-
Notifications
You must be signed in to change notification settings - Fork 9.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenStack Provider #924
OpenStack Provider #924
Conversation
Hi @jrperritt Really nice on work on this provider 👍 @ggiamarchi @haklop and I where also working on the same stuff this past two weeks :-( https://github.com/haklop/terraform/tree/openstack-provider-rebased Since you're the first to submit the PR, we'd like to contribute some additional resources we implemented on our side by doing some sub pull requests:
We will also review and test your code on the OpenStack clouds we were testing our own code. Expect some pull requests in the next few days :) |
@julienvey Oh, I'm sorry :( I was just working on it intermittently in my spare time until recently and didn't know anyone else was pursuing it heavily. After looking at y'alls branch, our codes look very similar, which I think is good :) The additional resources would be great (and, to be sure, any PRs are welcome), and I'd love to here if y'all have different ideas about the implementation. |
I also just put up a pull request for adding support for using Swift as a Terraform remote: #942 |
Great job! I have been testing this a bit today and one thing I noticed is that currently 404s are not handled well. For instance, I deployed a block volume with your OpenStack provider and then deleted it manually. Subsequent calls to
|
Similarly, if a security group exists prior to defining it in Terraform, a 400 bad request is generated:
|
And I noticed that
Results in:
|
Hello, Similarly, I've been working on a standalone plugin for an OpenStack provider rather than trying to get it merged into the main tree: https://github.com/jtopjian/terraform-provider-openstack It's currently working with nova-network, and Neutron was next on my list to get working, but now perhaps we could just merge efforts? I'm really interested in the tests you created as I've been putting that off due to not entirely understanding how it works in Terraform (I was playing around with it, but could not get tests to fail when they should be failing...). Thanks, |
@jrperritt I'm browsing through this now and see a lot of stuff I can learn from (both the provider and Go in general :). One question I have is more of a design opinion: I notice that the providers are hard-named based on the API version that creates them. Did you go this route to make the providers more parallel with gophercloud? Are there other reasons? I'm genuinely curious from a code design perspective. As an end-user, I personally wouldn't want to have to distinguish a resource based on the API. Intuitively, if I want a "volume", then I'll choose a "volume". As a user, I'd hope that was taken care of internally (detect which version is available?) and perhaps allow me to choose the API version as a parameter. This is the route I'm trying to pursue with the floating IP resource I made. Of course, I'm totally aware that I might hit a wall and this might not be possible to do. :) |
@devcamcar Ah, I see what you mean about the 404s. I'll add some logic to handle that. As for the |
@jtopjian The API-version-in-the-resource-name decision was driven by the OpenStack API and code organization. If you don't have a separate file per resource-version, then you have to delegate all the version logic to a single file, which could become unruly. I actually like forcing users to explicitly choose which resource-version combination they want, so that (hopefully) they don't end up surprised with what they get. |
@jtopjian You're certainly welcome to make PRs against this branch :) One thing I noticed while looking at your |
@jrperritt no reason besides I'm learning as I go. A lot of what you see, especially the perigee stuff, is just from looking at other examples. I'm starting to see how i can do things better and I'm quite excited to go through your code to learn more. Hm, I think I disagree about the api thing. I get what you're saying and see the benefit, but I feel the user shouldn't have to know details like that to work with OpenStack. I'll definitely see what I can do to contribute to your branch, though. |
@jtopjian Great :) I see you've added the 'Attach Volume' operation to your terraform branch. I think that's an OpenStack extension, and one we don't yet have in Gophercloud, so, if you like, you can make a PR to Gophercloud for that operation. As for the API version issue, preference is probably user-dependent. You'll certainly need a version at some point in order to get the correct URL endpoint (or |
@jrperritt All sounds good. I will definitely look into moving the volume attach stuff into gophercloud. Thank you for your input and view as well - I hope I didn't offend you by disagreeing! |
@jtopjian Not at all :) For me, different points of view (with regard to software design) lead to progress. I certainly don't have all the right answers, so I like discussing things like this to get other's perspectives. Please continue to question and/or challenge design decisions (mine and others). In my experience, hearing several different options can only improve the code. |
@jrperritt The IP is allocated automatically at runtime via DHCP so I was expecting the value to end of in |
@devcamcar ah, yes. That will be fixed with this PR. If not directly set in the |
@jrperritt @devcamcar That looks to be Neutron-based, right? I believe @devcamcar is running a nova-network based environment (from what I've pulled from other comments). I have working nova-network floating IP support which I can clean up and send to gophercloud: (which would be really ironic since that's where I originally discovered the code :) As well, here's my attempt at trudging around Looping back around to the If the latter, I have some Neutron setups where the accessible IP is actually the last network in an instance's list. In that case, I'm considering not relying on |
@jrperritt @jtopjian Here is how we solved it when adding OpenStack support to Packer: https://github.com/mitchellh/packer/blob/master/builder/openstack/ssh.go#L15 Basically, multiple networks are supported in both Neutron and Nova-Networks. This approach just finds the first V4 address it can and uses it. This is a bit brittle for things attached to multiple networks (not really an issue when using Packer) since an instance could have multiple V4 IPs. The most reliably implementation would be to do the following:
Does that make sense? I haven't built Terraform providers yet so I'm not sure if this is the right approach, but conceptually it seems right. |
@devcamcar @jrperritt It does, yes. :) And in addition, I'm quite sure this can all be done via the nova api regardless of Neutron or nova-network. Everything can/should be accessible via |
About the "_v2" at the end of the resource names, I agree with @jtopjian that it's not needed and shouldn't be visible from the user. We could only rename the resource name and keep the .go files the same ResourcesMap: map[string]*schema.Resource{
"openstack_blockstorage_volume": resourceBlockStorageVolumeV1(),
"openstack_compute_instance": resourceComputeInstanceV2(),
"openstack_compute_keypair": resourceComputeKeypairV2(),
...
