xanzy / terraform-provider-cloudstack Goto Github PK

CloudStack Terraform provider

License: Apache License 2.0

Makefile 0.45% Go 96.48% Shell 1.33% HTML 1.74%

terraform-provider-cloudstack's Introduction

This repository is archived as it's development has been moved to the Apache Foundation. Please find the new home for this provider here: https://github.com/apache/cloudstack-terraform-provider

Terraform Provider

Website: https://www.terraform.io
Mailing list: Google Groups

Requirements

Terraform 0.10.x
Go 1.8 (to build the provider plugin)

Building The Provider

Clone repository to: $GOPATH/src/github.com/xanzy/terraform-provider-cloudstack

$ mkdir -p $GOPATH/src/github.com/xanzy; cd $GOPATH/src/github.com/xanzy
$ git clone [email protected]:xanzy/terraform-provider-cloudstack

Enter the provider directory and build the provider

$ cd $GOPATH/src/github.com/xanzy/terraform-provider-cloudstack
$ make build

Developing the Provider

If you wish to work on the provider, you'll first need Go installed on your machine (version 1.8+ is required). You'll also need to correctly setup a GOPATH, as well as adding $GOPATH/bin to your $PATH.

To compile the provider, run make build. This will build the provider and put the provider binary in the $GOPATH/bin directory.

$ make bin
...
$ $GOPATH/bin/terraform-provider-cloudstack
...

Testing the Provider

In order to test the provider, you can simply run make test.

$ make test

In order to run the full suite of Acceptance tests you will need to run the CloudStack Simulator. Please follow these steps to prepare an environment for running the Acceptance tests:

$ docker pull svanharmelen/simulator:4.12.0.0
$ docker run -d -p 8080:8080 --name cloudstack svanharmelen/simulator:4.12.0.0

When Docker started the container you can go to http://localhost:8080/client and login to the CloudStack UI as user admin with password password. It can take a few minutes for the container is fully ready, so you probably need to wait and refresh the page for a few minutes before the login page is shown.

Once the login page is shown and you can login, you need to provision a simulated data-center:

$ docker exec -ti cloudstack python /root/tools/marvin/marvin/deployDataCenter.py -i /root/setup/dev/advanced.cfg

If you refresh the client or login again, you will now get passed the initial welcome screen and be able to go to your account details and retrieve the API key and secret. Export those together with the URL:

$ export CLOUDSTACK_API_URL=http://localhost:8080/client/api
$ export CLOUDSTACK_API_KEY=r_gszj7e0ttr_C6CP5QU_1IV82EIOtK4o_K9i_AltVztfO68wpXihKs2Tms6tCMDY4HDmbqHc-DtTamG5x112w
$ export CLOUDSTACK_SECRET_KEY=tsfMDShFe94f4JkJfEh6_tZZ--w5jqEW7vGL2tkZGQgcdbnxNoq9fRmwAtU5MEGGXOrDlNA6tfvGK14fk_MB6w

In order for all the tests to pass, you will need to create a new (empty) project in the UI called terraform. When the project is created you can run the Acceptance tests against the CloudStack Simulator by simply runnning:

$ make testacc

terraform-provider-cloudstack's People

Contributors

Stargazers

Watchers

terraform-provider-cloudstack's Issues

Not defining tags attribute should not trigger change

Terraform Version

Run terraform -v to show the version. If you are not running the latest version of Terraform, please upgrade because your issue may have already been fixed.

➜ digi_opstest git:(master) terraform --version
Terraform v0.11.1

provider.aws v1.6.0
provider.cloudstack v0.1.2

Affected Resource(s)

Please list the resources as a list, for example:

cloudstack_instance and all others that have tag support it appears

Terraform Configuration Files

resource "cloudstack_instance" "ssh" {
  name             = "whatever"
  service_offering = "whatever"
  network_id       = "whatever"
  template         = "whatever"
  zone             = "whatever"

  #tags = {
  #  
  #}

}

Debug Output

~ cloudstack_instance.ssh
tags.%: "" =>

Expected Behavior

Upgrading terraform provider version to 0.1.2 on existing infrastructure should not trigger change for optional tags attribute

Actual Behavior

Running apply without defining tags, triggers change. Even after aplying change, rerunning plan/apply will trigger change.

root_disk_size unit changes after creation of instance (GB to Bytes)

Hi there,

After creating any instance the units of the root_disk_size parameter are changed in the terraform state making it inconsistent agains the code. And trying to force the creation of a new resource.

Terraform Version

Terraform v0.11.7

provider.cloudstack v0.1.4
provider.template v1.0.0

Affected Resource(s)

cloudstack_instance

Terraform Configuration Files

/************************************************
* Instance resource for module
***********************************************/
resource "cloudstack_instance" "ci_simple" {
  name                = "${format("tf-%v-%v-%v-%v", var.instance_name, var.service, var.client, var.env)}"
  service_offering    = "${var.service_offering}"
  template            = "${var.instance_template}"
  network_id          = "${var.network_id}"
  ip_address          = "${var.ip_address}"
  zone                = "${var.cs_zone}"
  root_disk_size      = "${var.root_disk_size}"
  user_data           = "${data.template_cloudinit_config.config.rendered}"
  keypair             = "${var.ssh_keypair}"
  expunge             = true
}

module "rundeck" {
  source = "../../tf-axidpp-infra-mods/ci_simple"
  cs_zone = "${var.cs_zone}"

  network_id = "${module.vpc.subnet_app_id}"
  ssh_keypair = "${cloudstack_ssh_keypair.bastion-axidpp-prod.name}"
  instance_name = "rundeck"
  instance_template = "${var.instance_template}"

  root_disk_size = "50"

  service = "${var.service}"
  client = "${var.client}"
  env = "${var.env}"
  prov-reg = "${var.prov-reg}"
  domain = "${var.domain}"
  salt_master_fqdn = "${var.salt_master_fqdn}"
  salt_minion_version = "${var.salt_minion_version}"
  user-data = "userdata_pk.tpl"
  host_ssh_private = "${cloudstack_ssh_keypair.rundeck-axidpp-prod.private_key}"
}

Debug Output

Debug output while creating instance:

Terraform will perform the following actions:

  + module.bwide-etl.cloudstack_instance.ci_simple
      id:               <computed>
      display_name:     <computed>
      expunge:          "true"
      group:            <computed>
      ip_address:       "10.109.40.12"
      keypair:          "bastion-axidpp-prod"
      name:             "tf-bwide-etl-dpp-axi-prod"
      network_id:       "f61214b6-7477-46ac-b3c2-e1548de3f242"
      project:          <computed>
      root_disk_size:   "20"
      service_offering: "4vCPU-8GB-SSD-STD-SF"
      tags.%:           <computed>
      template:         "AXI-CentOS-7-x86_64-Minimal"
      user_data:        "fc53581e3bca48406e504baba280a56c4d6dd0d0"
      zone:             "swiss1"


Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

2018/04/26 11:14:21 [INFO] terraform: building graph: GraphTypeApply
ervice'\n - 'systemctl restart salt-minion.service'\nwrite_files:\n - content: |\n        alias ls='ls --color=auto'\n        alias grep='grep --color=auto'\n        N=\"\\[\\e[0m\\]\"\n        R=\"\\[\\e[1;31m\\]\"\n        G=\"\\[\\033[32m\\]\"\n        if [[ $EUID == 0 ]] ; then\n          PS1=\"$R\\u@\\h :[ $N\\w$R ]:# $N\"\n        else\n          PS1=\"$G\\u@\\h :[ $N\\w$G ]:\\$ $N\"\n        fi\n        unset R G N\n#\n   path: /etc/skel/.bashrc\n   owner: root:root\n   permissions: '0644'\r\n--MIMEBOUNDARY--\r\n", RequiresNew:false, Sensitive:false, Type:0x0}, "root_disk_size":*terraform.ResourceAttrDiff{Old:"", New:"20", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "project":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "network_id":*terraform.ResourceAttrDiff{Old:"", New:"f61214b6-7477-46ac-b3c2-e1548de3f242", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "name":*terraform.ResourceAttrDiff{Old:"", New:"tf-bwide-etl-dpp-axi-prod", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags.%":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "ip_address":*terraform.ResourceAttrDiff{Old:"", New:"10.109.40.12", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "template":*terraform.ResourceAttrDiff{Old:"", New:"AXI-CentOS-7-x86_64-Minimal", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "group":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "service_offering":*terraform.ResourceAttrDiff{Old:"", New:"4vCPU-8GB-SSD-STD-SF", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "expunge":*terraform.ResourceAttrDiff{Old:"", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "keypair":*terraform.ResourceAttrDiff{Old:"", New:"bastion-axidpp-prod", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)}
...
...
20module.bwide-etl.cloudstack_instance.ci_simple: Creating...
  display_name:     "" => "<computed>"
  expunge:          "" => "true"
  group:            "" => "<computed>"
  ip_address:       "" => "10.109.40.12"
  keypair:          "" => "bastion-axidpp-prod"
  name:             "" => "tf-bwide-etl-dpp-axi-prod"
  network_id:       "" => "f61214b6-7477-46ac-b3c2-e1548de3f242"
  project:          "" => "<computed>"
  root_disk_size:   "" => "20"
  service_offering: "" => "4vCPU-8GB-SSD-STD-SF"
  tags.%:           "" => "<computed>"
  template:         "" => "AXI-CentOS-7-x86_64-Minimal"
  user_data:        "" => "fc53581e3bca48406e504baba280a56c4d6dd0d0"
2018-04-26T11:14:22.015+0200 [DEBUG] plugin.terraform-provider-cloudstack_v0.1.4_x4: 2018/04/26 11:14:22 [DEBUG] Retrieving ID of service_offering: 4vCPU-8GB-SSD-STD-SF
  zone:             "" => "swiss1"
2018-04-26T11:14:22.081+0200 [DEBUG] plugin.terraform-provider-cloudstack_v0.1.4_x4: 2018/04/26 11:14:22 [DEBUG] Retrieving ID of zone: swiss1
2018-04-26T11:14:22.132+0200 [DEBUG] plugin.terraform-provider-cloudstack_v0.1.4_x4: 2018/04/26 11:14:22 [DEBUG] Retrieving ID of template: AXI-CentOS-7-x86_64-Minimal
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (10s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (20s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (30s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (40s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (50s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (1m0s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (1m10s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (1m20s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (1m30s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (1m40s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (1m50s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (2m0s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (2m10s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (2m20s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Still creating... (2m30s elapsed)
module.bwide-etl.cloudstack_instance.ci_simple: Creation complete after 2m32s (ID: 551bfafe-16a0-48a1-803f-be54ea6ef647)

Debug output after creation, terraform plan:

2018/04/26 11:27:52 [DEBUG] Starting graph walk: walkPlan
2018/04/26 11:27:52 [TRACE] dag/walk: added new vertex: "provider.cloudstack"
2018/04/26 11:27:52 [TRACE] dag/weResourceInstance
2018/04/26 11:27:52 [DEBUG] ReferenceTransformer: "module.bwide-etl.cloudstack_instance.ci_simple" references: []
2018/04/26 11:27:52 [TRACE] Graph after step *terraform.ReferenceTransformer:

module.bwide-etl.cloudstack_instance.ci_simple - *terraform.NodePlannableResourceInstance
2018/04/26 11:27:52 [TRACE] Graph after step *terraform.RootTransformer:

module.bwide-etl.cloudstack_instance.ci_simple - *terraform.NodePlannableResourceInstance
2018/04/26 11:27:52 [TRACE] dag/walk: added new vertex: "module.bwide-etl.cloudstack_instance.ci_simple"
2018/04/26 11:27:52 [TRACE] dag/walk: walking "module.bwide-etl.cloudstack_instance.ci_simple"
2018/04/26 11:27:52 [TRACE] vertex 'root.bwide-etl.module.bwide-etl.cloudstack_instance.ci_simple': walking
2018/04/26 11:27:52 [TRACE] root.crifch-etl: eval: *terraform.EvalIf
2018/04/26 11:27:52 [TRACE] root.crifch-etl: eval: *terraform.EvalIf, err: early exit
2018/04/26 11:27:52 [TRACE] root.crifch-etl: eval: *terraform.EvalSequence, err: early exit
2018/04/26 11:27:52 [TRACE] [walkPlan] Exiting eval tree: module.crifch-etl.data.template_cloudinit_config.config
2018/04/26 11:27:52 [TRACE] dag/walk: walking "provider.template (close)"
2018/04/26 11:27:52 [TRACE] vertex 'root.provider.template (close)': walking
2018/04/26 11:27:52 [TRACE] dag/walk: walking "module.crifch-etl.cloudstack_instance.ci_simple"
2018/04/26 11:27:52 [TRACE] vertex 'root.provider.template (close)': evaluating
2018/04/26 11:27:52 [TRACE] [walkPlan] Entering eval tree: provider.template (close)
2018/04/26 11:27:52 [TRACE] vertex 'root.module.crifch-etl.cloudstack_instance.ci_simple': walking
2018/04/26 11:27:52 [TRACE] vertex 'root.bwide-etl.module.bwide-etl.cloudstack_instance.ci_simple': evaluating
2018/04/26 11:27:52 [TRACE] root: eval: *terraform.EvalCloseProvider
2018/04/26 11:27:52 [TRACE] [walkPlan] Entering eval tree: module.bwide-etl.cloudstack_instance.ci_simple
2018/04/26 11:27:52 [TRACE] root.bwide-etl: eval: *terraform.EvalSequence
2018/04/26 11:27:52 [TRACE] root.bwide-etl:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

-/+ module.bwide-etl.cloudstack_instance.ci_simple (new resource required)
      id:               "551bfafe-16a0-48a1-803f-be54ea6ef647" => <computed> (forces new resource)
      display_name:     "tf-bwide-etl-dpp-axi-prod" => <computed>
      expunge:          "true" => "true"
      group:            "" => <computed>
      ip_address:       "10.109.40.12" => "10.109.40.12"
      keypair:          "bastion-axidpp-prod" => "bastion-axidpp-prod"
      name:             "tf-bwide-etl-dpp-axi-prod" => "tf-bwide-etl-dpp-axi-prod"
      network_id:       "f61214b6-7477-46ac-b3c2-e1548de3f242" => "f61214b6-7477-46ac-b3c2-e1548de3f242"
      project:          "" => <computed>
      root_disk_size:   "21474836480" => "20" (forces new resource)
      service_offering: "4vCPU-8GB-SSD-STD-SF" => "4vCPU-8GB-SSD-STD-SF"
      tags.%:           "0" => <computed>
      template:         "AXI-CentOS-7-x86_64-Minimal" => "AXI-CentOS-7-x86_64-Minimal"
      user_data:        "fc53581e3bca48406e504baba280a56c4d6dd0d0" => "fc53581e3bca48406e504baba280a56c4d6dd0d0"
      zone:             "swiss1" => "swiss1"


Plan: 1 to add, 0 to change, 1 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

Expected Behavior

After applying following plan a instance is created successfully. But when listing the plan again (as shown belo) the root_size_disk value changes its format from GB to Bytes which follows to an inconsistency between the code and the terraform state.

