Can not change google_compute_instance machine_type when min_cpu_platform is set

philip-harvey commented 1 year ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v1.5.2 google v4.77.0

Affected Resource(s)

google_compute_instance

Terraform Configuration Files

Before:

resource "google_compute_instance" "test" {
  name                      = "test"
  machine_type              = "n2d-standard-2"
  zone                      = "us-central1-a"
  min_cpu_platform          = "AMD Milan"
  allow_stopping_for_update = true
  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
    }
  }
  network_interface {
    network = "default"
    access_config { }
  }
}

After:

resource "google_compute_instance" "test" {
  name                      = "test"
  machine_type              = "n2-standard-2"
  zone                      = "us-central1-a"
  min_cpu_platform          = "Intel Ice Lake"
  allow_stopping_for_update = true
  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
    }
  }
  network_interface {
    network = "default"
    access_config { }
  }
}

Expected Behavior

GCE instance is stopped (if running), Instance type and min_cpu_platform are updated

Actual Behavior

Plan shows the correct change:

google_compute_instance.test will be updated in-place
  ~ resource "google_compute_instance" "test" {
        id                        = "projects/neon-sandbox-pharvey-ja0t/zones/us-central1-a/instances/test"
      ~ machine_type              = "n2d-standard-2" -> "n2-standard-2"
      ~ min_cpu_platform          = "AMD Milan" -> "Intel Ice Lake"
        name                      = "test"
        tags                      = []
        # (17 unchanged attributes hidden)

        # (4 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

but the apply fails with error "Error: googleapi: Error 400: The selected machine type (n2-standard-2) has a required CPU platform of cascadelake. The minimum CPU platform must match this, but was milan., badRequest"

Steps to Reproduce

terraform apply of the "Before" code
terraform apply of the "After" code

References

Similar issue to 14945

It is possible to work around this bug by doing a two step process. First change min_cpu_platform to "AUTOMATIC" and do an apply, then change to the new machine_type and min_cpu_platform

b/308755716

edwardmedia commented 1 year ago

Interesting. Below is what I got. The api returns 200 but with error message. Should this be treated as successful or failure? @zli82016

 ---[ RESPONSE ]--------------------------------------
 HTTP/2.0 200 OK
 {
   "name": "projects/myproject/locations/global/operations/operation-1691939923148-602cf7619c02d-d9cc0af4-e88e40b5",
   "metadata": {
     "@type": "type.googleapis.com/google.cloud.networksecurity.v1beta1.OperationMetadata",
     "createTime": "2023-08-13T15:18:43.158956099Z",
     "endTime": "2023-08-13T15:18:43.278011003Z",
     "target": "projects/myproject/locations/global/serverTlsPolicies/issue15453",
     "verb": "update",
     "requestedCancellation": false,
     "apiVersion": "v1beta1"
   },
   "done": true,
   "error": {
     "code": 9,
     "message": "Update not supported for ServerTlsPolicy created for External Load Balancer"
   }
 }

philip-harvey commented 1 year ago

Interesting. Below is what I got. The api returns 200 but with error message. Should this be treated as successful or failure? @zli82016

 ---[ RESPONSE ]--------------------------------------
 HTTP/2.0 200 OK
 {
   "name": "projects/myproject/locations/global/operations/operation-1691939923148-602cf7619c02d-d9cc0af4-e88e40b5",
   "metadata": {
     "@type": "type.googleapis.com/google.cloud.networksecurity.v1beta1.OperationMetadata",
     "createTime": "2023-08-13T15:18:43.158956099Z",
     "endTime": "2023-08-13T15:18:43.278011003Z",
     "target": "projects/myproject/locations/global/serverTlsPolicies/issue15453",
     "verb": "update",
     "requestedCancellation": false,
     "apiVersion": "v1beta1"
   },
   "done": true,
   "error": {
     "code": 9,
     "message": "Update not supported for ServerTlsPolicy created for External Load Balancer"
   }
 }

Hi @edwardmedia That seems to be different to what I'm seeing, not sure why there would be a message about an ELB

zli82016 commented 1 year ago

I got an error

googleapi: Error 400: The selected machine type (n2d-standard-2) has a required CPU platform of rome. The minimum CPU platform must match this, but was icelake., badRequest

karolgorc commented 1 month ago

The provider works as intended. It’s the API that causes the extra step when changing machine_type and the min_cpu parameters

This was delegated to the Compute API team along with problems printing the correct platform names in the requests

Testing with gcloud

Creating a VM with min_cpu_platform AMD Milan

Stopping the VM
Trying to change min_cpu_platform

Trying to change machine_type

The min_cpu_platform must be set to AUTOMATIC . If not these 2 parameters block one another.

I think there should be a mention of the workaround in the error message that the user gets in terraform before this gets fixed in the API

hashicorp / terraform-provider-google