papineni87
commented
3 years ago Tracking with INFRAANO-114
Closed lamjo965 closed 3 years ago
papineni87
commented
3 years ago Tracking with INFRAANO-114
papineni87
commented
3 years ago @lamjo965 I tried using policy name having "." and able to import the policy with provider bigip verison ( v1.5.0 )
Environment BIG-IP : 15.0 Terraform v0.13.5 provider.bigip v1.5.0
$ terraform --version
Terraform v0.13.5
+ provider registry.terraform.io/f5networks/bigip v1.5.0
$ terraform import bigip_ltm_policy.test /Common/www.test.com-Policy
bigip_ltm_policy.test: Importing from ID "/Common/www.test.com-Policy"...
bigip_ltm_policy.test: Import prepared!
Prepared bigip_ltm_policy for import
bigip_ltm_policy.test: Refreshing state... [id=/Common/www.test.com-Policy]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
$ cat terraform.tfstate
{
"version": 4,
"terraform_version": "0.13.5",
"serial": 1,
"lineage": "4c6556b1-34f1-7ce2-dbf9-f5ce8e7d3ced",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "bigip_ltm_policy",
"name": "test",
"provider": "provider[\"registry.terraform.io/f5networks/bigip\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"controls": [
"forwarding"
],
"id": "/Common/www.test.com-Policy",
"name": "/Common/www",
"published_copy": null,
"requires": [
"http"
],
"rule": [
{
"action": [
{
"app_service": "",
"application": "",
"asm": false,
"avr": false,
"cache": false,
"carp": false,
"category": "",
"classify": false,
"clone_pool": "",
"code": 0,
"compress": false,
"content": "",
"cookie_hash": false,
"cookie_insert": false,
"cookie_passive": false,
"cookie_rewrite": false,
"decompress": false,
"defer": false,
"destination_address": false,
"disable": false,
"domain": "",
"enable": false,
"expiry": "",
"expiry_secs": 0,
"expression": "",
"extension": "",
"facility": "",
"forward": true,
"from_profile": "",
"hash": false,
"host": "",
"http": false,
"http_basic_auth": false,
"http_cookie": false,
"http_header": false,
"http_host": false,
"http_referer": false,
"http_reply": false,
"http_set_cookie": false,
"http_uri": false,
"ifile": "",
"insert": false,
"internal_virtual": "",
"ip_address": "",
"key": "",
"l7dos": false,
"length": 0,
"location": "",
"log": false,
"ltm_policy": false,
"member": "",
"message": "",
"netmask": "",
"nexthop": "",
"node": "",
"offset": 0,
"path": "",
"pem": false,
"persist": false,
"pin": false,
"policy": "",
"pool": "/Common/pl_test.com_api",
"port": 0,
"priority": "",
"profile": "",
"protocol": "",
"query_string": "",
"rateclass": "",
"redirect": false,
"remove": false,
"replace": false,
"request": true,
"request_adapt": false,
"reset": false,
"response": false,
"response_adapt": false,
"scheme": "",
"script": "",
"select": true,
"server_ssl": false,
"set_variable": false,
"snat": "",
"snatpool": "",
"source_address": false,
"ssl_client_hello": false,
"ssl_server_handshake": false,
"ssl_server_hello": false,
"ssl_session_id": false,
"status": 0,
"tcl": false,
"tcp_nagle": false,
"text": "",
"timeout": 0,
"tm_name": "",
"uie": false,
"universal": false,
"value": "",
"virtual": "",
"vlan": "",
"vlan_id": 0,
"wam": false,
"write": false
}
],
"condition": [
{
"address": false,
"all": false,
"app_service": "",
"browser_type": false,
"browser_version": false,
"case_insensitive": true,
"case_sensitive": false,
"cipher": false,
"cipher_bits": false,
"client_ssl": false,
"code": false,
"common_name": false,
"contains": false,
"continent": false,
"country_code": false,
"country_name": false,
"cpu_usage": false,
"device_make": false,
"device_model": false,
"domain": false,
"ends_with": false,
"equals": false,
"expiry": false,
"extension": false,
"external": true,
"geoip": false,
"greater": false,
"greater_or_equal": false,
"host": false,
"http_basic_auth": false,
"http_cookie": false,
"http_header": false,
"http_host": false,
"http_method": false,
"http_referer": false,
"http_set_cookie": false,
"http_status": false,
"http_uri": true,
"http_user_agent": false,
"http_version": false,
"index": 0,
"internal": false,
"isp": false,
"last_15secs": false,
"last_1min": false,
"last_5mins": false,
"less": false,
"less_or_equal": false,
"local": false,
"major": false,
"matches": false,
"minor": false,
"missing": false,
"mss": false,
"not": false,
"org": false,
"password": false,
"path": true,
"path_segment": false,
"port": false,
"present": true,
"protocol": false,
"query_parameter": false,
"query_string": false,
"region_code": false,
"region_name": false,
"remote": true,
"request": true,
"response": false,
"route_domain": false,
"rtt": false,
"scheme": false,
"server_name": false,
"ssl_cert": false,
"ssl_client_hello": false,
"ssl_extension": false,
"ssl_server_handshake": false,
"ssl_server_hello": false,
"starts_with": true,
"tcp": false,
"text": false,
"tm_name": "",
"unnamed_query_parameter": false,
"user_agent_token": false,
"username": false,
"value": false,
"values": [
"/api/v1/productcatalog/"
],
"version": false,
"vlan": false,
"vlan_id": false
}
],
"name": "rul_www.test.com_api"
}
],
"strategy": "first-match"
}
Can you share the terraform debug logs as i am unable to reproduce it .
papineni87
commented
3 years ago Hi @lamjo965 ,
Did you get a chance to get the debug logs, as i am unable to reproduce it
lamjo965
commented
3 years ago Whats the best way to produce the logs for you?
papineni87
commented
3 years ago @lamjo965 Can you enable the terraform log level as "DEBUG" and then try the scenerio, so that i can see the logs in failure case
For enabling terraform debug level, we can use "export TF_LOG=DEBUG"
gustavopjardim
commented
3 years ago Hi @papineni87 I am having the same issue. You can import the policy, but the name will be truncated if you have ".". Next time you try to apply, terraform will show that the policy has to be replaced because the name is different.
