search

F5Networks / terraform-aws-bigip-module

Terraform module for Deploying BIG-IP in AWS
Apache License 2.0
10 stars 21 forks source link

v1.1.9 introduced a breaking change for EIPs on dynamically allocated private IPs #40

Closed deutmeyerbrianpfg closed 1 year ago

deutmeyerbrianpfg commented 1 year ago

Line in question: https://github.com/F5Networks/terraform-aws-bigip-module/blob/main/main.tf#L78

Previous version: 1.1.8 Current version: 1.1.9

We are doing dynamic private IP allocation and version 1.1.9 was pulled automatically based on our code and wiped our secondary EIPs allocations.

Our configuration:

module "f5" {
  source  = "F5Networks/bigip-module/aws"
  version = "~> 1.0"

 ...
  external_subnet_ids        = [{ "subnet_id" = data.aws_subnet.az1.id, "public_ip" = true, "private_ip_primary" = "", "private_ip_secondary" = "" }]
...
}

In the new line of code, it appears that a new list is constructed of secondary private addresses via a local (https://github.com/F5Networks/terraform-aws-bigip-module/blob/main/locals.tf#L108):

  external_public_private_ip_secondary = [
    for private in local.bigip_map["external_subnet_ids"] :
    private["private_ip_secondary"]
    if private["public_ip"] == true
  ]

The result of this is the following given we are using dynamic private IP allocation: [""]

Now, when we get to the line in question on main.tf, a compact is run on that local, which results in a list with length of 0, resulting in the EIP not running on the count. This is a breaking change and resulted in destroys of configuration (EIP was removed and released, breaking all farms associated with said elastic IPs).

KrithikaChidambaram commented 1 year ago

Hi, thanks for reporting. Internal tracking ID for this issue is: INFRAANO-1051, thanks!