Skip to content
This repository has been archived by the owner on Dec 10, 2021. It is now read-only.

metadata.startup-script (Forces new resource) #109

Open
RafiGreenberg opened this issue Jan 25, 2019 · 1 comment
Open

metadata.startup-script (Forces new resource) #109

RafiGreenberg opened this issue Jan 25, 2019 · 1 comment

Comments

@RafiGreenberg
Copy link

RafiGreenberg commented Jan 25, 2019
edited
Loading

On release 1.2.2 (and also tested downgrading to 1.2.1 and 1.2.0), I'm getting "forces new resource" for multiple resources when attempting to plan/apply:

  ~ module.nat.module.nat-gateway.google_compute_instance_group_manager.default
      instance_template:                                                            "https://www.googleapis.com/compute/v1/projects/myproject/global/instanceTemplates/default-20180925221106651400000001" => "${google_compute_instance_template.default.self_link}"

-/+ module.nat.module.nat-gateway.google_compute_instance_template.default (new resource required)
      id:                                                                           "default-20180925221106651400000001" => <computed> (forces new resource)
      can_ip_forward:                                                               "true" => "true"
      disk.#:                                                                       "1" => "1"
      disk.0.auto_delete:                                                           "true" => "true"
      disk.0.boot:                                                                  "true" => "true"
      disk.0.device_name:                                                           "persistent-disk-0" => <computed>
      disk.0.disk_size_gb:                                                          "0" => "0"
      disk.0.disk_type:                                                             "pd-ssd" => "pd-ssd"
      disk.0.interface:                                                             "SCSI" => <computed>
      disk.0.mode:                                                                  "READ_WRITE" => <computed>
      disk.0.source_image:                                                          "projects/debian-cloud/global/images/family/debian-9" => "projects/debian-cloud/global/images/family/debian-9"
      disk.0.type:                                                                  "PERSISTENT" => "PERSISTENT"
      machine_type:                                                                 "n1-standard-1" => "n1-standard-1"
      metadata.%:                                                                   "2" => "2"
      metadata.startup-script:                                                      "#!/bin/bash -xe\n\n# Enable ip forwarding and nat\nsysctl -w net.ipv4.ip_forward=1\n\n# Make forwarding persistent.\nsed -i= 's/^[# ]*net.ipv4.ip_forward=[[:digit:]]/net.ipv4.ip_forward=1/g' /etc/sysctl.conf\n\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\n\napt-get update\n\n# Install nginx for instance http health check\napt-get install -y nginx\n\nENABLE_SQUID=\"false\"\n\nif [[ \"$ENABLE_SQUID\" == \"true\" ]]; then\n  apt-get install -y squid3\n\n  cat - > /etc/squid/squid.conf <<'EOM'\nshutdown_lifetime 3 seconds\n\nhttp_access allow all\n\nhttp_port 3128\nhttp_port 3129 transparent\n\n# Anonymous proxy settings\nvia off\nforwarded_for off\n\nrequest_header_access Allow allow all \nrequest_header_access Authorization allow all \nrequest_header_access WWW-Authenticate allow all \nrequest_header_access Proxy-Authorization allow all \nrequest_header_access Proxy-Authenticate allow all \nrequest_header_access Cache-Control allow all \nrequest_header_access Content-Encoding allow all \nrequest_header_access Content-Length allow all \nrequest_header_access Content-Type allow all \nrequest_header_access Date allow all \nrequest_header_access Expires allow all \nrequest_header_access Host allow all \nrequest_header_access If-Modified-Since allow all \nrequest_header_access Last-Modified allow all \nrequest_header_access Location allow all \nrequest_header_access Pragma allow all \nrequest_header_access Accept allow all \nrequest_header_access Accept-Charset allow all \nrequest_header_access Accept-Encoding allow all \nrequest_header_access Accept-Language allow all \nrequest_header_access Content-Language allow all \nrequest_header_access Mime-Version allow all \nrequest_header_access Retry-After allow all \nrequest_header_access Title allow all \nrequest_header_access Connection allow all \nrequest_header_access Proxy-Connection allow all \nrequest_header_access User-Agent allow all \nrequest_header_access Cookie allow all \nrequest_header_access All deny all\nEOM\n\n  systemctl reload squid\nfi\n" => "#!/bin/bash -xe\n\n# Enable ip forwarding and nat\nsysctl -w net.ipv4.ip_forward=1\n\n# Make forwarding persistent.