search

megaport / terraform-provider-megaport

Terraform Provider for Megaport Network
Mozilla Public License 2.0
30 stars 16 forks source link

Provider trying to make undesired changes to AWS VXC b_end vlan #126

Closed Kostoprav19 closed 3 months ago

Kostoprav19 commented 3 months ago

Hello!

While modifying VXC config via Terraform I have encountered unexpected behavior and error. My goal was to change AWS VXC a_end config (untagged -> vlan). Terraform plan looked suspicious - it was showing also changes to b_end (which is AWS side) inner_vlan field.

When I tried to apply the plan I got the result: 1) a_end inner_vlan successfully changed to 100 2) but apply process failed with error

Error: Error Updating VXC
│ 
│   with module.megaport-lbo.megaport_vxc.aws[0],
│   on .terraform/modules/megaport-lbo/main.tf line 88, in resource "megaport_vxc" "aws":
│   88: resource "megaport_vxc" "aws" {
│ 
│ Could not update VXC with ID f68e1684-de64-4924-9b8f-dc1eaa4fa6f7: PUT
│ https://api.megaport.com/v3/product/vxc/f68e1684-de64-4924-9b8f-dc1eaa4fa6f7:
│ 403 (trace_id "e4a892b23bcc79[76](https://gitlab.com/1nce-tech/platform/base-services/infra/terraform/external-network/megaport/-/jobs/7461774881#L76)6393ab6689bf528d") Only B end owner can
│ change B VLAN

Terraform plan

Terraform will perform the following actions:
  # module.megaport-lbo.megaport_vxc.aws[0] will be updated in-place
  ~ resource "megaport_vxc" "aws" {
      ~ a_end                = {
          ~ current_product_uid   = "0a6f30e9-80ea-4dff-9d71-c874d3757067" -> (known after apply)
          + inner_vlan            = 100
          ~ location              = "Interxion FRA6" -> (known after apply)
          ~ location_id           = 130 -> (known after apply)
          ~ product_name          = "LBO-EU-Frankfurt-ICSS-MVE" -> (known after apply)
          ~ vlan                  = 2640 -> (known after apply)
            # (5 unchanged attributes hidden)
        }
      ~ b_end                = {
          ~ current_product_uid   = "9332c1a2-7479-4f57-[84](https://gitlab.com/1nce-tech/platform/base-services/infra/terraform/external-network/megaport/-/jobs/7461774878#L84)e8-1d7f2abbfa6d" -> (known after apply)
          + inner_vlan            = (known after apply)
          ~ location              = "Interxion FRA6" -> (known after apply)
          ~ location_id           = 130 -> (known after apply)
          ~ product_name          = "EU (Frankfurt) (eu-central-1)" -> (known after apply)
          ~ requested_product_uid = "5ec445b7-6e15-4638-a2d7-8b9ab6ab0e62" -> "4348e355-5e76-470b-988b-ac245c4[86](https://gitlab.com/1nce-tech/platform/base-services/infra/terraform/external-network/megaport/-/jobs/7461774878#L86)63b"
          ~ vlan                  = 2640 -> (known after apply)
            # (4 unchanged attributes hidden)
        }
      ~ contract_end_date    = "Friday, 19-Jul-24 14:00:00 UTC" -> (known after apply)
      ~ contract_start_date  = "Thursday, 20-Jun-24 10:28:26 UTC" -> (known after apply)
      ~ create_date          = "Thursday, 20-Jun-24 10:26:37 UTC" -> (known after apply)
      ~ last_updated         = "Thursday, 04-Jul-24 12:08:29 UTC" -> (known after apply)
      ~ live_date            = "Thursday, 20-Jun-24 10:28:26 UTC" -> (known after apply)
      ~ provisioning_status  = "LIVE" -> (known after apply)
        # (21 unchanged attributes hidden)
    }
Plan: 0 to add, 1 to change, 0 to destroy.
mega-alex commented 3 months ago

Hey we're trying to replicate this but haven't been able to produce the same 403 error you had. It also seems like the trace ID got a bit mangled as e4a892b23bcc79[76](https://gitlab.com/1nce-tech/platform/base-services/infra/terraform/external-network/megaport/-/jobs/7461774881#L76)6393ab6689bf528d") so we're having a hard time tracking down the internal request. Could you get us a TF file and the changes you made to produce the error?

Kostoprav19 commented 3 months ago

Hello! It turns out that this is relevant to migration from Megaport Terraform provider v1.0.1 -> v.1.1.0. When I use the same latest version I don't have any issues. Not sure if this is still valid issue. I have already worked around this issue by recreating VXC resource.

