terraform-provider-kubernetes
terraform-provider-kubernetes copied to clipboard
hashicorp
Provider prduced inconsistent result after apply
I try to deploy a Postgres DB via Data Services Manager, it actually does work and the DB will be deployed, however, because of the error I receive, I think Terraform doesn't recognise it correctly and want to delete and recreate the DB after re-appling the terraform script
│ Error: Provider produced inconsistent result after apply │ │ When applying changes to kubernetes_manifest.terra-pg-cluster, provider "provider["registry.terraform.io/hashicorp/kubernetes"]" produced an unexpected new value: │ .object.spec.version: was cty.StringVal("15.7"), but now cty.StringVal("15.7+vmware.v2.1.0-rc.40"). │ │ This is a bug in the provider, which should be reported in the provider's own issue tracker.
Terraform Version, Provider Version and Kubernetes Version
➜ ~ terraform -v Terraform v1.9.2 on darwin_arm64 Kubernetes provider version: kubernetes v2.31.0
Affected Resource(s)
- kubernetes_manifest
Terraform Configuration Files
terraform {
required_providers {
kubernetes = {
source = "hashicorp/kubernetes"
version = ">= 2.0.0"
}
}
}
provider "kubernetes" {
config_path = "dsm-admin.kubeconfig"
}
resource "kubernetes_manifest" "terra-pg-cluster" {
manifest = {
"apiVersion" = "databases.dataservices.vmware.com/v1alpha1"
"kind" = "PostgresCluster"
"metadata" = {
"name" = "terra-pg-cluster"
"namespace" = "default"
"annotations" = {
"dsm.vmware.com/owner" = "[email protected]"
}
"labels": {
"dsm.vmware.com/aria-automation-instance": "Instance"
"dsm.vmware.com/created-in": "terraform"
"dsm.vmware.com/aria-automation-project" = "Terraform-Test"
}
}
"spec" = {
"replicas" = 3
"version" = "15.7"
"storageSpace" = "30G"
"vmClass" = {
"name" = "small"
}
"infrastructurePolicy" = {
"name" = "terraform-infra-policy"
}
"storagePolicyName" = "vSAN Default Storage Policy"
"backupLocation" = {
"name" = "local-backup"
}
"backupConfig" = {
"backupRetentionDays" = 7
"schedules" = [
{
"name" = "full-weekly"
"type" = "full"
"schedule" = "0 0 * * 0"
},
{
"name" = "incremental-daily"
"type" = "incremental"
"schedule" = "0 0 * * *"
}
]
}
}
}
wait {
condition {
type = "Ready"
status = "True"
}
}
timeouts {
create = "20m"
delete = "15m"
}
}
terraform apply -->
Terraform will perform the following actions:
kubernetes_manifest.terra-pg-cluster will be created
- resource "kubernetes_manifest" "terra-pg-cluster" {
-
manifest = {
- apiVersion = "databases.dataservices.vmware.com/v1alpha1"
- kind = "PostgresCluster"
- metadata = {
- annotations = {
- "dsm.vmware.com/owner" = "[email protected]" }
- labels = {
- "dsm.vmware.com/aria-automation-instance" = "Instance"
- "dsm.vmware.com/aria-automation-project" = "Terraform-Test"
- "dsm.vmware.com/created-in" = "terraform" }
- name = "terra-pg-cluster"
- namespace = "default" }
- annotations = {
- spec = {
- backupConfig = {
- backupRetentionDays = 7
- schedules = [
- {
- name = "full-weekly"
- schedule = "0 0 * * 0"
- type = "full" },
- {
- name = "incremental-daily"
- schedule = "0 0 * * *"
- type = "incremental" }, ] }
- {
- backupLocation = {
- name = "local-backup" }
- infrastructurePolicy = {
- name = "terraform-infra-policy" }
- replicas = 3
- storagePolicyName = "vSAN Default Storage Policy"
- storageSpace = "30G"
- version = "15.7"
- vmClass = {
- name = "small" } } }
- backupConfig = {
-
object = {
- apiVersion = "databases.dataservices.vmware.com/v1alpha1"
- kind = "PostgresCluster"
- metadata = {
- annotations = (known after apply)
- creationTimestamp = (known after apply)
- deletionGracePeriodSeconds = (known after apply)
- deletionTimestamp = (known after apply)
- finalizers = (known after apply)
- generateName = (known after apply)
- generation = (known after apply)
- labels = (known after apply)
- managedFields = (known after apply)
- name = "terra-pg-cluster"
- namespace = "default"
- ownerReferences = (known after apply)
- resourceVersion = (known after apply)
- selfLink = (known after apply)
- uid = (known after apply) }
- spec = {
- adminPasswordRef = {
- fieldPath = (known after apply)
- name = (known after apply)
- value = (known after apply) }
- adminUsername = (known after apply)
- backupConfig = {
- backupRetentionDays = 7
- schedules = [
- {
- name = "full-weekly"
- schedule = "0 0 * * 0"
- type = "full" },
- {
- name = "incremental-daily"
- schedule = "0 0 * * *"
- type = "incremental" }, ] }
- {
- backupLocation = {
- name = "local-backup" }
- basedOn = {
- cluster = {
- name = (known after apply)
- timestamp = (known after apply) } }
- cluster = {
- databaseConfig = {
- name = (known after apply) }
- databaseName = (known after apply)
- description = (known after apply)
- directoryService = {
- apiVersion = (known after apply)
- fieldPath = (known after apply)
- kind = (known after apply)
- name = (known after apply)
- namespace = (known after apply)
- resourceVersion = (known after apply)
- uid = (known after apply) }
- dnsNames = (known after apply)
- infrastructurePolicy = {
- name = "terraform-infra-policy" }
- maintenanceWindow = {
- duration = (known after apply)
- startDay = (known after apply)
- startTime = (known after apply) }
- placementSelector = {
- cluster = (known after apply)
- datacenter = (known after apply)
- resourcePool = (known after apply) }
- replicas = 3
- storagePolicyName = "vSAN Default Storage Policy"
- storageSpace = "30G"
- tls = {
- secretName = (known after apply) }
- version = "15.7"
- vmClass = {
- name = "small" } } }
- adminPasswordRef = {
-
timeouts {
- create = "20m"
- delete = "15m" }
-
wait {
- condition {
- status = "True"
- type = "Ready" } } }
- condition {
-
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve.
