Terraform-provider-google: Compute instance IP addresses are not detected

Created on 3 Oct 2017  ·  8Comments  ·  Source: hashicorp/terraform-provider-google

Terraform Version

root@400e33249198:/devops/bastion# terraform -v
Terraform v0.10.7

root@400e33249198:/devops/bastion# gcloud -v
Google Cloud SDK 173.0.0
alpha 2017.09.25
beta 2017.09.25
bq 2.0.26
core 2017.09.25
gsutil 4.27

Affected Resource(s)

  • google_compute_instance

Terraform Configuration Files

provider "google" {
    project     = "truveon-prototype"
    region      = "us-west1"
}

terraform {
    backend "gcs" {
        bucket  = "truveon-state-prototype"
        path    = "bastion.tfstate"
        project = "truveon-prototype"
    }
}

variable "savanniCredentials" {
    default = {
        user = "savanni",
        keyFile = "../luminescent-dreams.pub"
    }
}

resource "google_dns_managed_zone" "truveon" {
    name        = "truveon"
    dns_name    = "truveon.com."
}

resource "google_dns_record_set" "bastion" {
    name            = "staging.${google_dns_managed_zone.truveon.dns_name}"
    type            = "A"
    ttl             = 300
    managed_zone    = "${google_dns_managed_zone.truveon.name}"
    rrdatas         = ["${google_compute_instance.bastion.network_interface.0.address}"]
}

resource "google_compute_instance" "bastion" {
    name            = "bastion"
    machine_type    = "f1-micro"
    zone            = "us-west1-b"

    tags            = ["bastion"]

    boot_disk {
        initialize_params {
            image = "debian-cloud/debian-8"
        }
    }

    network_interface {
        network = "default"
        access_config { }
    }

    metadata {
        sshKeys = "${var.savanniCredentials["user"]}:${file(var.savanniCredentials["keyFile"])}"
    }
}

Debug Output

https://gist.github.com/savannidgerinel/6e4ec396a78900a4d242d15588fca00b

Expected Behavior

I expected this command to complete having created one DNS zone, one compute instance, and a DNS entry for that compute instance.

Actual Behavior

The zone and compute instance were both created. The DNS entry was not created and the error indicated that the referenced IP address was not set:

* google_dns_record_set.bastion: Error creating DNS RecordSet: googleapi: Error 400: Invalid value for 'entity.change.additions[0].rrdata[0]': '', invalid

The state also shows a lot of empty network_interface fields.

root@400e33249198:/devops/bastion# GOOGLE_APPLICATION_CREDENTIALS=... terraform show | grep network_interface
  network_interface.# = 1
  network_interface.0.access_config.# = 1
  network_interface.0.access_config.0.assigned_nat_ip = 
  network_interface.0.access_config.0.nat_ip = 
  network_interface.0.address = 
  network_interface.0.alias_ip_range.# = 0
  network_interface.0.name = 
  network_interface.0.network = default
  network_interface.0.subnetwork = 
  network_interface.0.subnetwork_project =

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

  1. terraform apply

Important Factoids

This was largely lifted from the terraform GCS documentation except for the server and DNS names.

References

bug
Source
picture savannidgerinel
👍20

Most helpful comment

I've experienced this as well: computed attributes under network_interface aren't being saved to the state. I'm pretty sure the problem is with https://github.com/terraform-providers/terraform-provider-google/commit/f2f276ea0b8a98fa782a9321a9d4b55122e27fe5#diff-6ebc1a840e42235a51a46d537f17ddaa, which I think had an unintended side-effect of causing the network_interface attributes to not get copied from the Google cloud API response back to the Terraform state. If I'm correct it's a one-line fix; if I can figure out the unit testing before one of the Hashicorp devs beat me to it then I'll try submitting a pull request.

picture PeterMilley on 5 Oct 2017
👍3

All 8 comments

I can confirm this started to happen recently in my google provider being run on my CI system.
Probably a bug in plugin 1.0.1
In my module the output is "" of my:

output "public_ip" {
   value = ["${google_compute_instance.instance.*.network_interface.0.access_config.0.assigned_nat_ip}"]
}

this is my instance configuration:
```
resource "google_compute_instance" "instance" {
count = "${var.count}"
name = "${var.name_prefix}-${format("%03d", count.index)}"
machine_type = "${var.flavor_name}"
zone = "${var.zone}"
can_ip_forward = false

boot_disk {
initialize_params {
image = "${var.image_name}"
size = "${var.disk_size}"
}

auto_delete = true

}

network_interface {
network = "${var.network_name}"
access_config = {} # without this nodes don't get external ip and cannot reach the Internet
}

metadata {
sshKeys = "${var.ssh_user}:${file(var.ssh_key)} ${var.ssh_user}"
ssh_user = "${var.ssh_user}"
user-data = "${data.template_file.instance_bootstrap.rendered}"
}

# Extra disk
attached_disk {
source = "${element(google_compute_disk.extra_standard_disk.*.self_link, count.index)}"
device_name = "${var.extra_disk_name}"
}
}```

andersla picture andersla on 4 Oct 2017

I have learned that I can work around it by setting up a google_compute_address and assigning it to the network_interface.access_config.nat_ip stanza. At that point I can use the nat_ip in the DNS entry, instead.

savannidgerinel picture savannidgerinel on 4 Oct 2017

Thanks, I might do that until bug is fixed

andersla picture andersla on 4 Oct 2017

Probably a bug in plugin 1.0.1 and 1.0.0
if I fix provider to version 0.1.3 it works, e.g.:

provider "google" {
  version     = "0.1.3"
  credentials = ....
  project     = "${var.gce_project}"
  region      = "${var.gce_zone}"
}
andersla picture andersla on 4 Oct 2017
👍2

I can confirm issue and workaround.
However to use this workaround we need to resign from some features we really want and are available in 1.0.X

zbikmarc picture zbikmarc on 4 Oct 2017

I just created environment with 1.0.1 version and couldn't get any output , 

[vagrant@localhost low]$ terraform10 output -module uat-low-client-environment
role_compute-integration_private_ips = [

]
role_compute-integration_public_ips = [

]
role_compute-platform_private_ips = [

]
role_compute-platform_public_ips = [

]

.
.
.

Tried reinitialize the environment with older version of provider

provider "google" {
  credentials = "${file("${module.shared-vars.gce_service_account_file}")}"
  project     = "${module.shared-vars.gce_project_id}"
  region      = "${module.shared-vars.gce_region}"
  version     = "0.1.3"
}

but I get following errors when I refresh terraform output



-----------------------------------------------------
2017/10/04 18:03:37 [DEBUG] [aws-sdk-go] {}
Error refreshing state: 11 error(s) occurred:

* module.uat-low-client-environment.google_compute_address.compute-recommendation-static-ips: 1 error(s) occurred:

* module.uat-low-client-environment.google_compute_address.compute-recommendation-static-ips: google_compute_address.compute-recommendation-static-ips: Error reading Address "uat-low-compute-recommendation-0": googleapi: Error 400: Invalid value 'projects/infrastructure/regions/us-central1/addresses/uat-low-compute-recommendation-0'. Values must match the following regular expression: '[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?', invalidParameter
* module.uat-low-client-environment.google_compute_address.db-master-static-ip: 1 error(s) occurred:

* module.uat-low-client-environment.google_compute_address.db-master-static-ip: google_compute_address.db-master-static-ip: Error reading Address "uat-low-db-master": googleapi: Error 400: Invalid value 'projects/infrastructure/regions/us-central1/addresses/uat-low-db-master'. Values must match the following regular expression: '[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?', invalidParameter
* module.uat-low-client-environment.google_compute_address.redis-recommendation-static-ips: 1 error(s) occurred:

.
.
.

Luckily I found this issue here

nikoren picture nikoren on 4 Oct 2017

I've experienced this as well: computed attributes under network_interface aren't being saved to the state. I'm pretty sure the problem is with https://github.com/terraform-providers/terraform-provider-google/commit/f2f276ea0b8a98fa782a9321a9d4b55122e27fe5#diff-6ebc1a840e42235a51a46d537f17ddaa, which I think had an unintended side-effect of causing the network_interface attributes to not get copied from the Google cloud API response back to the Terraform state. If I'm correct it's a one-line fix; if I can figure out the unit testing before one of the Hashicorp devs beat me to it then I'll try submitting a pull request.

PeterMilley picture PeterMilley on 5 Oct 2017
👍3

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

hashibot[bot] picture hashibot[bot] on 30 Mar 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

hashibot[bot] picture hashibot[bot]  ·  3Comments
gilberthdez picture gilberthdez  ·  3Comments
geojaz picture geojaz  ·  3Comments
Dmitry1987 picture Dmitry1987  ·  3Comments
Evesy picture Evesy  ·  3Comments