search

vmware / terraform-provider-vcd

Terraform VMware Cloud Director provider
https://www.terraform.io/docs/providers/vcd/
Mozilla Public License 2.0
145 stars 113 forks source link

iops view rights #1262

Open maloy45 opened 2 months ago

maloy45 commented 2 months ago

In Cloud Director 10.5 and higher, you can disable IOPS viewing rights for tenants iops policy is enabled and inherited from provider vdc If you push a role to tenants without "iops view", then terraform will not be able to create a VM

dataclouder commented 1 month ago

Hi! Thanks for reporting an issue. To help me understand the problem, please provide the HCL of the VM creation that an Organization administrator without the right "Organization vDC Disk: View IOPS" cannot create using Terraform while it is able to do in the UI. As you state the problem, I am not able to reproduce the failure.

maloy45 commented 1 month ago

I'm using terraform version: terraform version Terraform v1.8.4

I did some more tests my account in cloud director has "org admin" rights without "view disk iops" and "edit disk iops"

When deploying a VM from a template using terraform I get an error: The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ApplyResourceChange call. The plugin logs may contain more details. Stack trace from the terraform-provider-vcd_v3.12.1 plugin:

panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x2 addr=0x0 pc=0x100ebdae0]

goroutine 43 [running]: github.com/vmware/terraform-provider-vcd/v3/vcd.updateTemplateInternalDisks(0x1400019d680, {0x1012fca20?, 0x140004f0f50?}, {0x14000728840, 0x14000190b08}) github.com/vmware/terraform-provider-vcd/v3/vcd/resource_vcd_vapp_vm_tools.go:678 +0x320 github.com/vmware/terraform-provider-vcd/v3/vcd.createVmFromImage(0x1400019d680, {0x1012fca20, 0x140004f0f50}, {0x100ef46b9, 0x6}, {0x100effb87, 0x10}) github.com/vmware/terraform-provider-vcd/v3/vcd/resource_vcd_vapp_vm.go:1272 +0x14b0 github.com/vmware/terraform-provider-vcd/v3/vcd.genericResourceVmCreate(0x1400019d680, {0x1012fca20, 0x140004f0f50}, {0x100ef46b9, 0x6}) github.com/vmware/terraform-provider-vcd/v3/vcd/resource_vcd_vapp_vm.go:823 +0x1ac github.com/vmware/terraform-provider-vcd/v3/vcd.resourceVcdStandaloneVmCreate({0x10130fca0?, 0x140004e9260?}, 0x1400019d680, {0x1012fca20, 0x140004f0f50}) github.com/vmware/terraform-provider-vcd/v3/vcd/resource_vcd_vm.go:34 +0xc8 github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(Resource).create(0x140002f1180, {0x10130fca0, 0x140004e9260}, 0x1400019d680, {0x1012fca20, 0x140004f0f50}) github.com/hashicorp/terraform-plugin-sdk/v2@v2.31.0/helper/schema/resource.go:778 +0xe4 github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(Resource).Apply(0x140002f1180, {0x10130fca0, 0x140004e9260}, 0x14000726ea0, 0x1400019cd80, {0x1012fca20, 0x140004f0f50}) github.com/hashicorp/terraform-plugin-sdk/v2@v2.31.0/helper/schema/resource.go:909 +0x884 github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(GRPCProviderServer).ApplyResourceChange(0x140000edbd8, {0x10130fca0?, 0x140004e90e0?}, 0x14000096050) github.com/hashicorp/terraform-plugin-sdk/v2@v2.31.0/helper/schema/grpc_provider.go:1074 +0xaa4 github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(server).ApplyResourceChange(0x140004661e0, {0x10130fca0?, 0x140004e8300?}, 0x14000554000) github.com/hashicorp/terraform-plugin-go@v0.20.0/tfprotov5/tf5server/server.go:859 +0x3d0 github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0x1012be520, 0x140004661e0}, {0x10130fca0, 0x140004e8300}, 0x1400019c080, 0x0) github.com/hashicorp/terraform-plugin-go@v0.20.0/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:503 +0x1c0 google.golang.org/grpc.(Server).processUnaryRPC(0x14000266000, {0x10130fca0, 0x140004e8270}, {0x101315980, 0x140003f31e0}, 0x14000420000, 0x1400046df50, 0x1019f35f8, 0x0) google.golang.org/grpc@v1.60.0/server.go:1372 +0xb40 google.golang.org/grpc.(Server).handleStream(0x14000266000, {0x101315980, 0x140003f31e0}, 0x14000420000) google.golang.org/grpc@v1.60.0/server.go:1783 +0xc00 google.golang.org/grpc.(Server).serveStreams.func2.1() google.golang.org/grpc@v1.60.0/server.go:1016 +0x5c created by google.golang.org/grpc.(Server).serveStreams.func2 in goroutine 23 google.golang.org/grpc@v1.60.0/server.go:1027 +0x124

Error: The terraform-provider-vcd_v3.12.1 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely helpful if you could report the crash with the plugin's maintainers so that it can be fixed. The output above should help diagnose the issue.

My manifest: resource "vcd_vm" "my_vm" { name = "my_vm_test_01" vapp_template_id = data.vcd_catalog_vapp_template.template.id memory = var.ram cpus = var.cpu org = var.org vdc = var.vdc

override_template_disk { bus_type = "paravirtual" size_in_mb = "16384" bus_number = 0 unit_number = 0 storage_profile = var.vcd_storage_policy } }

If you remove the override block then everything works. With normal "org admin" where "view disk iops" and "edit disk iops" is enabled, the same override block works correctly