Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Triton Provider: firewall_enabled flag is always false #6109

Closed
sodre opened this issue Apr 10, 2016 · 3 comments · Fixed by #6119
Closed

Triton Provider: firewall_enabled flag is always false #6109

sodre opened this issue Apr 10, 2016 · 3 comments · Fixed by #6119
Labels
bug provider/triton

Comments

@sodre
Copy link
Contributor

sodre commented Apr 10, 2016

The Triton provider is not picking up the correct state of the firewall in a machine, it always reports it as false.

Steps to reproduce:

  • Get an account at Joyent's public cloud and configure it as a provider. You will also need Triton's CLI.
  • Create a machine and firewall rule, e.g.
resource "triton_firewall_rule" "bastion-to-vms" {
  rule = "FROM tag role=bastion TO all vms ALLOW tcp PORT 22"
  enabled = true
}

resource "triton_machine" "bastion" {
  name = "bastion"
  package = "t4-standard-512M"
  image = "ffe82a0a-83d2-11e5-b5ac-f3e14f42f12d"
  tags = { 
    role = "bastion"
  } 
  firewall_enabled = true        
  count = 1
}
  • Run terraform plan and terraform apply. Everything works fine.
  • Run terraform show | grep firewall_enabled. It will show "false"
  • Run Joyent's triton inst get bastion | grep firewall_enabled. It will show "true"

If we run terraform plan again, it will create a rule trying to switch the firewall back to enabled, and will recreate the firewall resources.
sodre added a commit to zeroae/infrastructure that referenced this issue Apr 10, 2016
@sodre
Improved Bastion Host Module.
34c8bdd 
It outputs the host, port and user information for later plugin
into terraform's connection map.

It can't take advantage of Triton's CNS because of issue
hashicorp/terraform#2143.

It will not "converge" because the system fails to detect the
firewall_enabled flag from Triton's CloudAPI, issue
hashicorp/terraform#6109.

# Please enter the commit message for your changes. Lines starting
# with '#' will be ignored, and an empty message aborts the commit.
# On branch master
# Your branch is up-to-date with 'origin/master'.
#
# Changes to be committed:
#	deleted:    bastion/bastion-user-script.sh
#	modified:   bastion/main.tf
#	new file:   bastion/ssh.config.in
#	new file:   bastion/user-script.sh
#
@sodre
Copy link
Contributor Author

sodre commented Apr 11, 2016

According to TritonDataCenter/gosdc#23 this is an issue with the vendor API.

@sodre sodre mentioned this issue Apr 11, 2016
Merged
@misterbisson misterbisson mentioned this issue Apr 12, 2016
Merged
jen20 pushed a commit that referenced this issue Apr 12, 2016
@sodre @jen20
Fix Triton firewall_enabled bug with AccTest (#6119)
4a6e161 
Update github.com/joyent/gosdc/...

Test does the minimum described in #6109, i.e.
	- Start a small instance, t4-standard-128M
	- Check firewall is enabled
	- Change configuration to disable firewall
	- Check firewall is disabled.

Fixes #6119.
@jen20
Copy link
Contributor

jen20 commented Apr 12, 2016

Should be fixed by #6119.

chrislovecnm pushed a commit to chrislovecnm/terraform that referenced this issue Apr 16, 2016
@sodre @chrislovecnm
Fix Triton firewall_enabled bug with AccTest (hashicorp#6119)
91f9bdb 
Update github.com/joyent/gosdc/...

Test does the minimum described in hashicorp#6109, i.e.
	- Start a small instance, t4-standard-128M
	- Check firewall is enabled
	- Change configuration to disable firewall
	- Check firewall is disabled.

Fixes hashicorp#6119.
grubernaut pushed a commit to TritonDataCenter/terraform-provider-triton that referenced this issue Jun 6, 2017
@sodre @jen20
Fix Triton firewall_enabled bug with AccTest (#6119)
2d05ae6 
Update github.com/joyent/gosdc/...

Test does the minimum described in hashicorp/terraform#6109, i.e.
	- Start a small instance, t4-standard-128M
	- Check firewall is enabled
	- Change configuration to disable firewall
	- Check firewall is disabled.

Fixes #6119.
@ghost
Copy link

ghost commented Apr 26, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 26, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug provider/triton
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes Triton firewall_enabled bug with AccTest
3 participants
@stack72 @jen20 @sodre