I was able to recreate the issue in this way: 1) downgrade provider to v1.0.1 2) Deploy all resources from scratch in Staging environment 3) upgrade provider to v1.1.0 4) change anything to trigger update - i have changed value of cost_centre 5) terraform apply -> result in errors during apply phase

Error:

╷
│ Error: Error Updating VXC
│ 
│   with megaport_vxc.internet,
│   on main.tf line 50, in resource "megaport_vxc" "internet":
│   50: resource "megaport_vxc" "internet" {
│ 
│ Could not update VXC with ID f1c7699b-7437-40db-9378-ef495ecba661: PUT https://api-staging.megaport.com/v3/product/vxc/f1c7699b-7437-40db-9378-ef495ecba661: 403 (trace_id "685bb1c0c83e402206474513b48f5081") Only B end owner can change B VLAN 
╵
╷
│ Error: Error Updating VXC
│ 
│   with megaport_vxc.ipxgrx[0],
│   on main.tf line 67, in resource "megaport_vxc" "ipxgrx":
│   67: resource "megaport_vxc" "ipxgrx" {
│ 
│ Could not update VXC with ID b1362f14-6b78-450b-9bbb-ad38f7bb739c: PUT https://api-staging.megaport.com/v3/product/vxc/b1362f14-6b78-450b-9bbb-ad38f7bb739c: 400 (trace_id "4ce6761e69891ba6c67643e3c61d21b8") VRouter: VXC VLAN does not match any vNIC, Validation of csp_request failed 
╵
╷
│ Error: Error Updating VXC
│ 
│   with megaport_vxc.aws[0],
│   on main.tf line 88, in resource "megaport_vxc" "aws":
│   88: resource "megaport_vxc" "aws" {
│ 
│ Could not update VXC with ID 39b914dc-7115-4e08-a510-dec3f99fdb2d: PUT https://api-staging.megaport.com/v3/product/vxc/39b914dc-7115-4e08-a510-dec3f99fdb2d: 403 (trace_id "c0fac6161cff2b4766069990f9c6a3ca") Only B end owner can change B VLAN

Plan:

Terraform will perform the following actions:

  # megaport_mve.fortigate will be updated in-place
  ~ resource "megaport_mve" "fortigate" {
      ~ contract_start_date    = "Friday, 02-Aug-24 12:56:51 EEST" -> (known after apply)
      ~ cost_centre            = "A-123-2024-GER-123-125" -> "A-123-2024-GER-123-124"
      ~ last_updated           = "Friday, 02-Aug-24 12:56:48 EEST" -> (known after apply)
      ~ live_date              = "Friday, 02-Aug-24 12:56:51 EEST" -> (known after apply)
      ~ provisioning_status    = "LIVE" -> (known after apply)
      + terminate_date         = (known after apply)
        # (26 unchanged attributes hidden)
    }

  # megaport_port.ipxgrx will be updated in-place
  ~ resource "megaport_port" "ipxgrx" {
      ~ contract_end_date      = "Friday, 01-Aug-25 17:00:00 EEST" -> (known after apply)
      ~ contract_start_date    = "Friday, 02-Aug-24 12:56:51 EEST" -> (known after apply)
      ~ cost_centre            = "A-123-2024-GER-123-125" -> "A-123-2024-GER-123-124"
      ~ create_date            = "Friday, 02-Aug-24 12:56:15 EEST" -> (known after apply)
      ~ last_updated           = "Friday, 02-Aug-24 12:56:47 EEST" -> (known after apply)
      ~ live_date              = "Friday, 02-Aug-24 12:56:51 EEST" -> (known after apply)
      ~ provisioning_status    = "LIVE" -> (known after apply)
      ~ resources              = {
          ~ interface = {
              ~ demarcation = <<-EOT
                    Equinix PA2/3
                    114 Rue Ambroise Croizat, Saint Denis
                    Type: Single-mode Fibre Pair
                    Ports: PP:0210:1302578, ports 21+22
                    Termination: SC connector
                EOT -> (known after apply)
              ~ up          = 1 -> (known after apply)
            } -> (known after apply)
        } -> (known after apply)
      + terminate_date         = (known after apply)
        # (17 unchanged attributes hidden)
    }

  # megaport_vxc.aws[0] will be updated in-place
  ~ resource "megaport_vxc" "aws" {
      ~ a_end                = {
          ~ current_product_uid   = "fcd596e9-9029-4bd4-98c8-bf952c3d7486" -> (known after apply)
          ~ location              = "Equinix PA2/3" -> (known after apply)
          ~ location_id           = 515 -> (known after apply)
          ~ product_name          = "TEST-EU-Paris-ICSS-MVE" -> (known after apply)
          ~ vlan                  = 322 -> (known after apply)
            # (6 unchanged attributes hidden)
        }
      ~ b_end                = {
          ~ current_product_uid   = "fc1c70e7-3bd7-4d7d-8f27-c80296785542" -> (known after apply)
          + inner_vlan            = (known after apply)
          ~ location              = "Interxion PAR5" -> (known after apply)
          ~ location_id           = 527 -> (known after apply)
          ~ product_name          = "EU (Paris) (eu-west-3)" -> (known after apply)
          ~ vlan                  = 322 -> (known after apply)
            # (5 unchanged attributes hidden)
        }
      ~ contract_end_date    = "Sunday, 01-Sep-24 17:00:00 EEST" -> (known after apply)
      ~ contract_start_date  = "Friday, 02-Aug-24 12:57:41 EEST" -> (known after apply)
      ~ cost_centre          = "A-123-2024-GER-123-125" -> "A-123-2024-GER-123-124"
      ~ create_date          = "Friday, 02-Aug-24 12:56:52 EEST" -> (known after apply)
      ~ last_updated         = "Friday, 02-Aug-24 12:57:27 EEST" -> (known after apply)
      ~ live_date            = "Friday, 02-Aug-24 12:57:41 EEST" -> (known after apply)
      ~ provisioning_status  = "LIVE" -> (known after apply)
        # (19 unchanged attributes hidden)
    }

