Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:
Can't delete the vpc because an Internet Gateway and default Routing Table is created when creating a VPC, and so the VPC depends on those resources.
Setup
Script to create /srv/salt/issue-setup.sls and /srv/salt/issue-decomm.sls
```
cat < /srv/salt/issue-setup.sls
{% set profile = salt['pillar.get']('aws') %}
{% set prefix = salt['pillar.get']('aws:resource_prefix', 'sedemo_') %}
{% set region = 'eu-west-1' %}
{{prefix}}vpc:
boto_vpc.present:
- name: {{ prefix }}vpc
- region: {{ region }}
- cidr_block: 172.16.0.0/16
- instance_tenancy: default
- dns_hostnames: False
- tags:
App: SaltStack
Name: {{ prefix }}vpc
{{prefix}}ig:
boto_vpc.internet_gateway_present:
- name: {{ prefix }}ig
- vpc_name: {{ prefix }}vpc
- region: {{ region }}
- tags:
Name: {{ prefix }}ig
- require:
- {{prefix}}vpc
{% for net in ['128', '129', '130', '131'] %}
{{prefix}}net_{{net}}:
boto_vpc.subnet_present:
- name: {{ prefix }}net_{{ net }}
- region: {{ region }}
- cidr_block: 172.16.{{net}}.0/24
- vpc_name: {{prefix}}vpc
- availability_zone: eu-west-1b
- tags:
Name: {{ prefix }}net_{{ net }}
#- route_table_name: {{ prefix }}rt
- require:
- {{prefix}}vpc
# - {{prefix}}rt
- require_in:
- {{prefix}}rt
{% endfor %}
{{prefix}}rt:
boto_vpc.route_table_present:
- name: {{ prefix }}rt
- region: {{ region }}
- vpc_name: {{ prefix }}vpc
- routes:
- destination_cidr_block: 0.0.0.0/0
internet_gateway_name: {{ prefix }}ig
- tags:
Name: {{ prefix }}rt
- subnet_names:
{% for net in ['128', '129', '130', '131'] %}
- {{ prefix }}net_{{ net }}
{% endfor %}
- require:
- {{prefix}}vpc
- {{prefix}}ig
EOF
cat < /srv/salt/issue-decomm.sls
{% set profile = salt['pillar.get']('aws') %}
{% set prefix = salt['pillar.get']('aws:resource_prefix', 'sedemo_') %}
{% set region = 'eu-west-1' %}
{% for net in ['128', '129', '130', '131'] %}
{{prefix}}net_{{net}}:
boto_vpc.subnet_absent:
- name: {{ prefix }}net_{{ net }}
- region: {{ region }}
{% endfor %}
{{prefix}}rt:
boto_vpc.route_table_absent:
- name: {{ prefix }}rt
- region: {{ region }}
{{prefix}}ig:
boto_vpc.internet_gateway_absent:
- name: {{ prefix }}ig
- region: {{ region }}
{{prefix}}vpc:
boto_vpc.absent:
- name: {{ prefix }}vpc
- region: {{ region }}
EOF
```
Steps to Reproduce the behavior
Results from issue-setup.sls
```
# salt saltmaster state.apply issue-setup
local:
----------
ID: dkf_vpc
Function: boto_vpc.present
Result: True
Comment: VPC dkf_vpc created.
Started: 17:19:34.007185
Duration: 2451.457 ms
Changes:
----------
new:
----------
vpc:
----------
cidr_block:
172.16.0.0/16
dhcp_options_id:
dopt-9644d6f0
id:
vpc-0e341452a6125ec60
instance_tenancy:
default
is_default:
False
region:
eu-west-1
state:
available
tags:
----------
App:
SaltStack
Name:
dkf_vpc
old:
----------
vpc:
None
----------
ID: dkf_ig
Function: boto_vpc.internet_gateway_present
Result: True
Comment: Internet gateway dkf_ig created.
Started: 17:19:36.459212
Duration: 1568.699 ms
Changes:
----------
new:
----------
internet_gateway:
igw-016aa38059d9af36a
old:
----------
internet_gateway:
None
----------
ID: dkf_net_128
Function: boto_vpc.subnet_present
Result: True
Comment: Subnet dkf_net_128 created.
Started: 17:19:38.028167
Duration: 2057.704 ms
Changes:
----------
new:
----------
subnet:
----------
availability_zone:
eu-west-1b
cidr_block:
172.16.128.0/24
id:
subnet-032313dca107fdf76
tags:
----------
Name:
dkf_net_128
vpc_id:
vpc-0e341452a6125ec60
old:
----------
subnet:
None
----------
ID: dkf_net_129
Function: boto_vpc.subnet_present
Result: True
Comment: Subnet dkf_net_129 created.
