB_accesslogs (343.91s)
This has been released in version 1.11.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Closes #3574
Enable Cross Zone load balancing support for NLBs:
Just allows setting the
load_balancing.cross_zone.enabled
Attribute.Docs:
https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_LoadBalancerAttribute.html
https://docs.aws.amazon.com/sdk-for-go/api/service/elbv2/#LoadBalancerAttribute