terraform-provider-vcd icon indicating copy to clipboard operation
terraform-provider-vcd copied to clipboard

Published 20 hours ago verified publisher icon vmware

Can not add nat rules to Distributed Router Transit

Open aponert opened this issue 2 years ago • 0 comments

Terraform Version

1.0.2

vCD Provider Version

3.3.1

Affected Resource(s)

  • vcd_nsxv_snat
  • vcd_nsxv_dnat

Issue description

Our code already creates correct NAT rules for the external network on our edge gateway. We use our external network name as network_name parameter. This works fine.

Additionally, we want to create NAT rules that apply to the "Distributed Router Transit" network. So our first question was, how the name of the Distributed Router Transit network is. To check this, we changed an existing NAT Rule in the vcloud director directly to "Distributed Router Transit" This is what the changes would look like:

# module.snat-test-1.vcd_nsxv_snat.snat[0] has been changed
  ~ resource "vcd_nsxv_snat" "snat" {
        id                 = "196609"
      ~ network_name       = "ext-noris-nsxedge2" -> "Distributed Router Transit"
      ~ network_type       = "ext" -> "org"
        # (9 unchanged attributes hidden)
    }

So we figured, that "Distributed Router Transit" would be the name of the network and changed the network_name and the network_type parameters.

When we tried to apply the nat resources, we got following error:

Error: unable to make structure for API call: can't find network 'Distributed Router Transfer' of type
'org' attached to edge gateway therefore unable to identify vNic: [ENF] entity not found

Debug Output

Since debug output contains sensitive data, like AWS credentials, I only post the relevant errors:

Expected Behavior

We expected a nat resource that uses network_type='org' and network_name='Distributed Router Transfer' to be correctly added and applied to the Distributed Router Transfer

Actual Behavior

We get the message, that the network with the name 'Distributed Router Transfer' would not exists, even though when changing the resource manually, 'Distributed Router Transfer' is set as network_name

Steps to Reproduce

  • Create an organization, vdc, edge gateway with distributed_routing = true
  • add a vcd_nsxv_snat or vcd_nsxv_dnat rule with network_type "org" and network_name "Distributed Router Transfer"

So our question here is: How to accomplish our goal, if it is possible

aponert avatar Jul 23 '21 09:07 aponert