Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ionoscloud_k8s_cluster.api_subnet_allow_list Not updating again when changed manually #735

Closed
spralexx opened this issue Jan 15, 2025 · 4 comments · Fixed by #736
Closed

ionoscloud_k8s_cluster.api_subnet_allow_list Not updating again when changed manually #735

spralexx opened this issue Jan 15, 2025 · 4 comments · Fixed by #736
Assignees
@LiviusP
Labels
bug Something isn't working

Comments

@spralexx
Copy link

Description

I've got a k8s-cluster defined in TF as follows:

resource "ionoscloud_k8s_cluster" "devops_k8s_cluster" {
  name                  = "xxxxxxxxx"
  k8s_version           = "1.31.3"
  maintenance_window {
    day_of_the_week     = "Sunday"
    time                = "01:00:00Z"
  }
  location = "de/txl"
  nat_gateway_ip = ionoscloud_ipblock.k8sip.ips[0]
  node_subnet = "10.42.0.0/16"
  public = false
  api_subnet_allow_list = var.k8s_cluster_api_subnet_allow_list
}

variable "k8s_cluster_api_subnet_allow_list" {
    type = list(string)
    default = ["123.123.123.123/32", "123.123.123.124/32"]
    description = "allowed IPs to access k8s controll plane" 
}

For reasons we had to disable api_subnet_allow_list for a short period of time.
unfortunately when running "apply" now the values are not propagated again.

Expected behavior

I would expect the api_subnet_allow_list to represent my configuration after apply again.

Environment

Terraform version:

OpenTofu v1.8.8
on alpine 3.12

Provider version:

6.6.9
@spralexx spralexx added the bug Something isn't working label Jan 15, 2025
@adeatcu-ionos
Copy link
Contributor

Hello, @spralexx! I will take a look on this. Thank you!

@adeatcu-ionos
Copy link
Contributor

@spralexx I have some questions:

  • For reasons we had to disable api_subnet_allow_list - What do you mean by disabling api_subnet_allow_list? Did you remove the attribute from the configuration? Did you set the attribute to an empty list?
  • unfortunately when running "apply" now the values are not propagated again. - What do you mean by values are not propagated again? Does terraform plan show some changes and running terraform apply has no effect? The changes are not applied?

I'm interested in the exact changes you did to the configuration (what you removed or set) and how Terraform reacts to those changes, i.e maybe something like: I removed api_subnet_allow_list , I ran terraform plan, a change was suggested, I ran terraform apply but the change was not applied.

Thank you!

@spralexx
Copy link
Author

hi @adeatcu-ionos I deployed the configuration by running

terraform apply

Afterwards we realized that we had an issue with our VPN setup so that we were unable to access the control plane from offsite locations. So we cleared the field via the UI (DCD).

Now when I run

terraform plan

It does not show any proposed changes to the cluster ressource and after terraform apply it is not as declared.

@adeatcu-ionos
Copy link
Contributor

@spralexx thank you! With the extra information I was able to reproduce the problem and we will make a fix for it, but until then, unfortunately, I can't recommend you any workarounds other than modifying the field via DCD/API to match the desired value.

@adeatcu-ionos adeatcu-ionos mentioned this issue Jan 15, 2025
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@LiviusP LiviusP

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: Set 'api_subnet_allow_list' even if the list is empty ionos-cloud/terraform-provider-ionoscloud
3 participants
@spralexx @LiviusP @adeatcu-ionos