Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Destroy/create on oci_core_instance_configuration fail if related oci_core_instance_pool exists #989

Closed
jeliker opened this issue Feb 28, 2020 · 2 comments
Closed

Destroy/create on oci_core_instance_configuration fail if related oci_core_instance_pool exists #989

jeliker opened this issue Feb 28, 2020 · 2 comments
Labels
bug

Comments

@jeliker
Copy link

jeliker commented Feb 28, 2020

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

Terraform v0.12.21

  • provider.oci v3.64.0
  • provider.template v2.1.2

Affected Resource(s)

oci_core_instance_configuration
oci_core_instance_pool

Terraform Configuration Files

data "oci_identity_availability_domains" "ad" {
  compartment_id = var.tenancy_ocid
}
 
data "template_file" "ad_list" {
  count = length(data.oci_identity_availability_domains.ad.availability_domains)
  template = lookup(data.oci_identity_availability_domains.ad.availability_domains[count.index], "name")
}

data "oci_core_private_ips" "private_ip" {
  ip_address = oci_core_instance.sample.private_ip
  subnet_id = var.subnet_id
}

data "oci_core_vnic" "sample_vnic" {
  vnic_id = data.oci_core_private_ips.private_ip.private_ips[0].vnic_id
}

resource "oci_core_instance_configuration" "sample" {
  compartment_id = var.compartment_id
  display_name = oci_core_instance.sample.display_name
  instance_details {
    instance_type = "compute"
    launch_details {
      availability_domain = null
      compartment_id = var.compartment_id
      create_vnic_details {
        assign_public_ip = data.oci_core_vnic.sample_vnic.public_ip_address != null
        display_name = null
        hostname_label = null
        nsg_ids = data.oci_core_vnic.sample_vnic.nsg_ids
        private_ip = null
        skip_source_dest_check = data.oci_core_vnic.sample_vnic.skip_source_dest_check
        subnet_id = null
      }
      metadata = {
        "ssh_authorized_keys": oci_core_instance.sample.metadata.ssh_authorized_key
      }
      shape = oci_core_instance.sample.shape
      source_details {
        source_type = "image"
        image_id = oci_core_image.sample.id
      }
    }
  }
}

resource "oci_core_instance_pool" "sample" {
    compartment_id = var.compartment_id
    instance_configuration_id = oci_core_instance_configuration.sample.id
    placement_configurations {
        availability_domain = data.template_file.ad_list.*.rendered[0]
        primary_subnet_id = var.subnet_id
        fault_domains = [
          "FAULT-DOMAIN-1",
          "FAULT-DOMAIN-2",
          "FAULT-DOMAIN-3"
        ]
    }
    size = 2
    display_name = var.common_name
}

Debug Output

oci_core_instance_configuration.lb_sample: Still destroying... [id=ocid1.instanceconfiguration.oc1.iad.aaa...wn2ta4acmlpjtq2svx3udecqknvafndfqw6vma, 1m40s elapsed]
oci_core_instance_configuration.lb_sample: Still destroying... [id=ocid1.instanceconfiguration.oc1.iad.aaa...wn2ta4acmlpjtq2svx3udecqknvafndfqw6vma, 1m50s elapsed]
oci_core_instance_configuration.lb_sample: Still destroying... [id=ocid1.instanceconfiguration.oc1.iad.aaa...wn2ta4acmlpjtq2svx3udecqknvafndfqw6vma, 2m0s elapsed]

Error: Service error:Conflict. The Instance Configuration ocid1.instanceconfiguration.oc1.iad.aaaaaaaazlamlpjtq2svx3udecqknvafnuspyc4qhwv5wn2ta4acdfqw6vma is associated to one or more Instance Pools.. http status code: 409. Opc request id: ffbb0fb6bcf7d77670845661a2e6f7b8/94218E311A3FDC5E527827D641D6B41F/536AD2A18D6167FDD227561187330C42

Panic Output

Expected Behavior

When a script update requires destroy/create for existing oci_core_instance_configuration that is associated with existing oci_core_instance_pool instance, those oci_core_instance_pool instances should also be flagged to destroy/create

Actual Behavior

I modified the scripts which resulted in need to destroy/create oci_core_instance_configuration which is associated with an existing oci_core_instance_pool. The apply operation fails with message suggesting the destroy operation cannot complete because the oci_core_instance_configuration is associated with an oci_core_instance_pool

Steps to Reproduce

  1. Create script for resource oci_core_instance.sample to use as basis for script sample above
  2. terraform apply to build instance configuration, instance pool
  3. terraform taint oci_core_instance.sample then terraform apply to rebuild oci_core_instance
  4. This causes oci_core_instance_configuration.sample to destroy/create as well but will fail during destroy because of reference to oci_core_instance_pool

Important Factoids

References
@jeliker jeliker added the bug label Feb 28, 2020
@afedorch
Copy link
Contributor

@jeliker Thanks for reporting it.

I think you should see instance pool update as part of execution plan:

# oci_core_instance_pool.sample will be updated in-place
~ resource "oci_core_instance_pool" "sample" {
      actual_size               = ...
      compartment_id            = ...
      ...
    ~ instance_configuration_id = "..." -> (known after apply)
    ...

Terraform will try to update the resource instead of re-create because instance_configuration_id attribute is updatable in oci_core_instance_pool resource:
https://www.terraform.io/docs/providers/oci/r/core_instance_pool.html#instance_configuration_id

This is done as per service documentation to allow instance pool with instances created from different instance configurations:

If you modify the instance configuration for an instance pool, existing instances that are part of that pool will not change. Any new instances created after the instance configuration change will use the new instance configuration. New instances will not be created unless you have increased the size of the instance pool or terminate existing instances.

The update (terraform apply) will fail in your scenario due to the following service requirement:

You can't delete an instance configuration if it is associated with at least one instance pool.

See service documentation (When working with instance configurations and instance pools, keep the following in mind) for more details:
https://docs.cloud.oracle.com/en-us/iaas/Content/Compute/Concepts/instancemanagement.htm

It seems that you are looking for something similar to taint_on_dependency_change for this scenario: hashicorp/terraform#8099

@afedorch
Copy link
Contributor

afedorch commented Mar 5, 2020

@jeliker I am closing this request please feel free to reopen if you have any concerns, thanks!

@afedorch afedorch closed this as completed Mar 5, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jeliker @afedorch