search

Azure / terraform-azurerm-avm-res-network-virtualnetwork

Azure Verified Module for Virtual Network
https://registry.terraform.io/modules/Azure/avm-res-network-virtualnetwork
MIT License
17 stars 14 forks source link

[AVM Module Issue]: timing issue when binding the same NSG or route table to multiple subnets #91

Closed kewalaka closed 1 month ago

kewalaka commented 1 month ago

Check for previous/existing GitHub issues

Issue Type?

Bug

(Optional) Module Version

0.2.3

(Optional) Correlation Id

No response

Description

I believe there is a timing issue that requires the locks to be modified on the subnet, I see this when attempting to bind the same route table or NSG to multiple subnets. The error is "CanceledAndSupersededDueToAnotherOperation", here it is from a run:

module.this.module.subnets["snet0"].azapi_resource.subnet: Creation complete after 12s [id=/subscriptions/***/resourceGroups/rg-voas/providers/Microsoft.Network/virtualNetworks/vnet-voas/subnets/snet-voas0]
╷
│ Error: waiting for creation/update of Virtual Network (Subscription: "***"
│ Resource Group Name: "rg-voas"
│ Virtual Network Name: "vnet-voas"): Code="Canceled" Message="Operation was canceled." Details=[{"code":"CanceledAndSupersededDueToAnotherOperation","message":"Operation PutVirtualNetworkOperation (da7584b2-75e9-4a68-8f7e-942b489ce63f) was canceled and superseded by operation PutVirtualNetworkOperation (04461355-8a37-452d-b841-30fd8667ed52)."}]
│ 
│   with azurerm_virtual_network.second_net,
│   on main.tf line 53, in resource "azurerm_virtual_network" "second_net":
│   53: resource "azurerm_virtual_network" "second_net" {
│ 
╵
Error: Terraform exited with code 1.

See https://github.com/kewalaka/terraform-azurerm-avm-ptn-subnets-nsgs-routes/actions/runs/9333390678/job/25690443103?pr=7

I think the issue might be the lock on the subnet:

https://github.com/Azure/terraform-azurerm-avm-res-network-virtualnetwork/blob/ff05688545e8a69a71eae7cd4cd853900a85e976/modules/subnet/main.tf#L38

I am wondering if we also need locks around the route table ID and NSG ID?

microsoft-github-policy-service[bot] commented 1 month ago

[!IMPORTANT] The "Needs: Triage :mag:" label must be removed once the triage process is complete!

[!NOTE] This label was added as per ITA06.

microsoft-github-policy-service[bot] commented 1 month ago

[!NOTE] The "Type: Bug :bug:" label was added as per ITA21.

kewalaka commented 1 month ago

ignore me - i had a duplicate resource ID in the mix that was causing the conflict. not a bug.