kohrar commented on issue #32:
URL:
https://github.com/apache/cloudstack-terraform-provider/issues/32#issuecomment-1113852607
Hi @Damans227
I switched back to the default terraform CloudStack provider (v0.4.0) and
tried to specify a zone to the IP address resource with the same result. This
is what I have:
<details>
<summary>main.tf</summary>
```
# Configure the CloudStack Provider
terraform {
required_providers {
cloudstack = {
source = "cloudstack/cloudstack"
version = "0.4.0"
}
}
}
provider "cloudstack" {
api_url = "${var.cloudstack_api_url}"
api_key = "${var.cloudstack_api_key}"
secret_key = "${var.cloudstack_secret_key}"
}
# Create a new VPC
resource "cloudstack_vpc" "default" {
name = "test-vpc"
display_text = "test-vpc"
cidr = "192.168.0.0/16"
vpc_offering = "Default VPC offering"
zone = "zone1"
}
# Create a new ACL
resource "cloudstack_network_acl" "default" {
name = "test-vpc-acl"
vpc_id = "${cloudstack_vpc.default.id}"
}
# One ingress and one egress rule for the ACL
resource "cloudstack_network_acl_rule" "ingress" {
acl_id = "${cloudstack_network_acl.default.id}"
rule {
action = "allow"
cidr_list = ["10.0.0.0/8"]
protocol = "tcp"
ports = ["22"]
traffic_type = "ingress"
}
rule {
action = "allow"
cidr_list = ["0.0.0.0/0"]
protocol = "tcp"
ports = ["80", "443"]
traffic_type = "ingress"
}
}
resource "cloudstack_network_acl_rule" "egress" {
acl_id = "${cloudstack_network_acl.default.id}"
rule {
action = "allow"
cidr_list = ["0.0.0.0/0"]
protocol = "all"
traffic_type = "egress"
}
}
# Create a new network in the VPC
resource "cloudstack_network" "testnet" {
name = "test-net"
display_text = "test-net"
cidr = "192.168.1.0/24"
network_offering = "UnrestrictedIsolatedNetworkOfferingForVpcNetworks"
acl_id = "${cloudstack_network_acl.default.id}"
vpc_id = "${cloudstack_vpc.default.id}"
zone = "zone1"
}
# Create a new public IP address for this network
resource "cloudstack_ipaddress" "public_ip" {
vpc_id = "${cloudstack_vpc.default.id}"
network_id = "${cloudstack_network.testnet.id}"
zone = "zone1"
}
# Create a port forwarding for SSH to the first VM we create
resource "cloudstack_port_forward" "ssh" {
ip_address_id = "${cloudstack_ipaddress.public_ip.id}"
forward {
protocol = "tcp"
private_port = 22
public_port = 22
virtual_machine_id = "${cloudstack_instance.testvm.id}"
}
}
# Create VMs. We can create multiples by specifying count=
resource "cloudstack_instance" "testvm" {
name = "test-rocky1"
zone = "zone1"
service_offering = "rcs.c1"
# This template was created by Packer with CloudInit support
template = "RockyLinux 8.5, generated on 2022-04-19T17:00:43Z"
network_id = "${cloudstack_network.testnet.id}"
expunge = true
user_data = <<EOF
#cloud-config
ssh_pwauth: yes
disable_root: false
chpasswd:
list: |
root:password
expire: false
EOF
}
```
</details>
<details>
<summary>terraform apply output</summary>
```
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# cloudstack_instance.testvm will be created
+ resource "cloudstack_instance" "testvm" {
+ display_name = (known after apply)
+ expunge = true
+ group = (known after apply)
+ id = (known after apply)
+ ip_address = (known after apply)
+ name = "test-rocky1"
+ network_id = (known after apply)
+ project = (known after apply)
+ root_disk_size = (known after apply)
+ service_offering = "rcs.c1"
+ start_vm = true
+ tags = (known after apply)
+ template = "RockyLinux 8.5, generated on
2022-04-19T17:00:43Z"
+ user_data = "f96d6fc6c87d153271bed7f13c557e517c137458"
+ zone = "zone1"
}
# cloudstack_ipaddress.public_ip will be created
+ resource "cloudstack_ipaddress" "public_ip" {
+ id = (known after apply)
+ ip_address = (known after apply)
+ is_portable = false
+ is_source_nat = (known after apply)
+ network_id = (known after apply)
+ project = (known after apply)
+ tags = (known after apply)
+ vpc_id = (known after apply)
+ zone = "zone1"
}
# cloudstack_network.testnet will be created
+ resource "cloudstack_network" "testnet" {
+ acl_id = (known after apply)
+ cidr = "192.168.1.0/24"
+ display_text = "test-net"
+ endip = (known after apply)
+ gateway = (known after apply)
+ id = (known after apply)
+ name = "test-net"
+ network_domain = (known after apply)
+ network_offering =
"UnrestrictedIsolatedNetworkOfferingForVpcNetworks"
+ project = (known after apply)
+ source_nat_ip_id = (known after apply)
+ startip = (known after apply)
+ tags = (known after apply)
+ vpc_id = (known after apply)
+ zone = "zone1"
}
# cloudstack_network_acl.default will be created
+ resource "cloudstack_network_acl" "default" {
+ description = (known after apply)
+ id = (known after apply)
+ name = "test-vpc-acl"
+ vpc_id = (known after apply)
}
# cloudstack_network_acl_rule.egress will be created
+ resource "cloudstack_network_acl_rule" "egress" {
+ acl_id = (known after apply)
+ id = (known after apply)
+ managed = false
+ parallelism = 2
+ rule {
+ action = "allow"
+ cidr_list = [
+ "0.0.0.0/0",
]
+ icmp_code = (known after apply)
+ icmp_type = (known after apply)
+ ports = []
+ protocol = "all"
+ traffic_type = "egress"
+ uuids = (known after apply)
}
}
# cloudstack_network_acl_rule.ingress will be created
+ resource "cloudstack_network_acl_rule" "ingress" {
+ acl_id = (known after apply)
+ id = (known after apply)
+ managed = false
+ parallelism = 2
+ rule {
+ action = "allow"
+ cidr_list = [
+ "0.0.0.0/0",
]
+ icmp_code = (known after apply)
+ icmp_type = (known after apply)
+ ports = [
+ "443",
+ "80",
]
+ protocol = "tcp"
+ traffic_type = "ingress"
+ uuids = (known after apply)
}
+ rule {
+ action = "allow"
+ cidr_list = [
+ "10.0.0.0/8",
]
+ icmp_code = (known after apply)
+ icmp_type = (known after apply)
+ ports = [
+ "22",
]
+ protocol = "tcp"
+ traffic_type = "ingress"
+ uuids = (known after apply)
}
}
# cloudstack_port_forward.ssh will be created
+ resource "cloudstack_port_forward" "ssh" {
+ id = (known after apply)
+ ip_address_id = (known after apply)
+ managed = false
+ forward {
+ private_port = 22
+ protocol = "tcp"
+ public_port = 22
+ uuid = (known after apply)
+ virtual_machine_id = (known after apply)
}
}
# cloudstack_vpc.default will be created
+ resource "cloudstack_vpc" "default" {
+ cidr = "192.168.0.0/16"
+ display_text = "test-vpc"
+ id = (known after apply)
+ name = "test-vpc"
+ network_domain = (known after apply)
+ project = (known after apply)
+ source_nat_ip = (known after apply)
+ tags = (known after apply)
+ vpc_offering = "Default VPC offering"
+ zone = "zone1"
}
Plan: 8 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
cloudstack_vpc.default: Creating...
cloudstack_vpc.default: Still creating... [10s elapsed]
cloudstack_vpc.default: Still creating... [20s elapsed]
cloudstack_vpc.default: Creation complete after 21s
[id=9b549e57-898f-4bc0-a15d-2cbb6e9362b7]
cloudstack_network_acl.default: Creating...
cloudstack_network_acl.default: Creation complete after 1s
[id=7baa7cad-fa9b-42ca-bf61-cac5a2510906]
cloudstack_network.testnet: Creating...
cloudstack_network_acl_rule.egress: Creating...
cloudstack_network_acl_rule.ingress: Creating...
cloudstack_network.testnet: Creation complete after 1s
[id=5c220bee-f251-4039-8ae5-b1e10babb823]
cloudstack_instance.testvm: Creating...
cloudstack_ipaddress.public_ip: Creating...
cloudstack_ipaddress.public_ip: Creation complete after 1s
[id=c1a607fa-8f3b-4264-b9db-e2654cc0430b]
cloudstack_network_acl_rule.egress: Creation complete after 2s
[id=7baa7cad-fa9b-42ca-bf61-cac5a2510906]
cloudstack_network_acl_rule.ingress: Still creating... [10s elapsed]
cloudstack_instance.testvm: Still creating... [10s elapsed]
cloudstack_instance.testvm: Creation complete after 10s
[id=a2551ce8-d7fc-4647-9b51-9d21a878f212]
cloudstack_port_forward.ssh: Creating...
cloudstack_port_forward.ssh: Creation complete after 4s
[id=c1a607fa-8f3b-4264-b9db-e2654cc0430b]
cloudstack_network_acl_rule.ingress: Still creating... [20s elapsed]
cloudstack_network_acl_rule.ingress: Still creating... [30s elapsed]
cloudstack_network_acl_rule.ingress: Creation complete after 33s
[id=7baa7cad-fa9b-42ca-bf61-cac5a2510906]
Apply complete! Resources: 8 added, 0 changed, 0 destroyed.
```
</details>
tfstate still has an empty value for `network_id`:
```
{
"mode": "managed",
"type": "cloudstack_ipaddress",
"name": "public_ip",
"provider":
"provider[\"registry.terraform.io/cloudstack/cloudstack\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"id": "c1a607fa-8f3b-4264-b9db-e2654cc0430b",
"ip_address": "10.44.121.9",
"is_portable": false,
"is_source_nat": false,
"network_id": "", <-- still empty
"project": "",
"tags": {},
"vpc_id": "9b549e57-898f-4bc0-a15d-2cbb6e9362b7",
"zone": "zone1"
},
"sensitive_attributes": [],
"private": "bnVsbA==",
"dependencies": [
"cloudstack_network.testnet",
"cloudstack_network_acl.default",
"cloudstack_vpc.default"
]
}
]
},
```
> So, I didn't change the default version of cloudstack-go imported in the
resource_cloudstack_ipaddress.go file. If I follow the location of the
cloudstack-go import, it takes me to
[v2.11.0.](https://pkg.go.dev/github.com/apache/cloudstack-go/[email protected]/cloudstack)
I had to change the `go.mod` file so the cloudstack library uses a local
copy I cloned. Basically, I appended these two lines to `go.mod`:
```
replace github.com/apache/cloudstack-go/v2 => ./cloudstack-go
exclude github.com/apache/cloudstack-go/v2 v2.11.0
```
Then re-run go build and copied the compiled terraform provider over the
original binary.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
