[MS] Adding support for Image Resources and Custom Images with Managed Disks

[echuvyrov]

Support for Image ARM Resource and Custom Images with Managed Disks (porting from v0.9.8)

[tombuildsstuff]

Hi @echuvyrov

Thanks for pushing those updates and porting this over to the new repo - I've reviewed and left some comments in-line but this is looking good :)

Thanks!

[tombuildsstuff]

in newer resources, we're switching these for functions which return the formatted strings - can we update this to match?

[echuvyrov]

done

[tombuildsstuff]

for consistency, could we keep all of these resources in West US?

[echuvyrov]

done

[tombuildsstuff]

for consistency, could we keep all of these resources in West US?

[echuvyrov]

done

[tombuildsstuff]

is it worth placing these fields in an os_disk hash to match data_disk / the other resources?

[echuvyrov]

done

[tombuildsstuff]

can this also be Computed?

[echuvyrov]

done

[tombuildsstuff]

We'd tend to phrase this "One or more data_disk elements as defined below"

[echuvyrov]

done

[tombuildsstuff]

We'd tend to phrase this as:

* `source_virtual_machine_id` - (Optional) The Virtual Machine ID from which to create the image

[echuvyrov]

Tried to match your style there as well

[tombuildsstuff]

as above: can we split this out into an os_disk block?

[echuvyrov]

done

[tombuildsstuff]

I think we can safely default this field within the testGeneralizeVMImage function?

[echuvyrov]

Not sure if we could. I missed the random seed needed to avoid collisions between host names initially, but now that I put it in, the random seed is needed to generalize the VM since the DNS Name is one of the params to that function now. Open to different ideas here as well.

[tombuildsstuff]

That's true, however we should be able to pass in only the username, password, hostname and region - as we can infer the rest from that?

[tombuildsstuff]

should we remove this line for the moment?

[echuvyrov]

done

[echuvyrov]

@tombuildsstuff I refactored the dnsName out of individual funcs, let me know if these changes look good to you.

[YuriyKishchenko]

Hi @echuvyrov
Could you please apply the same changes to the virtual_machine_scale_set as many parts seems to be copied from virtual_machine and image uri is also applicable here.

[echuvyrov]

Hi @YuriyKischenko - that's the plan :)! I wanted to split the work into smaller chunks, but VMSS support is right behind. I don't think it'll be nearly as much work, since the Image resource would be already done.

[tombuildsstuff]

Hey @echuvyrov

Apologies for the delay in reviewing this!

Thanks for the continued effort here - I've taken another look and left some comments in-line. The biggest issue I see is around changing the Hash's, which may require a State Migration given the underlying value has changed?

Thanks!

[tombuildsstuff]

I might be wrong, but I don't think this syntax is supported?

[echuvyrov]

I used an example from virtual_machine as a reference (such as below) - let me know if I should change:

"managed_disk_id": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
Computed: true,
ConflictsWith: []string{"storage_os_disk.vhd_uri"},
},

[tombuildsstuff]

So this syntax isn't supported right now - it was merged in order to progress with the Managed Disks PR (with the anticipation of hashicorp/terraform#13019 being merged, but we've not had the time to clean it up yet (hence these comments)

For the moment it'd be good to remove these if possible?

[echuvyrov]

removed

[tombuildsstuff]

the documentation doesn't make this clear - but I think this can be Required within the optional os_disk block?

[tombuildsstuff]

should this also be ForceNew?

[echuvyrov]

When I made this field required, I got the following error:

"1 error(s) occurred:\n\n* resource azurerm_image: source_virtual_machine_id: ConflictsWith cannot contain Required attribute (os_disk.os_type)"}"

So I left the field as optional, but added ForceNew

[tombuildsstuff]

the documentation doesn't make this clear - but I think this can be Required within the optional os_disk block?

[tombuildsstuff]

should this also be ForceNew?

[echuvyrov]

same limitation as above - conflict between "Required" and "ConflictsWith"

[tombuildsstuff]

could we make this string(compute.None)

[echuvyrov]

changed

[tombuildsstuff]

is it worth checking this and returning an error if so?

[echuvyrov]

done

[tombuildsstuff]

minor: if we're only formatting a single value, there's no need for the [1] here?

[echuvyrov]

changed

[tombuildsstuff]

if this is changing the value of the hash, is this going to need a state migration?

[tombuildsstuff]

(same) if this is changing the value of the hash - is this going to need a state migration?

[tombuildsstuff]

it'd probably be better for us to error on both being set?

