Terraform-provider-google: Istio_config enabled creates LB resources but doesn't delete them on destroy

Created on 9 Oct 2019  路  2Comments  路  Source: hashicorp/terraform-provider-google


Community Note

  • Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
  • If an issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to "hashibot", a community member has claimed the issue already.

Terraform Version

Terraform v0.12.10

  • provider.google v2.16.0
  • provider.google-beta v2.16.0
  • provider.kubernetes v1.9.0

Affected Resource(s)

  • google_container_cluster

Terraform Configuration Files

resource "google_container_cluster" "gke-cluster" {
  provider = "google-beta"

  name = "default-cluster"
  network = google_compute_network.peering_network.self_link
  location = europe-west3
  initial_node_count = 1
  node_config {
    preemptible = false
    machine_type = "n1-standard-1"
    oauth_scopes    = ["https://www.googleapis.com/auth/cloud-platform"]
  }
  ip_allocation_policy {
    use_ip_aliases  = true
  }

  private_cluster_config {
    enable_private_nodes = true
    enable_private_endpoint = false
    master_ipv4_cidr_block = "172.16.2.0/28"
  }


  addons_config {
    istio_config {
      disabled = false
    }
  }
}

resource "google_compute_network" "peering_network" {
  name = "peering-network"
}

Expected Behavior

On terraform destroy we expect istio load balancer resources to be deleted

Actual Behavior

after terraform destroy firewall rules, forwarding rules and target pools created by istio load balancer remain dangling without real connection to any cluster.

Steps to Reproduce

  1. terraform apply
  2. terraform destroy

*

bug upstream
Source
picture hromadkavojta
👍2

Most helpful comment

I've reproduced this, and added this issue to an existing bug filed against the API. I'll post updates here if I get any; it could be worth filing an issue directly against the GKE team, though, since there's no current public issue I could find.

picture rileykarson on 9 Oct 2019
👍2

All 2 comments

Deletion of the Istio-managed resources should be done by GKE. I'll try and reproduce this, although I don't think I've seen it happening before.

Are you seeing errors during the delete requests / have you been able to capture debug logs when this happens?

rileykarson picture rileykarson on 9 Oct 2019

I've reproduced this, and added this issue to an existing bug filed against the API. I'll post updates here if I get any; it could be worth filing an issue directly against the GKE team, though, since there's no current public issue I could find.

rileykarson picture rileykarson on 9 Oct 2019
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Mistobaan picture Mistobaan  路  35Comments
vncntvandriessche picture vncntvandriessche  路  26Comments
gouthamve picture gouthamve  路  22Comments
derekschauland picture derekschauland  路  26Comments
drzero42 picture drzero42  路  29Comments