search

bpg / terraform-provider-proxmox

Terraform / OpenTofu Provider for Proxmox VE
https://registry.terraform.io/providers/bpg/proxmox
Mozilla Public License 2.0
892 stars 140 forks source link

No more than 14 cidr block allowed for ipset #1480

Closed Ivan-beep closed 3 months ago

Ivan-beep commented 3 months ago

Describe the bug An error is thrown when trying to create an IPSet with more than 14 cidr blocks.

To Reproduce Steps to reproduce the behavior:

  1. Create more than 14 resources 'proxmox_virtual_environment_vm.belenos'
  2. Run
  3. See error
resource "proxmox_virtual_environment_vm" "belenos" {
  node_name = var.node

  for_each = local.vms_config

  name      = "vm-${each.key}"

  # vm settings
  vm_id= format("1%03d", ${each.key})

  agent {
    # read 'Qemu guest agent' section, change to true only when ready
    enabled = false
  }

  dynamic "disk" {
    for_each = each.value.disks

    content {
      datastore_id = disk.value.datastore
      file_id      = var.debian_iso_name
      interface    = disk.value.label
      size         = disk.value.size
    }
  }
  cpu {
    cores   = each.value.num_cpus
  }
  memory {
    dedicated = each.value.memory
  }

  initialization {
    datastore_id = var.datastore

    dynamic "ip_config" {
      for_each = each.value.ip_config

      content {
        ipv4 {
          address = "${ip_config.value.ip}/24"
          gateway = each.value.default_gateway
        }
      }
    }

    user_account {
      username = var.vm_username
      password = var.vm_password
      keys     = var.vm_ssh_keys
    }
  }

  serial_device {}
}

resource "proxmox_virtual_environment_firewall_ipset" "belenos" {
    name     = "belenos"

    dynamic "cidr" {
      for_each = proxmox_virtual_environment_vm.belenos
      content {
        name = split("/", cidr.value.initialization[0].ip_config[0].ipv4[0].address)[0]
    }
  }
}

Expected behavior No limitation should be set on cidr block number when creating an IPSet

Screenshots image

Additional context There is no cidr limitation when managing IPSet on Proxmox GUI. I think the issue is due to this line but I am not sure why the limit was set to this value... https://github.com/bpg/terraform-provider-proxmox/blob/main/proxmoxtf/resource/firewall/ipset.go#L79

bpg commented 3 months ago

It's really hard to tell where this limit came from. Can't find anything relevant in the API docs or in the code.