Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to deploy along with single spoke (nonHA) deployment - "Gateway with dummy does not exist" #8

Open
patelalbg opened this issue Feb 1, 2024 · 2 comments
Open

Unable to deploy along with single spoke (nonHA) deployment - "Gateway with dummy does not exist" #8

patelalbg opened this issue Feb 1, 2024 · 2 comments

Comments

@patelalbg
Copy link

patelalbg commented Feb 1, 2024
edited
Loading

Env:
Aviatrix nonHA spoke deployment (mc-spoke) + NAT (mc-overlap-nat-spoke)
Module 1.1.1
TF 1.5.2
Controller 7.1.x

Issue:
Following error noted during Terraform run :

Error: failed to configure policies for 'customized_snat' mode due to: rest API edit_gw_customized_snat_config Post failed: Gateway with name dummy does not exist
│
│   with module.spoke1_nat[0].aviatrix_gateway_snat.gw_2[0],
│   on .terraform/modules/spoke1_nat/main.tf line 43, in resource "aviatrix_gateway_snat" "gw_2":
│   43: resource "aviatrix_gateway_snat" "gw_2" {
│
╵
╷
│ Error: failed to update DNAT for gateway(name: ) due to: rest API update_dnat_config Post failed: following parameters are required: gateway_name, policy_list
│
│   with module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw2[0],
│   on .terraform/modules/spoke1_nat/main.tf line 118, in resource "aviatrix_gateway_dnat" "dnat_rules_gw2":
│  118: resource "aviatrix_gateway_dnat" "dnat_rules_gw2" {
│

Observations:

Issue with single spoke (non HA); the NAT resource blocks for gw2 still being parsed, HOWEVER, the single spoke snat and dnat is provisioned correctly, though ERROR above is still seen.

Deploying spokegw HA works fine.
@patelavtx
Copy link

The 'test-non-ha' branch change helped deploy Avtx spoke + nat module without errors as before.
HOWEVER, if a 2nd 'terraform apply' is run, the same error is reported:

(1)

module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw2[0]: Creating...
╷
│ Error: failed to configure policies for 'customized_snat' mode due to: rest API edit_gw_customized_snat_config Post failed: following parameters are required: gateway_name
│ 
│   with module.spoke1_nat[0].aviatrix_gateway_snat.gw_2[0],
│   on .terraform/modules/spoke1_nat/main.tf line 43, in resource "aviatrix_gateway_snat" "gw_2":
│   43: resource "aviatrix_gateway_snat" "gw_2" {
│ 
╵
╷
│ Error: failed to update DNAT for gateway(name: ) due to: rest API update_dnat_config Post failed: following parameters are required: gateway_name, policy_list
│ 
│   with module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw2[0],
│   on .terraform/modules/spoke1_nat/main.tf line 118, in resource "aviatrix_gateway_dnat" "dnat_rules_gw2":
│  118: resource "aviatrix_gateway_dnat" "dnat_rules_gw2" {
│

2
If the variables.tf file for the NAT module is set as below (same error):

locals {
is_ha = (var.spoke_gw_object.ha_gw_size != null) || (var.spoke_gw_object.ha_gw_size != "")
}

3
if the variables.tf file for the NAT module is set with this:

locals {
is_ha = var.spoke_gw_object.ha_gw_size != ""
}

'Terraform apply works without any issues and shows 'no changes'

@patelavtx
Copy link

Hi,
An update on this issue, the following modification tested using the 'test-non-ha' branch and results all good, can this be merged to main branch or ok to push to 'test-non-ha' branch as well?

variables.tf > locals declaration.

Replaced : " is_ha = var.spoke_gw_object.ha_gw_size != null"

With : " is_ha = (var.spoke_gw_object.ha_gw_size == "") || (var.spoke_gw_object.ha_gw_size == null) ? "false" : "true""

Tests:
(A)
(1) Test spoke HA + nat - "github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-overlap-nat-spoke.git?ref=test-non-ha"

RESULT: deploys

module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw1[0]
module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw2[0]
module.spoke1_nat[0].aviatrix_gateway_snat.gw_1
module.spoke1_nat[0].aviatrix_gateway_snat.gw_2[0]
module.spoke_azure_211.aviatrix_spoke_gateway.default
module.spoke_azure_211.aviatrix_spoke_transit_attachment.default[0]
module.spoke_azure_211.aviatrix_vpc.default[0]

(2) Modify (nat_attached = false) and re-apply

RESULT: deploys

module.spoke_azure_211.aviatrix_spoke_gateway.default
module.spoke_azure_211.aviatrix_spoke_transit_attachment.default[0]
module.spoke_azure_211.aviatrix_vpc.default[0]

(3) Modify (nat_attached = true) and re-apply

RESULT: deploys

module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw1[0]
module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw2[0]
module.spoke1_nat[0].aviatrix_gateway_snat.gw_1
module.spoke1_nat[0].aviatrix_gateway_snat.gw_2[0]
module.spoke_azure_211.aviatrix_spoke_gateway.default
module.spoke_azure_211.aviatrix_spoke_transit_attachment.default[0]
module.spoke_azure_211.aviatrix_vpc.default[0]

(B)
*** adding ***
is_ha = (var.spoke_gw_object.ha_gw_size == "") || (var.spoke_gw_object.ha_gw_size == null) ? "false" : "true"

(1) Test spoke nonHA + nat - "github.com/terraform-aviatrix-modules/terraform-aviatrix-mc-overlap-nat-spoke.git?ref=test-non-ha"

RESULT:

module.spoke1_nat[0].aviatrix_gateway_dnat.dnat_rules_gw1[0]
module.spoke1_nat[0].aviatrix_gateway_snat.gw_1
module.spoke_azure_211.aviatrix_spoke_gateway.default
module.spoke_azure_211.aviatrix_spoke_transit_attachment.default[0]
module.spoke_azure_211.aviatrix_vpc.default[0]

(2) Test spoke nonHA remove NAT and re-apply

RESULT: OK

data.aviatrix_spoke_gateway.morf
module.spoke_azure_211.aviatrix_spoke_gateway.default
module.spoke_azure_211.aviatrix_spoke_transit_attachment.default[0]
module.spoke_azure_211.aviatrix_vpc.default[0]

(3) Only re-apply

RESULT: OK

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@patelavtx @patelalbg