Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DWAF creation fails in eu-ch2 #2494

Open
gekimmel opened this issue Apr 30, 2024 · 6 comments
Open

DWAF creation fails in eu-ch2 #2494

gekimmel opened this issue Apr 30, 2024 · 6 comments
Assignees
@anton-sidelnikov
Labels
bug

Comments

@gekimmel
Copy link

Terraform provider version

Terraform v1.7.5
on linux_amd64
provider registry.terraform.io/opentelekomcloud/opentelekomcloud v1.36.7

Affected Resource(s)

opentelekomcloud_waf_dedicated_instance_v1

Terraform Configuration Files

$ cat main.tf
data "opentelekomcloud_vpc_subnet_v1" "shared_subnet" {
  name = "subnet-default"
}

data "opentelekomcloud_networking_secgroup_v2" "default_secgroup" {
  name = "default"
}

resource "opentelekomcloud_waf_dedicated_instance_v1" "wafd_1" {
  name              = "wafd-instance-1"
  availability_zone = "eu-ch2a"
  specification     = "waf.instance.professional"
  flavor            = "s3.large.2"
  architecture      = "x86"
  count             = "1"
  vpc_id            = data.opentelekomcloud_vpc_subnet_v1.shared_subnet.vpc_id
  subnet_id         = data.opentelekomcloud_vpc_subnet_v1.shared_subnet.network_id

  security_group = [
    data.opentelekomcloud_networking_secgroup_v2.default_secgroup.id
  ]
}

Debug Output/Panic Output

│ Error: error creating OpenTelekomCloud WAF dedicated instance: error while creating opentelekomcloud WAF dedicated instance 235d3914ed564eea9fc61d88a66f22b1. Unexpected status: 4
│
│   with opentelekomcloud_waf_dedicated_instance_v1.wafd_1[0],
│   on main.tf line 9, in resource "opentelekomcloud_waf_dedicated_instance_v1" "wafd_1":
│    9: resource "opentelekomcloud_waf_dedicated_instance_v1" "wafd_1" {

Steps to Reproduce

  1. terraform apply

Expected Behavior

successful WAF creation

Actual Behavior

error as shown above

Important Factoids

Acording to https://docs.sc.otc.t-systems.com/web-application-firewall-dedicated/api-ref/api_description/dedicated_instance_management/creating_a_dedicated_waf_engine.html#createinstance parameter res_tenant is mandatory. For eu-de it seems to be hard coded to true which is correct for that region. However, for eu-ch2 it needs to be false. The API code from OTCSEC-6496 can be applied successfully.

References

OTCSEC-6496
@anton-sidelnikov anton-sidelnikov self-assigned this May 2, 2024
@anton-sidelnikov anton-sidelnikov mentioned this issue May 2, 2024
Merged
5 tasks
otc-zuul bot pushed a commit that referenced this issue May 3, 2024
@anton-sidelnikov
[WAFD] res_tenant fix in `resource/opentelekomcloud_waf_dedicated_i…
e9ad626 
…nstance_v1` (#2497)

[WAFD] `res_tenant` fix in `resource/opentelekomcloud_waf_dedicated_instance_v1`

Summary of the Pull Request
Now possible to set res_tenant attribute on create
PR Checklist

 Refers to: #2494
 Tests added/passed.
 Documentation updated.
 Schema updated.
 Release notes added.

Acceptance Steps Performed
=== RUN   TestAccWafDedicatedInstanceV1_basic
--- PASS: TestAccWafDedicatedInstanceV1_basic (379.55s)
=== RUN   TestAccWafDedicatedInstanceV1_basic
--- PASS: TestAccWafDedicatedInstanceV1_basic (380.92s)
PASS

Process finished with exit code 0

Reviewed-by: Aloento
@brunoagueda
Copy link

Hi @anton-sidelnikov
I'm working with @gekimmel on this issue
I tested the fix, but the deployment still fails with this message: "error while creating opentelekomcloud WAF dedicated instance xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx. Unexpected status: 4"
Here is the GIST with the debug logs: https://gist.github.com/brunoagueda/78ae2c5bcd5de7f923c68440f971316c

@anton-sidelnikov
Copy link
Member

Hi @brunoagueda, check 1.36.8, for me it works

@brunoagueda
Copy link

Hi @anton-sidelnikov
I tried with 1.36.8, but same result
I updated the gist with my latest try with the 1.36.8 version
Could it be something specific related to the Swiss region?

@gekimmel
Copy link
Author

Hi @brunoagueda,
you need to add the parameter
res_tenant = "false"
to your opentelekomcloud_waf_dedicated_instance_v1 resource declaration. The documentation is not so clear about this need for eu-ch2, but we have to decide where to put region specific information about the provider.

@brunoagueda
Copy link

Hi @anton-sidelnikov
I was just writing about what @gekimmel just posted.
With the res_tenant = "false" parameter it works in Swiss region.
If res_tenant = "true", WAF instance type is network interface, and in Swiss region this type is not available.
If possible, please add this information on the documentation.
Thanks @anton-sidelnikov and @gekimmel

@anton-sidelnikov
Copy link
Member

@brunoagueda yes, i forgot to update documentation, will add soon.

@anton-sidelnikov anton-sidelnikov mentioned this issue Jun 3, 2024
Merged
5 tasks
otc-zuul bot pushed a commit that referenced this issue Jun 4, 2024
@anton-sidelnikov
[WAFD] res_tenant not for swiss (#2534)
ad14314 
[WAFD] `res_tenant` not for swiss

Summary of the Pull Request
PR Checklist

 Refers to: #2494
 Tests added/passed.
 Documentation updated.
 Schema updated.
 Release notes added.

Acceptance Steps Performed
=== RUN   TestAccSomethingV0_basic
--- PASS: TestAccSomethingV0_basic (101.71s)
=== RUN   TestAccSomethingV0_timeout
--- PASS: TestAccSomethingV0_timeout (128.67s)
PASS

Process finished with exit code 0

Reviewed-by: Artem Lifshits
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anton-sidelnikov anton-sidelnikov

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@brunoagueda @gekimmel @anton-sidelnikov