Hi there,

when creating a kubernikus cluster in ccloud there is no option to specify the subnet for the external network from which the floating IP of a loadbalancer will be assigned. There is an argument for the openstack block called lB_subnet_id, but this specifies the subnet of the private network. Because of this missing option when the external network has several subnets the floating IP will be assigned from one of these subnets randomly.

Terraform Version

Terraform v0.11.13

• provider.ccloud v1.4.7
• provider.environment v1.0.0
• provider.external v1.1.2
• provider.helm v0.10.2
• provider.kubernetes v1.7.0
• provider.openstack v1.18.0

Affected Resource(s)

ccloud_kubernetes_v1

Expected Behavior

When a loadbalancer is created for a kubernetes service the floating IP is taken from the specified subnet of the external network.

Actual Behavior

Loadbalancer is created with a floating IP taken from a random subnet of the external network

Steps to Reproduce

terraform apply

References

sapcc/kubernikus#434

Add kubernetes data source

Use case: force new token re-creation. E.g. when the VM re-creation is required.

Hi there,

Terraform just released version 0.12 and I wanted to try it out. Unfortunately, the ccloud provider is not yet compatible

Terraform Version

Terraform v0.12.0

• provider.ccloud v1.0.0
• provider.openstack v1.19.0

Affected Resource(s)

terraform-provider-ccloud

Debug Output

Error: Failed to instantiate provider "ccloud" to obtain schema: Incompatible API version with plugin. Plugin version: 4, Client versions: [5]

Steps to Reproduce

Install Terraform v0.12.0 from https://www.terraform.io/downloads.html and run terraform plan on your tf code. Terraform init works fine.

Thanks!

Above snippet doesnt check if domain_id and region_id exists. Updating Quota for: /:

2023-11-03T08:41:05.341+0100 [INFO]  Starting apply for module.resource_limits.ccloud_quota_project_v1.project_resource_limits
2023-11-03T08:41:05.343+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:05 [DEBUG] Updating Quota for: /: timestamp=2023-11-03T08:41:05.343+0100

The output hangs on waiting for active state.

2023-11-03T08:41:05.794+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:05 [DEBUG] compute.instances: {40 }: timestamp=2023-11-03T08:41:05.793+0100
2023-11-03T08:41:05.794+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:05 [DEBUG] Service Changed: volumev2: timestamp=2023-11-03T08:41:05.793+0100
2023-11-03T08:41:05.794+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:05 [DEBUG] Waiting for state to become: [active]: timestamp=2023-11-03T08:41:05.793+0100
2023-11-03T08:41:07.051+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:07 [TRACE] Waiting 1s before next try: timestamp=2023-11-03T08:41:07.051+0100
2023-11-03T08:41:08.156+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:08 [TRACE] Waiting 2s before next try: timestamp=2023-11-03T08:41:08.155+0100
2023-11-03T08:41:10.257+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:10 [TRACE] Waiting 4s before next try: timestamp=2023-11-03T08:41:10.256+0100
2023-11-03T08:41:14.369+0100 [INFO]  provider.terraform-provider-ccloud_v1.5.1: 2023/11/03 08:41:14 [TRACE] Waiting 8s before next try: timestamp=2023-11-03T08:41:14.368+0100
module.resource_limits.ccloud_quota_project_v1.project_resource_limits: Still creating... [10s elapsed]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• fix(deps): update module github.com/gophercloud/utils/v2 to v2.0.0-20240812072210-8ce1fc0f2894
• fix(deps): update module github.com/gophercloud/gophercloud/v2 to v2.1.0
• fix(deps): update module github.com/sapcc/archer to v1.3.0
• fix(deps): update module k8s.io/client-go to v0.31.0
• fix(deps): update module github.com/sapcc/andromeda to v1
• Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

• fix(deps): update module github.com/sapcc/kubernikus to v1.5.0

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Good day, colleagues.

Looks like the ccloud_billing_project_masterdata resource has been changed and now it contains new mandatory parameters - Asset Owner (Primary Contact), Run Team (Operator), Inventory Role, and Project info. Could you please update it in the provider?

Thanks a lot in advance.

Hello, colleagues.

I'd like to ask if the current implementation of the provider is compatible with TF 0.13?

