search

nutanix / terraform-provider-nutanix

Terraform Nutanix Provider
https://www.terraform.io/docs/providers/nutanix/
Mozilla Public License 2.0
93 stars 112 forks source link

`resource_domain` is required when updating `nutanix_project` resource #648

Open jantari opened 8 months ago

jantari commented 8 months ago

Nutanix Cluster Information

Nutanix Cluster: 6.5.3.7 Nutanix Prism Cemtral: pc.2023.3

Terraform Version

Terraform v1.4.7

Affected Resource(s)

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file.

resource "nutanix_project" "ourproject" {
  name        = "ourproject"
  description = "All servers relating to ourproject"

  owner_reference = {
    kind = "user"
    name = "username@domain.tld"
    uuid = "73724490-3fb5-4c63-af88-e07d21b9a53a"
  }

  default_subnet_reference {
    uuid = data.nutanix_subnet.subnet_a.id
  }
}

Debug Output

I cannot provide the full debug output because it contains secrets. Here is the plan output:

Terraform will perform the following actions:

  # nutanix_project.ivu will be updated in-place
  ~ resource "nutanix_project" "ivu" {
        id                = "b20b9f6b-d0e4-4c0a-b5a0-f9f011c67e36"
        name              = "ivu"
        # (7 unchanged attributes hidden)

      ~ default_subnet_reference {
          + kind = "subnet"
          + uuid = "eba40fe0-bddf-4497-995c-2314f37c68cd"
        }
    }

and this is the debug output of the error it throws during the apply:

{
 "status": "FAILED",
 "last_update_time": "2023-11-10T14:07:47Z",
 "logical_timestamp": 3,
 "entity_reference_list": [
  {
   "kind": "project",
   "uuid": "<REDACTED>"
  }
 ],
 "start_time": "2023-11-10T14:07:46Z",
 "creation_time": "2023-11-10T14:07:46Z",
 "start_time_usecs": 1699625266626677,
 "cluster_reference": {
  "kind": "cluster",
  "uuid": "<REDACTED>"
 },
 "subtask_reference_list": [],
 "completion_time": "2023-11-10T14:07:47Z",
 "creation_time_usecs": 1699625266481516,
 "progress_message": "update_project",
 "operation_type": "update_project_intentful",
 "completion_time_usecs": 1699625267114381,
 "percentage_complete": 100,
 "api_version": "3.1",
 "uuid": "3c8c663b-046e-4b6e-9e84-3acb4077311f"
}
0

-----------------------------------------------------: timestamp=2023-11-10T15:07:50.215+0100
2023-11-10T15:07:50.220+0100 [ERROR] vertex "nutanix_project.ourproject" error: error waiting for project(<REDACTED>) to update: error_detail: , progress_message: update_project
2023-11-10T15:07:50.221+0100 [DEBUG] states/remote: state read serial is: 26; serial is: 26
2023-11-10T15:07:50.221+0100 [DEBUG] states/remote: state read lineage is: 19e07358-48d5-1cc9-73ee-4fa2ed2458d3; lineage is: 19e07358-48d5-1cc9-73ee-4fa2ed2458d3
╷
│ Warning: Disabled Providers: foundation, ndb. Please provide required fields in provider configuration to enable them. Refer docs.
│
│   with provider["registry.terraform.io/nutanix/nutanix"],
│   on main.tf line 1, in provider "nutanix":
│    1: provider "nutanix" {
│
╵
╷
│ Error: error waiting for project(<REDACTED>) to update: error_detail: , progress_message: update_project
│
│   with nutanix_project.ourproject,
│   on project.tf line 1, in resource "nutanix_project" "ourproject":
│    1: resource "nutanix_project" "ourproject" {
│
╵
2023-11-10T15:07:50.807+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-11-10T15:07:50.809+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/nutanix/nutanix/1.9.4/linux_amd64/terraform-provider-nutanix_v1.9.4 pid=10631
2023-11-10T15:07:50.809+0100 [DEBUG] provider: plugin exited

--->

Panic Output

No panic.

Expected Behavior

The provider should not have detected any changes and just left the project the way it's always been since its creation.

Actual Behavior

For some reason the provider acts like it wants to add a default_subnet_reference even though this has always been set, but even when going forward with the apply it just runs into an unhelpful error when trying to update the project.

Steps to Reproduce

  1. Use Nutanix/Nutanix Provider v1.9.4
  2. Create a resource "nutanix_project" with only name, description, owner_reference and default_subnet_reference set
  3. After the resource is created, do nothing and run the terraform apply a second time
  4. The plan will show that it wants to add a default_subnet_reference, attemptting to apply the plan will fail

Important Factors

We are using Prism Central micro-services deployment.

I have noticed that adding a resource_domain configuration to the nutanix_project resource like this:

resource "nutanix_project" "ourproject" {
  name        = "ourproject"
  description = "All servers relating to ourproject"

  owner_reference = {
    kind = "user"
    name = "username@domain.tld"
    uuid = "73724490-3fb5-4c63-af88-e07d21b9a53a"
  }

  default_subnet_reference {
    uuid = data.nutanix_subnet.subnet_a.id
  }

  resource_domain {
    resources {
      limit         = 200
      resource_type = "VCPUS"
    }
  }
}

fixes this issue, now the apply goes through without an error. However, we do not want to configure resource limits on our projects and this has worked perfectly before.

According to the documentation: https://registry.terraform.io/providers/nutanix/nutanix/latest/docs/resources/project#resource_domain the resource_domain setting is required. But this is not true, one can easily create a project without any resource quotas in the Prism Central WebGUI or via terraform or the API. But if there is no resource_domain configured the subsequent applys will fail.

References

jantari commented 6 months ago

This is still an issue btw

EDIT:

By the way, the documentation for resource_domain.resources.#.limit says:

(unspecified is unlimited)

however, unspecified is not a valid terraform value/keyword. Putting it in quotes doesn't work because limit has to be a number. The limit field is an Int64 but attempting to set a negative number such as -1 which is often used to denote "none/unlimited" in other APIs results in an error. Setting limit to null doesn't work either. So what the heck is / how do I choose "unspecified" as a value? The field is required so I cannot omit it.

Well, I still don't know, but for anyone else running into this error: setting the limit value to 0 seems to do the trick of effectively setting the limit to unlimited. So adding the following to all of your "nutanix_project" resources works around this issue:

resource "nutanix_project" "example" {
   ...

  # I have no idea why, but setting a resource restriction on a project is required now.
  # Setting the limit to 0 seems to make it unlimited although I cannot find documentation for this.
  # See: https://github.com/nutanix/terraform-provider-nutanix/issues/648
  resource_domain {
    resources {
      resource_type = "VCPUS"
      limit         = 0
    }
  }
}