\nsed -i= 's/^[# ]*net.ipv4.ip_forward=[[:digit:]]/net.ipv4.ip_forward=1/g' /etc/sysctl.conf\n\niptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\n\napt-get update\n\n# Install nginx for instance http health check\napt-get install -y nginx\n\nENABLE_SQUID=\"false\"\n\nif [[ \"$$ENABLE_SQUID\" == \"true\" ]]; then\n  apt-get install -y squid3\n\n  cat - > /etc/squid/squid.conf <<'EOM'\nshutdown_lifetime 3 seconds\n\nhttp_access allow all\n\nhttp_port 3128\nhttp_port 3129 transparent\n\n# Anonymous proxy settings\nvia off\nforwarded_for off\n\nrequest_header_access Allow allow all \nrequest_header_access Authorization allow all \nrequest_header_access WWW-Authenticate allow all \nrequest_header_access Proxy-Authorization allow all \nrequest_header_access Proxy-Authenticate allow all \nrequest_header_access Cache-Control allow all \nrequest_header_access Content-Encoding allow all \nrequest_header_access Content-Length allow all \nrequest_header_access Content-Type allow all \nrequest_header_access Date allow all \nrequest_header_access Expires allow all \nrequest_header_access Host allow all \nrequest_header_access If-Modified-Since allow all \nrequest_header_access Last-Modified allow all \nrequest_header_access Location allow all \nrequest_header_access Pragma allow all \nrequest_header_access Accept allow all \nrequest_header_access Accept-Charset allow all \nrequest_header_access Accept-Encoding allow all \nrequest_header_access Accept-Language allow all \nrequest_header_access Content-Language allow all \nrequest_header_access Mime-Version allow all \nrequest_header_access Retry-After allow all \nrequest_header_access Title allow all \nrequest_header_access Connection allow all \nrequest_header_access Proxy-Connection allow all \nrequest_header_access User-Agent allow all \nrequest_header_access Cookie allow all \nrequest_header_access All deny all\nEOM\n\n  systemctl reload squid\nfi\n" (forces new resource)
      metadata.tf_depends_id:                                                       "" => ""
      metadata_fingerprint:                                                         "kBjcDO5Kgd8=" => <computed>
      name:                                                                         "default-20180925221106651400000001" => <computed>
      name_prefix:                                                                  "default-" => "default-"
      network_interface.#:                                                          "1" => "1"
      network_interface.0.access_config.#:                                          "1" => "1"
      network_interface.0.access_config.0.assigned_nat_ip:                          "xxx.xxx.xxx.xxx" => <computed>
      network_interface.0.access_config.0.nat_ip:                                   "xxx.xxx.xxx.xxx" => "xxx.xxx.xxx.xxx"
      network_interface.0.access_config.0.network_tier:                             "PREMIUM" => <computed>
      network_interface.0.address:                                                  "" => <computed>
      network_interface.0.network_ip:                                               "" => <computed>
      network_interface.0.subnetwork:                                               "https://www.googleapis.com/compute/v1/projects/myproject/regions/us-west1/subnetworks/prod" => "prod"
      network_interface.0.subnetwork_project:                                       "myproject" => <computed>
      project:                                                                      "myproject" => <computed>
      region:                                                                       "us-west1" => "us-west1"
      scheduling.#:                                                                 "1" => <computed>
      self_link:                                                                    "https://www.googleapis.com/compute/beta/projects/myproject/global/instanceTemplates/default-20180925221106651400000001" => <computed>
      service_account.#:                                                            "1" => "1"
      service_account.0.email:                                                      "default" => "default"
      service_account.0.scopes.#:                                                   "4" => "4"
      service_account.0.scopes.1693978638:                                          "https://www.googleapis.com/auth/devstorage.full_control" => "https://www.googleapis.com/auth/devstorage.full_control"
      service_account.0.scopes.172152165:                                           "https://www.googleapis.com/auth/logging.write" => "https://www.googleapis.com/auth/logging.write"
      service_account.0.scopes.299962681:                                           "https://www.googleapis.com/auth/compute" => "https://www.googleapis.com/auth/compute"
      service_account.0.scopes.4177124133:                                          "https://www.googleapis.com/auth/monitoring.write" => "https://www.googleapis.com/auth/monitoring.write"
      tags.#:                                                                       "3" => "3"
      tags.2279103039:                                                              "inst-nat-us-west1" => "inst-nat-us-west1"
      tags.2542268873:                                                              "allow-ssh" => "allow-ssh"
      tags.288316778:                                                               "inst-nat-us-west1-b" => "inst-nat-us-west1-b"
      tags_fingerprint:                                                             "" => <computed>

