-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't list bootstrap servers as a diff when applying #19659
Comments
Added as a feature request because I totally get what's happening here: Terraform is storing the value in the state file (can be in outputs, too, after all, if you add that) and AWS returns a different value every time. So what I am looking for is an ehancement to, well, silence that output, if possible. |
Ran across the same issue last week. It seems AWS returns 3 brokers by random (from each AZ) when calling In addition to ignoring the changes could we consider providing an attribute for the broker hostnames so we can list all node endpoints? It looks like the CLI call that In our case we want to fetch all the broker host names so we can setup Consul entries for each. Additional Info: # Initial check of Brokers
aws kafka get-bootstrap-brokers --cluster-arn <redacted>
{
"BootstrapBrokerString": "b-6.<redacted>.kafka.eu-west-1.amazonaws.com:9092,b-2.<redacted>.eu-west-1.amazonaws.com:9092,b-4<redacted>eu-west-1.amazonaws.com:9092",
"BootstrapBrokerStringTls": "b-6<redacted>.eu-west-1.amazonaws.com:9094,b-2.<redacted>.eu-west-1.amazonaws.com:9094,b-4.<redacted>.eu-west-1.amazonaws.com:9094"
}
# Second check (30 seconds later):
❯ aws kafka get-bootstrap-brokers --cluster-arn <redacted>
"BootstrapBrokerString": "b-1.<redacted>.eu-west-1.amazonaws.com:9092,b-5.<redacted>.eu-west-1.amazonaws.com:9092,b-3.<redacted>.eu-west-1.amazonaws.com:9092",
"BootstrapBrokerStringTls": "b-1.<redacted>.eu-west-1.amazonaws.com:9094,b-5.<redacted>.eu-west-1.amazonaws.com:9094,b-3.<redacted>.eu-west-1.amazonaws.com:9094"
} It appears this is (partially) documented behavior. Quoting AWS Docs: |
I cant speak to the need for the diff to not show up in an apply. However, this undeterministic nature does cause problems when this parameter(boostrap_broker_*) is being passed to another resource; eg. aws_ssm_parameter. Applies can often fail on our >3 node clusters with the following
We have to hope that the api calls made to retrieve this value during the course of the plan and apply process return the same result. |
Is there a known way to fix this situation? This seems to be more of an API issue, can it be flagged somewhere? Ideally one should be able to either get all the broker connect strings, in my set up I have 4 nodes across 2 AZ and I always get 3 results back that randomly shuffle every time there is an apply. I run multiple connectors on MSK connect and the change on the bootstrap_brokers causes a replacement of the connectors. |
@DanaLacoste
Furthermore, the bootstrap string returned from the cli call invoked by the @lplazas
Then use the obtained output. |
Pfrr, still an open issue? We'd appreciate to have an reproducible output for it in our company, but the work around ^^ works |
Community Note
Description
NOTE: This is more than a cosmetic issue, but less than a "it breaks things" issue. Terraform is doing the right thing on apply, but it is outputting something extraneous which has caused confusion while trying to investigate an unrelated change.
When applying on an MSK cluster which has more nodes than availability zones, the diff will show that
Objects have changed outside of Terraform
and report thatbootstrap_brokers_sasl_scram
(or _iam, or....) has changed, with a list of nodes. This is caused by the AWS SDK call returning a random list of nodes, one per AZ (so if you have one node per AZ, you will get the same list every time, but if you have multiple nodes in any AZ, then you cannot predict which nodes will return)This request is to silence that output (somehow?). I have tried adding
ignore_changes = [bootstrap_brokers_sasl_scram]
to no effect: the change is already (correctly) being ignored as far as "should terraform re-apply this resource to fix the change?" after all, it is only identifying the property of the resource (as returned by the AWS API call) as changed.NOTE 1: This is related to #17579 but is a different issue: this is not about order of the results, but content of the (ordered) results.
NOTE 2: This does not occur if you have number of nodes <= number of availability zones (i.e. it only happens if you set up a bigger cluster to handle a larger load.)
Current Output
Desired Output (reduced for clarity)
New or Affected Resource(s)
Potential Terraform Configuration
This is a portion of our config (the relevant part).
I was hoping the lifecycle rule would fix the issue, but it did not.
References
The text was updated successfully, but these errors were encountered: