Fixes #836 - correctly assign primary private IP for aws_network_instance when private_ips are specified #1749
Conversation
radeksimko
added
the
enhancement
|
Anyone watching this? |
radeksimko
added
the
size/L
|
Any idea of when this is going to be merged and available? It's biting me at the moment. Is there a workaround? |
|
We're currently running a custom built binary from the PR. Would be good if someone actually reviewed/merged it so we can use drop our custom plugin in favor or official plugin. |
|
Hi folks, @radeksimko wrote a comment regarding the same work in #1672 @nbaztec : As this work is the same as in the other PR (but a bit younger) can you read this comment and answer in the other PR so that we centralize the work? Thanks! |
Ninir
added
breaking-change
|
I notice this is marked as "enhancement" - it's actually a bug fix. The correct action is to use the first item in the lists of IPs as the primary IP, anything else is incorrect behavior. |
|
I'll be replying in #1672 to centralize the work |
nbaztec
changed the title
|
@Ninir please re-flag/re-review the PR. |
|
PS: I don't think this could be a breaking change anymore. |
|
The PR needs to be reflagged post the changes. |
|
@radeksimko Could you please re-review and re-tag the PR. It has undergone some changes as per discussion in #1672 |
|
Updated with upstream |
|
Can we get some eyes on this? The inability to set the primary is really stopping use of terraform in a number of (particularly) non-ephemeral instance cases. |
|
@curator What version of the AWS module are you using? I've not had any issues with aws provider 1.16. Could be that I've just been lucky and the order I put the IPs in, matched the hashed order. |
|
@thallam08 that's probably the case, since the code always hashes them and then the order (and the primary IP) depends on the lexical ordering of the hash. |
|
@nbaztec Yes, that was the basis of the problem. "Order in" != "Order out" because an unordered list had been used rather than an ordered list. But I believe that has now been fixed, as I no longer see this issue on the terraform template that I used to have issue with. Check the version of the AWS module installed in your .terraform/modules directory. |
|
I can't test right now but I still see in master that we are casting from Maybe I'll test it over this weekend again. Thanks. |
|
Yes, that was the issue. I must have struck it lucky!
Sent from my ....
… On 2 May 2018, at 10:33 pm, Nisheeth Barthwal ***@***.***> wrote:
I can't test right now but I still see in master that we are casting from schema.Set which makes it unordered in the first place.
https://github.com/terraform-providers/terraform-provider-aws/blob/master/aws/resource_aws_network_interface.go#L122
Maybe I'll test it over this weekend again. Thanks.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
@thallam08 As nbaztec pointed out, 1.16 still produces the issue; right now we're using a fork from way back in the way to deploy systems that have the deterministic requirement for now, but that's not our preferred route obviously. Hopefully an appropriate solution can reach master soon. |
|
We are also using a fork like @curator with the changes contained in this PR. I would be more than willing to work further on this PR if the core team can give it a look. |
|
Can this be merged and released? It bit me again today. This time, when I added another IP, it tried to change the primary IP of an interface. AWS does not allow you to change the primary IP of an interface, so the update failed. |
|
I've not seen any evidence that this is a breaking change. The current behavior, without this fix, is non-deterministic as it relies on the hash valued of the set for the order. This is a FIX to a significant issue that is breaking the use of multiple IPs on an interface. |
|
Can the tags for this be changed?
|
|
I would agree with @thallam08 - the PR has been update to not be a breaking change but a simple bugfix. |
|
@Ninir So how do we get the tags on this changed so they match what this change really is, and then get it included in the next release? |
|
+1 Lets get this merged in |
|
Does anyone know of an active maintainer that can take a look into it perhaps? Closing in on a 1 year anniversary :) |
|
Merged with upstream for a more up-to-date PR |
|
@bflad would you be so kind as to re-label this long standing PR please :) |
|
Need this too. Why this case is ignored? |
|
Any timeline for merging this please? This PR resolves a significant problem in the provider. |
ghost
removed
the
waiting-response
|
This PR seems wrong, as it's still a breaking change, no? All you want to do is include "private_ip" in the list of "private_ips", and then make sure it's passed up to AWS API. |
|
@yn-academia the Amazon API explicitly states the use of |
|
@radeksimko @Ninir we have also been bitten by this bug and the documentation as it stands is ambiguous. Perhaps someone could explain how this is being interrupted as breaking change and enhancement? |
|
This is a breaking change because users have current infrastructure that was spun up using the existing implementation, and their infrastructure has a random IP assigned as the primary, even when they specified a Yes, it breaks configuration that relies on the behavior of an existing bug, and yes, that's unfortunate, but there are probably hundreds of production systems that rely on this now, and you have to think about them. If you want to make this not a breaking change, you have to do something much uglier - you'd have to keep all existing implementation as is, and then add a new field called The ultimate correct behavior is the one that you are proposing in this PR, but I'd imagine that a breaking change would only be allowed in across a major version upgrade of the terraform AWS provider. Anyway - I don't work for HashiCorp, I am just a random user of |
|
While what you say is true regarding the fix and it reassigning a new IP if a mismatch occurs, in most general cases the IPs are precomputed due to an automation pipeline and a determinastic IP would've been expected. In the absence of that probably users would've opted to As such, I would defer any further development or speculative discussion until one of the maintainers share their view on the bug/approach. |
|
closing due to lack of a decision. |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Details
This PR fixes #836
Before
The
primary_ipswere stored as aSetwith no guaranteed order. So the primary IP would be randomly assigned from the set, while theprimary_ipfield would be ignored.After
The module now respects and sets the
primary_ipfield whenprimary_ipsis also defined. If not, a random IP is made primary fromprimary_ips.