Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_elastic_beanstalk_application: panic when applying #6624

Closed
thomasvandoren opened this issue May 12, 2016 · 7 comments
Closed

aws_elastic_beanstalk_application: panic when applying #6624

thomasvandoren opened this issue May 12, 2016 · 7 comments
Labels
crash provider/aws

Comments

@thomasvandoren
Copy link

thomasvandoren commented May 12, 2016
edited
Loading

Terraform Version

Terraform v0.6.15

Affected Resource(s)

  • terraform-provider-aws

Terraform Configuration Files

# main.tf
module "nexus" {
  source = "../modules/nexus"

  name ="nexus3"
  ssl_cert_id = "arn:aws:iam::REDACTED:server-certificate/REDACTED.com-wildcard-cert"
  cname = "CNAME HERE"
  instance_type = "m3.medium"
  keypair_name = "nexus3_keypair"
  keypair_public_key = "PUBLIC_KEY HERE"
}

# ../modules/nexus/main.tf
variable "name" {
  type = "string"
  default = ""
}

variable "ssl_cert_id" {
  type = "string"
  default = ""
}

variable "cname" {
  type = "string"
  default = ""
}

variable "instance_type" {
  type = "string"
  default = "t2.micro"
}

variable "keypair_name" {
  type = "string"
  default = ""
}

variable "keypair_public_key" {
  type = "string"
  default = ""
}

resource "aws_key_pair" "nexus3_kp" {
    key_name = "${var.keypair_name}"
    public_key = "${var.keypair_public_key}"
}

resource "aws_elastic_beanstalk_application" "nexus3_app" {
  name = "${var.name}-app"
}

resource "aws_elastic_beanstalk_configuration_template" "nexus3_config" {
  name = "tf-nexus3-template-config"
  application = "${aws_elastic_beanstalk_application.nexus3_app.name}"
  solution_stack_name = "64bit Amazon Linux 2016.03 v2.1.0 running Docker 1.9.1"

  // FIXME: use a vpc here!!!
  /*setting {
    namespace = "AWSEBLoadBalancerSecurityGroup.aws:ec2:vpc"
    name = "VPCId"
    value = "${}"
  }*/

  setting {
    namespace = "aws:autoscaling:asg"
    name = "MaxSize"
    value = "1"
  }

  setting {
    namespace = "aws:autoscaling:asg"
    name = "MinSize"
    value = "1"
  }

  setting {
    namespace = "aws:autoscaling:launchconfiguration"
    name = "EC2KeyName"
    value = "${var.keypair_name}"
  }

  setting {
    namespace = "aws:autoscaling:launchconfiguration"
    name = "InstanceType"
    value = "${var.instance_type}"
  }

  setting {
    namespace = "aws:elb:listener:443"
    name = "InstancePort"
    value = "80"
  }

  setting {
    namespace = "aws:elb:listener:443"
    name = "InstanceProtocol"
    value = "HTTPS"
  }

  setting {
    namespace = "aws:elb:listener:443"
    name = "ListenerEnabled"
    value = "true"
  }

  setting {
    namespace = "aws:elb:listener:443"
    name = "ListenerProtocol"
    value = "HTTPS"
  }

  setting {
    namespace = "aws:elb:listener:443"
    name = "SSLCertificateId"
    value = "${var.ssl_cert_id}"
  }

  setting {
    namespace = "aws:elb:loadbalancer"
    name = "CrossZone"
    value = "true"
  }

  setting {
    namespace = "aws:elb:loadbalancer"
    name = "LoadBalancerHTTPPort"
    value = "OFF"
  }

  setting {
    namespace = "aws:elb:loadbalancer"
    name = "LoadBalancerHTTPSPort"
    value = "443"
  }

  setting {
    namespace = "aws:elb:loadbalancer"
    name = "LoadBalancerPortProtocol"
    value = "HTTP"
  }

  setting {
    namespace = "aws:elb:loadbalancer"
    name = "LoadBalancerSSLPortProtocol"
    value = "HTTPS"
  }

  setting {
    namespace = "aws:elb:loadbalancer"
    name = "SSLCertificateId"
    value = "${var.ssl_cert_id}"
  }

  setting {
    namespace = "aws:elb:loadbalancer"
    name = "SecurityGroups"
    value = "{\"Fn::GetAtt\":[\"AWSEBLoadBalancerSecurityGroup\",\"GroupId\"]},{\"Ref\":\"AWSEBLoadBalancerSecurityGroup\"}"
  }
}

resource "aws_elastic_beanstalk_environment" "nexus3_env" {
  name = "${var.name}-env"
  application = "${aws_elastic_beanstalk_application.nexus3_app.name}"
  template_name = "${aws_elastic_beanstalk_configuration_template.nexus3_config.name}"
  depends_on = ["aws_key_pair.nexus3_kp"]

  tags {
    Terraform = "true"
  }
}

Debug Output

https://gist.githubusercontent.com/thomasvandoren/4d0b3e6ad8f066d6de2f2008306b7d55/raw/c3dcba22144bbb1395f78c837848c5325e3dc1d6/tf-2016-05-11-clean-crash.log

Panic Output

See above.

Expected Behavior

terraform apply reports an error in AWS.

Actual Behavior

terraform apply crashes

Steps to Reproduce

  1. terraform apply

Important Factoids

Nothing comes to mind.

References

None that I could find.
@thomasvandoren
Copy link
Author

The issue appears to have been with this setting:

setting {
    namespace = "aws:elb:loadbalancer"
    name = "SecurityGroups"
    value = "{\"Fn::GetAtt\":[\"AWSEBLoadBalancerSecurityGroup\",\"GroupId\"]},{\"Ref\":\"AWSEBLoadBalancerSecurityGroup\"}"
  }

This was causing the environment creation to fail in AWS. I updated the expectations above.

Removing this setting allowed terraform apply to complete.

@dharrisio
Copy link
Contributor

@thomasvandoren Thanks for the detailed description.

I did find one potential issue, but it may be unrelated to the error you saw. Just to verify this wasn't the issue, can you let me know which region this was deployed to? I really doubt this was the problem that caused the panic though, so I'll continue to try and reproduce the issue and figure out what caused this.

Thanks!

@thomasvandoren
Copy link
Author

us-west-2

@shanedroid shanedroid mentioned this issue Jun 16, 2016
Closed
@dharrisio
Copy link
Contributor

Sorry for the delay here, but I have finally had some time to get back to this. The issue occurs when Terraform attempts to read the CNAME from the environment. In this case, beanstalk creates or updates the environment in a "grey" health with no cname. So when the code attempts to read the CNAME, it panics because it doesn't exist. Since the API doesn't return any errors when invalid settings are applied, I'll also need to add something to check for these errors and return something useful to the user, instead of successfully applying the environment with a bad setting value. Once I figure that part out I'll submit a PR that fixes this today.

@stack72 Not sure if anyone else has been working on this issue, but this is where I am at. I believe this is the same issue as #6707 and #7197.

@stack72
Copy link
Contributor

stack72 commented Jun 17, 2016

Hi @dharrisio,
no need to apologise here at all :) I don't believe anyone has gotten to this so if you do get a chance to send a PR, that would be amazing :)

Paul

@dharrisio dharrisio mentioned this issue Jun 18, 2016
Merged
@catsby
Copy link
Contributor

catsby commented Jun 20, 2016

Fixed in #7222 , thanks @dharrisio !

Thank you @thomasvandoren for reporting

@catsby catsby closed this as completed Jun 20, 2016
@ghost
Copy link

ghost commented Apr 25, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 25, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
crash provider/aws
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@apparentlymart @catsby @stack72 @thomasvandoren @dharrisio