Error: Network Load Balancers do not support Stickiness

[oonisim]

aws_lb for NLB with no stickiness configuration causes "Error: Network Load Balancers do not support Stickiness".

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

Terraform v0.12.2
+ provider.aws v2.16.0

Affected Resource(s)

• aws_lb
• aws_lb_listener
• aws_lb_target_group

Terraform Configuration Files

resource "aws_lb" "this" {
  load_balancer_type = "network"
  name               = "hoge"
  internal           = false

  subnets            = var.subnet_ids
  enable_cross_zone_load_balancing = true
}

resource "aws_lb_listener" "this" {
  load_balancer_arn   = aws_lb.this.arn
  port                = 80
  protocol            = "TCP"

  default_action {
    target_group_arn  = aws_lb_target_group.this.arn
    type              = "forward"
  }
}

resource "aws_lb_target_group" "this" {
  name_prefix           = "${substr(aws_lb.this.name, 0, 6)}"
  target_type           = "instance"
  vpc_id                = var.vpc_id
  port                  = 80
  protocol              = "TCP"
  lifecycle {
    create_before_destroy = true
  }
}

As in Resource: aws_lb_target_group, stickiness is optional, hence forcing to place it is a bug.

Debug Output

Panic Output

Expected Behavior

No error.

Actual Behavior

Error.

Error: Network Load Balancers do not support Stickiness

  on ../../../modules/nlb/nlb.tf line 21, in resource "aws_lb_target_group" "this":
  21: resource "aws_lb_target_group" "this" {

Steps to Reproduce

1. terraform apply

Important Factoids

References

• Can't create a load balancer target group for network load balancer #9050

[darrenfurr]

I added this as a workaround to my target_group & it worked:

stickiness {
    enabled = false
    type = "lb_cookie"
}

[mountainerd]

I am trying to deploy an NLB and am unable to do so at this point. The empty array workaround did not work and the stickiness block with enabled set to false also didn't work. At this point, being able to deploy NLBs via Terraform is dead in the water for me.

[demisx]

I got passed this error in v0.12.24 with @darrenfurr suggestion:

resource "aws_lb_target_group" "node_port_http" {
  name  = "node-port-nlb-tg-http"
  port  = 80
  protocol = "TCP"
  vpc_id = <vpc_id>

  stickiness {
    enabled = false
    type = "lb_cookie"
  }
}

[christophla]

I'm pretty sure NLB's do support stickiness at this point. There's a checkbox in the console to enable it on a target group.

[shivshankarb]

Yes, I confirmed with AWS support that stickiness can be configured and works for all types of ELBs. And applied it manually however it will be good to get this applied via terraform code.

[ishworg]

@darrenfurr and @demisx were you folks expecting the target groups to have stickiness ticked when you applied this? Or, was it to say that the Terraform AWS provider can successfully apply without error (albeit at the expense of faking it)?

[jstangroome]

Something like this would probably be sufficient:
jstangroome@3e3f73e

For better pre-apply validation, it could be extended to only allow stickness.type of source_ip for when protocol is tcp.

stickiness.type - The type of sticky sessions. The possible values are lb_cookie for Application Load Balancers or source_ip for Network Load Balancers.

https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_TargetGroupAttribute.html

[darrenfurr]

@ishworg -

@darrenfurr and @demisx were you folks expecting the target groups to have stickiness ticked when you applied this? Or, was it to say that the Terraform AWS provider can successfully apply without error (albeit at the expense of faking it)?

It was to say that TF applied successfully, but I had to "fake it" using the stickiness workaround above.

[madpipeline]

The stickiness workaround only works for protocol TCP. For UDP I keep getting a Error: Error modifying Target Group Attributes: InvalidConfigurationRequest: The provided target group attribute is not supported.

If I apply again with no change, I see the change it tries to make is:

~ stickiness {
    ~ cookie_duration = 0 -> 86400
      enabled         = false
    ~ type            = "source_ip" -> "lb_cookie"
}

But the documentation states that type - (Required) The type of sticky sessions. The only current possible value is lb_cookie.

However, the AWS documentation states that the only type value for stickiness is source_ip.

[madpipeline]

It seems like there exists a PR for this: #13762

[madpipeline]

It seems the previous PR is stale as the author is nor responding. I've created another PR to hopefully get this in: #15295

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!