Terraform: GKE module leftovers after apply and destroy

[aLekSer]

There are 3 Firewall rules are left behind after performing successfully terraform apply and terraform destroy

What happened: One Firewall Rule relates to Ping UDP service.

k8s-fw-a47812a5e622211eab1ab42010a8a002
Description{"kubernetes.io/service-name":"agones-system/agones-ping-udp-service", "kubernetes.io/service-ip":"34.82.191.32"}

What you expected to happen:

No resource left after full cycle : deploy and destroy.

How to reproduce it (as minimally and precisely as possible): https://agones.dev/site/docs/installation/terraform/gke/

Anything else we need to know?:

All firewall rules are deleted if you run: helm delete --purge agones before running: terraform destroy

Environment:

• Agones version:
• Kubernetes version (use kubectl version):
• Cloud provider or hardware configuration:
• Install method (yaml/helm):
• Troubleshooting guide log(s):
• Others:

[aLekSer]

I would update documentation for installing Agones on different cloud providers (GKE, AKS, EKS) with following line after testing that all of them will support such a fix:

terraform destroy -target module.helm_agones.helm_release.agones -auto-approve && sleep 60 && terraform destroy -auto-approve

[aLekSer]

Let me check if Helm 3 helps with fixing this bug. At the first glance it is fixed as per this test: https://github.com/googleforgames/agones/pull/1483

[aLekSer]

Before terraform destroy:

gcloud compute firewall-rules list  | grep terratest-cluster2 | wc -l

After terraform destroy:

gcloud compute firewall-rules list  | grep terratest-cluster2 | wc -l
0

This proves that switch to Helm 3 fix the problem with dangling Firewall Rules.

[markmandel]

That's awesome! :fire: