Metadata annotations generate an internal Kubernetes annotation errors #200

rpatrick00 · 2018-10-31T01:48:52Z

Terraform Version

Terraform v0.11.10

provider.aws v1.41.0
provider.kubernetes v1.3.0
provider.null v1.0.0
provider.template v1.0.0

Affected Resource(s)

kubernetes_service

Terraform Configuration Files

Here is the relevant portion of my terraform script.

resource "kubernetes_service" "website-service" {
  metadata {
    name = "${var.website_name}-service"
    annotations {
      "service.beta.kubernetes.io/aws-load-balancer-backend-protocol" = "http"
      "service.beta.kubernetes.io/aws-load-balancer-ssl-ports" = "443"
      "service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled" = "true"
      "service.beta.kubernetes.io/aws-load-balancer-ssl-cert" = "${aws_iam_server_certificate.ssl-cert.arn}"
      "service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy" = "ELBSecurityPolicy-TLS-1-2-2017-01"
      "service.beta.kubernetes.io/aws-load-balancer-access-log-enabled" = "true"
      "service.beta.kubernetes.io/aws-load-balancer-access-log-emit-interval" = "60"
      "service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-name" = "${var.load_balancer_access_logs_bucket_name}"
      "service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-prefix" = "${var.load_balancer_access_log_bucket_prefix}"
    }
  }

  spec {
    type = "LoadBalancer"
    selector {
      app = "${var.website_name}"
    }
    port {
      name = "http"
      port = 80
      target_port = "${var.container_port}"
      protocol = "TCP"
    }
    port {
      name = "https"
      port = 443
      target_port = "${var.container_port}"   # ssl termination at the load balancer
      protocol = "TCP"
    }
  }

  depends_on = [
    "aws_s3_bucket_policy.elb-log-s3-access-policy",
    "kubernetes_deployment.website-deployment"
  ]
}

Debug Output

Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-access-log-emit-interval" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-access-log-enabled" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-name" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-access-log-s3-bucket-prefix" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-backend-protocol" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-ssl-cert" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-ssl-negotiation-policy" is internal Kubernetes annotation



Error: module.web.kubernetes_service.website-service: metadata.0.annotations: "service.beta.kubernetes.io/aws-load-balancer-ssl-ports" is internal Kubernetes annotation

Expected Behavior

Terraform should have provisioned my service.

Actual Behavior

Terraform generated errors for all of the annotations

Steps to Reproduce

terraform plan

Important Factoids

This service definition seemed to work fine with the latest forked version of the kubernetes provider from https://github.com/sl1pm4t/terraform-provider-kubernetes

The text was updated successfully, but these errors were encountered:

rpatrick00 · 2018-10-31T02:44:10Z

Looks like PR #199 will fix this issue. Please merge this fix since it is impossible to create services of type LoadBalancer for any of the major Cloud Providers without this (since you don't yet support Ingress...).

rpatrick00 changed the title ~~Metadata annotations generate is internal Kubernetes annotation errors~~ Metadata annotations generate an internal Kubernetes annotation errors Nov 7, 2018

rpatrick00 mentioned this issue Dec 5, 2018

add internal annotation whitelist #244

Closed

mbarrien mentioned this issue Feb 20, 2019

Whitelist "internal" annotations/labels that the user is managing in the resource #325

Merged

tdmalone mentioned this issue Feb 22, 2019

Can not set internal annotations to specify load balancer ssl certs #60

Closed

tdmalone mentioned this issue Mar 22, 2019

Can not create a persistent volume claim with a storage class annotation #368

Closed

alexsomesan closed this as completed in #325 May 10, 2019

ghost locked and limited conversation to collaborators Apr 21, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Metadata annotations generate an internal Kubernetes annotation errors #200

Metadata annotations generate an internal Kubernetes annotation errors #200

rpatrick00 commented Oct 31, 2018

rpatrick00 commented Oct 31, 2018

Metadata annotations generate an internal Kubernetes annotation errors #200

Metadata annotations generate an internal Kubernetes annotation errors #200

Comments

rpatrick00 commented Oct 31, 2018

Terraform Version

Affected Resource(s)

Terraform Configuration Files

Debug Output

Expected Behavior

Actual Behavior

Steps to Reproduce

Important Factoids

rpatrick00 commented Oct 31, 2018