Started: 17:19:40.086122
Duration: 1884.538 ms
Changes:
----------
new:
----------
subnet:
----------
availability_zone:
eu-west-1b
cidr_block:
172.16.129.0/24
id:
subnet-06725e30bfbbed551
tags:
----------
Name:
dkf_net_129
vpc_id:
vpc-0e341452a6125ec60
old:
----------
subnet:
None
----------
ID: dkf_net_130
Function: boto_vpc.subnet_present
Result: True
Comment: Subnet dkf_net_130 created.
Started: 17:19:41.970922
Duration: 1969.717 ms
Changes:
----------
new:
----------
subnet:
----------
availability_zone:
eu-west-1b
cidr_block:
172.16.130.0/24
id:
subnet-06a2df1924cd1c1ca
tags:
----------
Name:
dkf_net_130
vpc_id:
vpc-0e341452a6125ec60
old:
----------
subnet:
None
----------
ID: dkf_net_131
Function: boto_vpc.subnet_present
Result: True
Comment: Subnet dkf_net_131 created.
Started: 17:19:43.940901
Duration: 1899.423 ms
Changes:
----------
new:
----------
subnet:
----------
availability_zone:
eu-west-1b
cidr_block:
172.16.131.0/24
id:
subnet-09a3f61456922b312
tags:
----------
Name:
dkf_net_131
vpc_id:
vpc-0e341452a6125ec60
old:
----------
subnet:
None
----------
ID: dkf_rt
Function: boto_vpc.route_table_present
Result: True
Comment: Route table dkf_rt created. Created route 0.0.0.0/0 in route table dkf_rt.
Started: 17:19:45.841267
Duration: 5746.775 ms
Changes:
----------
new:
- subnet-06725e30bfbbed551
- subnet-032313dca107fdf76
- subnet-09a3f61456922b312
- subnet-06a2df1924cd1c1ca
old:
Summary for local
------------
Succeeded: 7 (changed=7)
Failed: 0
------------
Total states run: 7
Total run time: 17.578 s
```
Results from issue-decomm.sls (with errors)
```
# salt-call state.apply issue-decomm
[ERROR ] Failed to delete route table: Bad Request: The routeTable 'rtb-0faff2a3b28fcdf39' has dependencies and cannot be deleted.
[ERROR ] Failed to delete internet gateway: Bad Request: The internetGateway 'igw-016aa38059d9af36a' has dependencies and cannot be deleted..
[ERROR ] Failed to delete VPC: Bad Request: The vpc 'vpc-0e341452a6125ec60' has dependencies and cannot be deleted..
local:
----------
ID: dkf_net_128
Function: boto_vpc.subnet_absent
Result: True
Comment: Subnet dkf_net_128 deleted.
Started: 17:20:31.162044
Duration: 884.874 ms
Changes:
----------
new:
----------
subnet:
None
old:
----------
subnet:
subnet-032313dca107fdf76
----------
ID: dkf_net_129
Function: boto_vpc.subnet_absent
Result: True
Comment: Subnet dkf_net_129 deleted.
Started: 17:20:32.047100
Duration: 630.03 ms
Changes:
----------
new:
----------
subnet:
None
old:
----------
subnet:
subnet-06725e30bfbbed551
----------
ID: dkf_net_130
Function: boto_vpc.subnet_absent
Result: True
Comment: Subnet dkf_net_130 deleted.
Started: 17:20:32.677330
Duration: 744.753 ms
Changes:
----------
new:
----------
subnet:
None
old:
----------
subnet:
subnet-06a2df1924cd1c1ca
----------
ID: dkf_net_131
Function: boto_vpc.subnet_absent
Result: True
Comment: Subnet dkf_net_131 deleted.
Started: 17:20:33.422248
Duration: 681.369 ms
Changes:
----------
new:
----------
subnet:
None
old:
----------
subnet:
subnet-09a3f61456922b312
----------
ID: dkf_rt
Function: boto_vpc.route_table_absent
Result: True
Comment: Route table dkf_rt deleted.
Started: 17:20:34.103782
Duration: 404.936 ms
Changes:
----------
new:
----------
route_table:
None
old:
----------
route_table:
rtb-017d23057cb8538fe
----------
ID: dkf_vpc-default-table
Function: boto_vpc.route_table_absent
Result: False
Comment: Failed to delete route table: Bad Request: The routeTable 'rtb-0faff2a3b28fcdf39' has dependencies and cannot be deleted.
Started: 17:20:34.508885
Duration: 366.934 ms
Changes:
----------
ID: dkf_ig
Function: boto_vpc.internet_gateway_absent
Result: False
Comment: Failed to delete internet gateway: Bad Request: The internetGateway 'igw-016aa38059d9af36a' has dependencies and cannot be deleted..
