Service errors when optional param is not supplied and fails to set annotation

[shadycuz]

Terraform Version

Terraform v0.10.3

Affected Resource(s)

kubernetes_service

Terraform Configuration Files

resource "kubernetes_service" "internal-nginx" {
  metadata {
    name = "etc-nginx-internal"
    annotations {
      "service.beta.kubernetes.io/aws-load-balancer-internal" = "0.0.0.0/0"
    }
  }
  spec {
    selector {
      app = "etc-nginx-internal"
    }
    port {
      name = "http"
      port = 80
    }
    port {
      name = "https"
      port = 443
    }

    type = "LoadBalancer"
  }
}

resource "kubernetes_service" "external-nginx" {
  metadata {
    name = "etc-nginx-solitaire"
    annotations {
      "service.beta.kubernetes.io/aws-load-balancer-ssl-cert" ="${data.aws_acm_certificate.external-nginx.arn}"
      "service.beta.kubernetes.io/aws-load-balancer-ssl-ports" ="443"
    }
  }
  spec {
    selector {
      app = "etc-nginx-solitaire"
    }
    port {
      name = "http"
      port = 80
    }
    port {
      name = "https"
      port = 443
    }
    port {
      name = "etadmin"
      port = 8081
    }

    type = "LoadBalancer"
  }
}

Expected Behavior

The service should be created as defined in the config.

Actual Behavior

admin@ip-10-10-53-226:~/mobilityware/tf-templates$ terraform plan
8 error(s) occurred:

* kubernetes_service.external-nginx: "spec.0.port.0.target_port": required field is not set
* kubernetes_service.external-nginx: "spec.0.port.1.target_port": required field is not set
* kubernetes_service.external-nginx: "spec.0.port.2.target_port": required field is not set
* kubernetes_service.external-nginx: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-ssl-cert" is internal Kubernetes annotation
* kubernetes_service.external-nginx: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-ssl-ports" is internal Kubernetes annotation
* kubernetes_service.internal-nginx: "spec.0.port.0.target_port": required field is not set
* kubernetes_service.internal-nginx: "spec.0.port.1.target_port": required field is not set
* kubernetes_service.internal-nginx: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-internal" is internal Kubernetes annotation

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. terraform apply

Important Factoids

Kubernetes does not require a target_port.

My services work fine when defined in yaml and executed

kubectl create -f "
apiVersion: v1
kind: Service
metadata:
  name: etc-nginx-solitaire
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "AWS_CERT_ARN"
    service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "443"
spec:
  ports:
  - name: http
    port: 80
  - name: "https"
    port: 443
    protocol: "TCP"
  - name: etadmin
    port: 8081
  selector:
    app: etc-nginx-solitaire
  type: LoadBalancer
"

From kubernetes services

Note that a Service can map an incoming port to any targetPort. By default the targetPort will be set to the same value as the port field.

Why are the annotations failing?

[shadycuz]

Also found related issue #60 for the annotation issue.

[radeksimko]

Regarding the annotation issue - it's something we don't support (yet). It is something I plan to look into eventually, but it's non trivial for us to support. See my full explanation at #50 (comment)

For the other issue see fix in #69 - good catch.