terrafromでConoHaを使うときはignore_changesを使うといい

ありがとう5周年☆みんなでConoHaを語り尽くそう!というイベントの発表で、このブログのconohaをterraformで操作する記事が紹介されました✌️

そこで指摘されて初めて気づいたのですが、 conohaの仕様でvm名をAPIで定義されても、自動的にシステム側の割り当て名になってしまう問題 があるそうで…

問題

問題について確認してみましょう。

(---- snip ----)
resource "openstack_compute_instance_v2" "basic" {
name = "basic" # image_name = "vmi-ubuntu-16.04-amd64-unified"
flavor_name = "g-1gb"
key_pair = ""
security_groups = [
"default"
]
}

これで適用してみます。

➜ terraform-train terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create

Terraform will perform the following actions:

+ openstack_compute_instance_v2.basic
id: <computed></computed>

access_ip_v4: <computed></computed>

access_ip_v6: <computed></computed>

all_metadata.%: <computed></computed>

availability_zone: <computed></computed>

flavor_id: <computed></computed>

flavor_name: "g-1gb"

force_delete: "false"

image_id: <computed></computed>

image_name: "vmi-ubuntu-16.04-amd64-unified"

key_pair: "xxxxxxxxxxx"

name: "basic"

network.#: <computed></computed>

region: <computed></computed>

security_groups.#: "1"

security_groups.3814588639: "default"

stop_before_destroy: "false"Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

➜ terraform-train terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create

Terraform will perform the following actions:

+ openstack_compute_instance_v2.basic
id: <computed></computed>

access_ip_v4: <computed></computed>

access_ip_v6: <computed></computed>

all_metadata.%: <computed></computed>

availability_zone: <computed></computed>

flavor_id: <computed></computed>

flavor_name: "g-1gb"

force_delete: "false"

image_id: <computed></computed>

image_name: "vmi-ubuntu-16.04-amd64-unified"

key_pair: "xxxxxxxxxxxxxx"

name: "basic"

network.#: <computed></computed>

region: <computed></computed>

security_groups.#: "1"

security_groups.3814588639: "default"

stop_before_destroy: "false"Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.

Enter a value: yes

openstack_compute_instance_v2.basic: Creating...
access_ip_v4: "" => "<computed>"</computed>access_ip_v6: "" => "<computed>"</computed>all_metadata.%: "" => "<computed>"</computed>availability_zone: "" => "<computed>"</computed>flavor_id: "" => "<computed>"</computed>flavor_name: "" => "g-1gb"

force_delete: "" => "false"

image_id: "" => "<computed>"</computed>image_name: "" => "vmi-ubuntu-16.04-amd64-unified"

key_pair: "" => "tabby-key-2018-03-17-23-06"

name: "" => "basic"

network.#: "" => "<computed>"</computed>region: "" => "<computed>"</computed>security_groups.#: "" => "1"

security_groups.3814588639: "" => "default"

stop_before_destroy: "" => "false"

openstack_compute_instance_v2.basic: Still creating... (10s elapsed)

openstack_compute_instance_v2.basic: Still creating... (20s elapsed)

openstack_compute_instance_v2.basic: Creation complete after 23s (ID: 0a27268d-2fc0-4d50-92f8-4b49a3916644)Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

これでVMが作成されました。ここで、再びplanしてみましょう。

➜ terraform-train terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

openstack_compute_instance_v2.basic: Refreshing state... (ID: 0a27268d-2fc0-4d50-92f8-4b49a3916644)

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
~ update in-place

Terraform will perform the following actions:

~ openstack_compute_instance_v2.basic
name: "150-95-203-141" =&gt; "basic"

Plan: 0 to add, 1 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

「VMの名前が変更されます」というメッセージが表示されています。
terraformは作成したリソースの状態を保存してもっています。しかし、conohaの仕様でvm名をAPIで定義されても、自動的にシステム側の割り当て名になってしまう問題 により、実際のVM名とterraformで憶えているVM名に必ず差異が発生するようになっています。

回避方法

スライドによると、API経由のVM名変更は対応検討とのことです。

openstack_compute_instance_v2nameは必須のパラメータのため省略することはできません。

openstack_compute_instance_v2, terraform.io

そこで、nameが変わっていても無視するようにしてしまいます。terraformにはlifecycleというリソースの変更をいい感じにする仕組みがあります。
次のようにするとnameの変更を無視するようになります。

resource "openstack_compute_instance_v2" "basic" {
name = "basic" # image_name = "vmi-ubuntu-16.04-amd64-unified"
flavor_name = "g-1gb"
key_pair = ""
security_groups = [
"default"
]
lifecycle { # ignore_changes = [
"name",
]
}
}

確認してみましょう。

➜ terraform-train terraform show
openstack_compute_instance_v2.basic:
(---- snip ----)
name = 150-95-144-46
(---- snip ----)

➜ terraform-train terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

openstack_compute_instance_v2.basic: Refreshing state... (ID: 525f5c06-3de0-4def-9023-4ce8bdeedcb6)

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date. # No change!!

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.
➜ terraform-train terraform apply
openstack_compute_instance_v2.basic: Refreshing state... (ID: 525f5c06-3de0-4def-9023-4ce8bdeedcb6)

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

# No change!!

terrafrom showで確認するとnameが定義しているbasicと変わっていますが、planしてもapplyしても変更がないことが確認できてますね。

カテゴリー tech

コメントを残す

メールアドレスが公開されることはありません。 * が付いている欄は必須項目です

CAPTCHA