Code suggestion: limit recreation scenarios of bigip vm #56
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Consider also hostname could cause a recreation. Seems that this module is based for only creating F5 instances but not manage lifecycle. Pheraps it is better to accept a map where you insert hostname and type of machine, because sometimes you want only to upgrade size of VM. Consider also extensions ("custom data") to manage with lifecycle because them are managed by DO or Cloud-Init. For customisation, you could need to put lifecycle also on image type. Because if you use terraform you have to import whole configuration. Instead if you use normal procedure, you could only import the bin file, but terraform sees a change and wants to force replacement. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I am suggesting these changes to the module to stop redeployment of the VM because of 'known after apply' behavior in terraform.
We observed frequent destructive changes to the infra when rerunning identical code. We suspect this being due to certain values not being predictable by terraform forcing recreation of the VM.
Values that were marked as 'known after apply' include
resource_group_nameandlocation, both of which were derived from the data sourceazurerm_resource_group.bigiprg. This data source seemed to serve no purpose other than provide access to these mostly static values.Furthermore
admin_passwordandcustom_dataalso have similar behavior because they are 'sensitive values'. To prevent these properties from causing a redeployment of the VM I added these aslifecycleproperties withignore_changesI do see some merit to having
custom_datachanges trigger a redeploy as the data in this block is not as static however it might be better to force a user to consciously remove the resource viaterraform destroyor deletion of the VM; an update in place is not supported either way and there are more downsides to the unneeded redeployment that these fixes remediate than there are upsides to having modification tocustom_datatrigger an automated redeploy of the entire VM.