[tombuildsstuff]

(oh) can we move this above? :)

[echuvyrov]

done

[echuvyrov]

Hi @tombuildsstuff, I made all the changes requested, except for state migration recommendation. I think I need to understand this better - in my mind, I don't think we need state migration since we have a custom hash function. This custom hash function should not change the hash value for existing resources, since the fields for publisher, offer, sku, version should still all be present for non-custom images. Would appreciate you clarifying the thoughts behind the need for state migration please.

Here's the validation I performed for state, let me know if any of those are incorrect:
-Downloaded current public release of TF (0.9.9) and created basic VM + managed disk config (no custom image). Ran 'terraform plan' and the plan is showing what I expected to see. Ran 'terraform apply' to provision infra and persist state.
-Compiled terraform 0.10.0-dev with my changes. Ran 'terraform plan' on the same config - no changes detected, as expected.
-Changed sku in the config, 'terraform plan' shows 1 resource to destroy, 1 to create. As expected, since OS type has 'ForceNew' on it.
-Added the new image resource and changed VM config to use that image resource with custom image. 'terraform plan' shows 3 resources to create, 1 to destroy. I am not sure why 3, since I was expecting just 2 (1 image, 1 VM), but I am not sure if this has to do with hashing/state migration.

Thanks a ton as always!

re-reviewing

[tombuildsstuff]

Hey @echuvyrov

Sorry for the delay in reviewing this!

Thanks for the continued effort here - I've taken another look through and have commented on a couple of minor issues - but this is looking good :)

Thanks!

[tombuildsstuff]

So this syntax isn't supported right now - it was merged in order to progress with the Managed Disks PR (with the anticipation of hashicorp/terraform#13019 being merged, but we've not had the time to clean it up yet (hence these comments)

For the moment it'd be good to remove these if possible?

[tombuildsstuff]

is this also computed?

[echuvyrov]

I don't think it should be - same as blob_uri for os_disk above IMHO

[tombuildsstuff]

is this also computed?

[echuvyrov]

I don't think this should be computed, if I understood the "Computed" property correctly. In the Developer's guide, "any Resource or Data Source property that should be stored in state but that the user should not be able to configure should have its Computed property set to true."

Per API spec here blobUri "specifies the URI in Azure storage of the blob that you want to use to create the virtual machine image" which indicates it should be changeable by the user.

[tombuildsstuff]

is this also computed?

[echuvyrov]

I don't think it should be - "You can specify the caching mode of the disks as readonly, readwrite, or none, by adding hostCaching. The default is none." Unless I misunderstood the Computed property of course :)

[tombuildsstuff]

is this also computed?

[echuvyrov]

I don't think it should be - "you can resize an operating system disk or the data disk in the virtual machine image as you create it by adding diskSizeGB." Unless I misunderstood the Computed property of course :)

[tombuildsstuff]

so by Computed I mean we will store the remote value in the state regardless of whether it's specified or not (but it depends if it's retuned from the API) :)

[tombuildsstuff]

could we combine these two lines?

[echuvyrov]

changed

[tombuildsstuff]

🤔 whilst I'm not opposed to this - would it make more sense to call this id to match the API Documentation / ARM Template?

[echuvyrov]

changed

[tombuildsstuff]

we could simplify this to use the existing imageReference object defined above:

if v, ok := storageImageRef["image_id"]; ok {
  imageReference.ID = azure.String(v.(string))
} else {
 ..
}

[echuvyrov]

changed

[tombuildsstuff]

is it worth placing this in the storage sub-section?

related: I think we should probably reorganise the sidebar in general

[echuvyrov]

I put it under "Managed Disk" to match the sidebar here, hope that's Ok; agree that we should do a bit of re-organization of the side bar

[tombuildsstuff]

we'd normally wrap this in quote's: One or more `data_disk` elements as defined below.

[echuvyrov]

changed

[echuvyrov]

Hey @tombuildsstuff I made the blob_uri, caching and size_gb properties computed and made the tests pass again :). Let me know if the changes look good to you - thanks!

[tombuildsstuff]

Hey @echuvyrov

Thanks for pushing those updates - I've noticed (and pushed a fix for) a couple of minor issues - but this LGTM! :)

Thanks!

[tombuildsstuff]

we tend to put quotes around these values, and match the casing in Azure, e.g. ReadWrite - can we update this to match?

[tombuildsstuff]

we tend to put quotes around these values, and match the casing in Azure, e.g. ReadWrite - can we update this to match?

[tombuildsstuff]

can we update this example, as os_disk is now a block rather than a prefix for these fields :)

[tombuildsstuff]

Managed Disk -> Managed Image

[tombuildsstuff]

Tests pass (ignoring a subscription-specific test failure):

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!