Changing AKS load_balancer_profile settings after creation (#5846)

[aristosvo]

Fixes #5846

Issue

When the load_balancer_profile settings for service/kubernetes-cluster are all computed, changing (for example) from managed IPs to provided outbound IP addresses is not possible with only TerraForm without recreating your cluster.

Changes

With this change applied

• effective_outbound_ips -> Computed: true (no change)
• outbound_ip_address_ids -> Computed: false
• outbound_ip_prefix_ids -> Computed: false
• managed_outbound_ip_count -> Computed: false

As only one of the three options (outbound_ip_address_ids, outbound_ip_prefix_ids, outbound_ip_prefix_ids ) could be set and at least one of them should be set, Computed: true doesn't make sense to me for the last three and it prevented changes.

If there is a better option to make a change possible, let me know

[katbyte]

Hey @aristosvo,

I've offered some suggestions on how we can not remove computed (as that would change behaviour), but could you describe a little more why the cluster needs to be recreated when computed=true?

[aristosvo]

could you describe a little more why the cluster needs to be recreated when computed=true?

@katbyte Thanks for your remarks! I've added a test to describe better what I want and implemented your suggestions. Computed: true and ConflictsWith are both nice to keep around, but the desired state of one of the options and the computed state kept each other in deadlock when wanting to switch options after creation.

I implemented some logic to replace ConflictsWith, but you’ll need to set the existing/computed option to 0 or [] when you change to the other option. The error message should make this clear, but is this the best option available or are there better ways? It feels weird not to be able to work out a better solution for this pattern. Something like a MapType but with defined elements, element limitations and element replacement rules..

edit: I think I found a better solution

[aristosvo]

@katbyte Can you give it another review? I have reworked it a few times and I've finaly a solution which works for me:) With the solution I implemented we can keep both Computed: true and the ConflictsWith rules in the schema.

I'm still learning a lot about Go/TF and enjoying it, don't hold back if you've any improvements!:)

[aristosvo]

If I can find the time I'll try to solve the conflicts

[tombuildsstuff]

@aristosvo awesome, thanks for rebasing this 👍

[tombuildsstuff]

hey @aristosvo

Thanks for this PR :)

Taking a look through this mostly LGTM - so that we can run the tests for this I hope you don't mind but I'm going to push a commit to fix the failing build/pending comments here - once that's done we should be able to run the tests and 🤞hopefully get this into v2.5 of the Azure Provider :)

Thanks!

dismissing since changes have been pushed

[aristosvo]

Acceptance test passed!

==> Checking that code complies with gofmt requirements...
==> Checking that Custom Timeouts are used...
TF_ACC=1 go test -v ./azurerm/internal/services/containers/tests/ -run=TestAccAzureRMKubernetesCluster_changingLoadBalancerProfile -timeout 60m -ldflags="-X=github.com/terraform-providers/terraform-provider-azurerm/version.ProviderVersion=acc"
=== RUN   TestAccAzureRMKubernetesCluster_changingLoadBalancerProfile
=== PAUSE TestAccAzureRMKubernetesCluster_changingLoadBalancerProfile
=== CONT  TestAccAzureRMKubernetesCluster_changingLoadBalancerProfile
--- PASS: TestAccAzureRMKubernetesCluster_changingLoadBalancerProfile (2014.92s)
PASS
ok      github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/containers/tests    2014.990s

[tombuildsstuff]

Ignoring some expected failures due to capacity issues in Azure - the tests look good:

[aristosvo]

Are these expected failures tracked somewhere? I’m only running targeted acceptance tests, but I was unaware of the failing ones.

[tombuildsstuff]

@aristosvo unfortunately that varies test-run to test run due to capacity issues on the Azure side, so that's not easily possible - but we're checking these as we go

[ghost]

This has been released in version 2.6.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.6.0"
}
# ... other configuration ...

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!