  # megaport_vxc.internet will be updated in-place
  ~ resource "megaport_vxc" "internet" {
      ~ a_end                = {
          ~ current_product_uid   = "fcd596e9-9029-4bd4-98c8-bf952c3d7486" -> (known after apply)
          + inner_vlan            = (known after apply)
          ~ location              = "Equinix PA2/3" -> (known after apply)
          ~ location_id           = 515 -> (known after apply)
          ~ product_name          = "TEST-EU-Paris-ICSS-MVE" -> (known after apply)
          ~ vlan                  = 733 -> (known after apply)
            # (5 unchanged attributes hidden)
        }
      ~ b_end                = {
          ~ current_product_uid   = "52cb6573-5cc8-45cc-8af1-d21db1fe3485" -> (known after apply)
          + inner_vlan            = (known after apply)
          ~ location              = "Equinix PA2/3" -> (known after apply)
          ~ location_id           = 515 -> (known after apply)
          ~ product_name          = "Megaport Internet" -> (known after apply)
          ~ vlan                  = 733 -> (known after apply)
            # (5 unchanged attributes hidden)
        }
      ~ contract_end_date    = "Friday, 01-Aug-25 17:00:00 EEST" -> (known after apply)
      ~ contract_start_date  = "Friday, 02-Aug-24 12:57:31 EEST" -> (known after apply)
      ~ cost_centre          = "A-123-2024-GER-123-125" -> "A-123-2024-GER-123-124"
      ~ create_date          = "Friday, 02-Aug-24 12:56:51 EEST" -> (known after apply)
      ~ last_updated         = "Friday, 02-Aug-24 12:57:25 EEST" -> (known after apply)
      ~ live_date            = "Friday, 02-Aug-24 12:57:31 EEST" -> (known after apply)
      ~ provisioning_status  = "LIVE" -> (known after apply)
        # (18 unchanged attributes hidden)
    }

  # megaport_vxc.ipxgrx[0] will be updated in-place
  ~ resource "megaport_vxc" "ipxgrx" {
      ~ a_end                = {
          ~ current_product_uid   = "fcd596e9-9029-4bd4-98c8-bf952c3d7486" -> (known after apply)
          ~ location              = "Equinix PA2/3" -> (known after apply)
          ~ location_id           = 515 -> (known after apply)
          ~ product_name          = "TEST-EU-Paris-ICSS-MVE" -> (known after apply)
          ~ vlan                  = 3952 -> (known after apply)
            # (6 unchanged attributes hidden)
        }
      ~ b_end                = {
          ~ current_product_uid   = "93c4e7b7-13b4-44be-a538-750402aacee2" -> (known after apply)
          + inner_vlan            = (known after apply)
          ~ location              = "Equinix PA2/3" -> (known after apply)
          ~ location_id           = 515 -> (known after apply)
          ~ product_name          = "TEST-EU-Paris-ICSS-Port" -> (known after apply)
          ~ vlan                  = 3952 -> (known after apply)
            # (5 unchanged attributes hidden)
        }
      ~ contract_end_date    = "Sunday, 01-Sep-24 17:00:00 EEST" -> (known after apply)
      ~ contract_start_date  = "Friday, 02-Aug-24 12:57:31 EEST" -> (known after apply)
      ~ cost_centre          = "A-123-2024-GER-123-125" -> "A-123-2024-GER-123-124"
      ~ create_date          = "Friday, 02-Aug-24 12:56:52 EEST" -> (known after apply)
      + csp_connections      = (known after apply)
      ~ last_updated         = "Friday, 02-Aug-24 12:57:26 EEST" -> (known after apply)
      ~ live_date            = "Friday, 02-Aug-24 12:57:31 EEST" -> (known after apply)
      ~ provisioning_status  = "LIVE" -> (known after apply)
        # (17 unchanged attributes hidden)
    }

Plan: 0 to add, 5 to change, 0 to destroy.
mega-alex commented 3 months ago

Ah ok, if it's just an issue with preexisting state I think we can close this then.