Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't specify empty set of taints on GKE node pools #4168

Closed
shields-fn opened this issue Aug 5, 2019 · 6 comments
Closed

Can't specify empty set of taints on GKE node pools #4168

shields-fn opened this issue Aug 5, 2019 · 6 comments
Assignees
@rileykarson
Labels
breaking-change enhancement
Milestone
3.0.0

Comments

@shields-fn
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
  • If an issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to "hashibot", a community member has claimed the issue already.

Terraform Version

Terraform v0.12.6

  • provider.google v2.12.0
  • provider.google-beta v2.12.0

Affected Resource(s)

  • google_container_cluster
  • google_container_node_pool

Terraform Configuration Files

Before:

resource "google_container_cluster" "test" {
  provider = "google-beta"

  name               = "test"
  location           = "us-central1-b"
  initial_node_count = 1

  node_config {
    taint {
      key    = "K"
      value  = "V"
      effect = "NO_SCHEDULE"
    }
  }
}

After:

resource "google_container_cluster" "test" {
  provider = "google-beta"

  name               = "test"
  location           = "us-central1-b"
  initial_node_count = 1

  node_config {
  }
}

Debug Output

https://gist.github.com/shields-fn/641926b7b3a68adc70e42dad82094563

Panic Output

None

Expected Behavior

The node pool should have been destroyed and recreated without Kubernetes taints.

Actual Behavior

Nothing; terraform plan reports that no changes are needed.

Steps to Reproduce

  1. terraform apply
  2. Remove taint section of config
  3. terraform apply
@ghost ghost added the bug label Aug 5, 2019
@rileykarson rileykarson self-assigned this Aug 6, 2019
@rileykarson
Copy link
Collaborator

Due to how this is implemented (as an Optional + Computed field), it'll end up being a breaking change to allow users to define empty taints.

GKE tends to add taints at will based on using certain features, so I'm not sure that requiring users to always define their node pool taints in their TF config is a great idea, although sticking unnecessary taints on users' node pools isn't great either.

@rileykarson rileykarson removed their assignment Aug 9, 2019
@danawillow danawillow added this to the 3.0.0 milestone Sep 12, 2019
@nicktrav
Copy link

Not sure I agree with the assessment that this isn't a bug, irrespective of whether a fix would be a breaking change or not.

Concretely, we had a node pool defined with a taint. I then removed the taint in terraform but this did nothing to the node pool. The taint remains. At this point, my state doesn't match my intent.

Are there any known workarounds in the interim?

@rileykarson
Copy link
Collaborator

rileykarson commented Sep 19, 2019
edited
Loading

Yeah, this falls somewhere in the middle of both. Since functionality that should work doesn't, this is a bug. On the other hand, we expect removal to not work right now due to the implementation, and making it work is an enhancement. I lean a bit more closely towards it being an enhancement for our issue classification purposes.

Regardless of that classification, fixing taints will be part of 3.0.0.

Unfortunately, there are no known workarounds other than possibly declaring a useless taint, or manually reconciling the resource out of band with gcloud or the UI.

@rileykarson rileykarson mentioned this issue Sep 23, 2019
Closed
This was referenced Oct 23, 2019
Closed
Merged
Merged
@nicktrav
Copy link

@rileykarson - noticed this was closed. Will this be in a 2.x release of the provider?

@rileykarson
Copy link
Collaborator

rileykarson commented Oct 30, 2019
edited
Loading

This will appear in the 3.0.0 release. Timing isn't guaranteed, but the anticipated date(s) are 2019/11/19 or 2019/11/26.

https://github.com/terraform-providers/terraform-provider-google/blob/master/website/docs/version_3_upgrade.html.markdown#taint-field-is-now-authoritative-when-set contains some justification for why it's there and couldn't have landed in a 2.X release. While minor, there were technically 2 breaking changes made on the field.

@ghost
Copy link

ghost commented Nov 29, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Nov 29, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@rileykarson rileykarson

Labels
breaking-change enhancement
Projects
None yet
Milestone
3.0.0
Development

No branches or pull requests
4 participants
@nicktrav @danawillow @rileykarson @shields-fn