search

chef-boneyard / chef-provisioning-aws

AWS driver and resources for Chef that uses the AWS SDK
Apache License 2.0
142 stars 122 forks source link

Chef runs fail if route propagation is enabled on route tables #169

Open dblessing opened 9 years ago

dblessing commented 9 years ago

We found that we can't manage route propagation via Chef provisioning at the moment so we just managed the local routes via Chef and then manually enabled route propagation in AWS console. All subsequent Chef client runs fail once propagation is enabled. This is just about a show stopper for us because without propagated routes we can't have traffic routed to/from our VPN.

* aws_route_table[AZ1_Private_w_NAT_Route_stg] (rtb-660c2503) action create

    ================================================================================
    Error executing action `create` on resource 'aws_route_table[AZ1_Private_w_NAT_Route_stg] (rtb-660c2503)'
    ================================================================================

    AWS::EC2::Errors::InvalidRoute::NotFound
    ----------------------------------------
    no route with destination-cidr-block 10.20.0.0/24 in route table rtb-660c2503

    Resource Declaration:
    ---------------------
    # In /var/chef/cache/cookbooks/bke_aws/recipes/vpc.rb

     60:   aws_route_table "#{az_name}_Private_w_NAT_Route_#{env}" do
     61:     vpc "North_Virginia_#{env}"
     62:     route_table_id node['bke_aws']['us_east'][az]['private_route_id']
     63:     routes node['bke_aws']['us_east'][az]['private_routes']
     64:   end
     65:

    Compiled Resource:
    ------------------
    # Declared in /var/chef/cache/cookbooks/bke_aws/recipes/vpc.rb:60:in `block in from_file'

    aws_route_table("AZ1_Private_w_NAT_Route_stg") do
      action :create
      retries 0
      retry_delay 2
      default_guard_interpreter :default
      driver #<Chef::Provisioning::AWSDriver::Driver:0x00000008594ce8 @driver_url="aws::us-east-1"
      declared_type :aws_route_table
      cookbook_name "bke_aws"
      recipe_name "vpc"
      vpc "North_Virginia_stg"
    end

Running handlers:
Running handlers complete
Chef Client failed. 0 resources updated in 18.360988082 seconds
dblessing commented 9 years ago

I guess I should say - either Chef needs to ignore the propagated routes or give us a mechanism to enable route propagation via aws_route_table. Either scenario is acceptable in the near term but we would like to have Chef fully manage this in the long term.

dblessing commented 9 years ago

This relates to #151 and #172

tyler-ball commented 9 years ago

Where in the UI do you configure route propogation? I was poking around and couldn't find it.