Terraform-provider-aws: Using Count for aws_alb_target_group_attachment Results in Recreation On Change

Created on 27 Jun 2017  ยท  5Comments  ยท  Source: hashicorp/terraform-provider-aws

Terraform Version

0.9.8

Affected Resource(s)

  • aws_alb_target_group_attachment

Terraform Configuration Files

resource "aws_alb" "waf" {
  name = "${var.environment}-airborne-waf"
  internal = "${var.internal_elb}"
  subnets = ["${var.public_subnets}"]
  security_groups = ["${aws_security_group.airborne_waf_elb.id}"]

  tags {
    Name = "${var.environment}-airborne-waf",
    owner = "terraform",
    environment = "${var.environment}"
  }
}

resource "aws_alb_target_group" "waf_80" {
  name = "${var.environment}-waf-80"
  port = 80
  protocol = "HTTP"
  vpc_id = "${var.vpc_id}"

  health_check {
    interval = 10
    path = "/health.html"
    protocol = "HTTP"
    timeout = 5
    healthy_threshold = 2
    unhealthy_threshold = 2
    matcher = "200"
  }

  tags {
    Name = "${var.environment}-waf-80",
    owner = "terraform",
    environment = "${var.environment}"
  }
}

resource "aws_alb_target_group" "waf_81" {
  name = "${var.environment}-waf-81"
  port = 81
  protocol = "HTTP"
  vpc_id = "${var.vpc_id}"

  health_check {
    interval = 10
    path = "/health.html"
    protocol = "HTTP"
    timeout = 5
    healthy_threshold = 2
    unhealthy_threshold = 2
    matcher = "200"
  }

  tags {
    Name = "${var.environment}-waf-81",
    owner = "terraform",
    environment = "${var.environment}"
  }
}

resource "aws_alb_target_group_attachment" "waf_80" {
  count = "${var.num_waf_instances}"
  target_group_arn = "${aws_alb_target_group.waf_80.arn}"
  target_id = "${element(var.waf_instances, count.index)}"
  port = 80
}

resource "aws_alb_target_group_attachment" "waf_81" {
  count = "${var.num_waf_instances}"
  target_group_arn = "${aws_alb_target_group.waf_81.arn}"
  target_id = "${element(var.waf_instances, count.index)}"
  port = 81
}

Debug Output

None

Panic Output

None

Expected Behavior

Only new attachment should have been added

Actual Behavior

Old attachments are deleted and recreated, new attachments are created

Steps to Reproduce

  1. Create an ALB target group with at least one attached instance
  2. Create a new instance and add to the list of instances to be attached
  3. Increment count by one
  4. terraform plan

Important Factoids

None

References

None

bug servicelbv2 stale terraform-0.12 upstream-terraform
Source
picture tacchino
👍5

Most helpful comment

Bumping this. Terraform shouldn't be deleting and creating attachments that are already registered if it doesn't need to.

Additionally, when using the lifecycle rule create_before_destroy, the behavior becomes:

1) "create" the existing attachment (which is a no-op in AWS)
2) "destroy" the old attachment (which is actually the existing attachment), which deregisters all existing instances from the target group.

This also means that if an instance gets manually deregistered from the target group, Terraform will not pick up that it needs to be re-registered when the plan is generated again :(

Any ETA on this one? Or ways to get around it?

picture asgoel on 15 Feb 2018
👍7

All 5 comments

Bumping this. Terraform shouldn't be deleting and creating attachments that are already registered if it doesn't need to.

Additionally, when using the lifecycle rule create_before_destroy, the behavior becomes:

1) "create" the existing attachment (which is a no-op in AWS)
2) "destroy" the old attachment (which is actually the existing attachment), which deregisters all existing instances from the target group.

This also means that if an instance gets manually deregistered from the target group, Terraform will not pick up that it needs to be re-registered when the plan is generated again :(

Any ETA on this one? Or ways to get around it?

asgoel picture asgoel on 15 Feb 2018
👍7

Any updates on this? This is really critical issue, as without create_before_destroy we lose the zero-downtime for the ALB, while adding that will even break things as only newly added instance will be registered to the ALB, existing instances will be all drained out.

Right now I have to remove the target group resource from Terraform state and re-apply Terraform so I don't lose instances in the target group.

dohoangkhiem picture dohoangkhiem on 5 Apr 2018
👍3

FWIW, I think I was able to fix this by using the [..] syntax for lists instead of element:

So for example, try changing your config to this:

resource "aws_alb_target_group_attachment" "waf_80" {
  count = "${var.num_waf_instances}"
  target_group_arn = "${aws_alb_target_group.waf_80.arn}"
  target_id = "${var.waf_instances[count.index]}"
  port = 80
}

resource "aws_alb_target_group_attachment" "waf_81" {
  count = "${var.num_waf_instances}"
  target_group_arn = "${aws_alb_target_group.waf_81.arn}"
  target_id = "${var.waf_instances[count.index]}"
  port = 81
}

And see if create_before_destroy works then.

asgoel picture asgoel on 15 May 2018
👍1

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!

github-actions[bot] picture github-actions[bot] on 20 May 2020

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

hashibot[bot] picture hashibot[bot] on 21 Jul 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

reedloden picture reedloden  ยท  3Comments
hashibot picture hashibot  ยท  3Comments
hashibot picture hashibot  ยท  3Comments
hashibot picture hashibot  ยท  3Comments
hashibot picture hashibot  ยท  3Comments