The expected behavior is that the terraform state keeps the value of the created instance in GB. And that every time that the state is refreshed root_disk_size value remains as defined in the code.

terraform plan

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

data.template_file.user_data: Refreshing state...
data.template_file.user_data: Refreshing state...
data.template_cloudinit_config.config: Refreshing state...
data.template_cloudinit_config.config: Refreshing state...
cloudstack_instance.ci_simple: Refreshing state... (ID: fcaf31b4-8c7b-4b3f-9083-2b9c2ad94b41)
cloudstack_disk.crifch-etl-data: Refreshing state... (ID: 6b609ec5-9550-445f-8214-f93b059ab8b9)

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + module.bwide-etl.cloudstack_instance.ci_simple
      id:               <computed>
      display_name:     <computed>
      expunge:          "true"
      group:            <computed>
      ip_address:       "10.109.40.12"
      keypair:          "bastion-axidpp-prod"
      name:             "tf-bwide-etl-dpp-axi-prod"
      network_id:       "f61214b6-7477-46ac-b3c2-e1548de3f242"
      project:          <computed>
      root_disk_size:   "20"
      service_offering: "4vCPU-8GB-SSD-STD-SF"
      tags.%:           <computed>
      template:         "AXI-CentOS-7-x86_64-Minimal"
      user_data:        "fc53581e3bca48406e504baba280a56c4d6dd0d0"
      zone:             "swiss1"


Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

After apply, terraform plan again:

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

data.template_file.user_data: Refreshing state...
data.template_file.user_data: Refreshing state...
data.template_cloudinit_config.config: Refreshing state...
data.template_cloudinit_config.config: Refreshing state...
cloudstack_instance.ci_simple: Refreshing state... (ID: 551bfafe-16a0-48a1-803f-be54ea6ef647)
cloudstack_instance.ci_simple: Refreshing state... (ID: fcaf31b4-8c7b-4b3f-9083-2b9c2ad94b41)
cloudstack_disk.crifch-etl-data: Refreshing state... (ID: 6b609ec5-9550-445f-8214-f93b059ab8b9)

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

-/+ module.bwide-etl.cloudstack_instance.ci_simple (new resource required)
      id:               "551bfafe-16a0-48a1-803f-be54ea6ef647" => <computed> (forces new resource)
      display_name:     "tf-bwide-etl-dpp-axi-prod" => <computed>
      expunge:          "true" => "true"
      group:            "" => <computed>
      ip_address:       "10.109.40.12" => "10.109.40.12"
      keypair:          "bastion-axidpp-prod" => "bastion-axidpp-prod"
      name:             "tf-bwide-etl-dpp-axi-prod" => "tf-bwide-etl-dpp-axi-prod"
      network_id:       "f61214b6-7477-46ac-b3c2-e1548de3f242" => "f61214b6-7477-46ac-b3c2-e1548de3f242"
      project:          "" => <computed>
      root_disk_size:   "21474836480" => "20" (forces new resource)
      service_offering: "4vCPU-8GB-SSD-STD-SF" => "4vCPU-8GB-SSD-STD-SF"
      tags.%:           "0" => <computed>
      template:         "AXI-CentOS-7-x86_64-Minimal" => "AXI-CentOS-7-x86_64-Minimal"
      user_data:        "fc53581e3bca48406e504baba280a56c4d6dd0d0" => "fc53581e3bca48406e504baba280a56c4d6dd0d0"
      zone:             "swiss1" => "swiss1"


Plan: 1 to add, 0 to change, 1 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

Actual Behavior

What actually happened?

Steps to Reproduce

terraform plan
terraform apply
terraform plan

Important Factoids

Till the terraform version 0.11.0 this issue was not present

Tags were removed from resources

In f85ae6c every resource containing the tags field had this field and the corresponding logic commented out. This code remains commented out on the current master and I wasn't able to find any mention to the fact on the documentation or the release nodes.

Some examples of commented code blocks are:
https://github.com/terraform-providers/terraform-provider-cloudstack/blob/ff819b4ab46e143a333810c51d9080091d0161d0/cloudstack/resource_cloudstack_instance.go#L155
and
https://github.com/terraform-providers/terraform-provider-cloudstack/blob/ff819b4ab46e143a333810c51d9080091d0161d0/cloudstack/resource_cloudstack_instance.go#L287-L289

Was this done by accident, perhaps? If so, would it be okay to simply uncomment the tags and their logic in a pull-request?

Terraform deletes all networks and associated vpcs if you add one new or delete one

CloudStack Version

4.9.2.0-1.el7.centos

Terraform Version

Terraform v0.10.0

Affected Resource(s)

cloudstack_vpc
cloudstack_network

Terraform Configuration Files

# creating the vpc
resource "cloudstack_vpc" "myvpc" {
  name          = "myvpc"
  cidr          = "10.99.0.0/16"
  vpc_offering  = "Default VPC Offering"
  zone          = "${var.zone}"
  network_domain = "myvpc.awesome"
  project       = "${var.project}"
}

resource "cloudstack_network" "Public" {
  name              = "Public"
  cidr              = "10.99.1.0/24"
  gateway           = "10.99.1.1"
  network_offering  = "Default VPC Network with LB"
  zone              = "${var.zone}"
  vpc_id            = "${cloudstack_vpc.myvpc.id}"
  project           = "${var.project}"
  acl_id            = "ebefcc96-75f5-11e7-adb3-e2bd27d4977e" # default static id of cloudstack
}

resource "cloudstack_network" "network1" {
  name              = "network1"
  cidr              = "10.99.2.0/24"
  gateway           = "10.99.2.1"
  network_offering  = "${var.network_offering_internalwithrouter}"
  zone              = "${var.zone}"
  vpc_id            = "${cloudstack_vpc.myvpc.id}"
  project           = "${var.project}"
  acl_id            = "ebefcc96-75f5-11e7-adb3-e2bd27d4977e" # default static id of cloudstack
}

# add this after you have created public and network1
resource "cloudstack_network" "newnetwork" {
  name              = "newnetwork"
  cidr              = "10.99.3.0/24"
  gateway           = "10.99.3.1"
  network_offering  = "${var.network_offering_internalwithrouter}"
  zone              = "${var.zone}"
  vpc_id            = "${cloudstack_vpc.myvpc.id}"
  project           = "${var.project}"
  acl_id            = "ebefcc96-75f5-11e7-adb3-e2bd27d4977e" # default static id of cloudstack
}

Expected Behavior

newnetwork should be created without destroying public and network1.