}, When we have multiple resources with different versions, then the resource without a version number should point to the latest stable version. |
We should maybe always keep both. The name without the version would point to the "mainstream" version compute_resource_v2 := resourceComputeInstanceV2()
ResourcesMap: map[string]*schema.Resource{
"openstack_compute_instance_v2": compute_resource_v2,
"openstack_compute_instance": compute_resource_v2,
...
}, |
For this case, I'm wondering if terraform would consider the resources are the same. For instance, if I start with a terraform file like this one
and then change it to
Would terraform be able to understand the two resources are the same ? |
@julienvey I think it might be able to if the new resource was able to detect an existing resource. This is something I'm going to work on this week and semi-related to what @devcamcar mentioned about errors being returned on existing security groups. But ultimately I think Terraform is going to see them as two distinct resources, so it's probably going to mess up the state. If detection of existing resources works soundly, then one should be able to delete the local state and re-run an apply, I would think. Another note about the versioned resources: The OpenStack command-line tools have always supported an environment variable or flag to specify what api version you want to use (such as |
@julienvey I think the case of creating a template and then removing or adding "_v2" is a fairly insigificant corner case. I think people that would build the templates knowing they needed a specific API version would make use of that, and then the other 99% of folks would not need to bother. |
@jrperritt I'm running into an issue where changes to the instance are removing the security groups. How to reproduce:
Before:
During:
After:
|
@jtopjian Ah, quite right. It took me a while to figure it out, but I think it's a bug in the Terraform |
@jrperritt Do you have any items in mind that you need assistance with? Once the nova-network floating ip and volume attach/detach support is taken care of, this provider will be at parity with the work I was doing. Also, does anyone know the status of this being merged into terraform proper? Would it make sense to enable "issues" on the jrperritt/terraform repo for further discussions? Or move this to a standalone plugin? |
Not really :) I think we've exhausted the resources that are implemented in Gophercloud. As more get added to Gophercloud, we can continue to add the on here. I think the Terraform team had expressed interest in having this merged into Terraform proper. Is that still correct, @mitchellh ? |
We'd like for OpenStack to be in Terraform core ASAP. We'll do a proper review of this when it is ready, i was just waiting for this issue to stabilize a bit. What would you all consider the status now of this PR? |
This commit adds pending states for volume attachment, detachment, and deletion.
@allomov @julienvey alternatively, I'm using the latest pre-compiled version of Terraform and just compiling the openstack provider. See my comments here. |
dbd67f6
to
0092946
Compare
@julienvey I appreciate it, it will be useful. @jtopjian great tip, thank you. |
I just rebased on |
Alright I think we're ready to land this! Feel free to speak up in the next 20m if you disagree. :) |
Per my previous comments, I disagree. |
Land it! Sent from a mobile device. On 31 Mar 2015, at 22:40, "Paul Hinze" <[email protected]mailto:[email protected]> wrote: Alright I think we're ready to land this! Feel free to speak up in the next 20m if you disagree. :) — |
@jtopjian I don't understand why you still want to block the merge or this PR. Even if there are some bugs to fix or enhancements to do, most of the features are working well. Once it will be merged it will be easier for everybody to work on it. |
@jtopjian you're referring to the floating ip comment you made here? #924 (comment) Since this is initial implementation, the merge here would not prevent backwards incompatible changes from being landed afterwards. I think it'd be valuable to get this change merged so we can split up the remaining work into smaller chunks. We're also shipping 0.4 this week, so I'd really like to get OpenStack support in there, even just as an "initial implementation" or "beta" state. |
@phinze Fair enough. |
Alright here we go! |
Awesome! |
BOOM!! Sent from a mobile device. On 31 Mar 2015, at 22:59, "Paul Hinze" <[email protected]mailto:[email protected]> wrote: — |
\o/ |
@allomov I don't plan on adding anything else to the OpenStack provider. However, since this PR has been merged into the |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
UPDATE: 2/11/2015
To Do:
This PR is to create an OpenStack Provider. It uses the Gophercloud v1.0 library and currently supports the following resources:
Compute v2
flavor_id
change)Networking v2
Load Balancer v1
Block Storage v1
Object Storage v1
The PR includes acceptance tests for all the above resources (tested against DevStack), as well as documentation. In addition, the resources are versioned and region-based. Hopefully, this PR includes enough resources to close #51