search

opentelekomcloud / terraform-provider-opentelekomcloud

Terraform OpenTelekomCloud provider
https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest
Mozilla Public License 2.0
84 stars 76 forks source link

Listener deletion failed - backendserver not deleted #2524

Closed nahian166 closed 3 months ago

nahian166 commented 3 months ago

Hi there, This is my simple code, that creates, vpc, subnet, secgroup, ECS, ELB, listener, pool, member.

Terraform provider version

Terraform v1.8.4

Affected Resource(s)

opentelekomcloud_lb_listener_v3 opentelekomcloud_lb_member_v3 opentelekomcloud_lb_pool_v3

Terraform Configuration Files

terraform {
  required_providers {
    opentelekomcloud = {
        source  = "opentelekomcloud/opentelekomcloud"
        version = ">= 1.36.9"
    }
  }
}

provider "opentelekomcloud" {
    insecure    = true
    region      = "eu-de"
    access_key  = ""
    secret_key  = ""
    auth_url = "https://iam.eu-de.otc.t-systems.com/v3"
    tenant_name = "eu-de_nachowdh"
    domain_name = "OTC-EU-DE-00000000001000042302"
}

#VPC, Subnet and SecureGroup
resource "opentelekomcloud_vpc_v1" "back-test" {
  name = "back-test"
    cidr = "172.16.0.0/16"
}

resource "opentelekomcloud_vpc_subnet_v1" "back-test" {
    vpc_id      = opentelekomcloud_vpc_v1.back-test.id
    name        = "back-test"
    cidr        = "172.16.0.0/16"
    gateway_ip  = "172.16.0.1"
}

resource "opentelekomcloud_networking_secgroup_v2" "back-test" {
    name = "back-test"
}

resource "opentelekomcloud_networking_secgroup_rule_v2" "back-test" {
    security_group_id = opentelekomcloud_networking_secgroup_v2.back-test.id
    direction           = "ingress"
    ethertype           = "IPv4"
    protocol            = "tcp"
    remote_ip_prefix    = "0.0.0.0/0"
    port_range_min    = 1
    port_range_max    = 65535
}

resource "opentelekomcloud_compute_keypair_v2" "KeyPair-back-test" {
  name = "KeyPair-back-test"
}

resource "opentelekomcloud_ecs_instance_v1" "back-test" {
  count               = 2
  name                = "back-test0${count.index}"
  key_name            = opentelekomcloud_compute_keypair_v2.KeyPair-back-test.name
  image_id            = "df2331cf-66aa-472f-b36a-28fcede7c85d"
  security_groups     = [ opentelekomcloud_networking_secgroup_v2.back-test.id ]
  availability_zone   = "eu-de-01"
  flavor              = "s3.xlarge.4"
  system_disk_type    = "SAS"
  system_disk_size    = 100
  nics {
      network_id = opentelekomcloud_vpc_subnet_v1.back-test.id
  }
  vpc_id = opentelekomcloud_vpc_v1.back-test.id
}

resource "opentelekomcloud_lb_loadbalancer_v3" "elb-back-test" {
    name = "elb-back-test"
    # cross_vpc_backend = true
    subnet_id    = opentelekomcloud_vpc_subnet_v1.back-test.subnet_id
    l4_flavor      = "bf67b2c5-3219-4563-badc-26c712c98924"
    availability_zones = [ "eu-de-01", "eu-de-02" ]
    network_ids = [opentelekomcloud_vpc_subnet_v1.back-test.id]
    ip_target_enable = true
}

resource "opentelekomcloud_lb_listener_v3" "listener-back-test" {
  name            = "listener-back-test"
  protocol        = "TCP"
  protocol_port   = 10333
  loadbalancer_id = opentelekomcloud_lb_loadbalancer_v3.elb-back-test.id
  default_pool_id = opentelekomcloud_lb_pool_v3.server_group-backtest.id
}

resource "opentelekomcloud_lb_pool_v3" "server_group-backtest" {
  name            = "server_group-backtest"
  protocol        = "TCP"
  lb_algorithm    = "ROUND_ROBIN"
  type            = "instance"
  vpc_id          = opentelekomcloud_vpc_v1.back-test.id
  loadbalancer_id = opentelekomcloud_lb_loadbalancer_v3.elb-back-test.id
}

resource "opentelekomcloud_lb_member_v3" "member-backtest" {
  count         = 2
  address       = opentelekomcloud_ecs_instance_v1.back-test[count.index].nics[0].ip_address
  protocol_port = 10431
  pool_id       = opentelekomcloud_lb_pool_v3.server_group-backtest.id
  weight        = 1
}

