opentelekomcloud_dc_virtual_interface_v2 fails to create virtual interface

[brunoagueda]

Terraform provider version

Terraform v1.6.6
on linux_amd64

Affected Resource(s)

opentelekomcloud_dc_virtual_interface_v2

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.
data "opentelekomcloud_identity_project_v3" "project_1" {}

resource "opentelekomcloud_dc_endpoint_group_v2" "dc_endpoint_group_1" {
  name        = "ep-1"
  type        = "cidr"
  endpoints   = ["192.168.0.0/24"]
  description = "first"
  project_id  = data.opentelekomcloud_identity_project_v3.project_1.id
}

resource "opentelekomcloud_dc_endpoint_group_v2" "dc_endpoint_group_2" { 
  name        = "ep-1"
  type        = "cidr"
  endpoints   = ["0.0.0.0/0"]
  description = "first"
  project_id  = data.opentelekomcloud_identity_project_v3.project_1.id
}

resource "opentelekomcloud_dc_virtual_gateway_v2" "vgw_1" {
  vpc_id            = var.vpc_id
  name              = "my_virtual_gateway"
  description       = "acc test"
  local_ep_group_id = opentelekomcloud_dc_endpoint_group_v2.dc_endpoint_group_1.id
}

resource "opentelekomcloud_dc_virtual_interface_v2" "int_1" {
  direct_connect_id  = var.dc_id
  virtual_gateway_id = opentelekomcloud_dc_virtual_gateway_v2.vgw_1.id
  name = "vi_1"
  description = "description"
  type = "private"
  route_mode = "bgp"
  asn = "65201"
  bgp_md5 = "password"
  vlan = 100
  bandwidth = 5
  service_type = "VPC"
  remote_ep_group_id   = opentelekomcloud_dc_endpoint_group_v2.dc_endpoint_group_2.id
  local_gateway_v4_ip  = "180.1.1.1/24"
  remote_gateway_v4_ip = "180.1.1.2/24"
}

Debug Output/Panic Output

https://gist.github.com/brunoagueda/63a98dad42a3938305055d22f8038397

Steps to Reproduce

1. terraform apply

Expected Behavior

Virtual interface should be created

Actual Behavior

Error message: "'service_type' is invalid, the valid value is [vpc, public service, vpc and public service]"

[anton-sidelnikov]

Hi @brunoagueda check on latest please

[brunoagueda]

Hi
I tested it, on the console the virtual interface is successfully created but I get this error message:

opentelekomcloud_dc_virtual_interface_v2.int_1: Creating...
╷
│ Error: error saving opentelekomcloud virtual interface fields: 1 error occurred:
│ * Invalid address to set: []string{"vgw_id"}
│
│
│
│ with opentelekomcloud_dc_virtual_interface_v2.int_1,
│ on direct_connect.tf line 26, in resource "opentelekomcloud_dc_virtual_interface_v2" "int_1":
│ 26: resource "opentelekomcloud_dc_virtual_interface_v2" "int_1" {

An with this error, I cannot delete or update the resources, I need to remove the interface from the state file to be able to run terraform again

[anton-sidelnikov]

Hi @brunoagueda aw crap, sorry, problem from my side that i cannot test virtual interface, will try to find where is the issue

[anton-sidelnikov]

@brunoagueda if you can, please build provider plugin from devel and check on your infrastructure

[brunoagueda]

Hi @anton-sidelnikov
I never did this process
I found this step by step in the documentation: https://developer.hashicorp.com/terraform/tutorials/providers-plugin-framework/providers-plugin-framework-provider

Is this the way to go for testing the updates on the devel branch?

[anton-sidelnikov]

@brunoagueda in our repo is more simplier https://github.com/opentelekomcloud/terraform-provider-opentelekomcloud?tab=readme-ov-file#building-the-provider, need only go installed in any unix based os.
make build - from repo root will create binary file, which you can use in terraform as provider.

[brunoagueda]

I builded from the code and produced a binary, and then I substituted the binary from the .terraform folder with this new one, is this the right approach?
I think the binary is getting overwrited, still getting the same error message

[anton-sidelnikov]

@brunoagueda,
please use provider override with config file:
https://developer.hashicorp.com/terraform/cli/config/config-file#development-overrides-for-provider-developers

• make build
• export TF_CLI_CONFIG_FILE=~/.config/terraform/devrc
• devrc content:

provider_installation {
    dev_overrides {
        "opentelekomcloud/opentelekomcloud" = "/users/linux/terraform-provider-opentelekomcloud"

    }
    direct {}
}

• terraform apply

after all manipulations, to remove override:
export TF_CLI_CONFIG_FILE=

[brunoagueda]

Hi @anton-sidelnikov , thanks for orientation. I was able to test it and it worked, the error message does not appear anymore.
But I found two other problems.
One is that on the state file, some values of the virtual interface have 0 value instead of the actual value stated on my terraform code, forcing it to be updated every new run

The second problem is when I try to update the endpoint group for the virtual gateway. Adding a new CIDR in the endpoint argument forces it to detroy the endpoint group and creates a new one, and update the endpoint group id (local_ep_group_id) . But then I get an error when it tries to destroy the endpoint group:

Error: error deleting DC endpoint group: Bad request with: [DELETE https://dcaas.eu-ch2.sc.otc.t-systems.com/v2.0/dcaas/dc-endpoint-groups/0dc3fcf8-02fe-40f6-bc09-044ae2546a59], error message: {"requestId":"da9535b08283b463f98eea3d1153262c","error_msg":"Endpoint group 0dc3fcf8-02fe-40f6-bc09-044ae2546a59 is in use and cannot be deleted","error_code":"DC.1402"}

[anton-sidelnikov]

Hello @brunoagueda, ehehe. Okay for first issue work in progress i'm waiting for direct connect for testing seems api response not as described in doc. Second again is a very strange api behaviour, still trying to figure out can we make workaround or not, for me is a blocker, because from api side we cannot update this cidrs because ep_group_id is required parameter for gateway, kind of cyclic dependency.

[anton-sidelnikov]

Hi @brunoagueda, I finished with this resources. Important thing I deprecated endpoint_group resource (will be deleted soon), because it impossible to manage, so i refactored virtual_gateway and virtual_interface added block inside for creating endpoint_group. Please check

[brunoagueda]

Hi @anton-sidelnikov
I checked and it is working, I'm able to add new subnets to Virtual Gateway and Virtual Interface.
The only thing that I noticed is that when I have the CIDR 10.0.0.0/x added to an endpoint group, every time I run terraform plan and apply, this CIDR is removed and added again, even if there is no change to it.

I only noticed this with that specific CIDR. Other than this weird behavior, everything is working as expected.
For me, this issue can be closed.
Thank you very much for the help

[anton-sidelnikov]

interesting, seems api returns something different for that cidr, i will ask guys from network to check. Thanks