Actual Behavior

if you apply this, you get a vpc called myvpc and two networks: public and network1. after the apply add another network into your main.tf called newnetwork and apply this again. Now you see in terraform and at the cloudstack gui that all networks are going to be destroyed and new created.

Unable to create firewall rule for the IP address ID=## as IP is not associated with any network and no networkId is passed in

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

Run terraform -v to show the version. If you are not running the latest version of Terraform, please upgrade because your issue may have already been fixed.

Terraform v0.11.3

provider.cloudstack v0.1.4

Affected Resource(s)

Please list the resources as a list, for example:

cloudstack_firewall

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

# Full config at: https://gist.github.com/icornett/4bb51d43bf49891357f58cc39d09b618

resource "cloudstack_ipaddress" "k8s-ip" {
   network_id = "${cloudstack_network.k8s.id}"
   vpc_id     = "562142c9-5f70-4fd5-a4e1-eb73245011ac"
   is_portable   = false
}

resource "cloudstack_firewall" "k8s-firewall" {
   ip_address_id = "${cloudstack_ipaddress.k8s-ip.id}"
   managed       = true

   rule {
       cidr_list = ["0.0.0.0/0"]
       protocol  = "tcp"
       ports     = ["22", "2200-2202"]
   }
}

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://www.terraform.io/docs/internals/debugging.html. Please do NOT paste the debug output in the issue; just paste a link to the Gist.

https://gist.github.com/icornett/4bb51d43bf49891357f58cc39d09b618

Panic Output

If Terraform produced a panic, please provide a link to a GitHub Gist containing the output of the crash.log.

Expected Behavior

What should have happened?

Cloudstack Firewall should have built with passed-in IP address ID

Actual Behavior

What actually happened?

cloudstack_firewall.k8s-firewall: 1 error(s) occurred:
cloudstack_firewall.k8s-firewall: 1 error(s) occurred:
CloudStack API error 431 (CSExceptionErrorCode: 4350): Unable to create firewall rule for the IP address ID=25 as IP is not associated with any network and no networkId is passed in

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform apply

Important Factoids

Are there anything atypical about your accounts that we should know? For example: Running in EC2 Classic? Custom version of OpenStack? Tight ACLs?

Cloudstack 4.9.3.0

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

Add new resource: Project

Hi,

Would be really good, if someone can add resource - Project (cloudstack_project) for better experience in using CS provider. It's important resource because almost always new environment in CS starting from this step.

Thank you for reviewing this issue.

Terraform doesn't work with ASC 4.15

Hi there,

Terraform Version

Terraform v0.13.5

provider registry.terraform.io/hashicorp/null v3.0.0
provider registry.terraform.io/terraform-providers/cloudstack v0.3.0

Affected Resource(s)

At least:

cloudstack_security_group
cloudstack_instance

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

provider "cloudstack" {
  api_url    = var.cloudstack_api_url
  api_key    = var.cloudstack_api_key
  secret_key = var.cloudstack_secret_key
}

resource "cloudstack_security_group" "default" {
  name        = "allow_web"
  description = "Allow access to HTTP and HTTPS"
}


resource "cloudstack_security_group_rule" "web" {

  security_group_id = cloudstack_security_group.default.id

  rule {
    cidr_list = ["0.0.0.0/0"]
    protocol  = "tcp"
    ports     = ["80", "443"]
  }

}


resource "cloudstack_instance" "web" {
  name             = "server-1"
  service_offering = "004c5ceb-6f48-4cbf-bd9a-435921a0d539"
  network_id       = "c32328f6-956d-4b2c-80eb-3b56876e06e3"
  template         = "Ubuntu 18.04"
  zone             = "25856f21-9121-4401-9f80-fb1ad35a06d:"
  expunge          = "true"
}


#This resource is made to allow Terraform to output the list of Hosts into the Ansible's inventory file
resource "null_resource" "provisioning"{
    provisioner "local-exec" {
      command = "rm -f provisioning/inventory/hosts && mkdir -p provisioning/inventory/ && /usr/bin/echo -e '[web]\n${cloudstack_instance.web.ip_address}' > provisioning/inventory/hosts"
    }
}

Debug Output

https://gist.github.com/Lucasgranet/3cfc4eca06ecb5d7b83f89c7b410b1a2

Panic Output

N/A

Expected Behavior

Should create defined ressources.

Actual Behavior

Crash and provide following error :

cloudstack_security_group.default: Creating...
cloudstack_instance.web: Creating...

Error: Error creating security group allow_web: invalid character '<' looking for beginning of value

  on web.tf line 7, in resource "cloudstack_security_group" "default":
   7: resource "cloudstack_security_group" "default" {



Error: Error retrieving ID of zone 25856f21-9121-4401-9f80-fb1ad35a06d:: invalid character '<' looking for beginning of value

  on web.tf line 26, in resource "cloudstack_instance" "web":
  26: resource "cloudstack_instance" "web" {

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform apply

Important Factoids

References

root_disk_size changed on cloud provider side isn't synced to state

I updated my instance root disk size from 50 too 200GB on the cloud provider web interface (exoscale).
After running terraform plan, I expected the state to sync with the cloud provider API, but it still showed 50GB.

I fixed this with the workflow terraform state pull | edit s/50/200/ | terraform state push, but I think the provider cloud be fixed to handle that case.

Terraform v0.11.1

Add a cloudstack_template datasource

It would be nice to have a cloudstack_template datasource that would return the latest template matching a pattern. For example:

datasource "cloudstack_template "ubuntu" {
  most_recent = true

  filter {
    name  = "name"
    value = "Ubuntu 16.04 .*"
  }
}

Terraform crash on "terraform destroy"

This issue was originally opened by @brucegl as hashicorp/terraform#16140. It was migrated here as a result of the provider split. The original body of the issue is below.

Hi there,

I received the !!! TERRAFORM CRASH !!! message, so I'm reporting the version and crash log as requested by the message.

Terraform Version

Terraform v0.10.6

Terraform Configuration Files

Not submitted

Debug Output

Not submitted

Crash Output

https://gist.github.com/brucegl/868ad142326d8821cb23480cfc26efa9

Expected Behavior

Should have destroyed all the resources

Actual Behavior

Destroyed all except the cloudstack_network.commonservices resource. Running terraform destroy again will destroy this last resource.

Steps to Reproduce

Not submitted

Important Factoids

None

References

None

Error creating the new instance test: json: cannot unmarshal string into Go struct field DeployVirtualMachineResponse.ostypeid of type int64

Hi there,

Sorry if this has been mentioned before can't see anything that relates that has been done lately. Guessing its a API mis-match on expected and returned data but could be wrong.

