pulumi-awsx icon indicating copy to clipboard operation
pulumi-awsx copied to clipboard

Published 20 hours ago verified publisher icon pulumi

Upgrading awsx.lb.NetworkLoadBalancer from 1.0.6 to 2.7.0 always replaces

Open t0yv0 opened this issue 1 year ago • 1 comments

What happened?

Noticed this when doing maintenance on upgrade test. Some change in subnets makes a simple NetworkLoadBalancer always replace when upgrading from 1.x to 2.x.

Example

import * as awsx from "@pulumi/awsx";

// Create a network load balancer.
const lb = new awsx.lb.NetworkLoadBalancer("nginx-lb");

Output of pulumi about

N/A

Additional context

{
  "method": "/pulumirpc.ResourceProvider/Diff",
  "request": {
    "id": "arn:aws:elasticloadbalancing:us-west-2:616138583583:loadbalancer/net/nginx-lb-c00afb4/821fc191ad125fbe",
    "urn": "urn:pulumi:test::ts-nlb-simple::awsx:lb:NetworkLoadBalancer$aws:lb/loadBalancer:LoadBalancer::nginx-lb",
    "olds": {
      "__meta": "{\"e2bfb730-ecaa-11e6-8f88-34363bc7c4c0\":{\"create\":600000000000,\"delete\":600000000000,\"update\":600000000000}}",
      "accessLogs": {
        "bucket": "",
        "enabled": false,
        "prefix": ""
      },
      "arn": "arn:aws:elasticloadbalancing:us-west-2:616138583583:loadbalancer/net/nginx-lb-c00afb4/821fc191ad125fbe",
      "arnSuffix": "net/nginx-lb-c00afb4/821fc191ad125fbe",
      "customerOwnedIpv4Pool": "",
      "dnsName": "nginx-lb-c00afb4-821fc191ad125fbe.elb.us-west-2.amazonaws.com",
      "enableCrossZoneLoadBalancing": false,
      "enableDeletionProtection": false,
      "id": "arn:aws:elasticloadbalancing:us-west-2:616138583583:loadbalancer/net/nginx-lb-c00afb4/821fc191ad125fbe",
      "internal": false,
      "ipAddressType": "ipv4",
      "loadBalancerType": "network",
      "name": "nginx-lb-c00afb4",
      "securityGroups": [],
      "subnetMappings": [
        {
          "allocationId": "",
          "ipv6Address": "",
          "outpostId": "",
          "privateIpv4Address": "",
          "subnetId": "subnet-c7d926bf"
        },
        {
          "allocationId": "",
          "ipv6Address": "",
          "outpostId": "",
          "privateIpv4Address": "",
          "subnetId": "subnet-d7e7fe9c"
        },
        {
          "allocationId": "",
          "ipv6Address": "",
          "outpostId": "",
          "privateIpv4Address": "",
          "subnetId": "subnet-0016572b"
        },
        {
          "allocationId": "",
          "ipv6Address": "",
          "outpostId": "",
          "privateIpv4Address": "",
          "subnetId": "subnet-43f43a1e"
        }
      ],
      "subnets": [
        "subnet-0016572b",
        "subnet-d7e7fe9c",
        "subnet-c7d926bf",
        "subnet-43f43a1e"
      ],
      "tags": {},
      "tagsAll": {},
      "vpcId": "vpc-4b82e033",
      "zoneId": "Z18D5FSROUN65G"
    },
    "news": {
      "__defaults": [
        "desyncMitigationMode",
        "dnsRecordClientRoutingPolicy",
        "dropInvalidHeaderFields",
        "enableCrossZoneLoadBalancing",
        "enableDeletionProtection",
        "enableTlsVersionAndCipherSuiteHeaders",
        "enableWafFailOpen",
        "enableXffClientPort",
        "name",
        "preserveHostHeader",
        "xffHeaderProcessingMode"
      ],
      "desyncMitigationMode": "defensive",
      "dnsRecordClientRoutingPolicy": "any_availability_zone",
      "dropInvalidHeaderFields": false,
      "enableCrossZoneLoadBalancing": false,
      "enableDeletionProtection": false,
      "enableHttp2": false,
      "enableTlsVersionAndCipherSuiteHeaders": false,
      "enableWafFailOpen": false,
      "enableXffClientPort": false,
      "idleTimeout": 0,
      "loadBalancerType": "network",
      "name": "nginx-lb-c00afb4",
      "preserveHostHeader": false,
      "subnets": [
        "subnet-43f43a1e",
        "subnet-c7d926bf",
        "subnet-d7e7fe9c"
      ],
      "xffHeaderProcessingMode": "append"
    },
    "oldInputs": {
      "__defaults": [
        "desyncMitigationMode",
        "dropInvalidHeaderFields",
        "enableCrossZoneLoadBalancing",
        "enableDeletionProtection",
        "enableTlsVersionAndCipherSuiteHeaders",
        "enableWafFailOpen",
        "enableXffClientPort",
        "name",
        "preserveHostHeader",
        "xffHeaderProcessingMode"
      ],
      "desyncMitigationMode": "defensive",
      "dropInvalidHeaderFields": false,
      "enableCrossZoneLoadBalancing": false,
      "enableDeletionProtection": false,
      "enableHttp2": false,
      "enableTlsVersionAndCipherSuiteHeaders": false,
      "enableWafFailOpen": false,
      "enableXffClientPort": false,
      "idleTimeout": 0,
      "loadBalancerType": "network",
      "name": "nginx-lb-c00afb4",
      "preserveHostHeader": false,
      "subnets": [
        "subnet-0016572b",
        "subnet-43f43a1e",
        "subnet-c7d926bf",
        "subnet-d7e7fe9c"
      ],
      "xffHeaderProcessingMode": "append"
    }
  },
  "response": {
    "replaces": [
      "subnets"
    ],
    "stables": [
      "subnetMappings",
      "customerOwnedIpv4Pool",
      "name",
      "loadBalancerType",
      "internal",
      "namePrefix"
    ],
    "changes": "DIFF_SOME",
    "diffs": [
      "subnets"
    ],
    "detailedDiff": {
      "subnets[0]": {
        "kind": "DELETE_REPLACE"
      }
    },
    "hasDetailedDiff": true
  },
  "metadata": {
    "kind": "resource",
    "mode": "client",
    "name": "aws"
  }
}

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

t0yv0 avatar Apr 18 '24 16:04 t0yv0

../examples/ts-lb-simple is also affected here.

t0yv0 avatar Apr 18 '24 16:04 t0yv0

@t0yv0 the problem here is that the recorded grpc calls return 4 public subnets for the default VPC. But looking into the AWS account, there's only 3 public subnets right now. Seems like somebody must've deleted one subnet.

How do I re-record the test data?

flostadler avatar May 09 '24 16:05 flostadler