Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Preserve AWS VPC Peering routes if they do not change #40

Closed
wants to merge 1 commit into from
Closed

Preserve AWS VPC Peering routes if they do not change #40

wants to merge 1 commit into from

Conversation

jakedgy
Copy link

@jakedgy jakedgy commented Jun 8, 2022
edited
Loading

Use a for_each of the cross-product of route_table_ids -> VPC CIDR blocks to generate stable names for the requestor and acceptor aws_route resources.

If the order of the route tables changes, it forces replacement of all route tables which can cause downtime during an apply.

⚠️ Important ⚠️

Switching from a count to for_each changes all of the aws_route resource names, which can cause downtime during an apply. Callers will need to move the state of any existing aws_route resources to the new names to avoid any downtime.

We should consider bumping the minor version to indicate that this is somewhat of a breaking change.

For example, to move the state for the following aws_route:

  # module.vpc_peering.aws_route.requestor[0] will be destroyed
  # (because resource does not use count)
  - resource "aws_route" "requestor" {
      - destination_cidr_block    = "10.1.0.0/16" -> null
      - id                        = "r-rtb-xxxxyy" -> null
      - origin                    = "CreateRoute" -> null
      - route_table_id            = "rtb-xxxx" -> null
      - state                     = "active" -> null
      - vpc_peering_connection_id = "pcx-zzzz" -> null
    }
...
  # module.vpc_peering.aws_route.requestor["rtb-xxxx:10.1.0.0/16"] will be created
  + resource "aws_route" "requestor" {
      + destination_cidr_block    = "10.1.0.0/16"
      + id                        = (known after apply)
      + instance_id               = (known after apply)
      + instance_owner_id         = (known after apply)
      + network_interface_id      = (known after apply)
      + origin                    = (known after apply)
      + route_table_id            = "rtb-xxxx"
      + state                     = (known after apply)
      + vpc_peering_connection_id = "pcx-zzzz"
    }

Run the following command before the plan and apply:

terraform state mv module.vpc_peering.aws_route.requestor[0] module.vpc_peering.aws_route.requestor["rtb-xxxx:10.1.0.0/16"]

And module.vpc_peering.aws_route.requestor["rtb-xxxx:10.1.0.0/16"] should be unchanged.

closes #33

Use for_each for aws_route resources
be65a9e 
Count is not stable and can result in downtime if all of the routes are
replaced.  Using a for_each lets us key by route_table_id:cidr_block,
which means we only delete or update routes when absolutly
necessary.
@jakedgy jakedgy requested review from a team as code owners June 8, 2022 23:14
@jakedgy
Copy link
Author

jakedgy commented Jun 8, 2022

Closed #39 in lieu of forking from a non-personal account.

@jakedgy
Copy link
Author

jakedgy commented Jun 20, 2022

Closed #39 in lieu of forking from a non-personal account.

I'm going to reopen #39 because of bot permissions issues with our org. Sorry for the noise.

@jakedgy jakedgy closed this Jun 20, 2022
@jakedgy jakedgy mentioned this pull request Jun 20, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

VPC Peering routes should be preserved if they don't change.
1 participant
@jakedgy