Terraform Version

Terraform v0.11.11

provider.cloudstack v0.1.5
or tried provider.cloudstack v0.1.7

on docker cloudstack/simulator:latest running cloudstack 4.12.0.0-SNAPSHOT

Affected Resource(s)

cloudstack_instance

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

cloudstack/cloudstack_instance/main.tf

resource "cloudstack_instance" "instance" {
  name             = "${var.name}"
  service_offering = "${var.service_offering}"
  template         = "${var.template}"
  zone             = "${var.zone}"
}

cloudstack/cloudstack_instance/outputs.tf

output "id" {
  value       = "cloudstack_instance.instance.*.id"
  description = "The instance ID"
}

output "display_name" {
  value       = "cloudstack_instance.instance.*.display_name"
  description = "The display name of the instance"
}

cloudstack/cloudstack_instance/variables.tf

variable "name" {
  description = "The name of the instance"
}

variable "service_offering" {
  description = "The name or ID of the service offering used for this instance"
}

variable "template" {
  description = "The name or ID of the template used for this instance. Changing this forces a new resource to be created"
}

variable "zone" {
  description = "The name or ID of the zone where this instance will be created. Changing this forces a new resource to be created"
}

main.tf

module "example-instance" {
  source           = "cloudstack/cloudstack_instance"

  name             = "${var.example_name}"
  service_offering = "${var.example-service_offering}"
  template         = "${var.example-instance_template}"
  zone             = "${var.example_zone}"
}

variables.tf

#defaults
variable "example_zone"             { default = "Sandbox-simulator" }
variable "example-disk_offering"    { default = "PS0" }
variable "example-service_offering" { default = "Small Instance" }
variable "example-network_id"       { default = "admin-network" }

# Example instance
variable "example-instance_template"         { default = "CentOS 5.6 (64-bit) no GUI (Simulator)" }

Debug Output

https://github.com/Dan-Wolfy/brokenstuff/blob/master/terraform-cloudstack/1.txt

Expected Behavior

Create the VM errorING

Actual Behavior

Errors and doesn't built terraform.tfstate but manual check via admin GUI shows the instance running.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

create file;-
docker-compose.yaml
version: '3'
services:
cloudstack:
image: cloudstack/simulator:latest
ports:
- "8080:8080"
- "8096:8096"
Docker-compose up -d
docker exec -ti cloudstackdocker_cloudstack_1 python /root/tools/marvin/marvin/deployDataCenter.py -i /root/setup/dev/basic.cfg
terraform apply

Important Factoids

on docker cloudstack/simulator:latest running cloudstack 4.12.0.0-SNAPSHOT
Also tried using the UUIDs instead of names and same error

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:
#43 looks like same issue but different provider.

Request Network ACL Rules number support

Hi,

After reviewing the code of resource_cloudstack_network_acl_rule.go
it seems not possible to specify a "rule number" parameter for ordering them.

This is a important feature in firewalling when you need that rules are ordered.

Moreover the function SetNumber exists in the cloudstack client NetworkACLService.go.

This issue is to ask the support of an additionnal parameter to specify a rule number in a rule as it is supported in Cloudstack.

Thank you for reviewing this issue.

API version too old

Hi,

Running terraform 0.12.7 with the current cloudstack provider gives me the following error:

Error: Failed to instantiate provider "cloudstack" to obtain schema: Incompatible API version with plugin. Plugin version: 4, Client versions: [5]

Our provider updated their cloudstack installation to 4.11.1.0 recently.

What can we do?

terraform import cloudstack_network does not work

Hi,

Terraform Version

Terraform v0.11.11

provider.cloudstack v0.2.0

Affected Resource(s)

cloudstack_network

Debug Output

https://gist.github.com/gurubert/471cbfe97ad8d16de3729a7e0bd5b845

Expected Behavior

The network is imported

Actual Behavior

The network has not been imported

Important Factoids

The network has been defined within a project and is only listed in cloudmonkey when the project id is also supplied.

Terraform Crashes on Security Group Removal

Terraform Version

Terraform v0.9.8

Affected Resource(s)

Please list the resources as a list, for example:

cloudstack_security_group
cloudstack_security_group_rule

Terraform Configuration Files

resource "cloudstack_security_group" "scalr-client" {
  name        = "Scalr Client"
  description = "Allows Scalr/Scalarizr communication"
}

resource "cloudstack_security_group" "shippr" {
  name        = "Shippr"
  description = "Rules for Shippr deployed java apps"
}

resource "cloudstack_security_group" "ssh" {
  name        = "SSH"
  description = "Allow SSH access to a server"
}

resource "cloudstack_security_group" "consul" {
  name        = "Consul"
  description = "Rules required for Consul agents"
}

resource "cloudstack_security_group" "ping" {
  name        = "ICMP Ping"
  description = "Enables ICMP"
}

resource "cloudstack_security_group_rule" "scalr-client" {
  security_group_id = "${cloudstack_security_group.scalr-client.id}"

  rule {
    cidr_list = ["0.0.0.0/0"]
    protocol  = "tcp"
    ports     = ["80", "443", "8007-8014"]
  }
}

resource "cloudstack_security_group_rule" "shippr" {
  security_group_id = "${cloudstack_security_group.shippr.id}"

  rule {
    cidr_list = ["0.0.0.0/0"]
    protocol  = "tcp"
    ports     = ["80", "8080", "9080", "19999"]
  }
}

resource "cloudstack_security_group_rule" "ssh" {
  security_group_id = "${cloudstack_security_group.ssh.id}"

  rule {
    cidr_list = ["0.0.0.0/0"]
    protocol  = "tcp"
    ports     = ["22"]
  }
}

resource "cloudstack_security_group_rule" "consul" {
  security_group_id = "${cloudstack_security_group.consul.id}"

  rule {
    cidr_list = ["0.0.0.0/0"]
    protocol  = "tcp"
    ports     = ["8300-8302", "8400", "8500", "8600"]
  }
  rule {
    cidr_list = ["0.0.0.0/0"]
    protocol  = "udp"
    ports     = ["8301-8302", "8600"]
  }
}

resource "cloudstack_security_group_rule" "ping" {
  security_group_id = "${cloudstack_security_group.ping.id}"

  rule {
    cidr_list = ["0.0.0.0/0"]
    protocol  = "icmp"
    icmp_type = "8"
  }
}

terraform {
  backend "s3" {
    bucket = "<BUCKET>"
    key    = "cloudstack.tfstate"
    region = "eu-west-1"
  }
}

Debug Output

https://gist.github.com/Evesy/f770afc68a1f8cd8c005e8443c03773a

Panic Output

https://gist.github.com/Evesy/429b8d202b774480d5ade503354cadc9

Expected Behavior

When an individual rule is deleted within a security group (e.g. via the GUI) Terraform should detect this rule no longer exists and recreate it.
When an entire security group is deleted, Terraform should recreate the group

Actual Behavior

Terraform does not detect missing rules within groups, even after a refresh
If a Terraform managed security group is deleted, Terraform will crash on the next plan stage

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

Apply the above configuration via Terraform: terraform apply
In Cloudstack GUI delete a security rule from one of the groups
Run terraform plan -- The missing rule will not be noticed
In Cloudstack GUI delete a security group
Run terraform plan -- Terraform will crash

(Cloudstack version 4.5.2)

Add cloudstack_network datasource

Hello,

In order to support deployment strategies where networks are managed independently from instances, having a network datasource would be quite useful.

This enhancement would use a syntax similar to the currently existing cloudstack_template datasource :

data "cloudstack_network" "my_network" {
  filter {
    name = "name"
    value = "private_network"
  }

  filter {
    name = "cidr"
    value = "10.0.0.0/24"
  }
}

Encoding issue breaks VPN Customer Gateway on Cloudstack

This issue was originally opened by @NuxRo as hashicorp/terraform#16744. It was migrated here as a result of the provider split. The original body of the issue is below.

