search

puppetlabs-toy-chest / puppetlabs-aws

Puppet module for managing AWS resources to build out infrastructure
Apache License 2.0
187 stars 216 forks source link

Idempotence issue on Route53 records using create_resources function #256

Open mvisonneau opened 8 years ago

mvisonneau commented 8 years ago

I'm trying to configure a zone using Hiera and iterating onto my hash with the create_resources function. However I'm facing an issue, all my records keeps getting recreated every time the catalog is applied.

Info: Checking if zone example.com. exists
Info: Checking if A record foo.example.com. exists
Info: Creating A record foo.example.com.
Notice: /Stage[main]/Profiles::Dns::Public/Route53_a_record[foo.example.com.]/ensure: created
Info: Updating A record foo.example.com.
Info: Checking if A record bar.example.com. exists
Info: Creating A record bar.example.com.
Notice: /Stage[main]/Profiles::Dns::Public/Route53_a_record[bar.example.com.]/ensure: created
Info: Updating A record bar.example.com.
[..]
garethr commented 8 years ago

@mvisonneau could you provide more details? Samples of the manifest and example hiera data would be great.

mvisonneau commented 8 years ago

I simplified a bit my profile to illustrate :

class profiles::dns::public (
  $zones = {},
  $records_a = {},
)  {

  validate_hash( $zones )
  validate_hash( $records_a )

  package { ['aws-sdk-core', 'retries']:
    ensure   => present,
    provider => gem,
  }

  $defaults = {
      ensure => present,
  }

  create_resources( route53_zone, $zones, $defaults )
  create_resources( route53_a_record, $records_a, $defaults )
}

Here is the hieradata :

---
profiles::dns::public::zones:
  example.com.: {}

profiles::dns::public::records_a:
  'foo.example.com.':
    zone: example.com.
    ttl: 300
    values: 127.0.0.1
  'bar.example.com.':
    zone: example.com.
    ttl: 300
    values: 127.0.0.1
garethr commented 8 years ago

@mvisonneau a couple of things stand out just from observation (so I've not had chance to test these):

A guess is the latter is triggering a change notification.

mvisonneau commented 8 years ago

I unfortunately got the same results with :

---
profiles::dns::public::zones:
  example.com.: {}

profiles::dns::public::records_a:
  'foo.example.com.':
    ensure: present
    zone: example.com.
    ttl: 300
    values: [127.0.0.1]
  'bar.example.com.':
    ensure: present
    zone: example.com.
    ttl: 300
    values: [127.0.0.1]
mvisonneau commented 8 years ago

Also with values: ['127.0.0.1']

garethr commented 8 years ago

mmm, could you post the full two runs? ie. the command you're running and the full output, ideally with --debug.

Inbetween the runs if you could also run puppet resource route53_a_record and post the output?

mvisonneau commented 8 years ago

Here is the debug log :

[root@trusty:~]# puppet agent -t --debug
Debug: Evicting cache entry for environment 'production'
Debug: Caching environment 'production' (ttl = 0 sec)
[..]
Info: Loading facts
[..]
Info: Caching catalog for trusty.example.com
Debug: Creating default schedules
Debug: Loaded state in 0.39 seconds
[..]
Info: Applying configuration version '10b4600'
Debug: Using cached connection for https://puppet.example.com:8140
Debug: Caching connection for https://puppet.example.com:8140
[..]
Debug: Prefetching v2 resources for route53_zone
Info: Checking if zone example.com. exists
Debug: Prefetching v2 resources for route53_a_record
Info: Checking if A record foo.example.com. exists
Info: Creating A record foo.example.com.
Notice: /Stage[main]/Profiles::Dns::Public/Route53_a_record[foo.example.com.]/ensure: created
Info: Updating A record foo.example.com.
Debug: /Stage[main]/Profiles::Dns::Public/Route53_a_record[foo.example.com.]: The container Class[Profiles::Dns::Public] will propagate my refresh event
Info: Checking if A record bar.example.com. exists
Info: Creating A record bar.example.com.
Notice: /Stage[main]/Profiles::Dns::Public/Route53_a_record[bar.example.com.]/ensure: created
Info: Updating A record bar.example.com.
Debug: /Stage[main]/Profiles::Dns::Public/Route53_a_record[bar.example.com.]: The container Class[Profiles::Dns::Public] will propagate my refresh event
Debug: Class[Profiles::Dns::Public]: The container Stage[main] will propagate my refresh event
Debug: Finishing transaction 33245880
Debug: Storing state
Debug: Stored state in 0.37 seconds
Notice: Finished catalog run in 15.29 seconds
Debug: Using cached connection for https://puppet.example.com:8140
Debug: Caching connection for https://puppet.example.com:8140
Debug: Closing connection for https://puppet.example.com:8140
[root@trusty:~]# puppet resource route53_a_record
route53_a_record { 'foo.example.com.':
  ensure => 'present',
  ttl    => '300',
  values => ['127.0.0.1'],
  zone   => 'example.com.',
}
route53_a_record { 'bar.example.com.':
  ensure => 'present',
  ttl    => '300',
  values => ['127.0.0.1'],
  zone   => 'example.com.',
}
ahenroid commented 7 years ago

@mvisonneau, can you give a quick update on this? Are you still seeing this issue, found a work-around, or moved on? Thank you!

mvisonneau commented 7 years ago

@ahenroid, I haven't tried with the latest version of the module to see if this was still an issue. I now use terraform for cloud resources provisioning anyway.

ahenroid commented 7 years ago

@mvisonneau, thanks for the update. I'll see if we can reproduce this here.