Started: 17:20:34.876064
Duration: 760.022 ms
Changes:
----------
ID: dkf_vpc
Function: boto_vpc.absent
Result: False
Comment: Failed to delete VPC: Bad Request: The vpc 'vpc-0e341452a6125ec60' has dependencies and cannot be deleted..
Started: 17:20:35.636286
Duration: 989.269 ms
Changes:
Summary for local
------------
Succeeded: 5 (changed=5)
Failed: 3
------------
Total states run: 8
Total run time: 5.462 s
```
Expected behavior
Delete the vpc. The problems are the following:
You can't delete the internet gateway because the vpc depends on it
A default routing table named (in my case) dkf_rt-default-table; you can't delete a default route table because it has dependencies
You can't delete the vpc because it depends on both the internet gateway and the default routing table that was created by present.
When you delete a vpc from the UI, it tells you that it will delete both the vpc and the internet gateway and that you need to type "delete" to confirm deletion of both.
My guess is that the delete operation must include both the VPC and IG in the same call.
Description
Can't delete the vpc because an Internet Gateway and default Routing Table is created when creating a VPC, and so the VPC depends on those resources.
Setup
Script to create /srv/salt/issue-setup.sls and /srv/salt/issue-decomm.sls
``` cat <Steps to Reproduce the behavior
Results from issue-setup.sls
``` # salt saltmaster state.apply issue-setup local: ---------- ID: dkf_vpc Function: boto_vpc.present Result: True Comment: VPC dkf_vpc created. Started: 17:19:34.007185 Duration: 2451.457 ms Changes: ---------- new: ---------- vpc: ---------- cidr_block: 172.16.0.0/16 dhcp_options_id: dopt-9644d6f0 id: vpc-0e341452a6125ec60 instance_tenancy: default is_default: False region: eu-west-1 state: available tags: ---------- App: SaltStack Name: dkf_vpc old: ---------- vpc: None ---------- ID: dkf_ig Function: boto_vpc.internet_gateway_present Result: True Comment: Internet gateway dkf_ig created. Started: 17:19:36.459212 Duration: 1568.699 ms Changes: ---------- new: ---------- internet_gateway: igw-016aa38059d9af36a old: ---------- internet_gateway: None ---------- ID: dkf_net_128 Function: boto_vpc.subnet_present Result: True Comment: Subnet dkf_net_128 created. Started: 17:19:38.028167 Duration: 2057.704 ms Changes: ---------- new: ---------- subnet: ---------- availability_zone: eu-west-1b cidr_block: 172.16.128.0/24 id: subnet-032313dca107fdf76 tags: ---------- Name: dkf_net_128 vpc_id: vpc-0e341452a6125ec60 old: ---------- subnet: None ---------- ID: dkf_net_129 Function: boto_vpc.subnet_present Result: True Comment: Subnet dkf_net_129 created. Started: 17:19:40.086122 Duration: 1884.538 ms Changes: ---------- new: ---------- subnet: ---------- availability_zone: eu-west-1b cidr_block: 172.16.129.0/24 id: subnet-06725e30bfbbed551 tags: ---------- Name: dkf_net_129 vpc_id: vpc-0e341452a6125ec60 old: ---------- subnet: None ---------- ID: dkf_net_130 Function: boto_vpc.subnet_present Result: True Comment: Subnet dkf_net_130 created. Started: 17:19:41.970922 Duration: 1969.717 ms Changes: ---------- new: ---------- subnet: ---------- availability_zone: eu-west-1b cidr_block: 172.16.130.0/24 id: subnet-06a2df1924cd1c1ca tags: ---------- Name: dkf_net_130 vpc_id: vpc-0e341452a6125ec60 old: ---------- subnet: None ---------- ID: dkf_net_131 Function: boto_vpc.subnet_present Result: True Comment: Subnet dkf_net_131 created. Started: 17:19:43.940901 Duration: 1899.423 ms Changes: ---------- new: ---------- subnet: ---------- availability_zone: eu-west-1b cidr_block: 172.16.131.0/24 id: subnet-09a3f61456922b312 tags: ---------- Name: dkf_net_131 vpc_id: vpc-0e341452a6125ec60 old: ---------- subnet: None ---------- ID: dkf_rt Function: boto_vpc.route_table_present Result: True Comment: Route table dkf_rt created. Created route 0.0.0.0/0 in route table dkf_rt. Started: 17:19:45.841267 Duration: 5746.775 ms Changes: ---------- new: - subnet-06725e30bfbbed551 - subnet-032313dca107fdf76 - subnet-09a3f61456922b312 - subnet-06a2df1924cd1c1ca old: Summary for local ------------ Succeeded: 7 (changed=7) Failed: 0 ------------ Total states run: 7 Total run time: 17.578 s ```Results from issue-decomm.sls (with errors)
