can't create multiple ionoscloud_ipfailover resources in one lan in different terraform states
mueller-tobias opened this issue · 8 comments
Description
I've a module to deploy a high available haproxy instances on the ionos cloud. As part of the deployment i create a ipfailover resource. For the first Failover Group in a LAN it's working without problems. When i create a second failover group i get the an error:
│ Error: an error occured while patching a lans failover group 1 422 Unprocessable Entity {
│ "httpStatus" : 422,
│ "messages" : [ {
│ "errorCode" : "184",
│ "message" : "[(root).properties.ipFailover] Failover IP 'xxxx' found in Slave NIC 'xxxx-xxx-xxx-xxx-xxxxx'. IP failover settings cannot be deleted."
│ } ]
│ }
My problem is, the IP and the ID are from the first failover group i created in an other terraform deployment. All the Resources for the second failover group (except the lan id and datacenter id) are completely different.
Via DCD i can add a second failover group without problems. With terraform he seems to have problem with existing failover groups.
Expected behavior
I can use different terraform deployments to manage multiple ionoscloud_ipfailover resources
Environment
Terraform version:
1.5.0
Provider version:
registry.terraform.io/ionos-cloud/ionoscloud v6.4.4
OS:
ubunu 22.04
How to Reproduce
- Create 2 VMs and Configure a ionoscloud_ipfailover for a public ip
- Create a Second Terraform Deployment with 2 VMs and an ionoscloud_ipfailover for a pulbic ip and the deployment will fail.
Error and Debug Output
│ Error: an error occured while patching a lans failover group 1 422 Unprocessable Entity {
│ "httpStatus" : 422,
│ "messages" : [ {
│ "errorCode" : "184",
│ "message" : "[(root).properties.ipFailover] Failover IP 'xxxx' found in Slave NIC 'xxxx-xxx-xxx-xxx-xxxxx'. IP failover settings cannot be deleted."
│ } ]
│ }
Hi, @TobiasMuellerES!
At first glance, it seems to be a problem with the way Terraform sends the request, since a 422 is received. This indicates that it is not an error within our Terraform provider, but rather a problem with the way the request is made (maybe we populate the request body in an incorrect manner), and hence the validation error. Since you say that you can create from DCD without problems, then it is most likely a request sent incorrectly from Terraform.
I will investigate and, if necessary I will ask you for more details.
Thank you!
I analyzed a little bit and I have the following question:
My problem is, the IP and the ID are from the first failover group i created in an other terraform deployment
Via DCD i can add a second failover group without problems
Are you sure that you can create a second IP failover group with the same IP as the one in the previously created group? I tried to do this from DCD and I was not allowed.
More than that, I also tried to simulate the Terraform requests using Postman. First, I created two IP failover groups using the DCD and then I retrieved the info using a GET request:
"properties": {
"name": "",
"ipFailover": [
{
"ip": <SecondGroupIPAddress>,
"nicUuid": "896c7d83-46d6-470d-8b2d-cf1ebad54ad0"
},
{
"ip": <FirstGroupIPAddress>,
"nicUuid": "ea3de754-a796-410a-81af-3568326f0dd5"
}
],
"pcc": null,
"ipv6CidrBlock": null,
"public": true
},
And then I tried to PATCH the LAN using this request body:
{
"name": "My resource",
"ipFailover": [
{
"ip": <FirstGroupIPAddress>,
"nicUuid": "896c7d83-46d6-470d-8b2d-cf1ebad54ad0"
},
{
"ip": <FirstGroupIPAddress>,
"nicUuid": "ea3de754-a796-410a-81af-3568326f0dd5"
}
]
}
So basically I tried to enforce the same IP address on both IP failover groups, as you mentioned in the description, but I wasn't allowed to do that, I received this error:
{
"errorCode": "184",
"message": "[(root).properties.ipFailover] Failover IP <FirstGroupIPAddress> found in Slave NIC '466b21bf-3ec4-4464-8746-b9f9a3a11052'. IP failover settings cannot be deleted."
},
It is the same error that you received.
I'm not familiar with IP failover usages, but from what I have analyzed so far and from the behavior of the DCD related to the creation of the IP failover groups, I do not think that it's possible to create two groups using the same IP address.
Also, I don't know if you have already done it, but I suggest you read this as it contains info about adding multiple NICs on an IP failover.
the second deployment has it's own public ip. Each deployment has it's own ionoscloud_ipblock where it is reserving the public ip for the corresponding failover group
I don't know why the API responds with data of the first deployment.
I've created an example repository for you to review.
To reproduce:
- Create the VDC via the Deployment in the VDC Directory
- Deploy the deployment1
- Try to deploy the deployment2
You'll get the following error:
╷
│ Error: an error occured while patching a lans failover group 1 422 Unprocessable Entity {
│ "httpStatus" : 422,
│ "messages" : [ {
│ "errorCode" : "184",
│ "message" : "[(root).properties.ipFailover] Failover IP '82.165.127.247' found in Slave NIC 'cc764a7c-708e-4c5c-ae1d-0aa7e09b6d0a'. IP failover settings cannot be deleted."
│ } ]
│ }
│
│
│ with ionoscloud_ipfailover.example,
│ on main.tf line 64, in resource "ionoscloud_ipfailover" "example":
│ 64: resource "ionoscloud_ipfailover" "example" {
│
The IP and the NIC ID are from the first deployment, whose data is nowhere existent or in use from the deployment2
Hi @mueller-tobias, sorry for the confusion. From here: My problem is, the IP and the ID are from the first failover group i created in an other terraform deployment. I thought that you want to create another IP failover group with the same IP, but because you provided the setup I was able to identify the problem. It is a problem related to how we send the requests for IP failover creation. More than that, I tried to create two IP failover resources from the same configuration file and this isn't working neither, so right now we can only work with only one IP failover resource. We will fix this, thank you!
@adeatcu-ionos Is there already an estimate when the bug will be fixed? Thanks a lot! Tobias
@mueller-tobias I estimate a max period of two weeks, but it's very likely to be ready sooner, until then you can use the resource with the limitation of creating only one.
Fixed in latest release https://github.com/ionos-cloud/terraform-provider-ionoscloud/releases/tag/v6.4.10