Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to rename SecurityGroup in OpenStack #12912

Closed
michalmedvecky opened this issue Mar 21, 2017 · 4 comments
Closed

Unable to rename SecurityGroup in OpenStack #12912

michalmedvecky opened this issue Mar 21, 2017 · 4 comments
Labels
bug

Comments

@michalmedvecky
Copy link

TF is unable to rename security group, which is in use by another object (resource, vip, ...)

Terraform Version

Terraform v0.9.0-dev (89acb58+CHANGES)

Affected Resource(s)

  • openstack_networking_secgroup_v2

Terraform Configuration Files

sgrenametest.tf:

resource "openstack_networking_secgroup_v2" "test-sg" {
  name = "1234"
  description = "aaaa"
}

resource "openstack_networking_secgroup_rule_v2" "allow-something" {
  direction = "ingress"
  ethertype = "IPv4"
  security_group_id = "${openstack_networking_secgroup_v2.test-sg.id}"
  remote_group_id = "${openstack_networking_secgroup_v2.test-sg.id}"
}

resource "openstack_networking_port_v2" "test_vip" {
  depends_on = ["openstack_networking_secgroup_v2.test-sg"]
  name = "abcdef"
  network_id = "d3ebd619-3f2d-45cb-8e28-86da7cdf4cc5"
  admin_state_up = "true"
  security_group_ids = ["${openstack_networking_secgroup_v2.test-sg.id}"]
}

Debug Output

https://gist.github.com/michalmedvecky/8cd9248b60102b0aac0df0137c3013e8

Expected Behavior

Security group name should be changed

Actual Behavior

Terraform fails

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. create sgrenametest.tf (see above)
  2. terraform apply
  3. modify name on line2 from 1234 to 12345
  4. terraform apply

Important Factoids

Terraform correctly removes all security group rules tight to the SG, but does not remove it from the VIP. Then tries to delete SG what fails, because it's "in use".
@jtopjian
Copy link
Contributor

@michalmedvecky Thanks for reporting this. It looks like updating the name of a security group is possible to do without recreation. Requiring the group to be recreated was most likely done because Gophercloud doesn't yet have support for group updates.

I think the best long-term solution is to get that added. I'll work on this shortly.

@jtopjian
Copy link
Contributor

Quick update: I have a patch into Gophercloud to add this support. Once it's merged, I'll get this into Terraform right away.

@jtopjian jtopjian mentioned this issue May 25, 2017
Merged
@stack72
Copy link
Contributor

stack72 commented May 25, 2017

Closed via #14815

@stack72 stack72 closed this as completed May 25, 2017
@ghost
Copy link

ghost commented Apr 12, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 12, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jtopjian @stack72 @michalmedvecky