Hello,

I am trying to create a simple VPN Customer Gateway in a test Cloudstack environment and I never seem to succeed.

The tf file looks like this:

provider "cloudstack" {
  api_url   = "http://x.x.x.x:8080/client/api"
  api_key = "oStGhdBuwYGZtJx3XW-dFl7QuDhhY3Sz-NxAGhhyJyoNkyz5So4DeWRmHJwnqufkL8ADQzyo-NMgCPKHLJH1aQ"
  secret_key = "ouXUxyJHo958aSRsMlGtqWpBruK3eVG97TAdGkgEk6a3EkW7RAqDZ2CtTcW7dK9vTxRzYUiZtTcDg0iyzBHYEA"
}

resource "cloudstack_vpn_customer_gateway" "default" {
  name       = "test-vpc"
  cidr       = "10.0.0.0/24"
  esp_policy = "aes256-sha1"
  gateway    = "1.2.3.4"
  ike_policy = "aes128-sha256;modp2048"
  ipsec_psk  = "terraformxyz7"
}

It fails with:

"* cloudstack_vpn_customer_gateway.default: Error creating VPN Customer Gateway test-vpc: Undefined error: {"errorcode":431,"errortext":"The customer gateway IKE policy sha1-aes256;modp2048 is invalid! Verify the required Diffie Hellman (DH) group is specified."}"

With the same IPSEC settings from the UI or Cloudmonkey (cli client) the gateway is created without problems.

Looking at the logs it looks like an encoding problem of sorts, when terraform is making the calls, the policy appears as:
sha1-aes256%3Bmodp2048

When cloudmonkey makes the calls (successfully) the policy looks like it should:
aes128-sha256;modp2048

Logs here if you want to see what I mean:
https://paste.fedoraproject.org/paste/HpGdigqa33ZjTeIDrAwE9w/raw

Thanks!
Lucian

Enable VPN on source NAT IP for network

Hi,

Terraform Version

Terraform v0.11.11

provider.cloudstack v0.2

A cloudstack network offering can enable an L2TP IPsec VPN on its source NAT IP.

It would be nice if this could be configured via terraform.

Cannot upload image for template with from URL ending .img

Terraform Version

$ terraform -v
Terraform v0.11.11
+ provider.cloudstack v0.2.0

Affected Resource(s)

cloudstack_template

Terraform Configuration Files

resource "cloudstack_template" "ubuntu_16_04_x64_20190308" {
  name       = "ubuntu-16-04-cloud-20190308"
  format     = "QCOW2"
  hypervisor = "KVM"
  os_type    = "${var.ubuntu_16_04_x64_id}"
  url        = "https://cloud-images.ubuntu.com/xenial/20190308/xenial-server-cloudimg-amd64-disk1.img"
  zone       = "au1"
  is_extractable = true
  is_public = false
  password_enabled = false
  project = "${var.project_id}"
  display_text = "ubuntu-16-04-cloud-20190308 (KVM - QCOW2)"
}

Output

* cloudstack_template.ubuntu_16_04_x64_20190308: Error creating template ubuntu-16-04-cloud-20190308: CloudStack API error 431 (CSExceptionErrorCode: 9999): Please specify a valid URL. URL:/xenial/20190308/xenial-server-cloudimg-amd64-uefi1.img is an invalid for the format qcow2

Expected Behavior

Image must be uploaded successfully, even if file from URL with extension img

Actual Behavior

invalid for the format qcow2

cloudstack_port_forward does not work

Hi,

Terraform Version

Terraform v0.12.24

provider.cloudstack v0.3.0

Affected Resource(s)

cloudstack_port_forward

Panic Output

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.trainer.cloudstack_port_forward.client01-ssh will be created
  + resource "cloudstack_port_forward" "client01-ssh" {
      + id            = (known after apply)
      + ip_address_id = "794aca7d-032c-4dbc-8706-a01c5ba5810c"
      + managed       = false

      + forward {
          + private_port       = 22
          + protocol           = "tcp"
          + public_port        = 2222
          + uuid               = (known after apply)
          + virtual_machine_id = "bb06fbb6-c657-455a-8892-5fb2d6a35eac"
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

module.trainer.cloudstack_port_forward.client01-ssh: Creating...
module.trainer.cloudstack_port_forward.client01-ssh: Still creating... [10s elapsed]

Error: Provider produced inconsistent result after apply

When applying changes to module.trainer.cloudstack_port_forward.client01-ssh,
provider "registry.terraform.io/-/cloudstack" produced an unexpected new value
for was present, but now absent.

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

Expected Behavior

The port forwarding has been created without an error in terraform's execution.

Actual Behavior

The port forwarding has been created, but terraform throws an error.

support ssl offloading on the loadbalancer

Hi,

please add the feature to create ssl offloaded loadbalancer: https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Termination+Support#SSLTerminationSupport-NewWebserviceAPIsforCertificateManagement

since 4.3 there is an api support available.

Terraform shows an error if too many networks are supplied

CloudStack Version

4.9.2.0-1.el7.centos

Terraform Version

Terraform v0.10.0

Affected Resource(s)

cloudstack_network

Terraform Configuration Files

resource "cloudstack_network" "Public" {
  name              = "Public"
  cidr              = "10.99.1.0/24"
  gateway           = "10.99.1.1"
  network_offering  = "Default VPC Network with LB"
  zone              = "${var.zone}"
  vpc_id            = "${cloudstack_vpc.myvpc.id}"
  project           = "${var.project}"
  acl_id            = "ebefcc96-75f5-11e7-adb3-e2bd27d4977e" # default static id of cloudstack
}

# repeat this part 10 times, change the cidr and name and stuff
resource "cloudstack_network" "network1" {
  name              = "network1"
  cidr              = "10.99.2.0/24"
  gateway           = "10.99.2.1"
  network_offering  = "${var.network_offering_internalwithrouter}"
  zone              = "${var.zone}"
  vpc_id            = "${cloudstack_vpc.myvpc.id}"
  project           = "${var.project}"
  acl_id            = "ebefcc96-75f5-11e7-adb3-e2bd27d4977e" # default static id of cloudstack
}

Expected Behavior

terraform should not receive an error

Actual Behavior

Terraforms returns some random network errors but at cloudstack all networks are valid and up and stable:

9 error(s) occurred:

cloudstack_network.network5: 1 error(s) occurred:
cloudstack_network.network5: Error creating network network5: invalid character '<' looking for beginning of value
cloudstack_network.network3: 1 error(s) occurred:
cloudstack_network.network3: Error creating network network3: invalid character '<' looking for beginning of value

Steps to Reproduce

use the code snippet provided above to fit your cloudstack environment
copy and paste network1 for example 10 times.
terraform apply
verify the networks with your cloudstack gui

Add support for importing cloudstack_* entities

To easily allow importing existing infrastructure to come under control of terraform.

For starters the following seem reasonable:

cloudstack_ssh_keypair
cloudstack_security_group
cloudstack_instance
cloudstack_vpc
cloudstack_network
cloudstack_disk

Support cloudstack_template with multiple zones

This issue was originally opened by @larstobi as hashicorp/terraform#13929. It was migrated here as part of the provider split. The original body of the issue is below.

