New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lifecycle Meta not Working Properly in aws_instance #17724
Comments
Any news on this? I'm experiencing the same behaviour with |
I was able to trace down the root cause in my situation that was similar to this one. Logging at trace level, look for:
Where xxx is your aws_instance and yyy is what is causing the create before destroy. So basically in my case it was a downstream resource marked with create_before_destroy = true that made also the aws_instance assume the same behavior |
I was unable to resolve this some behavior feedback notes
some heuristics from my time troubleshootingI've gone as far as to hard code all of the My only next move is to completely isolate the resource into a new tf root. it feels like, if the parent module has any other modules that have any descendants with lifecycle create_before_destroy=true, this resources gets contaminated, and worse; |
Community Note
Description
We have a module that creates EC2 instance, as well as attaching some security groups and other configs not seen here. Most of the time we can do this in a more or less vanilla way, and we end up with a private IP that is assigned randomly. However, in other cases, we'd like to be able to supply a list of private IPs to assign to the primary interface. We want the primary interface, since just adding another interface at say,
index = 1
would require further configs inside the machine and in our security groups. Also,secondary_private_ips = var.private_ips
wasn't quite useful either, since that seems to be at the AWS-networking-level, and traffic coming from the machine does not appear as one of these IPs when received by other instances. Those IPs also don't appear in the instance's OS, if you did anifconfig
or similar command.The below code works beautifully. The machine receives the required private IP(s), and they appear as said IPs in the instance using
ifconfig
etc, you can SSH in on the IPs, and their traffic appears to originate from them in other servers. The issue is when the machine needs to be replaced.We use a data look up to find the AMI ID, and when it finds a new one, the plan indicates replacing the instance, as expected. However it can't do so, because the ENI that's being created by
aws_network_interface
is still attached to the running instance, as it creates the new instance before terminating the old. I thought that settingcreate_before_destroy = false
would correct this, but it seems to have no effect and the same thing happens.Terraform CLI and Terraform AWS Provider Version
TF: v0.14.3
Provider: v3.28.0
Affected Resource(s)
Terraform Code
Debug Output
Expected Behavior
Adding lifecycle meta
create_before_destroy
should terminate the running instance before the new one is created, so that the ENI will be available for the new instance.Actual Behavior
The new instance is still created before the old one is terminated, despite setting the lifecycle meta.
Steps to Reproduce
terraform apply
with some AMI IDThe text was updated successfully, but these errors were encountered: