search

aliyun / terraform-provider-alicloud

Terraform AliCloud provider
https://www.terraform.io/docs/providers/alicloud/
Mozilla Public License 2.0
590 stars 553 forks source link

Allow for recreating alicloud_instance resources? #4721

Open danopia opened 2 years ago

danopia commented 2 years ago

Hi, I am managing alicloud_instance resources and using the user_data field to configure first-boot setup scripts. My struggle is that I cannot figure out how to replace the instances with Terraform (ForceNew). I need to manually force a recreation every time I change the user_data field.

How can I have Terraform replace the instance resource? In immutable infrastructure it is better to start over when making a change instead of mutating/changing an existing resource.

Terraform Version

Terraform v1.1.7
on darwin_amd64
+ provider registry.terraform.io/aliyun/alicloud v1.156.0

Affected Resource(s)

Terraform Configuration Files

resource "alicloud_instance" "self" {

  # usual fields, vswitch etc....

  user_data = join("\n", [
    "#!/bin/sh -eux",

    # Some first-boot setup like creating an ops user
    # If this changes, the ECS instance needs to be recreated as well!
    "adduser operations",
  ])
}

Expected Behavior

When I change user_data I expect to release and recreate the instance so the new user_data will be run as first-boot.

It doesn't have to be user_data itself which forces recreation, I'd be happy with any text field that can force recreation. I would then hash the user_data value and include the hash in that other field.

Actual Behavior

The ECS instance is rebooted but retains the disk contents from before the change. It is not a first-boot.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform apply
  2. change the userdata script
  3. terraform apply

References

danopia commented 2 years ago

What other clouds do:

Google Cloud uses a metadata key for the startup script, which can be change at runtime like any other metadata field. The Terraform provider has an extra helper attribute which sets that same metadata key, and also forces recreation. So you decide whether you want to force recreation on change. https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance#metadata_startup_script

AWS used to force recreation on userdata change, then changed to only a reboot which has broken some workflows: https://github.com/hashicorp/terraform-provider-aws/issues/23315 and there's an open PR to allow restoring the previous behavior: https://github.com/hashicorp/terraform-provider-aws/pull/23604

Oracle Cloud doesn't allow changing user data at all: https://registry.terraform.io/providers/hashicorp/oci/latest/docs/resources/core_instance#metadata

Azure seems to let you change userdata dynamically without any concerns: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/linux_virtual_machine#user_data

harrytewkesbury commented 2 years ago

Similarly, Aliyun autoscalling groups update in-place for most elements of the resources (configuration sets and/or groups), whereas other cloud providers allow fundamental parameters to force a recreation of the resource(s). In our case, we would like to recreate an ASG with a name change (by virtue of a name-prefix for example) but the Alicloud provider does not have such a requirement except for the multiAZ balance strategy parameter. I don't know if it is as simple as opening a PR with that as an option for the name parameter... perhaps that is all that is needed.