oci_containerengine_node_pool ignores changes to fault_domains

blabu23 commented 1 month ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

Terraform v1.9.2 on darwin_arm64

provider registry.terraform.io/hashicorp/http v3.4.3
provider registry.terraform.io/infobloxopen/infoblox v2.5.0
provider registry.terraform.io/oracle/oci v6.3.0
provider registry.terraform.io/tchupp/env v0.0.2

Affected Resource(s)

oci_containerengine_node_pool

Terraform Configuration Files

resource "oci_containerengine_node_pool" "nodepools" {

  compartment_id = var.compartment_id
  cluster_id     = oci_containerengine_cluster.oke.id
  depends_on     = [oci_containerengine_cluster.oke]

  count = length(var.nodepools)

  kubernetes_version = lookup(var.nodepools[count.index], "kubernetes_version")
  name               = lookup(var.nodepools[count.index], "name")
  defined_tags       = { "DevOps.Cluster" = var.cluster_name }

  node_config_details {

    defined_tags                        = { "DevOps.Cluster" = var.cluster_name }
    kms_key_id                          = lookup(var.nodepools[count.index], "kms_key_id")
    is_pv_encryption_in_transit_enabled = (lookup(var.nodepools[count.index], "kms_key_id") != "" ? true : false)

    dynamic "placement_configs" {
      iterator = adi
      for_each = toset(lookup(var.nodepools[count.index], "ad_names"))

      content {
        availability_domain = adi.value
        fault_domains       = [tolist(local.ad_fd_map[adi.value])]
        subnet_id           = lookup(var.nodepools[count.index], "subnet_workers_id")
      }
    }

    size = lookup(var.nodepools[count.index], "number_of_members")
  }

  node_metadata = {
    user_data = base64encode(
      templatefile("${path.module}/etc/cloud-init.tmpl",
        {
          http_proxy                = lookup(var.nodepools[count.index], "http_proxy")
          no_proxy                  = lookup(var.nodepools[count.index], "no_proxy")
          registry_qps              = var.registry_qps
          k8s_node_os_version_major = var.node_os_version_major
        }
      )
    )
  }

  node_eviction_node_pool_settings {
    eviction_grace_duration              = lookup(var.nodepools[count.index], "eviction_grace_duration")
    is_force_delete_after_grace_duration = true
  }

  node_source_details {
    image_id                = lookup(var.nodepools[count.index], "image_id")
    source_type             = "IMAGE"
    boot_volume_size_in_gbs = lookup(var.nodepools[count.index], "boot_volume_size_in_gbs")
  }

  node_shape = lookup(var.nodepools[count.index], "shape")

  dynamic "node_shape_config" {
    for_each = regexall("^.*\\.Flex$", lookup(var.nodepools[count.index], "shape"))
    content {
      memory_in_gbs = lookup(var.nodepools[count.index], "shape_memory_in_gbs")
      ocpus         = lookup(var.nodepools[count.index], "shape_ocpus")
    }
  }

  ssh_public_key = data.http.sshkeys.response_body

  timeouts {}
}

Debug Output

Panic Output

Expected Behavior

Since the line

fault_domains = [tolist(local.ad_fd_map[adi.value])]

(which results to this array: ["FAULT-DOMAIN-1", "FAULT-DOMAIN-2", "FAULT-DOMAIN-3"])

was newly added to the existing dynamic placement_configs block (it was not set before), I would expect a modification of my two nodepools in the OCI.

Actual Behavior

terraform plan does not detect this change and displays `No changes. Your infrastructure matches the configuration.'

Steps to Reproduce

terraform plan/apply

Important Factoids

When id add another option to the placement_configs block, e.g. capacity_reservation_id = "bla", terraform finds also the changes to the fault_domains options and plans/applies them!

     ~ node_config_details {
            # (6 unchanged attributes hidden)

          - placement_configs {
              - availability_domain     = "XTDa:EU-FRANKFURT-1-AD-1" -> null
              - fault_domains           = [] -> null
              - subnet_id               = "ocid1.subnet.oc1.eu-frankfurt-1.*********************************************" -> null
                # (1 unchanged attribute hidden)
            }
          - placement_configs {
              - availability_domain     = "XTDa:EU-FRANKFURT-1-AD-2" -> null
              - fault_domains           = [] -> null
              - subnet_id               = "ocid1.subnet.oc1.eu-frankfurt-1.*********************************************" -> null
                # (1 unchanged attribute hidden)
            }
          - placement_configs {
              - availability_domain     = "XTDa:EU-FRANKFURT-1-AD-3" -> null
              - fault_domains           = [] -> null
              - subnet_id               = "ocid1.subnet.oc1.eu-frankfurt-1.*********************************************" -> null
                # (1 unchanged attribute hidden)
            }
          + placement_configs {
              + availability_domain     = "XTDa:EU-FRANKFURT-1-AD-1"
              + capacity_reservation_id = "bla"
              + fault_domains           = [
                  + "FAULT-DOMAIN-1",
                  + "FAULT-DOMAIN-2",
                  + "FAULT-DOMAIN-3",
                ]
              + subnet_id               = "ocid1.subnet.oc1.eu-frankfurt-1.*********************************************"

              + preemptible_node_config (known after apply)
            }
          + placement_configs {
              + availability_domain     = "XTDa:EU-FRANKFURT-1-AD-2"
              + capacity_reservation_id = "bla"
              + fault_domains           = [
                  + "FAULT-DOMAIN-1",
                  + "FAULT-DOMAIN-2",
                  + "FAULT-DOMAIN-3",
                ]
              + subnet_id               = "ocid1.subnet.oc1.eu-frankfurt-1.*********************************************"

              + preemptible_node_config (known after apply)
            }
          + placement_configs {
              + availability_domain     = "XTDa:EU-FRANKFURT-1-AD-3"
              + capacity_reservation_id = "bla"
              + fault_domains           = [
                  + "FAULT-DOMAIN-1",
                  + "FAULT-DOMAIN-2",
                  + "FAULT-DOMAIN-3",
                ]
              + subnet_id               = "ocid1.subnet.oc1.eu-frankfurt-1.*********************************************"

              + preemptible_node_config (known after apply)
            }

            # (1 unchanged block hidden)
        }

References

https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/containerengine_node_pool

blabu23 commented 1 month ago

BTW: exactly the next 'terraform init -upgrade' a new provider version was released (v6.4.0). Too bad, it has the same bug ;-)

tf-oci-pub commented 1 month ago

Thank you for reporting the issue. We have raised an internal ticket to track this. Our service engineers will get back to you.

blabu23 commented 1 month ago

Hi there! Any news? Are you able (and willing) to give me the ticket or SR so I can follow (and eventually deliver more information) it?

XinruXiao-9 commented 1 month ago

Hi @blabu23 , Thank you for reporting this bug. We have identified the issue and are working on the fix. But the testing and release process is long. The ETA of releasing the fix will be Sep 5th.

oracle / terraform-provider-oci