terraform-aws-eks-blueprints-addons icon indicating copy to clipboard operation
terraform-aws-eks-blueprints-addons copied to clipboard

Published 20 hours ago verified publisher icon aws-ia

Ingress-nginx has de-provision issue with loadbalancer

Open AliHamzaX opened this issue 1 year ago • 1 comments

Description

When we enable ingress-nginx and loadbalancer together, deployment will be successful but on destroy, terraform unable to delete loadbalancer and related security groups.

  • [x] ✋ I have searched the open/closed issues and my issue is not listed.

Versions

  • Module version [Required]:

  • Terraform version: Terraform v1.5.6

  • Provider version(s): v1.16.2

Reproduction Code [Required]

module "eks_addons" {
  source  = "aws-ia/eks-blueprints-addons/aws"
  version = "~> 1.12"

  cluster_name      = var.cluster_name
  cluster_endpoint  = var.cluster_endpoint
  cluster_version   = var.cluster_version
  oidc_provider_arn = var.oidc_provider_arn

  enable_aws_load_balancer_controller = true

  aws_load_balancer_controller = {
    create_namespace = true
    namespace        = "load-balancer-controller"
  }

  enable_ingress_nginx = true

  ingress_nginx = {
    chart_version = "4.8.3"
    namespace     = "ingress-nginx"
    values = [
      <<-EXTRA_VALUES
      fullnameOverride: "ingress-nginx"
      controller:
        ingressClassByName: true
        ingressClass: "ingress-nginx"
        allowSnippetAnnotations: ${var.allow_snippet_annotations}

        service:
          externalTrafficPolicy: Local
          annotations:
            service.beta.kubernetes.io/aws-load-balancer-name: "${var.cluster_name}-public-lb"
            service.beta.kubernetes.io/aws-load-balancer-type: "external"
            service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "${var.public_ingress_nginx_target_type}"
            service.beta.kubernetes.io/aws-load-balancer-scheme: "internet-facing"
            service.beta.kubernetes.io/aws-load-balancer-attributes: load_balancing.cross_zone.enabled=true
            service.beta.kubernetes.io/load-balancer-source-ranges: 0.0.0.0/0
        ingressClassResource:
          name: nginx-public
          enabled: true
          default: false
          controllerValue: "k8s.io/ingress-nginx"
    EXTRA_VALUES
    ]
  }
}

Steps to reproduce the behavior:

Just deploy it and try to destroy. You will see terraform unable to delete the loadbalancer and halts.

Expected behaviour

Terraform should destroy loadbalancer and all resources as deployed

Actual behaviour

Terraform unable to delete loadbalancer and got stuck

AliHamzaX avatar Mar 27 '24 10:03 AliHamzaX

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

github-actions[bot] avatar Apr 28 '24 00:04 github-actions[bot]

you will need to remove the resources provisioned on the cluster, prior to removing the cluster. resources such as the NGINX ingress controller are creating additional AWS resources that Terraform is unaware of. Therefore, you need to remove these controllers so that their resources are cleaned up, before you remove the cluster. See our documentation here https://aws-ia.github.io/terraform-aws-eks-blueprints/getting-started/#destroy

bryantbiggs avatar May 17 '24 13:05 bryantbiggs