-/+ module.nat.module.nat-gateway.null_resource.dummy_dependency (new resource required)
      id:                                                                           "4676644208608483123" => <computed> (forces new resource)
      triggers.%:                                                                   "1" => <computed> (forces new resource)
      triggers.instance_template:                                                   "https://www.googleapis.com/compute/beta/projects/myproject/global/instanceTemplates/default-20180925221106651400000001" => "" (forces new resource)

Terraform v0.11.11

  • provider.google v1.20.0
@rsicart
Copy link

rsicart commented Jan 28, 2019
edited
Loading

Same problem here.

I see that between last terraform plan and current terraform plan, versions for template and null providers have increased from 1.0.0 to 2.0.0:

diff -u terraform_plan_head_last.txt terraform_plan_head_current.txt                                                                                   1 ↵
--- terraform_plan_head_last.txt        2019-01-28 12:09:42.696464906 +0100
+++ terraform_plan_head_current.txt     2019-01-28 12:09:15.448195800 +0100
@@ -20,8 +20,8 @@
 - Checking for available provider plugins on https://releases.hashicorp.com...
 - Downloading plugin for provider "google" (1.20.0)...
 - Downloading plugin for provider "vault" (1.4.1)...
-- Downloading plugin for provider "template" (1.0.0)...
-- Downloading plugin for provider "null" (1.0.0)...
+- Downloading plugin for provider "null" (2.0.0)...
+- Downloading plugin for provider "template" (2.0.0)...

 The following providers do not have any version constraints in configuration,
 so the latest version was installed.
@@ -32,6 +32,6 @@
 suggested below.

 * provider.google: version = "~> 1.20"
-* provider.null: version = "~> 1.0"
-* provider.template: version = "~> 1.0"
+* provider.null: version = "~> 2.0"
+* provider.template: version = "~> 2.0"
 * provider.vault: version = "~> 1.4"

I also see that the old init script is different from new init script, but I'm not sure if that's the root cause:

diff -u init_script_{old,new}.sh                                                                                                                     127 ↵
--- init_script_old.sh  2019-01-28 12:03:51.893538189 +0100
+++ init_script_new.sh  2019-01-28 12:04:03.301610886 +0100
@@ -15,7 +15,7 @@

 ENABLE_SQUID="false"

-if [[ "$ENABLE_SQUID" == "true" ]]; then
+if [[ "$$ENABLE_SQUID" == "true" ]]; then
   apt-get install -y squid3

   cat - > /etc/squid/squid.conf <<'EOM'

How can we resolve the problem ?

@sthompson22 sthompson22 mentioned this issue Jan 28, 2019
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rsicart @RafiGreenberg