As far as I understand, the new version of Terraform is able to download and install providers directly from GitHub, and it would be great if that feature would be supported by ccloud provider as well.

Thanks!

Hello, colleagues.

I'd like to request a shared filesystem storage support, so that one could create and manage NFS shares via Terraform.

Thanks!

Hi!

When I try to resize a pool inside of a Kubernikus cluster (change the number of instances), an error message is emitted.

Terraform Version

Terraform v0.11.8

• provider.ccloud (unversioned)
• provider.openstack (unversioned)

Affected Resource(s)

• ccloud_kubernetes

Terraform Configuration Files

02_varibales.tf

# Define variables to be used in resource definitions
variable "name_prefix" {}

variable "private_subnet_cidr" {}
variable "private_subnet_ipv" {}

variable "k8s_pool1_name" {}
variable "k8s_pool1_flavor" {}
variable "k8s_pool1_size" {}

variable "sg_default_name" {}

23_main_k8s.tf

# k8s
resource "ccloud_kubernetes" "k8s" {
  name           = "${var.name_prefix}"
  ssh_public_key = "<some_key>"

  node_pools = [
    { 
      name   = "${var.k8s_pool1_name}"
      flavor = "${var.k8s_pool1_flavor}"
      size   = "${var.k8s_pool1_size}"
    },    
  ]

  depends_on = [
    "openstack_networking_router_v2.kuberouter",
    "openstack_networking_router_interface_v2.kuberouter_interface",
  ]
}

conf/qa.tfvars

name_prefix = "uxp-qa"

private_subnet_cidr = "10.180.0.0/24"
private_subnet_ipv = 4

k8s_pool1_name = "pool1"
k8s_pool1_flavor = "m1.4xlarge"
k8s_pool1_size = 3

sg_default_name = "default"

Debug Output

https://gist.github.com/UncleIS/615649bca972be5cf99f7e9bff8743e2

Expected Behavior

The number of instances in the pool should have been updated.

Actual Behavior

An error was thrown:

Terraform will perform the following actions:

  ~ ccloud_kubernetes.k8s
      node_pools.0.size: "4" => "3"


Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

ccloud_kubernetes.k8s: Modifying... (ID: uxp-qa)
  node_pools.0.size: "4" => "3"

Error: Error applying plan:

1 error(s) occurred:

* ccloud_kubernetes.k8s: 1 error(s) occurred:

* ccloud_kubernetes.k8s: Error updating cluster: method PUT is not allowed, but [POST,GET] are

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. Update the amount of instances that form a Kubenikus cluster pool
2. Run 'terraform apply'

Important Factoids

Running in SAP Converged Cloud offering

Good day colleagues,

Is it possible to remove few attributes for arc agent resource https://github.com/sapcc/terraform-provider-ccloud/blob/master/ccloud/data_source_ccloud_arc_agent_v1.go#L83-L91 ?

The reason: In terraform v.1 the output of terraform plan command was changed and now it shows not only resources which will be changed but and resources that were changed outside the terraform. It is great behaviour and helps to work with drifts. But now we have some computed attributes for arc agent resource that predictably changes from time to time outside the terraform automatically and as a result, we have information about it in every terraform plan output. It creates excessive noise in the plan command output.

  ~ resource "ccloud_arc_agent_v1" "app" {
      ~ updated_at   = "2021-09-14T10:01:18Z" -> "2021-09-21T11:07:18Z"
      ~ updated_with = "6ca72b40-debe-4ea5-95d3-6d6bd473d0cb" -> "bf261711-e333-40ab-848d-dc66c03bff9d"

The only way to prevent seeing those changes would be for the provider to not report them in response to refreshing. Terraform reports any change that the provider reports, and so it’s the generally provider’s responsibility to only report useful information which is relevant to the settings being managed by Terraform.

Due to those two attributes constantly change even though you’re not changing anything about the infrastructure with Terraform then it seems like there’s little value in the provider actually tracking them, and so we could drop those attributes altogether in a future release, in order to reduce the noise and focus the change reports only on data that’s actually relevant to the task of managing these objects with Terraform.

Could you please drop it in the new release or should we build it ourself without these attributes?

Thanks a lot in advance and Regards,
Aleksandr

Like it's done for GKE or AKS.

