Git Product home page Git Product logo

Comments (20)

svanharmelen avatar svanharmelen commented on August 14, 2024 1

Interesting observation! Thanks for the details πŸ‘πŸ»

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024 1

I’m going to look into that option then @MRinalducci.

And CloudStack does accept CIDR lists @greut, so it’s only for ports.

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024 1

@MRinalducci yeah, good one... Will take that into account. Didn't have time to continue on this today, but will have another look tomorrow.

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024 1

@greut no, it doesn't: https://github.com/terraform-providers/terraform-provider-cloudstack/blob/master/cloudstack/resource_cloudstack_network_acl_rule.go#L188-L193

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024

@MRinalducci the rules are ordered. That is, they are applied in the order that you defined them in your Terraform config.

But your point is still valid and it should be pretty straightforward to add support for the number parameter. I will try to find some time for it next week...

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

@svanharmelen thanks for your quick reply!

@MRinalducci the rules are ordered. That is, they are applied in the order that you defined them in your Terraform config.

Yes, this is true for the first creation, but not when you update them (as I tested).
For example, initially you define 3 rules in your Terraform code:

  • Rule 1
  • Rule 2
  • Rule 3

Then you want to insert a new rule between 1 and 2 in your TF code:

  • Rule 1
  • Rule 4
  • Rule 2
  • Rule 3

Because rule 1, 2 and 3 are already existing in the ACL, it will add Rule 4 at the end of the ACL like that:

  • Rule 1
  • Rule 2
  • Rule 3
  • Rule 4

Which is not reflecting the TF code in term of order.

But your point is still valid and it should be pretty straightforward to add support for the number parameter. I will try to find some time for it next week...

Yes, I think so, as I could see. This will be great, thank you very much for that!
Let me know if I could do anything for helping.

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024

@MRinalducci it turns out this is a little more complicated then I initially expected.

The problem is that the cloudstack_network_acl_rule resource allows you to specify a list of ports in a single rule block, where CloudStack only allows one port (or port range) per rule. So the resource is actually able to generate (and keep track of) multiple rules generated for a single rule block in the config.

This makes it virtually impossible to assign rule numbers in the rule blocks. Changing the code to support it would mean introducing breaking changes and changing the (currently expected) behaviour of this resource.

So I see a couple of possible solutions. We could enrich the resource by a number and a port parameter and then add restriction so you can either use the ports parameters, or the port and number parameters. But not both in one and the same resource.

Another solution (which I think I prefer) would be to fix the ordering issue you described, so it will always match the order in your Terraform config.

What do you think?

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

@svanharmelen that's right, I didn't saw that problem at first look.

Another solution (which I think I prefer) would be to fix the ordering issue you described, so it will always match the order in your Terraform config.

Yes, this would be nicest solution of both (I think too). This will also avoid to always put a rule number. But, we have to be aware to keep the right order also when we declare 2 or more cloudstack_network_acl_rule resources.
I mean the ordered rules declared in the second resource have to be placed after the ordered rules of first resource. I think this will work right away.

from terraform-provider-cloudstack.

greut avatar greut commented on August 14, 2024

cidrlist has the same kind of behaviour than ports I guess.

from terraform-provider-cloudstack.

greut avatar greut commented on August 14, 2024

@svanharmelen doesn't it create many rules from the cidrlist, like it does for the ingress/egress rules.

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

@svanharmelen I think we have also to be aware of argument parallelism (Optional) Specifies how much rules will be created or deleted concurrently. (defaults 2) which can sometimes change the ordering (to confirme).

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

Hello @svanharmelen, any update about this issue?

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024

@MRinalducci, yes... I don't have much dedicated time to work on this, so I try to look at it in lost moments here and there πŸ˜‰ It turns out to be a little more complex then you would expect, but I think I'm close to a solution. Will keep you posted!

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

@svanharmelen thank you very much for your update and your work on this issue. Yes, as discussed it is more complex than expected, but it's great that you're near a solution! πŸ‘

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024

I'm a little sidetracked as I'm switching jobs πŸ˜‰ But this is still on my radar and will be fixed in the foreseeable future!

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

Thanks for the update :)

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

@svanharmelen any update about this issue? :)

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024

Yes and no... There is still an open tab in my browser and the wish to fix it, but without direct access to a running CloudStack API it's a bit harder to work on this then before.

I'll see what I can do to get some API access and take it from there...

from terraform-provider-cloudstack.

MRinalducci avatar MRinalducci commented on August 14, 2024

Oh I see the problem...
I hope you can get some API access soon for testing.
Thanks for the input!

from terraform-provider-cloudstack.

svanharmelen avatar svanharmelen commented on August 14, 2024

I'm going to close this issue as I'm about to archive this repository. Development of this provider has been moved to the Apache Foundation. Please find the new home for this provider here: https://github.com/apache/cloudstack-terraform-provider

from terraform-provider-cloudstack.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.