Debug Output/Panic Output

opentelekomcloud_networking_secgroup_rule_v2.back-test: Destroying... [id=c2d88b10-116c-442f-b0d5-9e3f0194f4d8] opentelekomcloud_lb_member_v3.member-backtest[1]: Destroying... [id=173c8f94-cda3-4873-9d12-af01b66bddbc/41316963-8044-4603-a3d8-2fad90a5ece6] opentelekomcloud_lb_listener_v3.listener-back-test: Destroying... [id=c40f0b3e-c778-4009-a977-b4b6477dd0d1] opentelekomcloud_lb_member_v3.member-backtest[0]: Destroying... [id=173c8f94-cda3-4873-9d12-af01b66bddbc/aeee60c6-f23a-47e5-b144-e2d6aabbf3cf] opentelekomcloud_lb_member_v3.member-backtest[1]: Destruction complete after 0s opentelekomcloud_lb_member_v3.member-backtest[0]: Destruction complete after 0s opentelekomcloud_ecs_instance_v1.back-test[1]: Destroying... [id=2194bb0a-68cc-467c-bc54-1daf1b3fc00b] opentelekomcloud_ecs_instance_v1.back-test[0]: Destroying... [id=b916d4e7-dcab-4adf-b348-abd3f0b697c1] opentelekomcloud_networking_secgroup_rule_v2.back-test: Destruction complete after 8s opentelekomcloud_ecs_instance_v1.back-test[1]: Still destroying... [id=2194bb0a-68cc-467c-bc54-1daf1b3fc00b, 10s elapsed] opentelekomcloud_ecs_instance_v1.back-test[0]: Still destroying... [id=b916d4e7-dcab-4adf-b348-abd3f0b697c1, 10s elapsed] opentelekomcloud_ecs_instance_v1.back-test[0]: Still destroying... [id=b916d4e7-dcab-4adf-b348-abd3f0b697c1, 20s elapsed] opentelekomcloud_ecs_instance_v1.back-test[1]: Still destroying... [id=2194bb0a-68cc-467c-bc54-1daf1b3fc00b, 20s elapsed] opentelekomcloud_ecs_instance_v1.back-test[1]: Still destroying... [id=2194bb0a-68cc-467c-bc54-1daf1b3fc00b, 30s elapsed] opentelekomcloud_ecs_instance_v1.back-test[0]: Still destroying... [id=b916d4e7-dcab-4adf-b348-abd3f0b697c1, 30s elapsed] opentelekomcloud_ecs_instance_v1.back-test[1]: Still destroying... [id=2194bb0a-68cc-467c-bc54-1daf1b3fc00b, 40s elapsed] opentelekomcloud_ecs_instance_v1.back-test[0]: Still destroying... [id=b916d4e7-dcab-4adf-b348-abd3f0b697c1, 40s elapsed] opentelekomcloud_ecs_instance_v1.back-test[0]: Destruction complete after 44s opentelekomcloud_ecs_instance_v1.back-test[1]: Destruction complete after 44s opentelekomcloud_compute_keypair_v2.KeyPair-back-test: Destroying... [id=KeyPair-back-test] opentelekomcloud_networking_secgroup_v2.back-test: Destroying... [id=0afe093b-b7df-4f2e-bfa4-578a9dc4d18c] opentelekomcloud_compute_keypair_v2.KeyPair-back-test: Destruction complete after 0s opentelekomcloud_networking_secgroup_v2.back-test: Destruction complete after 8s

Error: unable to delete ListenerV3 c40f0b3e-c778-4009-a977-b4b6477dd0d1: Expected HTTP response code [202 204] when accessing [DELETE https://elb.eu-de.otc.t-systems.com/v3/86c43f0559154012aec9cfb0f97f3bdb/elb/listeners/c40f0b3e-c778-4009-a977-b4b6477dd0d1], but got 409 instead │ {"error_msg":"pool 173c8f94-cda3-4873-9d12-af01b66bddbc is using this listener","error_code":"ELB.8907","request_id":"fe43aa07b4ffb68ee87b735ce2c85971"}

unable to delete ListenerV3 a5ae091b-9769-4c9c-a06c-a926b5ce76b0: Expected HTTP response code [202 204] when accessing [DELETE https://elb.eu-de.otc.t-systems.com/v3/86c43f0559154012aec9cfb0f97f3bdb/elb/listeners/a5ae091b-9769-4c9c-a06c-a926b5ce76b0], but got 409 instead | {"error_msg":"pool 900606ba-3194-40c2-aeaf-a4022c2d45b9 is using this listener","error_code":"ELB.8907","request_id":"1eca28e4c29aaf6ed8641f4b4a7d1a15"}

Steps to Reproduce

  1. terraform apply

Expected Behavior

Terraform destroy should delete everything.

Actual Behavior

It failed to delete the ELB Listener because the Backend server group is not deleted and the two members (ips) are not deleted.

Seems like the pool must be deleted before it execute Listener deletion process.

vladimirvshivkov commented 3 months ago

checking

artem-lifshits commented 3 months ago

@nahian166 @vladimirvshivkov it's same issue as described in #2377 Ticket opened: https://jira.tsi-dev.otc-service.com/browse/ONS-11371

artem-lifshits commented 3 months ago

Closing duplicate ticket, please refer to #2377.