Users will be able to fetch credentials like:

output "kube_config" {
    value = "${ccloud_kubernetes_v1.cluster_1.kubeconfig}"
}

or

resource "local_file" "kubeconfig" {
  sensitive_content = "${ccloud_kubernetes_v1.cluster_1.kubeconfig}"
  filename          = "kubeconfig"
}

/cc @BugRoger @databus23

Current logging implementation of the requests and responses is hacky. Proper logging implementation requires investigation, since there are some tricky bugs in the github.com/go-openapi/runtime/client client (or probably inside the https://golang.org/pkg/net/http/httputil/#DumpRequest), which prints empty payload.

Kubernetes resource must check supported k8s version before applying the k8s version change.

Affected Resource(s)

• ccloud_kubernetes_v1

Expected Behavior

kubernetes provider should check the supported k8s versions before sending the k8s version

Actual Behavior

unsupported k8s version can be set

References

• sapcc/kubernikus#443

Hello,

When I'm adding triggers for agent bootstrap that should re-create this resource before VM replacement, I'm getting Terraform cycle.

Error: Cycle: ccloud_arc_agent_bootstrap_v1.splunk, openstack_compute_instance_v2.splunk

Terraform Version

Terraform v1.5.0
on darwin_arm64

• provider registry.terraform.io/hashicorp/null v3.2.1
• provider registry.terraform.io/sapcc/ccloud v1.4.18
• provider registry.terraform.io/terraform-provider-openstack/openstack v1.51.1

Affected Resource(s)

• ccloud_arc_agent_bootstrap_v1
• openstack_compute_instance_v2

Terraform Configuration Files

resource "ccloud_arc_agent_bootstrap_v1" "splunk" {
  triggers = {
    vm_id = openstack_compute_instance_v2.splunk.id
  }
}

resource "openstack_compute_instance_v2" "splunk" {
  name                   = var.vm_name
  key_pair              = var.keypair
  availability_zone = var.availability_zone
  flavor_id              = data.openstack_compute_flavor_v2.splunk.id
  image_id             = var.image.id

  security_groups = var.security_groups

  network {
    name = var.private_network-name
  }

  user_data = ccloud_arc_agent_bootstrap_v1.splunk.user_data

  connection {
    type                           = "ssh"
    bastion_host             = var.jump_servers[var.domain_name]
    bastion_user             = var.user_name
    bastion_private_key = local.private_key
    host                           = self.access_ip_v4
    user                           = var.provisioning_user_name
    private_key               = local.private_key
  }

  metadata = {
    image_name = var.image.name
    image_id       = var.image.id
  }

  tags = var.tags
}

Same issue appears if I replace triggers with lifecycle from agent bootstrap, a cycle also appears.

  lifecycle {
    replace_triggered_by = [openstack_compute_instance_v2.splunk]
  }

Expected Behavior

Bootstrap agent resource is re-created along with VM replacement.

Actual Behavior

Terraform cycle

Steps to Reproduce

1. terraform validate
2. terraform plan

Hello, colleagues.

It would be nice to add the support of mutli-availability-zones feature that Kubernikus received recently.

My assumption is that the feature should go somewhere here:

Thanks!

It would be beneficial for the platform if it would alsu support resources/data for the CC Castellum service
https://github.com/sapcc/castellum

we are getting the next error
Error getting billing project masterdata: Request forbidden: [GET https://billing.eu-de-2.cloud.sap:64000/masterdata/projects], error message: {"Error":{"status":403,"message":"Only project-admins are allowed to get the costobject for a project!"}}
As you could see the project ID is missed in the request. If I understand correctly it should be https://billing.eu-de-2.cloud.sap:64000/masterdata/projects/ID_OF THE_PROJECT

Thanks a lot in advance.

Originally posted by @ashkraba in #65 (comment)

Hello, colleagues.

This is a feature request to introduce support for automation management in CCloud with Terraform: it is desired to:

• Add instances to automation at the time of instance creation;
• Manage automations (create / modify / delete)

Thanks!

one have to write bash scripts for lbaas support. not sure whether this issue should go directly to the terraform repo.

It would be really nice to have builds for darwin_arm64 since it will allow using this Terraform module on Macbooks with Apple chip.
Thanks in advance.