new metadata_options block triggers recreate of worker groups

[kalinon]

Description

When performing a terraform plan with the new 15.2.0 module, it wants to destroy and recreate the worker groups due to addition of metadata_options block. This was added in this commit

I do not think this should destroy and recreate worker groups.

Versions

• Terraform: 0.14.9, 0.15.1
• Provider(s):

  Terraform v0.14.9
  + provider registry.terraform.io/hashicorp/aws v3.38.0
  + provider registry.terraform.io/hashicorp/cloudinit v2.2.0
  + provider registry.terraform.io/hashicorp/kubernetes v2.1.0
  + provider registry.terraform.io/hashicorp/local v2.1.0
  + provider registry.terraform.io/hashicorp/null v3.1.0
  + provider registry.terraform.io/hashicorp/random v3.1.0
  + provider registry.terraform.io/hashicorp/template v2.2.0
  + provider registry.terraform.io/rancher/rancher2 v1.13.0

• Module: 15.2.0

Reproduction

Steps to reproduce the behavior:

no

yes

terraform plan

Code Snippet to Reproduce

Expected behavior

Not to recreate worker_groups

Actual behavior

Worker groups are recreated

Terminal Output Screenshot(s)

   # module.eks.aws_launch_configuration.workers[1] must be replaced
+/- resource "aws_launch_configuration" "workers" {
      ~ arn                              = "arn:aws:autoscaling:us-west-2:xxxxx:launchConfiguration:c15bfba8-xxxx-xxxx-a48a-e241999b8e2d:launchConfigurationName/xxxx-prod-xxxx-prod-k8s-worker-11820210209141030988400000002" -> (known after apply)
      ~ id                               = "xxxx-prod-xxxx-prod-k8s-worker-xxxx" -> (known after apply)
      ~ name                             = "xxxx-prod-xxxx-prod-k8s-worker-xxx" -> (known after apply)
      - vpc_classic_link_security_groups = [] -> null
        # (10 unchanged attributes hidden)

      + ebs_block_device {
          + delete_on_termination = (known after apply)
          + device_name           = (known after apply)
          + encrypted             = (known after apply)
          + iops                  = (known after apply)
          + no_device             = (known after apply)
          + snapshot_id           = (known after apply)
          + volume_size           = (known after apply)
          + volume_type           = (known after apply)
        }

      + metadata_options { # forces replacement
          + http_endpoint               = "enabled" # forces replacement
          + http_put_response_hop_limit = (known after apply)
          + http_tokens                 = "optional" # forces replacement
        }

        # (1 unchanged block hidden)
    }

Additional context

[barryib]

The https://github.com/terraform-aws-modules/terraform-aws-eks/commit/fc6852d63a870ce4a6de838ecb5a229699987e6f fix abnormal behavior. The metadata_options already exists for Launch Template, but was missing in Launch Configuration. So the commit is totally legit.

From your output, it sounds like Terraform needs to replace the LC because we now define metadata_options. I don't think it harm you, because this won't replace worker groups (AutoScalling Groups)...

[kalinon]

The fc6852d fix abnormal behavior. The metadata_options already exists for Launch Template, but was missing in Launch Configuration. So the commit is totally legit.

From your output, it sounds like Terraform needs to replace the LC because we now define metadata_options. I don't think it harm you, because this won't replace worker groups (AutoScalling Groups)...

This did trigger a recreate of the worker groups, which is really the thing that was impactful. If the LC was able to be replaced without recreating the associated node_groups defined in the module, id be more than fine with it. Ill try to find the full output

[Makc2032]

Same problem:(

@kalinon Did you find solution?

[kalinon]

Same problem:(

@kalinon Did you find solution?

Did not.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[stale[bot]]

This issue has been automatically closed because it has not had recent activity since being marked as stale.

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.