Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error 400: resourceInUseByAnotherResource #159

Open
elouanKeryell-Even opened this issue Mar 31, 2021 · 26 comments
Open

Error 400: resourceInUseByAnotherResource #159

elouanKeryell-Even opened this issue Mar 31, 2021 · 26 comments

Comments

@elouanKeryell-Even
Copy link

Terraform Version

$ terraform -v
Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/google v3.62.0
+ provider registry.terraform.io/hashicorp/google-beta v3.62.0
+ provider registry.terraform.io/hashicorp/tls v3.1.0

Affected Resource(s)

  • google_compute_url_map

Terraform Configuration Files

I define a google_compute_url_map, which depends on a backend_service provided by module GoogleCloudPlatform/lb-http/google:

module "generated_cloud_loadbalancer" {
  source            = "GoogleCloudPlatform/lb-http/google"
  version           = "4.3.0"
  name              = var.network_name
  project           = var.project
  create_address    = false
  create_url_map    = false
  http_forward      = false
  target_tags       = []
  security_policy   = google_compute_security_policy.policy.self_link
  backends          = {
    "redacted" = {

      description                     = null
      protocol                        = v.protocol.id
      port                            = v.protocol.port
      port_name                       = v.protocol.port_name
      timeout_sec                     = null
      connection_draining_timeout_sec = null
      enable_cdn                      = false
      session_affinity                = null
      affinity_cookie_ttl_sec         = null
      custom_request_headers          = null
  //    security_policy                 = google_compute_security_policy.policy.self_link
      health_check                    = null

      log_config = {
        enable      = true
        sample_rate = 1.0
      }

      iap_config =  {
        enable                        = false
        oauth2_client_id              = null
        oauth2_client_secret          = null
      }

      groups = [ {
        group                        = v.neg_id
        balancing_mode               = null
        capacity_scaler              = null
        description                  = null
        max_connections              = null
        max_connections_per_instance = null
        max_connections_per_endpoint = null
        max_rate                     = null
        max_rate_per_instance        = null
        max_rate_per_endpoint        = null
        max_utilization              = null
      }]
    }
  }
  firewall_networks = []
}

resource "google_compute_url_map" "default" {
  name                = var.network_name
  default_service     = module.generated_cloud_loadbalancer.backend_services[local.default_backend_name].self_link
  project             = var.project
  host_rule {
    hosts        = ["*"]
    path_matcher = "allpaths"
  }

  path_matcher {
    name            = "allpaths"
    default_service = module.generated_cloud_loadbalancer.backend_services[local.default_backend_name].self_link

    dynamic "path_rule" {
      for_each      = {for k, v in module.cloud_run_negs.cloud_run_instances_with_neg_id : k => v if k != local.default_backend_name}
      content {
        service     = module.generated_cloud_loadbalancer.backend_services[path_rule.key].self_link
        paths       = path_rule.value.context_paths
      }
    }
  }
  depends_on        = [module.generated_cloud_loadbalancer]

}

Debug Output

Panic Output

N/A

Expected Behavior

When I change the name of the backend_services (i.e. module variable var.backend), this is what I expect to happen:

  • terraform creates new backend_service with new name
  • terraform updates url_map to point to new backend_service
  • terraform destroys old backend_service

Actual Behavior

This is what actually happens:

  • terraform starts by destroying old backend_service --> fails because url_map is linked to it:
module.external-https-loadbalancer.module.generated_cloud_loadbalancer.google_compute_backend_service.default["redacted-bck"]: Destroying... [id=projects/redacted/global/backendServices/redacted-lb-backend-redacted-bck]

. . .
. . .
. . .

Error: Error when reading or editing BackendService: googleapi: Error 400: The backend_service resource 'projects/redacted/global/backendServices/redacted-lb-backend-redacted-bck' is already being used by 'projects/redacted/global/urlMaps/redacted-lb', resourceInUseByAnotherResource

Steps to Reproduce

  1. Write a terraform conf file which instanciates module GoogleCloudPlatform/lb-http/google and declares an url_map linked to the backend_service generated by the module
  2. Apply: terraform apply
  3. Now in the conf file change the name of the backend variable of the module
  4. Apply change: terraform apply

Important Factoids

N/A

References

@github-actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@steffen74
Copy link

I just had the same issue.
Te same also happens, for example, when changing the url_mask in the cloud run section of the resource "google_compute_region_network_endpoint_group".

