search

NaverCloudPlatform / terraform-provider-ncloud

Terraform NaverCloud provider
https://registry.terraform.io/providers/NaverCloudPlatform/ncloud/latest/docs
Mozilla Public License 2.0
103 stars 73 forks source link

destroy provisioner is not working. #217

Closed aplsms closed 2 years ago

aplsms commented 2 years ago

Hello, I have a problem running destroy provisioner to dismount a volume.

resource "null_resource" "rtp1-disk-unprovisioner" {

  connection {
    type     = "ssh"
    host     = ncloud_public_ip.public_ip_rtp1.public_ip
    user     = "root"
    port     = "22"
    password = data.ncloud_root_password.rtp1_root_password.root_password
  }
  provisioner "remote-exec" {
    when = destroy
    inline = [
      "chmod 755 /root/scripts/mount-storage.sh",
      "sh /root/scripts/mount-storage.sh /dev/xvdb audio >> /root/scripts/mount-storage.log",
      "mount",
    ]
  }  
}

error message: 

$ terraform plan                                                                                                                                                                                     1 ↵
╷
│ Error: Invalid reference from destroy provisioner
│
│   on rtp1.tf line 104, in resource "null_resource" "rtp1-disk-unprovisioner":
│  104:     host     = ncloud_public_ip.public_ip_rtp1.public_ip
│
│ Destroy-time provisioners and their connection configurations may only reference attributes of the related resource, via 'self', 'count.index', or 'each.key'.
│
│ References to other resources during the destroy phase can cause dependency cycles and interact poorly with create_before_destroy.
╵
╷
│ Error: Invalid reference from destroy provisioner
│
│   on rtp1.tf line 107, in resource "null_resource" "rtp1-disk-unprovisioner":
│  107:     password = data.ncloud_root_password.rtp1_root_password.root_password
│
│ Destroy-time provisioners and their connection configurations may only reference attributes of the related resource, via 'self', 'count.index', or 'each.key'.
│
│ References to other resources during the destroy phase can cause dependency cycles and interact poorly with create_before_destroy.
╵

I see no root_password in the state:

> ncloud_server.rtp1
{
  "access_control_group_configuration_no_list" = tolist(null) /* of string */
  "base_block_storage_disk_detail_type" = "SSD"
  "base_block_storage_disk_type" = "NET"
  "base_block_storage_size" = tonumber(null)
  "cpu_count" = 2
  "description" = ""
  "fee_system_type_code" = "MTRAT"
  "id" = "11156721"
  "init_script_no" = ""
  "instance_no" = "11156721"
  "internet_line_type" = tostring(null)
  "is_encrypted_base_block_storage_volume" = tobool(null)
  "is_fee_charging_monitoring" = tobool(null)
  "is_protect_server_termination" = false
  "login_key_name" = "bp-key"
  "member_server_image_no" = tostring(null)
  "memory_size" = 4294967296
  "name" = "bp-rtp1"
  "network_interface" = tolist([
    {
      "network_interface_no" = "722889"
      "order" = 0
      "private_ip" = "172.16.240.8"
      "subnet_no" = "44357"
    },
  ])
  "placement_group_no" = ""
  "platform_type" = "LNX64"
  "port_forwarding_external_port" = tonumber(null)
  "port_forwarding_internal_port" = tonumber(null)
  "port_forwarding_public_ip" = tostring(null)
  "private_ip" = tostring(null)
  "public_ip" = "175.45.175.198"
  "raid_type_name" = tostring(null)
  "region" = tostring(null)
  "server_image_name" = tostring(null)
  "server_image_product_code" = "SW.VSVR.OS.LNX64.CNTOS.0708.B050"
  "server_product_code" = "SVR.VSVR.HICPU.C002.M004.NET.SSD.B050.G002"
  "subnet_no" = "44357"
  "tag_list" = tolist([])
  "timeouts" = null /* object */
  "user_data" = tostring(null)
  "vpc_no" = "21243"
  "zone" = "KR-1"
}

I've tried to use self.public_ip -- does not work.

How can I configure connection to use "self" ?

thank you in advance.

minosmlee commented 2 years ago

You seem to want to unmount the volume before the server is destroyed using the destroy provisioner. However, because the resource type of the destroy provisioner is null resource, it is executed not when the server is destroyed, but when the null resource is destroyed. So it does not work exactly as you want.

To solve this, the destroy provisioner must be declared inside the ncloud_server resource. Please refer to the example below.

resource "ncloud_server" "server" {
  provisioner "local-exec" {
    when = destroy
    command = "echo 'Destroy-time provisioner'"
  }
}

And, since the datasource ncloud_root_password is not an output of the ncloud_server resource, it must be used after declaring the datasource. Please refer to the usage example below.

data "ncloud_root_password" "default" {
  server_instance_no = ncloud_server.server.id
  private_key = ncloud_login_key.key.private_key
}

Lastly, destroying server fails due to volume mount when destroying server instance will be fixed soon. (stop_instance_before_destory option to be added)