Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error applying azurerm_recovery_services_protected_vm to virtual machine #2143

Closed
RobbieBinnie opened this issue Oct 23, 2018 · 4 comments · Fixed by #2154
Closed

Error applying azurerm_recovery_services_protected_vm to virtual machine #2143

RobbieBinnie opened this issue Oct 23, 2018 · 4 comments · Fixed by #2154
Labels
bug documentation service/recovery-services v/1.x (legacy)
Milestone
v1.18.0

Comments

@RobbieBinnie
Copy link

Hello,

I have been trying to configure pre-existing VMs to be backed up using a pre-existing vault, however, it is producing errors. I have initially had to comment out a few lines from the documentation as the terraform plan fails when they are present. Once that has happened and I run the apply, I receive a 400 error stating the following:

Code="BMSUserErrorInvalidConfigureProtectionRequest" Message="Input for configure protection is not in proper format\r\nPlease ensure that container exists and other parameters are in valid format"

further information below.

Terraform Version

Terraform v0.11.9

  • provider.azurerm v1.17.0

Affected Resource(s)

  • azurerm_recovery_services_protected_vm

Terraform Configuration Files

variable "location" {
default = "West Europe"
}

variable "backuppolicyname" {
default = "DailyBackup"
}

variable "resource_group_name" {
default = "#####"
}

variable "vm_name" {
default = "testdscconfig23"
}

variable "vm_id" {
default = "/subscriptions/#####/resourceGroups/#######/providers/Microsoft.Compute/virtualMachines/testdscconfig23"
}

variable "recovery_vault_name" {
default = "basicvault-rb"
}

data "azurerm_resource_group" "example" {
name = "${var.resource_group_name}"
}

data "azurerm_recovery_services_vault" "example" {
name = "${var.recovery_vault_name}"
resource_group_name = "${data.azurerm_resource_group.example.name}"
}

resource "azurerm_recovery_services_protected_vm" "example" {
#location = "${data.azurerm_resource_group.example.location}"
resource_group_name = "${data.azurerm_resource_group.example.name}"
recovery_vault_name = "${data.azurerm_recovery_services_vault.example.name}"
#source_vm_name = "${var.vm_name}"
source_vm_id = "${var.vm_id}"
#backup_policy_name = "${var.backuppolicyname}"
}

Debug Output

Error: Error applying plan:

1 error(s) occurred:

  • azurerm_recovery_services_protected_vm.example: 1 error(s) occurred:

  • azurerm_recovery_services_protected_vm.example: Error creating/updating Recovery Service Protected VM "VM;iaasvmcontainerv2;AIS-RB-TEST;testdscconfig23" (Resource Group "AIS-RB-TEST"): backup.ProtectedItemsClient#CreateOrUpdate: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure:Service returned an error. Status=400 Code="BMSUserErrorInvalidConfigureProtectionRequest" Message="Input for configure protection is not in proper format\r\nPlease ensure that container exists and other parameters are in valid format"

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

Expected Behavior

the Virtual machine should have been added to the backup schedule.

Actual Behavior

Terraform fails to apply

Steps to Reproduce

  1. terraform apply

References

may be linked to this:
Azure/azure-sdk-for-python#1331
https://www.terraform.io/docs/providers/azurerm/r/recovery_services_protected_vm.html
@AndreasMWalter
Copy link

Yes can confirm this, as for the commented lines they will fail because the keys are not present in the provider but reported on the homepage:

Error: azurerm_recovery_services_protected_vm.test-vm: : invalid or unknown key: backup_policy_name
Error: azurerm_recovery_services_protected_vm.test-vm: : invalid or unknown key: location
Error: azurerm_recovery_services_protected_vm.test-vm: : invalid or unknown key: source_vm_name

@katbyte katbyte mentioned this issue Oct 24, 2018
Merged
@katbyte
Copy link
Collaborator

katbyte commented Oct 24, 2018
edited
Loading

Hi @AndreasMWalter, @RobbieBinnie

The documentation was based on an draft version of the resource and is incorrect 🙁 As well as the field backup_policy_id should have been required. I have opened #2154 to fix it for the next release.

@katbyte katbyte added this to the 1.18.0 milestone Oct 24, 2018
@AndreasMWalter
Copy link

AndreasMWalter commented Oct 25, 2018
edited
Loading

Hi @AndreasMWalter, @RobbieBinnie

The documentation was based on an draft version of the resource and is incorrect As well as the field backup_policy_id should have been required. I have opened 2154 to fix it for the next release.

Yes though in our testing yesterday we did supply the following configuration (after looking into the code) and ran into the same errorcode:

resource "azurerm_recovery_services_protected_vm" "svc-rec-vm0" {
  resource_group_name = "${data.terraform_remote_state.bkp.out-bkp-rg-name}"
  recovery_vault_name = "${data.terraform_remote_state.bkp.out-bkp-rg-bkp014d}"
  source_vm_id        = "${azurerm_virtual_machine.svc-rg-vm0.id}"
  backup_policy_id  = "${data.terraform_remote_state.bkp.out-bkp-rg-bkp014d-pol[0]}"
}

This is a more complex configuration using remote state, but nevertheless it will run into the same error that @RobbieBinnie encountered.

Judging by the Azure JSON template parameters the following values should be needed:

recovery_vault_name = vaultName
resource_group_name = vaultRG
(vaultSubID)
policyName (calculated from backup_policy_id?)
(fabricName)
protectionContainers (which I suppose is a calculated value from source_vm_id or "sourceResourceIds"?)
"IaasVMContainer;iaasvmcontainerv2;(VM Resource Group);(VM Name)"
protectedItems (see above?)
"vm;iaasvmcontainerv2;(VM Resource Group);(VM Name)"
source_vm_id = sourceResourceIds

Note in my configuration the VM is not in the same resource group as the backup vault.
Which may produce errors which may not have been apparent in testing if the VM and the backup vault are in the same resource group.

EDIT: We just ran a test building a VM in the same resource group, which works fine, but using a different resource group will fail with what I predicted:

* azurerm_recovery_services_protected_vm.svc-rec-vm1: Error creating/updating Recovery Service Protected VM "VM;iaasvmcontainerv2;"VaultRG";VMName" (Resource Group "VaultRG"): backup.ProtectedItemsClient#CreateOrUpdate: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="BMSUserErrorInvalidConfigureProtectionRequest" Message="Input for configure protection is not in proper format\r\nPlease ensure that container exists and other parameters are in valid format"

So the value provided to either "protectionContainers" or "protectedItems" or both is the wrong one.

This was referenced Nov 2, 2018
Closed
Closed
@ghost
Copy link

ghost commented Mar 6, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 6, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug documentation service/recovery-services v/1.x (legacy)
Projects
None yet
Milestone
v1.18.0
4 participants
@katbyte @RobbieBinnie @AndreasMWalter @catriona-m