search

hashicorp / terraform-provider-ignition

Terraform Ignition provider
https://www.terraform.io/docs/providers/ignition/
Mozilla Public License 2.0
38 stars 64 forks source link

ignition_config creation fails if the files section contains both static and dynamic content files #55

Open IvanovOleg opened 5 years ago

IvanovOleg commented 5 years ago

Terraform Version

Terraform v0.12.1

Affected Resource(s)

Please list the resources as a list, for example:

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "tls_private_key" "ca" {
  algorithm = "${var.tls_algorithm}"
}

data "ignition_file" "sysctl-net-core" {
  filesystem = "root"
  path       = "/etc/sysctl.d/nc.conf"
  mode       = 420

  content {
    content = "net.core.somaxconn = 512"
  }
}

data "ignition_file" "ca-key" {
  filesystem = "root"
  path       = "${var.tls_directory}/ca-key.pem"
  mode       = 493

  content {
    content = "${tls_private_key.ca.private_key_pem}"
  }
}

data "ignition_config" "main" {
  files = [
    "${data.ignition_file.sysctl-net-core.id}",
    "${data.ignition_file.ca-key.id}",
  ]
}

tls_directory             = "/etc/ssl/certs/kubernetes"
tls_algorithm             = "RSA"
tls_validity_period_hours = 26280
etcd_disk_lun_number      = 1
variable "tls_algorithm" {}
variable "tls_validity_period_hours" {}
variable "etcd_disk_lun_number" {}
variable "tls_directory" {}

Expected Behavior

Ignition config is created.

Actual Behavior

data.ignition_file.sysctl-net-core: Refreshing state...

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create
 <= read (data resources)

Terraform will perform the following actions:

  # data.ignition_config.main will be read during apply
  # (config refers to values not yet known)
 <= data "ignition_config" "main"  {
      + files    = [
          + "84c1889315f23264eb059f6a0dea5b0c3c3c362bc274c33c249b640e4700c4f0",
          + (known after apply),
        ]
      + id       = (known after apply)
      + rendered = (known after apply)
    }

  # data.ignition_file.ca-key will be read during apply
  # (config refers to values not yet known)
 <= data "ignition_file" "ca-key"  {
      + filesystem = "root"
      + id         = (known after apply)
      + mode       = 493
      + path       = "/etc/ssl/certs/kubernetes/ca-key.pem"

      + content {
          + content = (known after apply)
        }
    }

  # tls_private_key.ca will be created
  + resource "tls_private_key" "ca" {
      + algorithm                  = "RSA"
      + ecdsa_curve                = "P224"
      + id                         = (known after apply)
      + private_key_pem            = (known after apply)
      + public_key_fingerprint_md5 = (known after apply)
      + public_key_openssh         = (known after apply)
      + public_key_pem             = (known after apply)
      + rsa_bits                   = 2048
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

tls_private_key.ca: Creating...
tls_private_key.ca: Creation complete after 0s [id=7bcfe6bcf6ac7e5db31e29fd75615c6512ff20ee]
data.ignition_file.ca-key: Refreshing state...
data.ignition_config.main: Refreshing state...

Error: invalid file "84c1889315f23264eb059f6a0dea5b0c3c3c362bc274c33c249b640e4700c4f0", unknown file id

  on ignition.tf line 21, in data "ignition_config" "main":
  21: data "ignition_config" "main" {

Debug Output

2019/06/19 22:35:36 [TRACE] EvalReadData: working on data.ignition_config.main
2019/06/19 22:35:36 [TRACE] GetResourceInstance: data.ignition_file.sysctl-net-core is a single instance
2019/06/19 22:35:36 [TRACE] GetResourceInstance: data.ignition_file.ca-key is a single instance
2019/06/19 22:35:36 [TRACE] Re-validating config for data.ignition_config.main
2019/06/19 22:35:36 [TRACE] GRPCProvider: ValidateDataSourceConfig
2019/06/19 22:35:36 [TRACE] EvalReadData: data.ignition_config.main configuration is complete, so reading from provider
2019/06/19 22:35:36 [TRACE] GRPCProvider: ReadDataSource
2019/06/19 22:35:36 [ERROR] <root>: eval: *terraform.EvalReadData, err: invalid file "84c1889315f23264eb059f6a0dea5b0c3c3c362bc274c33c249b640e4700c4f0", unknown file id
2019/06/19 22:35:36 [ERROR] <root>: eval: *terraform.EvalSequence, err: invalid file "84c1889315f23264eb059f6a0dea5b0c3c3c362bc274c33c249b640e4700c4f0", unknown file id
2019/06/19 22:35:36 [TRACE] [walkApply] Exiting eval tree: data.ignition_config.main
2019/06/19 22:35:36 [TRACE] vertex "data.ignition_config.main": visit complete
2019/06/19 22:35:36 [TRACE] dag/walk: upstream of "meta.count-boundary (EachMode fixup)" errored, so skipping
2019/06/19 22:35:36 [TRACE] dag/walk: upstream of "provider.ignition (close)" errored, so skipping
2019/06/19 22:35:36 [TRACE] dag/walk: upstream of "root" errored, so skipping
2019/06/19 22:35:36 [TRACE] statemgr.Filesystem: no original state snapshot to back up
data2019/06/19 22:35:36 [TRACE] statemgr.Filesystem: state has changed since last snapshot, so incrementing serial to 3
.2019/06/19 22:35:36 [TRACE] statemgr.Filesystem: writing snapshot at terraform.tfstate
ignition_config.main: Refreshing state...
2019/06/19 22:35:36 [TRACE] statemgr.Filesystem: removing lock metadata file .terraform.tfstate.lock.info

Important Factoids

If the files section of the ignition_config contains references on both static content files and dynamic content files, ignition_config fails. Second execution of the apply command works. If I comment static content or dynamic content file references separately, it works. Looks like ignition_config doesn't resolve dependencies correctly.

IvanovOleg commented 5 years ago

Exists in the terraform 0.12.2 as well

IvanovOleg commented 5 years ago

I've changed this line: https://github.com/terraform-providers/terraform-provider-ignition/blob/cbc74835e76081caf05f1861e695b4eb8fbceffc/ignition/resource_ignition_config.go#L258 to: return storage, fmt.Errorf("invalid file %q, unknown file id", c.files) and to: return storage, fmt.Errorf("invalid file %q, unknown file id", d.Get("files")) to see content and the problem is that there are two files in d.Get("files"), but only one file is in c.files. Looks like the static content file doesn't appear in the cache at this point.

IvanovOleg commented 5 years ago

The reason of the issue is that terraform 0.12 resolves static and dynamic content on different stages. This means that there are two separate"globalcache" instances. So when the buildStorage function works, it tries to check the availability of static files stored in the schema with globalcache that holds only dynamic content files and fails. The same thing happens with the other types.

seh commented 5 years ago

Why did you close the issue? It sounds like there’s still a defect here.

IvanovOleg commented 5 years ago

@seh Because I've found https://github.com/terraform-providers/terraform-provider-ignition/issues/12 that looks the same

smalltown commented 5 years ago

also encounter the same issue in terraform 0.12.3 ...

tstoermer commented 5 years ago

Same issue with

Using a variable to assign ignition file content fails. Using the file() operation reading content from a file works.

esomore commented 5 years ago

I am having the same issue

Error: invalid systemd unit "d119185b0d6e25dcdbf0f4ee0d9ccc4c34505f45894f759680e663faae018aea", unknown systemd unit id
seh commented 5 years ago

We're hitting this too with Terraform version 0.12.7 and provider version 1.1.0.

It used to be possible to work around these problems in 0.11-era Terraform versions by not doing a separate terraform plan and terraform apply \<plan>, but rather going straight through with terraform apply. Now, though, with Terraform's 0.12-era versions, we can't get this provider to work at all.

Best would be if this provider immediately failed with an error during terraform init, warning not to proceed with trying to use it. @alexsomesan, it looks like you've been the most active maintainer on this project recently, and worked through the Terraform version 0.12 transition. Have you found it to work for you? If not, what's your recommended course of action here?

lipsa-vlad commented 5 years ago

Hi, same here:

data "ignition_config" "test" {
  count = 3

  files = [
    data.ignition_file.hello.id,
  ]

  filesystems = [
    data.ignition_filesystem.data_fs.id,
  ]
}

data "ignition_filesystem" "data_fs" {
  name = "data"

  mount {
    device = "/dev/xvdb"
    format = "xfs"
  }
}

data "ignition_file" "hello" {
  filesystem = "foo"
  path       = "/hello.txt"
  content {
    content = "Hello World! ${var.some_content}"
  }
}

Error: invalid filesystem "a8392bb17f2efcdafdd004bc8564e2601df2a6f05b23b791dd731ea42e5cc2a7", unknown filesystem id 

terraform version
Terraform v0.12.7
+ provider.aws v2.7.0
+ provider.ignition v1.1.0
+ provider.template v2.1.2
adnankobir commented 4 years ago

This is now fixed for us using the latest provider: ignition 1.2.0

On a side note, as stated by the docs, we had to use .rendered for ignition_config systemd units.