``` # salt-call state.apply issue-decomm [ERROR ] Failed to delete route table: Bad Request: The routeTable 'rtb-0faff2a3b28fcdf39' has dependencies and cannot be deleted. [ERROR ] Failed to delete internet gateway: Bad Request: The internetGateway 'igw-016aa38059d9af36a' has dependencies and cannot be deleted.. [ERROR ] Failed to delete VPC: Bad Request: The vpc 'vpc-0e341452a6125ec60' has dependencies and cannot be deleted.. local: ---------- ID: dkf_net_128 Function: boto_vpc.subnet_absent Result: True Comment: Subnet dkf_net_128 deleted. Started: 17:20:31.162044 Duration: 884.874 ms Changes: ---------- new: ---------- subnet: None old: ---------- subnet: subnet-032313dca107fdf76 ---------- ID: dkf_net_129 Function: boto_vpc.subnet_absent Result: True Comment: Subnet dkf_net_129 deleted. Started: 17:20:32.047100 Duration: 630.03 ms Changes: ---------- new: ---------- subnet: None old: ---------- subnet: subnet-06725e30bfbbed551 ---------- ID: dkf_net_130 Function: boto_vpc.subnet_absent Result: True Comment: Subnet dkf_net_130 deleted. Started: 17:20:32.677330 Duration: 744.753 ms Changes: ---------- new: ---------- subnet: None old: ---------- subnet: subnet-06a2df1924cd1c1ca ---------- ID: dkf_net_131 Function: boto_vpc.subnet_absent Result: True Comment: Subnet dkf_net_131 deleted. Started: 17:20:33.422248 Duration: 681.369 ms Changes: ---------- new: ---------- subnet: None old: ---------- subnet: subnet-09a3f61456922b312 ---------- ID: dkf_rt Function: boto_vpc.route_table_absent Result: True Comment: Route table dkf_rt deleted. Started: 17:20:34.103782 Duration: 404.936 ms Changes: ---------- new: ---------- route_table: None old: ---------- route_table: rtb-017d23057cb8538fe ---------- ID: dkf_vpc-default-table Function: boto_vpc.route_table_absent Result: False Comment: Failed to delete route table: Bad Request: The routeTable 'rtb-0faff2a3b28fcdf39' has dependencies and cannot be deleted. Started: 17:20:34.508885 Duration: 366.934 ms Changes: ---------- ID: dkf_ig Function: boto_vpc.internet_gateway_absent Result: False Comment: Failed to delete internet gateway: Bad Request: The internetGateway 'igw-016aa38059d9af36a' has dependencies and cannot be deleted.. Started: 17:20:34.876064 Duration: 760.022 ms Changes: ---------- ID: dkf_vpc Function: boto_vpc.absent Result: False Comment: Failed to delete VPC: Bad Request: The vpc 'vpc-0e341452a6125ec60' has dependencies and cannot be deleted.. Started: 17:20:35.636286 Duration: 989.269 ms Changes: Summary for local ------------ Succeeded: 5 (changed=5) Failed: 3 ------------ Total states run: 8 Total run time: 5.462 s ```Expected behavior
Delete the vpc. The problems are the following:
When you delete a vpc from the UI, it tells you that it will delete both the vpc and the internet gateway and that you need to type "delete" to confirm deletion of both.
My guess is that the delete operation must include both the VPC and IG in the same call.
Screenshots
Versions Report
NOTE: I have applied https://github.com/saltstack/salt/commit/32ed7d05f0af1f07a0144cf5594370a5d65e70b3 to be able to create the routing tables in my sample script.
salt --versions-report
(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.) ``` Salt Version: Salt: 3002.5 Dependency Versions: cffi: 1.14.5 cherrypy: unknown dateutil: 2.8.1 docker-py: Not Installed gitdb: 0.6.4 gitpython: 1.0.1 Jinja2: 2.11.1 libgit2: Not Installed M2Crypto: 0.35.2 Mako: Not Installed msgpack: 0.6.2 msgpack-pure: Not Installed mysql-python: Not Installed pycparser: 2.20 pycrypto: Not Installed pycryptodome: 3.10.1 pygit2: Not Installed Python: 3.6.8 (default, Nov 16 2020, 16:55:22) python-gnupg: Not Installed PyYAML: 3.13 PyZMQ: 17.0.0 smmap: 0.9.0 timelib: Not Installed Tornado: 4.5.3 ZMQ: 4.1.4 System Versions: dist: centos 7 Core locale: UTF-8 machine: x86_64 release: 3.10.0-957.1.3.el7.x86_64 system: Linux version: CentOS Linux 7 Core ```Additional context Add any other context about the problem here.