Adding a NIC to an existing VM deletes and recreates the VM

Issue:

When a NIC is added to an existing VM, the VM gets deleted and then recreated with the added NIC. If the VM is in use, the contents of the VM are lost as a new VM is created with the added NIC.

The re-provisioning of the VM can be avoided by setting the ForceNew flag to False under the network_interface section. When ForceNew is set to False, terraform calls back the update handler to handle the changes in network_interfaces. Adding a NIC in the update callback encounters a few issues; below are the observations.

Key observations:

A NIC addition action from terraform is handled in 2 stages. The first stage where the ethernet device is added and the second stage where the interface is configured with user configuration (if user provides valid input for ipv4_address, ipv4_gateway, etc and doesn't skip customization)
The device addition is achieved by invoking ReconfigVM_Task() and the interface configuration is completed by invoking CustomizeVM_Task() vsphere apis.
During NIC addition, only the information of device that is to be added should be provided to ReconfigVM_Task() whereas to configure a single interface, configurations of all the interfaces must be provided when making a call to CustomizeVM_Task() as an array.
The order of the configurations provided must match with the order of the NICs as seen by vsphere. If there is a mismatch in the order of the configuration, wrong configurations are applied to NICs. Also, if there is a mismatch in the number of configurations provided, an error is thrown.
The order of the NICs provided as input in the terraform input file is not guaranteed. When network adapters are added to the VM, the order of the NICs in the VM can be different to the order of addition. This is a known issue. References below: https://github.com/hashicorp/terraform/issues/6520 https://github.com/hashicorp/terraform/issues/7673 https://communities.vmware.com/thread/484245 https://communities.vmware.com/thread/443600
When adding a NIC and customizing it during update, the order of the network adapters in the terraform input file and the order of NICs in the VM does not match and hence it becomes a challenge to come up with the right order of custom configuration array.
Due to this issue, just after a new VM is created (terraform apply), "terraform plan" shows differences although all provisioning is complete and successful.

Suggested Fix:

To overcome this limitation of jumbled network adapters and customizing them as per the user configuration the following approach has been considered.

ForceNew flag is set to false. This tells terraform not to delete create the resource (i.e. VM), instead provide a callback to the update handler where the network_interface changes can be handled.
When a NIC is added and custom configuration is provided: All the network adapters are deleted and re-added to the VM along with the new NIC. By doing so, the order of the adapter addition matches the order of the NIC custom configuration. This guarantees that the configuration is applied to the appropriate network adapters. As it is today, the VM is powered off and powered on to apply the customization. The VM is not deleted and re-created.
When a NIC is added but custom configuration is not provided: All the network adapters are deleted and re-added to the VM along with the new NIC. This is remain consistent with above flow. The VM is not powered off/on as no customization is done.
When a NIC's configuration is changed: All the network adapters are deleted and re-added to the VM. Appropriate custom configuration is applied to the adapters. The VM is powered off and powered on to apply the customization.
When a NIC is deleted: All the network adapters are deleted and the adapters provided/retained in the terraform input file are added to the VM. If custom configuration is provided, the configurations are applied appropriately and the VM is powered off and powered on. This can be enhanced to remove 'deleted NICs' only.

IBM-tfproviders / terraform-provider-vsphere