Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] OVH subnet import does not work (resource ovh_cloud_project_network_private_subnet) #822

Open
jtrebaol opened this issue Feb 4, 2025 · 0 comments
Open

[BUG] OVH subnet import does not work (resource ovh_cloud_project_network_private_subnet) #822

jtrebaol opened this issue Feb 4, 2025 · 0 comments

Comments

@jtrebaol
Copy link

jtrebaol commented Feb 4, 2025
edited
Loading

Describe the bug

Following OpenStack outage in region GRA11, the subnet in region GRA11 disappeared from Terraform states
This subnet was not removed from OpenStack however Terraform plan/apply makes object creation:

GET https://www.ovh.com/engine/apiv6/cloud/project/a4f94e6136e04bf5945e8ebbdc41a2a9/region/GRA11/network/473c30ba-65f8-471d-b533-e0108a84ecc0/subnet
Response:
[
    {
        "id": "4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1",
        "name": "",
        "cidr": "10.10.12.0/24",
        "ipVersion": 4,
        "dhcpEnabled": false,
        "gatewayIp": "10.10.12.1",
        "allocationPools": [
            {
                "start": "10.10.12.200",
                "end": "10.10.12.250"
            }
        ],
        "hostRoutes": [],
        "dnsNameServers": [
            "0.0.0.0"
        ]
    }
]

/environment/dev$ openstack subnet list
+--------------------------------------+-------------------------------+--------------------------------------+------------------------+
| ID                                   | Name                          | Network                              | Subnet                 |
+--------------------------------------+-------------------------------+--------------------------------------+------------------------+
...
| 4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1 |                               | 473c30ba-65f8-471d-b533-e0108a84ecc0 | 10.10.12.0/24          |


/environment/dev$ openstack subnet show 4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1
+----------------------+--------------------------------------+
| Field                | Value                                |
+----------------------+--------------------------------------+
| allocation_pools     | 10.10.12.200-10.10.12.250            |
| cidr                 | 10.10.12.0/24                        |
| created_at           | 2025-01-23T14:58:24Z                 |
| description          |                                      |
| dns_nameservers      | 0.0.0.0                              |
| dns_publish_fixed_ip | None                                 |
| enable_dhcp          | False                                |
| gateway_ip           | 10.10.12.1                           |
| host_routes          |                                      |
| id                   | 4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1 |
| ip_version           | 4                                    |
| ipv6_address_mode    | None                                 |
| ipv6_ra_mode         | None                                 |
| name                 |                                      |
| network_id           | 473c30ba-65f8-471d-b533-e0108a84ecc0 |
| project_id           | a4f94e6136e04bf5945e8ebbdc41a2a9     |
| revision_number      | 0                                    |
| segment_id           | None                                 |
| service_types        |                                      |
| subnetpool_id        | None                                 |
| tags                 |                                      |
| updated_at           | 2025-01-23T14:58:24Z                 |
+----------------------+--------------------------------------+

When doing import, there is no error displayed:

/environment/dev$ tofu import module.ovh_network.ovh_cloud_project_network_private_subnet.networks a4f94e6136e04bf5945e8ebbdc41a2a9/pn-48275_12/4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1

Import successful!

The resources that were imported are shown above. These resources are now in
your OpenTofu state and will henceforth be managed by OpenTofu.

When executing the 'plan' Terraform action is creating the resource ovh_cloud_project_network_private_subnet which is not expected

/environment/dev$ tofu plan
  # module.ovh_network.ovh_cloud_project_network_private_subnet.networks["GRA11"] will be created
  + resource "ovh_cloud_project_network_private_subnet" "networks" {
      + cidr         = (known after apply)
      + dhcp         = false
      + end          = "10.10.12.250"
      + gateway_ip   = (known after apply)
      + id           = (known after apply)
      + ip_pools     = (known after apply)
      + network      = "10.10.12.0/24"
      + network_id   = "pn-48275_12"
      + no_gateway   = false
      + region       = "GRA11"
      + service_name = "a4f94e6136e04bf5945e8ebbdc41a2a9"
      + start        = "10.10.12.200"
    }

Terraform Version

OpenTofu v1.8.5
on linux_amd64

  • provider registry.opentofu.org/ansible/ansible v1.3.0
  • provider registry.opentofu.org/hashicorp/aws v4.67.0
  • provider registry.opentofu.org/hashicorp/null v3.2.3
  • provider registry.opentofu.org/hashicorp/openstack v3.0.0
  • provider registry.opentofu.org/hashicorp/ovh v1.5.0
  • provider registry.opentofu.org/hashicorp/random v3.6.3
  • provider registry.opentofu.org/hashicorp/template v2.2.0
  • provider registry.opentofu.org/ovh/ovh v1.5.0
  • provider registry.opentofu.org/terraform-provider-openstack/openstack v3.0.0

OVH Terraform Provider Version

Initializing the backend...
Initializing modules...

