Removal of a previously set service node_port not detected in plan

[stigok]

Terraform Version

Terraform v0.11.7

Affected Resource(s)

Please list the resources as a list, for example:

• kubernetes_service

Terraform Configuration Files

resource kubernetes_namespace "default" {
  metadata {
    name = "service-bug-repro"
  }
}

resource kubernetes_service "mqtt" {
  metadata {
    name = "mqtt"
    namespace = "${kubernetes_namespace.default.metadata.0.name}"
  }

  spec {
    #type = "NodePort"

    port {
      port = 1883
      protocol = "TCP"
      #node_port = 30883
    }
  }
}

Debug Output

* kubernetes_service.mqtt: Failed to update service: Service "svc" is invalid: spec.ports[0].nodePort: Invalid value: 30883: may not be used when `type` is 'ClusterIP'

Expected Behavior

spec.ports[0].nodePort should have been detected as removed. It should show up as removed in the plan.

Actual Behavior

After spec.ports[0].nodePort has been removed, terraform does not see that the property has disappeared.

Terraform will perform the following actions:

  ~ kubernetes_service.mqtt
      spec.0.type: "NodePort" => "ClusterIP"


Plan: 0 to add, 1 to change, 0 to destroy.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. Remove the # in front of all lines
2. terraform apply
3. Add the # again at the two lines which had them
4. terraform apply

[sl1pm4t]

Hi @stigok - I think I have a fix for this issue. I should be able to push a fix tomorrow.

[stigok]

My impression is that there are more than this field that is not propagating. Does that make sense to you?
I'll come back to this when I find more. Pretty sure I've seen some already

[sl1pm4t]

Yes, I guess that could be the case. This is where Terraform's resource model isn't quite compatible with Kubernetes. Terraform expects values to either be configurable or computed server side. The node_port value is actually both ( if none is specified the server will randomly choose a value ).

Because the server sometimes supplies a value, the attribute needs to be set as computed in the Terraform resource definition, but this cause diff problems when you had previously been setting a value, then remove it from the config. Terraform ignores the change.
As you can see from your diff above, Terraform has detected it needs to change spec.0.type: "NodePort" => "ClusterIP" but there is no change for the node_port (even though there should be).

I found a way to workaround it for the node_port attribute, and will likely need something similar for all the attributes that have these characteristics.