Unable to update dvPortgroup from `vlan_range` (VLAN Trunking) to `vlan_id` (VLAN)

[zkzqzk]

Community Guidelines

• [X] I have read and agree to the HashiCorp Community Guidelines .
• [X] Vote on this issue by adding a 👍 reaction to the original issue initial description to help the maintainers prioritize.
• [X] Do not leave "+1" or other comments that do not add relevant information or questions.
• [X] If you are interested in working on this issue or have submitted a pull request, please leave a comment.

Terraform

Terraform v1.1.5

Terraform Provider

v2.0.2

VMware vSphere

v7.03

Description

When change distributed port group from trunk to normal vlan (access), it will apply the config, but the actual state in the vCenter is not changed, it is still left in the trunk state.

Affected Resources

vsphere_distributed_port_group

Terraform Configuration

Below is config example.

Existing config:

resource "vsphere_distributed_port_group" "pg" {
  name                                          = "terraform-test-pg-1"
  distributed_virtual_switch_uuid = "${vsphere_distributed_virtual_switch.dvs.id}"
  vlan_range {
    min_vlan = 1
    max_vlan = 1000
  }

Intended new config:

resource "vsphere_distributed_port_group" "pg" {
  name                                          = "terraform-test-pg-1"
  distributed_virtual_switch_uuid = "${vsphere_distributed_virtual_switch.dvs.id}"
  vlan_id = 1000
}

Debug Output

No response

Panic Output

No response

Expected Behavior

In the vCenter, the distributed port group should be changed to vlan 1000

Actual Behavior

The distributed port group is till trunk 1-1000

Steps to Reproduce

No response

Environment Details

No response

Screenshots

No response

References

No response

[github-actions[bot]]

Hello,   zkzqzk ! 🖐

Thank you for submitting an issue for this provider. The issue will now enter into the issue lifecycle.

If you want to contribute to this project, please review the contributing guidelines and information on submitting pull requests.

[tenthirtyam]

Does the issue persist on a subsequent apply?

Ryan

[zkzqzk]

yes, the issue seems persist after multiple apply.

The distributed port group will keep in trunk mode no matter how you change and apply the configuration.

I only can destroy and re-create it via apply to make the new one showing vlan mode in vCenter. But obviously that will cause outages to VMs attached to it.

Regards,

Ken

---

发件人: Ryan Johnson @.> 发送时间: 2022年2月17日 11:38 收件人: hashicorp/terraform-provider-vsphere @.> 抄送: zkzqzk @.>; Author @.> 主题: Re: [hashicorp/terraform-provider-vsphere] Unable to update dvPortgroup from vlan_range to vlan_id (Issue #1592)

Does the issue persist on a subsequent apply?

Ryan

― Reply to this email directly, view it on GitHubhttps://github.com/hashicorp/terraform-provider-vsphere/issues/1592#issuecomment-1042859627, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACSOSVMQH4AJCE5YSCPVMCTU3TM4LANCNFSM5OUGYHYQ. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub. You are receiving this because you authored the thread.Message ID: @.***>

[tenthirtyam]

I'm not sure if the original intend of the resource was created to allow such a transition from vlan_range (trunk) to only vlan_id even though the intent is to derive the desired state.

My initial recommendation is to note this in the caveat in documentation and use this issue and an enhancement request.

Ryan

[tenthirtyam]

I've run a quick test with the following and can confirm the the reported behavior.

Initial Configuration:

provider "vsphere" {
  vsphere_server       = var.vsphere_server
  user                 = var.vsphere_username
  password             = var.vsphere_password
  allow_unverified_ssl = var.vsphere_insecure
}

data "vsphere_datacenter" "dc" {
  name = var.vsphere_datacenter
}

data "vsphere_distributed_virtual_switch" "ds" {
  name = var.vsphere_dvswitch
  datacenter_id = data.vsphere_datacenter.dc.id
}

resource "vsphere_distributed_port_group" "dvpg" {
  name        = var.dvpg_name
  distributed_virtual_switch_uuid = data.vsphere_distributed_virtual_switch.ds.id
  vlan_range {
    start = var.vlan_start
    end   = var.vlan_end
  }
}

Updated Configuration:

provider "vsphere" {
  vsphere_server       = var.vsphere_server
  user                 = var.vsphere_username
  password             = var.vsphere_password
  allow_unverified_ssl = var.vsphere_insecure
}

data "vsphere_datacenter" "dc" {
  name = var.vsphere_datacenter
}

data "vsphere_distributed_virtual_switch" "ds" {
  name = var.vsphere_dvswitch
  datacenter_id = data.vsphere_datacenter.dc.id
}

resource "vsphere_distributed_port_group" "dvpg" {
  name        = var.dvpg_name
  distributed_virtual_switch_uuid = data.vsphere_distributed_virtual_switch.ds.id
  vlan_id = var.dvpg_vlan_id
}

Results:

The dvPortGroup is not converted from vlan_range(VLAN Trunking) to vlan_id (VLAN); however, the .tfstate is updated with the new vlan_id. Manually changing the configuration in vSphere and then issuing an apply -refresh-only will not sync the state.

While this may have not been the original intent of the resource, it's fairly reasonable to assume that there may be cases where this is required as it can be done in the vSphere UI.

Ryan