Terraform Version

0.9.1

Affected Resource(s)

cloudstack_template

Terraform Configuration Files

resource "cloudstack_template" "coreos-stable" {
  name         = "coreos-stable"
  display_text = "CoreOS Container Linux Stable"
  format       = "VHD"
  hypervisor   = "XenServer"
  os_type      = "Other 2.6x Linux (64-bit)"
  is_public    = true
  url          = "http://dl.openvm.eu/cloudstack/coreos/x86_64/coreos_production_cloudstack_image-xen.vhd.bz2"
  zone         = ["Zone-1", "Zone-2"]
}

Expected Behavior

I expect terraform to create the template in "Zone-1" and then copy it to "Zone-2" using the copyTemplate API call. (https://cloudstack.apache.org/api/apidocs-4.9/apis/copyTemplate.html)

Actual Behavior

1 error(s) occurred:

* cloudstack_template.coreos-stable: zone must be a single value, not a list

Steps to Reproduce

terraform apply

Support source and destination CIDRs in cloudstack 4.10 egress firewall

Hi there,

I couldn't see or work out if source and destination CIDRs are supported in cloudstack_egress_firewall. Not sure if cloudstack introduced a customer breaking change here in version 4.10. Thoughts and timescales would be very much appreciated.

Thanks

Error retrieving ID of template: json: cannot unmarshal object into Go struct field alias.childtemplates of type []interface {}

This issue was originally opened by @1605200517 as hashicorp/terraform#23726. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

Terraform v0.12.18
+ provider.cloudstack v0.3.0

Terraform Configuration Files

variable "compute_template" {
  default = "debian9.4 stretch BUILD-1946"
}

variable "path_to_ssh_key" {
  default = "~/.ssh/id_rsa.pub"
}

variable "ssh_keypair_name" {
  default = "foo1_ssh_key"
}

variable "compute_offering" {
  default = "XS Instanz"
}

variable "zone" {
  default = "Enterprise_Internet_Bi"
}

variable "acl_items" {
  default = ["0.0.0.0/0"]
}

variable "vpc_offering" {
  default = "Default VPC Offering (512MB)"
}

variable "network_offering" {
  default = "NAT for VPC"
}

variable "cidr" {
  default = "10.0.1.0/24"
}

provider "cloudstack" {
  api_url    = var.api_url
  api_key    = var.api_key
  secret_key = var.secret_key
}

resource "cloudstack_ssh_keypair" "default" {
  name       = "foo1-ssh-key"
  public_key = file(var.path_to_ssh_key)
}

resource "cloudstack_vpc" "foo1-cluster" {
  name         = "foo1-terraform-vpc"
  cidr         = var.cidr
  vpc_offering = var.vpc_offering
  zone         = var.zone
}

resource "cloudstack_network_acl" "foo1-acl" {
  name   = "foo1 terraform acl"
  vpc_id = cloudstack_vpc.foo1-cluster.id
}

resource "cloudstack_network_acl_rule" "default" {
  acl_id = cloudstack_network_acl.foo1-acl.id

  rule {
    action       = "allow"
    cidr_list    = var.acl_items
    protocol     = "tcp"
    ports        = ["22"]
    traffic_type = "ingress"
  }
}

resource "cloudstack_network" "foo1-network" {
  name             = "foo1-terraform-network"
  network_offering = var.network_offering
  zone             = var.zone
  cidr             = var.cidr
  vpc_id           = cloudstack_vpc.foo1-cluster.id
  acl_id           = cloudstack_network_acl.foo1-acl.id
}

resource "cloudstack_instance" "foo1-vm" {
  name             = "foo1-virtual-machine"
  service_offering = var.compute_offering
  network_id       = cloudstack_network.foo1-network.id
  template         = var.compute_template
  zone             = var.zone
  expunge          = "true"
  keypair          = "foo1-ssh-key"
}

resource "cloudstack_ipaddress" "foo1ipaddress" {
  vpc_id = cloudstack_vpc.foo1-cluster.id
  zone   = var.zone
}

resource "cloudstack_port_forward" "default" {
  ip_address_id = cloudstack_ipaddress.foo1ipaddress.id
  forward {
    protocol           = "tcp"
    private_port       = 22
    public_port        = 22
    virtual_machine_id = cloudstack_instance.foo1-vm.id
  }
}

output "public_ip_foo1vm" {
  value = cloudstack_ipaddress.foo1ipaddress.ip_address
}

Debug Output

No debug output recognizable despite TF_LOG=trace.

Expected Behavior

Correct execution.

Actual Behavior

Error:

..
cloudstack_instance.foo2-vm: Creating...
cloudstack_network_acl_rule.default: Creation complete after 2s [id=2584bed0-bcd9-499e-b29a-e4729b366f9f]
Error: Error retrieving ID of template debian9.4 stretch BUILD-1946: json: cannot unmarshal object into Go struct field alias.childtemplates of type []interface {}

Steps to Reproduce

terraform init
terraform apply

terraform destroy fails when IP is used for source NAT

Hi there,

Terraform Version

Terraform v0.11.11

provider.cloudstack v0.1.5

cloudstack_firewall.ip-01-fw: Destroying... (ID: 923fb5a0-c029-484b-b7c0-cf468494bf6a)
cloudstack_instance.vm-01: Destroying... (ID: b9249dca-3865-4c22-a9a4-bbae72a2839b)
cloudstack_instance.vm-02: Destroying... (ID: a1299ed4-e140-42e9-9f27-1cafc2d85a59)
cloudstack_egress_firewall.default: Destroying... (ID: 56c51f1b-cd01-43c5-b3a3-bf23816ae683)
cloudstack_firewall.ip-01-fw: Destruction complete after 7s
cloudstack_ipaddress.ip-01: Destroying... (ID: 923fb5a0-c029-484b-b7c0-cf468494bf6a)
cloudstack_instance.vm-01: Still destroying... (ID: b9249dca-3865-4c22-a9a4-bbae72a2839b, 10s elapsed)
cloudstack_egress_firewall.default: Still destroying... (ID: 56c51f1b-cd01-43c5-b3a3-bf23816ae683, 10s elapsed)
cloudstack_instance.vm-02: Still destroying... (ID: a1299ed4-e140-42e9-9f27-1cafc2d85a59, 10s elapsed)
cloudstack_egress_firewall.default: Destruction complete after 17s
cloudstack_instance.vm-02: Still destroying... (ID: a1299ed4-e140-42e9-9f27-1cafc2d85a59, 20s elapsed)
cloudstack_instance.vm-01: Still destroying... (ID: b9249dca-3865-4c22-a9a4-bbae72a2839b, 20s elapsed)
cloudstack_instance.vm-01: Still destroying... (ID: b9249dca-3865-4c22-a9a4-bbae72a2839b, 30s elapsed)
cloudstack_instance.vm-02: Still destroying... (ID: a1299ed4-e140-42e9-9f27-1cafc2d85a59, 30s elapsed)
cloudstack_instance.vm-02: Destruction complete after 37s
cloudstack_instance.vm-01: Still destroying... (ID: b9249dca-3865-4c22-a9a4-bbae72a2839b, 40s elapsed)
cloudstack_instance.vm-01: Destruction complete after 46s

Error: Error applying plan:

1 error(s) occurred:

* cloudstack_ipaddress.ip-01 (destroy): 1 error(s) occurred:

* cloudstack_ipaddress.ip-01: Error disassociating IP address 923fb5a0-c029-484b-b7c0-cf468494bf6a: Undefined error: {"errorcode":530,"errortext":"ip address is used for source nat purposes and can not be disassociated."}

The network offering uses the first IP that is created as source NAT. This seems to affect the destruction of this IP. Can this be resolved?

