GKE node_pool taints should not force resource recreation

[gorge511]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v1.3.7
on darwin_amd64

Google Terraform Provider 4.55.0

Affected Resource(s)

• google_container_node_pool

Expected Behavior

Node pool should be modified in place. This change works in the GCP Console WebUI. So there should be possibility to update taints without node pool recreation.

Also this works with gcloud. See the docs for update command.

Actual Behavior

When you change the taint in node_config block on the node pool the resource is forced to be recreated.

There is a limitation written in the docs, but I think this is no longer relevant for non-default node pools.

See the forcing code in google provider. And see the gcloud command docs where you can see that --node-taints is available in update operation.

Steps to Reproduce

1. Create GKE cluster with non-default node pool with google_container_node_pool without taint in the node_config block.
2. Add any taint in the node_config block.
3. Plan now shows node pool recreation.

References

• b/298500120

[rileykarson]

Note: We've had a lot of issues with GKE taints over time- we really need to rethink our model for them. See https://github.com/hashicorp/terraform-provider-google/issues/7928 for a related issue.

[ondrejhlavacek]

Can be closed, it's fixed, see https://github.com/hashicorp/terraform-provider-google/issues/7928 for details.