Enter a value: yes kubernetes_manifest.terra-pg-cluster: Creating... kubernetes_manifest.terra-pg-cluster: Still creating... [10s elapsed] kubernetes_manifest.terra-pg-cluster: Still creating... [20s elapsed] kubernetes_manifest.terra-pg-cluster: Still creating... [30s elapsed] kubernetes_manifest.terra-pg-cluster: Still creating... [40s elapsed] kubernetes_manifest.terra-pg-cluster: Still creating... [50s elapsed] kubernetes_manifest.terra-pg-cluster: Still creating... [1m0s elapsed]
Expected Behavior
What should have happened?
The Postgres Database will be deployed successfully, however I think based on the error Terraform expect the DB as fault and by re-apply the terraform script it wants to destroy the deployed DB and recreate.
Actual Behavior
➜ DSM_User terraform apply kubernetes_manifest.terra-pg-cluster: Refreshing state...
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: -/+ destroy and then create replacement
Terraform will perform the following actions:
kubernetes_manifest.terra-pg-cluster is tainted, so must be replaced
-/+ resource "kubernetes_manifest" "terra-pg-cluster" { ~ object = { ~ metadata = { ~ annotations = { - "dsm.vmware.com/admin-password-version" = "" - "dsm.vmware.com/backup-loc-version" = "dsm-system/local-backup/{cred:2125,stloc:2127,trust:2126}" - "dsm.vmware.com/directory-service-version" = "" - "dsm.vmware.com/owner" = "[email protected]" - "dsm.vmware.com/provider-tls-checksum" = "66be4da1117318864c723cb04954c6cc856df8d54208227981b2f5afbcd41b31" - "dsm.vmware.com/vcenter-credentials-version" = "-8027525795950539031" - "dsm.vmware.com/vcenter-trusted-root-certificates-version" = "dsm-system/vcenter-ca/84" } -> (known after apply) + creationTimestamp = (known after apply) + deletionGracePeriodSeconds = (known after apply) + deletionTimestamp = (known after apply) ~ finalizers = [ - "databases.dataservices.vmware.com/finalizer", ] -> (known after apply) + generateName = (known after apply) + generation = (known after apply) ~ labels = { - "dsm.vmware.com/admin-password-version" = "" - "dsm.vmware.com/aria-automation-instance" = "Instance" - "dsm.vmware.com/aria-automation-project" = "Terraform-Test" - "dsm.vmware.com/backup-loc-ns.name" = "local-backup" - "dsm.vmware.com/backup-loc-ns.namespace" = "dsm-system" - "dsm.vmware.com/created-in" = "terraform" - "dsm.vmware.com/directory-service-name" = "" - "dsm.vmware.com/directory-service-namespace" = "" - "dsm.vmware.com/infra-policy" = "terraform-infra-policy" - "dsm.vmware.com/vm-class" = "small" } -> (known after apply) + managedFields = (known after apply) name = "terra-pg-cluster" + ownerReferences = (known after apply) + resourceVersion = (known after apply) + selfLink = (known after apply) + uid = (known after apply) # (1 unchanged attribute hidden) } ~ spec = { ~ adminPasswordRef = { + fieldPath = (known after apply) + name = (known after apply) + value = (known after apply) } + adminUsername = (known after apply) ~ basedOn = { ~ cluster = { + name = (known after apply) + timestamp = (known after apply) } } ~ databaseConfig = { + name = (known after apply) } + databaseName = (known after apply) + description = (known after apply) ~ directoryService = { + apiVersion = (known after apply) + fieldPath = (known after apply) + kind = (known after apply) + name = (known after apply) + namespace = (known after apply) + resourceVersion = (known after apply) + uid = (known after apply) } + dnsNames = (known after apply) ~ maintenanceWindow = { + duration = (known after apply) + startDay = (known after apply) + startTime = (known after apply) } ~ placementSelector = { + cluster = (known after apply) + datacenter = (known after apply) + resourcePool = (known after apply) } ~ tls = { + secretName = (known after apply) } ~ version = "15.7+vmware.v2.1.0-rc.40" -> "15.7" # (7 unchanged attributes hidden) } # (2 unchanged attributes hidden) } # (1 unchanged attribute hidden)
# (2 unchanged blocks hidden)
}
Plan: 1 to add, 0 to change, 1 to destroy.
Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve.
Enter a value: yes
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
│ .object.spec.version: was cty.StringVal("15.7"), but now cty.StringVal("15.7+vmware.v2.1.0-rc.40").
Hi @xfirestyle2k you'll want to refer to our docs regarding computed_fields. This would solve your inconsistent result since the value comes from server side. https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/manifest#computed-fields
Apply this and let us know if this solved your issue. We can close this afterwards.
@BBBmau
computed fields doesn't work, I used it for my storage size.
https://github.com/hashicorp/terraform/issues/36367
Is there any new update for this thread ?