Expected VirtualMachine.ostypeid to be an int64, was a string (on Exoscale)

Terraform Version

Terraform v0.11.10
+ provider.cloudstack v0.1.5

Same issue with 0.11.8 (the earliest version I can try, since my state file was last updated using this one), 0.11.9. I have also tried the cloudstack providers version 0.1.0 to 0.1.5

Affected Resource(s)

cloudstack_instance

Terraform Configuration Files

Nothing special, using cloudstack_instance among others

Debug Output

Expected Behavior

The state should be successfully refreshed (no changes), as it did until a few weeks ago

Actual Behavior

Error: Error refreshing state: 1 error(s) occurred:

* cloudstack_instance.big_brother_4: 1 error(s) occurred:

* cloudstack_instance.big_brother_4: cloudstack_instance.big_brother_4: json: cannot unmarshal string into Go struct field VirtualMachine.ostypeid of type int64

Steps to Reproduce

terraform refresh

Important Factoids

Running on Exoscale. Using the cs utility I could find out that my instances' ostypeid is "9bdec4b4-9eed-407e-824c-df09f83a7007" (a UUID). Since everything worked until now, maybe this ID used to be an integer and was changed by Exoscale? https://cloudstack.apache.org/api/apidocs-4.11/apis/listVirtualMachines.html does not mention the type of ostypeid. I am also contacting Exoscale to ask them if they changed something in their API recently.

cloudstack_network source_nat_ip does not work

Hi there,

Terraform Version

Terraform v0.11.11

provider.cloudstack v0.1.5

Affected Resource(s)

cloudstack_network

Terraform Configuration Files

resource "cloudstack_network" "net-01" {
  zone             = "${var.zone}"
  project          = "${var.project}"
  name             = "ceph-tn${var.teilnehmer}-public"
  display_text     = "Ceph Academy TN ${var.teilnehmer} Public"
  cidr             = "${var.cidr}"
  network_domain   = "ceph.heinlein-akademie.de"
  network_offering = "044bb7ec-65af-4c1b-85b8-67bff80e0442"
  source_nat_ip    = true
}

The network offering is one including a source NAT service:

(local) 🐵 > list networkofferings id=044bb7ec-65af-4c1b-85b8-67bff80e0442
{
  "count": 1,
  "networkoffering": [
    {
      "availability": "Required",
      "conservemode": true,
      "displaytext": "Offering for Isolated networks with Source Nat service enabled",
      "egressdefaultpolicy": false,
      "forvpc": false,
      "guestiptype": "Isolated",
      "id": "044bb7ec-65af-4c1b-85b8-67bff80e0442",
      "isdefault": true,
      "ispersistent": false,
      "name": "DefaultIsolatedNetworkOfferingWithSourceNatService",
      "networkrate": 6000,
      "service": [
        {
          "name": "UserData",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "capability": [
            {
              "canchooseservicecapability": false,
              "name": "SupportedSourceNatTypes",
              "value": "peraccount"
            },
            {
              "canchooseservicecapability": false,
              "name": "RedundantRouter",
              "value": "false"
            }
          ],
          "name": "SourceNat",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "name": "Vpn",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "name": "Dhcp",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "capability": [
            {
              "canchooseservicecapability": false,
              "name": "ElasticIp",
              "value": "false"
            },
            {
              "canchooseservicecapability": false,
              "name": "AssociatePublicIP",
              "value": "true"
            }
          ],
          "name": "StaticNat",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "name": "PortForwarding",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "name": "Dns",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "capability": [
            {
              "canchooseservicecapability": false,
              "name": "SupportedLBIsolation",
              "value": "dedicated"
            },
            {
              "canchooseservicecapability": false,
              "name": "ElasticLb",
              "value": "false"
            },
            {
              "canchooseservicecapability": false,
              "name": "InlineMode",
              "value": "false"
            }
          ],
          "name": "Lb",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        },
        {
          "name": "Firewall",
          "provider": [
            {
              "name": "VirtualRouter"
            }
          ]
        }
      ],
      "serviceofferingid": "0210fb4b-0fd2-4878-90fc-e4e494b034d9",
      "specifyipranges": false,
      "specifyvlan": false,
      "state": "Enabled",
      "supportspublicaccess": false,
      "supportsstrechedl2subnet": false,
      "traffictype": "Guest"
    }
  ]
}

Expected Behavior

A new network with a source NAT IP is created.

Actual Behavior

terraform stops

Steps to Reproduce

terraform apply

Fix documentation for cloudstack_loadbalancer_rule

Hi,

Changing member_ids does not force a new resource to be created, despite what the documentation mentions.

Regards,

Cannot pass data to custom service-offering

Hi all,
Terraform Cloudstack Provider is unable to pass arguments for custom compute offering on CloudStack. To use a custom compute offering it has to provide the following three arguments but in the CS provider there is no way we can pass them to the server.

details[0].cpuNumber: 2
details[0].cpuSpeed: 2000
details[0].memory: 2000

Terraform Version

Terraform v0.12.18

Affected Resource(s)

opc_instance

Expected Behavior

Able to pass arguments to a custom service offering to deploy a VM on CloudStack

Actual Behavior

Error: Error creating the new instance test-tf: CloudStack API error 431 (CSExceptionErrorCode: 4350): Need to specify custom parameter values cpu, cpu speed and memory when using custom offering

Steps to Reproduce

create a "cloudstack_instance" resource, and set service_offering = ID of the custom service offering
terraform apply

References

atsaki/terraform-provider-cloudstack#1

Allow creating cloudstack_instance in stopped state

Please add the ability to create but not start an instance in cloudstack, e.g. using a new boolean argument running or state inside an cloudstack_instance.

This could be implemented using parameter startvm in the deployVirtualMachine call.

xanzy / terraform-provider-cloudstack Goto Github PK

terraform-provider-cloudstack's Introduction

Terraform Provider

Requirements

Building The Provider

Developing the Provider

Testing the Provider

terraform-provider-cloudstack's People

Contributors

Stargazers

Watchers

Forkers

terraform-provider-cloudstack's Issues

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Debug Output

Expected Behavior

Actual Behavior

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Debug Output

Expected Behavior

Actual Behavior

Steps to Reproduce

Important Factoids

CloudStack Version

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Expected Behavior

Actual Behavior

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Debug Output

Panic Output

Expected Behavior

Actual Behavior

Steps to Reproduce

Important Factoids

References

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Debug Output

Panic Output

Expected Behavior

Actual Behavior

Steps to Reproduce

Important Factoids

References

Terraform v0.11.1

Terraform Version

Terraform Configuration Files

Debug Output

Crash Output

Expected Behavior

Actual Behavior

Steps to Reproduce

Important Factoids

References

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Debug Output

Expected Behavior

Actual Behavior

Steps to Reproduce

Important Factoids

References

Terraform Version

Affected Resource(s)

Debug Output

Expected Behavior

Actual Behavior

Important Factoids

Terraform Version

Affected Resource(s)