@sreenivas-ps
Copy link

i'm having the same issue, is there any update on this?

@bholbrook73
Copy link

I'm running into this issue changing the domains for the SSL.

I've changed the domain from dev.section.domain.com to dev-section.domain.com. I'm expecting the SSL to be detached, deleted, recreated, and then attached again. What I get is:

Error: Error when reading or editing ManagedSslCertificate: googleapi: Error 400: The ssl_certificate resource 'projects/PROJECT_ID/global/sslCertificates/appname-load-balancer-cert' is already being used by 'projects/PROJECT_ID/global/targetHttpsProxies/appname-load-balancer-https-proxy', resourceInUseByAnotherResource

@nburns
Copy link

nburns commented Jun 7, 2023

Still having this issue

@imrannayer imrannayer reopened this Jun 8, 2023
@github-actions github-actions bot removed the Stale label Jun 8, 2023
@dmanci
Copy link

dmanci commented Jun 12, 2023

(First off, thanks for everyone's hard work on this project, it's very useful.)

I'm having a related issue attempting to remove network endpoint groups. I've got Terraform that looks something like this:

google_compute_region_network_endpoint_group "neg" {
  for_each = toset(var.regions)
  ...
}

...

module "lb-http" {
  ...
  backends = {
    groups = [
      for neg_id in var.neg_ids :
      {
        group = neg_id
      }
    ]
  }
}

In attempting to remove 2/3 regions, Terraform tries to destroy the NEGs and then update the lb-http backends list. This results in a similar 400 error "The network_endpoint_group resource is already being used by , resourceInUseByAnotherResource.

@sadminriley
Copy link

@elouanKeryell-Even @dmanci Did you guys ever find a workaround for this?

@dmanci
Copy link

dmanci commented Jun 21, 2023

@elouanKeryell-Even @dmanci Did you guys ever find a workaround for this?

@sadminriley Our "workaround" was easy because we weren't live in production yet... destroy the load balancer, change the negs, and recreate it. 😄 Otherwise, no we haven't discovered a way to do it without downtime.

@github-actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Oct 20, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Oct 28, 2023
@imrannayer imrannayer reopened this Oct 28, 2023
@imrannayer imrannayer removed the Stale label Oct 28, 2023
@okaisti
Copy link

okaisti commented Oct 30, 2023

renaming the lb module seemed to "fix" this :D, don't know if it's zero downtime tho

module "application-lb" {
  source  = "GoogleCloudPlatform/lb-http/google"
  version = "7.0.0"
  // rename this "loadbalancer_name" if there is an: Error 400 resourceInUseByAnotherResource (might happen when modifying url_maps)
  // related github issue (https://github.com/terraform-google-modules/terraform-google-lb-http/issues/159)
  name    = local.loadbalancer_name
  ...
}

@terrpan
Copy link

terrpan commented Dec 15, 2023

We are also facing this issue when we remove a neg from the backend block. It tries to destroy the neg before removing it from the backend.

Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Feb 13, 2024
@nburns
Copy link

nburns commented Feb 13, 2024

still busted

@sadminriley
Copy link

@nburns Yeah i've tried just about anyway I can do this outside of gcloud cli edits manually

@github-actions github-actions bot removed the Stale label Feb 14, 2024
Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Jun 14, 2024
@elouanKeryell-Even
Copy link
Author

prevent close issue

@github-actions github-actions bot removed the Stale label Jun 17, 2024
@giulianobr
Copy link

Nothing yet?

@sadminriley
Copy link

This has been an issue since 2021.

the only fix I've found is manually editing things via gcloud

Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Aug 31, 2024
@giulianobr
Copy link

Since 2021 ...

@github-actions github-actions bot removed the Stale label Sep 1, 2024
@sltet
Copy link

sltet commented Sep 17, 2024

still having the issue

Copy link

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

@github-actions github-actions bot added the Stale label Nov 16, 2024
@jsok
Copy link

jsok commented Nov 16, 2024

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

It's been open for much longer than 60 days and not talking about it doesn't magically fix it either 😆

@github-actions github-actions bot removed the Stale label Nov 17, 2024
@sadminriley
Copy link

@jsok Unfortunately still experiencing the same issue here for over a year. Still very finnicky to not bring down an LB in production because of this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests