hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io
Other
43.13k stars 9.58k forks source link

Google Compute Forward Rule creation failure when `ports` not specified. #13822

Closed owensk closed 7 years ago

owensk commented 7 years ago

Terraform Version

Terraform v0.9.3

Affected Resource(s)

Terraform Configuration Files

resource "google_compute_forwarding_rule" "linkerd-forwarding-rule" {
  name                  = "linkerd-forwarding-rule"
  backend_service       = "${google_compute_region_backend_service.linkerd-regional-backend-service.self_link}"
  load_balancing_scheme = "INTERNAL"
}

Debug Output

Plan output:

+ module.linkerd-prod.google_compute_forwarding_rule.linkerd-all-ports-forwarding-rule
    backend_service:       "https://www.googleapis.com/compute/v1/projects/olark-main/regions/us-central1/backendServices/linkerd-regional-backend-service"
    ip_address:            "<computed>"
    ip_protocol:           "<computed>"
    load_balancing_scheme: "INTERNAL"
    name:                  "linkerd-all-ports-forwarding-rule"
    network:               "<computed>"
    project:               "<computed>"
    region:                "<computed>"
    self_link:             "<computed>"
    subnetwork:            "<computed>"

Apply Ouput:

Error applying plan:

1 error(s) occurred:

* module.linkerd-prod.google_compute_forwarding_rule.linkerd-all-ports-forwarding-rule: 1 error(s) occurred:

* google_compute_forwarding_rule.linkerd-all-ports-forwarding-rule: Error creating ForwardingRule: googleapi: Error 400: Invalid value for field 'resource.ports[0]': ''. Forwarding rules with backend services must specify at least one port., invalid

Expected Behavior

Should create forwarding rule that forwards all ports to all instances in backend.

Actual Behavior

Doesn't create anything on apply. plan doesn't fail because lacking a value in ports.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. Setup forwarding rule to look like config give
  2. terraform plan to see change
  3. terraform apply to attempt change

Important Factoids

ports is listed as optional. Appears to be "exclusive or" with port_range and success there depends on whether load_balancing_scheme is INTERNAL or EXTERNAL.

danawillow commented 7 years ago

Hey @owensk, can you point me to the place in the GCP documentation that says an empty forwarding rule should forward all ports (or where you expect it to say that it can't be empty)? I'll follow up internally on that. In the meantime, I'll make the error more clear in terraform.

owensk commented 7 years ago

I can't seem to find what I was looking at originally. I was able to find: https://www.terraform.io/docs/providers/google/r/compute_forwarding_rule.html which specifies https://www.terraform.io/docs/providers/google/r/compute_forwarding_rule.html which doesn't work as documented.

It looks like this might be a documentation defect and could probably be fixed with a change there and some form of error in the plan stage.

mgla178b commented 5 years ago

Recently I have faced the same issue. I was trying to create forwarding rule with INTERNAL scheme, backend service and all ports to forward. I was expecting that omitting ports value will do the trick, but got the exception:

Error 400: Invalid value for field 'resource.ports[0]': ''. Forwarding rules with backend services must specify at least one port., invalid

@danawillow, please, check GCP documentation: https://cloud.google.com/load-balancing/docs/forwarding-rules

ports [Optional] A single port or single contiguous port range, ranging from low to high, for which this forwarding rule matches. Packets of the specified protocol sent to these ports will be forwarded to the appropriate target pool or target instance. If this field is left empty, then the forwarding matches traffic for all ports for the specified protocol.

Is there currently any way to create internal forwarding rule with all ports to forward using Terraform?

danawillow commented 5 years ago

Hey @Integrity-178B, this is a pretty old issue. Could you file a new one in the Google provider repository instead? https://github.com/terraform-providers/terraform-provider-google. Thanks!

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.