terraform-provider-hcloud icon indicating copy to clipboard operation
terraform-provider-hcloud copied to clipboard

Published 20 hours ago verified publisher icon hetznercloud

[Bug]: Terraform cannot properly change subnet ip range

Open KamJac opened this issue 3 years ago • 1 comments

What happened?

First ran an apply which created a network subnet and attached some servers to it using cidrhost. Then ran an apply which was supposed to change ip range of a subnet(which should in turn change the ips of servers). Terraform planned that a destroy and recreate of a subnet is needed(which is reasonable, given that even in webgui you cannot modify a subnet). But it was stuck at "Still destroying" phase for about 20min, after which it assumed that it successfully destroyed it(it didn't), then proceeded to recreation of the subnet and modification of hosts(this went correctly). The old subnet still exists, but outside of Terraform state.

What did you expect to happen?

I know that changing or deleting non-empty subnets is impossible, but at the very least Terraform should be able to detect that a subnet is un-deletable and inform user about that. Ideally, Terraform should be able to unlink the hosts from a subnet that it knows is being recreated and then proceed with destroying, creating and linking.

Please provide a minimal working example

terraform { required_providers { hcloud = { source = "hetznercloud/hcloud" version = "1.32.2" } } backend "http" { } }

provider "hcloud" { token = "some token" }

resource "hcloud_network" "internal" { name = "internal" ip_range = "10.0.0.0/16" }

resource "hcloud_network_subnet" "subnet" { network_id = hcloud_network.internal.id type = "cloud" ip_range = "10.0.1.0/24" #change this value before second run network_zone = "eu-central" }

resource "hcloud_server" "a_server" { name = "a_server" server_type = "cpx11" image = "fedora-35" network { network_id = hcloud_network.internal.id ip = cidrhost(hcloud_network_subnet.subnet.ip_range, count.index + 1) }

count = 3 }

KamJac avatar Feb 19 '22 21:02 KamJac

Hi! I had the same issue and we just follow the approach named in this thread : https://github.com/hashicorp/terraform/issues/3640 https://github.com/hashicorp/terraform/issues/3116

This emulate blocks destruction https://github.com/hashicorp/terraform/issues/18367#issuecomment-1107817883

nico01f avatar Aug 19 '22 16:08 nico01f

You can avoid this dependency by using the hcloud_server_network resource to attach the server to the network. This will automatically first detach the server, then recreate the subnet, then attach the servers again.

resource "hcloud_network" "internal" {
  name     = "internal"
  ip_range = "10.0.0.0/16"
}

resource "hcloud_network_subnet" "subnet" {
  network_id   = hcloud_network.internal.id
  type         = "cloud"
  ip_range     = "10.0.3.0/24" #change this value before second run
  network_zone = "eu-central"
}

resource "hcloud_server" "a_server" {
  name        = "aserver-${count.index}"
  server_type = "cpx11"
  image       = "fedora-36"

  count = 3
}

resource "hcloud_server_network" "a_server" {
  network_id = hcloud_network.internal.id
  server_id  = hcloud_server.a_server[count.index].id

  ip = cidrhost(hcloud_network_subnet.subnet.ip_range, count.index + 1)

  count = 3
}

Please feel free to reopen the issue if you still have problems.

apricote avatar Nov 23 '22 11:11 apricote