Initializing provider plugins...

  • Reusing previous version of hashicorp/template from the dependency lock file
  • Reusing previous version of hashicorp/openstack from the dependency lock file
  • Reusing previous version of terraform-provider-openstack/openstack from the dependency lock file
  • Reusing previous version of hashicorp/ovh from the dependency lock file
  • Reusing previous version of ovh/ovh from the dependency lock file
  • Using previously-installed hashicorp/ovh v1.5.0
  • Using previously-installed hashicorp/template v2.2.0
  • Using previously-installed hashicorp/openstack v3.0.0
  • Using previously-installed terraform-provider-openstack/openstack v3.0.0
  • Using previously-installed ovh/ovh v1.5.0
  • Using previously-installed hashicorp/random v3.6.3
  • Using previously-installed hashicorp/null v3.2.3

Affected Resource(s)

Please list the resources as a list, for example:

  • ovh_cloud_project_network_private_subnet

Terraform Configuration Files

# Variables
  {
    owners                             = "ovh-eu"
    region                              = ["GRA11","SBG7","RBX-A"]
    name                               = "Private_network_SBG"
    vlan_id                             = "12"
    cidr                                   = "10.10.12.0/24"
    allocation_pool_start              = ["10.10.12.200","10.10.12.150","10.10.12.50"]
    allocation_pool_end                = ["10.10.12.250","10.10.12.199","10.10.12.149"]
    dns_nameservers                    = ["1.1.1.1"]
    ip_version                         = 4
    shared                               = false
    admin_state_up               = true
    port_security_enabled    = true
    enable_dhcp                     = false
  }

resource "ovh_cloud_project_network_private_subnet" "networks" {
  service_name = var.service_name
  for_each     = { for item in toset(var.ovh_network_list): "${item.region}" => item}
  network_id   = ovh_cloud_project_network_private.networks[each.key].id
  start        = each.value.allocation_pool_start
  end          = each.value.allocation_pool_end 
  network      = each.value.cidr # Subnet IP address location
  dhcp         = each.value.enable_dhcp
  region       = each.value.region
  provider     = ovh.ovh
  no_gateway   = each.value.enable_dhcp 
  depends_on   = [ovh_cloud_project_network_private.networks]
  lifecycle {
    prevent_destroy = false
   }
}

Debug Output

# Tofu state list available into same network_id
# module.ovh_network.ovh_cloud_project_network_private_subnet.networks["SBG7"]:
resource "ovh_cloud_project_network_private_subnet" "networks" {
    cidr         = "10.10.12.0/24"
    dhcp         = false
    end          = "10.10.12.199"
    gateway_ip   = "10.10.12.1"
    id           = "cf52478b-fa93-4c28-9295-d4471d665ffa"
    ip_pools     = [
        {
            dhcp    = false
            end     = "10.10.12.199"
            network = "10.10.12.0/24"
            region  = "SBG7"
            start   = "10.10.12.150"
        },
    ]
    network      = "10.10.12.0/24"
    network_id   = "pn-48275_12"
    no_gateway   = false
    region       = "SBG7"
    service_name = "a4f94e6136e04bf5945e8ebbdc41a2a9"
    start        = "10.10.12.150"
}


# module.ovh_network.ovh_cloud_project_network_private_subnet.networks["RBX-A"]:
resource "ovh_cloud_project_network_private_subnet" "networks" {
    cidr         = "10.10.12.0/24"
    dhcp         = false
    end          = "10.10.12.149"
    gateway_ip   = "10.10.12.1"
    id           = "a874ca11-fc0e-4427-9d52-c24aada98f24"
    ip_pools     = [
        {
            dhcp    = false
            end     = "10.10.12.149"
            network = "10.10.12.0/24"
            region  = "RBX-A"
            start   = "10.10.12.50"
        },
    ]
    network      = "10.10.12.0/24"
    network_id   = "pn-48275_12"
    no_gateway   = false
    region       = "RBX-A"
    service_name = "a4f94e6136e04bf5945e8ebbdc41a2a9"
    start        = "10.10.12.50"
}