You can observe the ViewState you provided before, the name was truncated. If you try to apply, Terraform will destroy the policy and recreate it again. Also, terraform will recreate truncating the name, which causes a loop.
"id": "/Common/www.test.com-Policy", "name": "/Common/www",
gustavopjardim
commented
3 years ago Hi @papineni87 Is there something else I can do to help in this case?
Thanks
papineni87
commented
3 years ago @gustavopjardim I am testing code changes, once it is done i will push the fix
lamjo965
commented
3 years ago What fix are you working on?
papineni87
commented
3 years ago It looks like issue is in the regex which retrieves name from the given policy input. If the policy name contains ".", regex is capturing policy name upto "." which is the root cause and with the modified regex we can capture complete policy name .
diff --git a/bigip/resource_bigip_ltm_policy.go b/bigip/resource_bigip_ltm_policy.go
@lamjo965 , @gustavopjardim I just pushed the commit to master branch with the above changes, can you verify the issue with it?
terraform import bigip_ltm_policy.test /Common/www.test.com-policy
bigip_ltm_policy.test: Importing from ID "/Common/www.test.com-policy"...
bigip_ltm_policy.test: Import prepared!
Prepared bigip_ltm_policy for import
bigip_ltm_policy.test: Refreshing state... [id=/Common/www.test.com-policy]
Import successful!
The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.
cat terraform.tfstate
{
"version": 4,
"terraform_version": "0.13.5",
"serial": 1,
"lineage": "baa585ff-6d61-1a55-b365-08224ab7038d",
"outputs": {},
"resources": [
{
"mode": "managed",
"type": "bigip_ltm_policy",
"name": "test",
"provider": "provider[\"registry.terraform.io/f5networks/bigip\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"controls": [],
"id": "/Common/www.test.com-policy",
"name": "/Common/www.test.com-policy",
"published_copy": null,
"requires": [],
"rule": [],
"strategy": "first-match"
},
"private": "eyJzY2hlbWFfdmVyc2lvbiI6IjAifQ=="
}
]
}
]
}Thank you, I will start testing.
papineni87
commented
3 years ago Issue is fixed in release v1.7, please reopen the issue if you see it again
Environment
BIG-IP 13.1.3.4 Build 0.0.5 Point Release 4 Terraform v0.12.29 provider.bigip v1.5.0
Summary
I have noticed that when I am importing my policies from the F5 that have "." in the name like "www.test.com-Policy". I get Error: Cannot import non-existent remote object
Steps To Reproduce
Steps to reproduce the behavior:
resource "bigip_ltm_policy" "www_test_com-Policy" { controls = ["forwarding"] name = "/Common/www.test.com-Policy" requires = ["http"] strategy = "first-match" rule { name = "rul_www.test.com_api" action { code = 0 expiry_secs = 0 forward = true length = 0 offset = 0 pool = "/Common/pl_test.com_api" port = 0 request = true select = true status = 0 timeout = 0 vlan_id = 0 } condition { case_insensitive = true equals = false external = true http_uri = true index = 0 path = true present = true remote = true request = true starts_with = true values = ["/api/v1/productcatalog/"] } } }
module "bigip_ltm_policy" { source = "./modules/bigip_ltm_policy" }
Expected Behavior
I should get the message import successful! I do not have this issue with provider.bigip v1.3.0
I have seen the import successful with other policies that don't have "." in the name.
"terraform import module.bigip_ltm_policy.bigip_ltm_policy.pol_redirect_non_www_to_www /Common/pol_redirect_non_www_to_www"
module.bigip_ltm_policy.bigip_ltm_policy.pol_redirect_non_www_to_www: Importing from ID "/Common/pol_redirect_non_www_to_www"... module.bigip_ltm_policy.bigip_ltm_policy.pol_redirect_non_www_to_www: Import prepared! Prepared bigip_ltm_policy for import module.bigip_ltm_policy.bigip_ltm_policy.pol_redirect_non_www_to_www: Refreshing state... [id=/Common/pol_redirect_non_www_to_www]
Import successful!
The resources that were imported are shown above. These resources are now in your Terraform state and will henceforth be managed by Terraform.
Actual Behavior
"terraform import module.bigip_ltm_policy.bigip_ltm_policy.www_test_com-Policy /Common/www.test.com-Policy"
module.bigip_ltm_policy.bigip_ltm_policy.www_test_com-Policy: Importing from ID "/Common/www.test.com-Policy"... module.bigip_ltm_policy.bigip_ltm_policy.www_test_com-Policy: Import prepared! Prepared bigip_ltm_policy for import module.bigip_ltm_policy.bigip_ltm_policy.www_test_com-Policy: Refreshing state... [id=/Common/www.test.com-Policy]
Error: Cannot import non-existent remote object
While attempting to import an existing object to bigip_ltm_policy.www_test_com-Policy, the provider detected that no object exists with the given id. Only pre-existing objects can be imported; check that the id is correct and that it is associated with the provider's configured region or endpoint, or use "terraform apply" to create a new remote object for this resource.