Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provider forcing replacement of records unnecessairily #77

Open
ag-TJNII opened this issue Feb 9, 2021 · 1 comment · May be fixed by #78
Open

Provider forcing replacement of records unnecessairily #77

ag-TJNII opened this issue Feb 9, 2021 · 1 comment · May be fixed by #78

Comments

@ag-TJNII
Copy link

ag-TJNII commented Feb 9, 2021

While evaluating this plugin we noticed it is deleting and recreating records on otherwise minor changes. Note the following diff output:

 # powerdns_record.pdns_instance_a_record[0] must be replaced
-/+ resource "powerdns_record" "pdns_instance_a_record" {
      ~ id      = "[Snip FQDN]:::A" -> (known after apply)
        name    = "[Snip FQDN]."
      ~ records = [ # forces replacement
          - "[Snip Subnet].135",
          + "[Snip Subnet].32",
        ]
      ~ ttl     = 60 -> 5 # forces replacement
        type    = "A"
        zone    = "[Snip zone]"
    }

In auditing the API calls it is sending rrsets to the server with a changetype of DELETE. This is an aggressive approach that can cause service impacts as the DNS record will cease to exist between when it is deleted and recreated, instead of simply being updated. PowerDNS does not require the record to be deleted in these cases, a REPLACE rrset without the delete will cause the record to be replaced by PowerDNS in one API call.

Provider Version

terraform-provider-powerdns_v1.4.1

Expected Behavior

PowerDNS should have been sent a single REPLACE rrset per record.

Actual Behavior

PowerDNS was sent a DELETE rrset, deleting the record unnecessarily.

Steps to Reproduce

Apply a TTL or record change to a powerdns_record resource. Other fields were not verified but assumed to behave the same way.

Important Factoids

None

References

https://doc.powerdns.com/authoritative/http-api/zone.html#rrset
@ag-TJNII
Copy link
Author

ag-TJNII commented Feb 9, 2021

I see ForceNew is set on all the resource parameters:

terraform-provider-powerdns/powerdns/resource_powerdns_record.go

Lines 22 to 60 in f14b978

Schema: map[string]*schema.Schema{
"zone": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"name": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"type": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
},
"ttl": {
Type: schema.TypeInt,
Required: true,
ForceNew: true,
},
"records": {
Type: schema.TypeSet,
Elem: &schema.Schema{Type: schema.TypeString},
Required: true,
ForceNew: true,
Set: schema.HashString,
},
"set_ptr": {
Type: schema.TypeBool,
Optional: true,
ForceNew: true,
Description: "For A and AAAA records, if true, create corresponding PTR.",
},
},

@ag-TJNII ag-TJNII linked a pull request Feb 9, 2021 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
1 participant
@ag-TJNII