# API Request/Response
GET https://www.ovh.com/engine/apiv6/cloud/project/a4f94e6136e04bf5945e8ebbdc41a2a9/region/GRA11/network/473c30ba-65f8-471d-b533-e0108a84ecc0/subnet
Response:
[
    {
        "id": "4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1",
        "name": "",
        "cidr": "10.10.12.0/24",
        "ipVersion": 4,
        "dhcpEnabled": false,
        "gatewayIp": "10.10.12.1",
        "allocationPools": [
            {
                "start": "10.10.12.200",
                "end": "10.10.12.250"
            }
        ],
        "hostRoutes": [],
        "dnsNameServers": [
            "0.0.0.0"
        ]
    }
]

# OpenStack outputs
/environment/dev$ openstack subnet list
+--------------------------------------+-------------------------------+--------------------------------------+------------------------+
| ID                                   | Name                          | Network                              | Subnet                 |
+--------------------------------------+-------------------------------+--------------------------------------+------------------------+
...
| 4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1 |                               | 473c30ba-65f8-471d-b533-e0108a84ecc0 | 10.10.12.0/24          |


/environment/dev$ openstack subnet show 4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1
+----------------------+--------------------------------------+
| Field                | Value                                |
+----------------------+--------------------------------------+
| allocation_pools     | 10.10.12.200-10.10.12.250            |
| cidr                 | 10.10.12.0/24                        |
| created_at           | 2025-01-23T14:58:24Z                 |
| description          |                                      |
| dns_nameservers      | 0.0.0.0                              |
| dns_publish_fixed_ip | None                                 |
| enable_dhcp          | False                                |
| gateway_ip           | 10.10.12.1                           |
| host_routes          |                                      |
| id                   | 4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1 |
| ip_version           | 4                                    |
| ipv6_address_mode    | None                                 |
| ipv6_ra_mode         | None                                 |
| name                 |                                      |
| network_id           | 473c30ba-65f8-471d-b533-e0108a84ecc0 |
| project_id           | a4f94e6136e04bf5945e8ebbdc41a2a9     |
| revision_number      | 0                                    |
| segment_id           | None                                 |
| service_types        |                                      |
| subnetpool_id        | None                                 |
| tags                 |                                      |
| updated_at           | 2025-01-23T14:58:24Z                 |
+----------------------+--------------------------------------+

# Import
/environment/dev$ tofu import module.ovh_network.ovh_cloud_project_network_private_subnet.networks a4f94e6136e04bf5945e8ebbdc41a2a9/pn-48275_12/4dc7ff55-5fdc-4ddd-b135-a0f221aca0d1

Import successful!

The resources that were imported are shown above. These resources are now in
your OpenTofu state and will henceforth be managed by OpenTofu.

# Plan
/environment/dev$ tofu plan
  # module.ovh_network.ovh_cloud_project_network_private_subnet.networks["GRA11"] will be created
  + resource "ovh_cloud_project_network_private_subnet" "networks" {
      + cidr         = (known after apply)
      + dhcp         = false
      + end          = "10.10.12.250"
      + gateway_ip   = (known after apply)
      + id           = (known after apply)
      + ip_pools     = (known after apply)
      + network      = "10.10.12.0/24"
      + network_id   = "pn-48275_12"
      + no_gateway   = false
      + region       = "GRA11"
      + service_name = "a4f94e6136e04bf5945e8ebbdc41a2a9"
      + start        = "10.10.12.200"
    }

Expected Behavior

Import shall be successful and tofu plan should not propose as action to create the subnet

Actual Behavior

Subnet is not imported

Additional context

Issue is observed since a 'tofu apply' done during issue in OpenStack region 'GRA11': https://public-cloud.status-ovhcloud.com/incidents/dlfbtvkm7mzl. During issue time, inconsistencies were observed, for instance, the region GRA11 was not listed anymore into 'Region and Quota', tofu apply returned error 'GRA11' region was not available in region list. It appears the tofu apply did a remove of the subnet from states, therefore the next action would be to import the same
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jtrebaol