Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/aws_elb: Cleanup ENIs after deleting ELB #1036

Merged
merged 1 commit into from
Jul 8, 2017
Merged

r/aws_elb: Cleanup ENIs after deleting ELB #1036

merged 1 commit into from
Jul 8, 2017

Conversation

radeksimko
Copy link
Member

This is a continuation of #1021

cc @s-urbaniak

The aim is to reduce the chance of hitting DependencyViolation when deleting IGW, subnet or VPC generally and speed up the deletion of infrastructure when there are ELBs involved.

Here's an example of ENI left around by ELB based on which I cobbled the filter:

{
  Association: {
    IpOwnerId: "amazon-elb",
    PublicDnsName: "ec2-35-177-221-5.eu-west-2.compute.amazonaws.com",
    PublicIp: "35.177.221.5"
  },
  Attachment: {
    AttachTime: 2017-06-30 12:40:12 +0000 UTC,
    AttachmentId: "eni-attach-b0ff53d0",
    DeleteOnTermination: false,
    DeviceIndex: 1,
    InstanceOwnerId: "amazon-elb",
    Status: "attached"
  },
  AvailabilityZone: "eu-west-2a",
  Description: "ELB sur-con",
  Groups: [{
      GroupId: "sg-20793c49",
      GroupName: "terraform-00b5732b378e3e1af7ae523317"
    }],
  MacAddress: "06:be:07:24:55:b7",
  NetworkInterfaceId: "eni-38a80942",
  OwnerId: "187416307283",
  PrivateDnsName: "ip-10-0-1-33.eu-west-2.compute.internal",
  PrivateIpAddress: "10.0.1.33",
  PrivateIpAddresses: [{
      Association: {
        IpOwnerId: "amazon-elb",
        PublicDnsName: "ec2-35-177-221-5.eu-west-2.compute.amazonaws.com",
        PublicIp: "35.177.221.5"
      },
      Primary: true,
      PrivateDnsName: "ip-10-0-1-33.eu-west-2.compute.internal",
      PrivateIpAddress: "10.0.1.33"
    }],
  RequesterId: "amazon-elb",
  RequesterManaged: true,
  SourceDestCheck: true,
  Status: "in-use",
  SubnetId: "subnet-2118ae5a",
  VpcId: "vpc-1fa72476"
}

Test results

make testacc TEST=./aws TESTARGS='-run=TestAccAWSELB'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSELB -timeout 120m
=== RUN   TestAccAWSELB_importBasic
--- PASS: TestAccAWSELB_importBasic (55.48s)
=== RUN   TestAccAWSELBAttachment_basic
--- PASS: TestAccAWSELBAttachment_basic (287.73s)
=== RUN   TestAccAWSELBAttachment_drift
--- PASS: TestAccAWSELBAttachment_drift (179.94s)
=== RUN   TestAccAWSELB_basic
--- PASS: TestAccAWSELB_basic (48.33s)
=== RUN   TestAccAWSELB_fullCharacterRange
--- PASS: TestAccAWSELB_fullCharacterRange (49.15s)
=== RUN   TestAccAWSELB_AccessLogs_enabled
--- PASS: TestAccAWSELB_AccessLogs_enabled (188.42s)
=== RUN   TestAccAWSELB_AccessLogs_disabled
--- PASS: TestAccAWSELB_AccessLogs_disabled (196.72s)
=== RUN   TestAccAWSELB_namePrefix
--- PASS: TestAccAWSELB_namePrefix (47.65s)
=== RUN   TestAccAWSELB_generatedName
--- PASS: TestAccAWSELB_generatedName (78.70s)
=== RUN   TestAccAWSELB_generatesNameForZeroValue
--- PASS: TestAccAWSELB_generatesNameForZeroValue (46.59s)
=== RUN   TestAccAWSELB_availabilityZones
--- PASS: TestAccAWSELB_availabilityZones (131.99s)
=== RUN   TestAccAWSELB_tags
--- PASS: TestAccAWSELB_tags (83.11s)
=== RUN   TestAccAWSELB_iam_server_cert
--- PASS: TestAccAWSELB_iam_server_cert (67.93s)
=== RUN   TestAccAWSELB_swap_subnets
--- PASS: TestAccAWSELB_swap_subnets (268.53s)
=== RUN   TestAccAWSELB_InstanceAttaching
--- PASS: TestAccAWSELB_InstanceAttaching (232.62s)
=== RUN   TestAccAWSELBUpdate_Listener
--- PASS: TestAccAWSELBUpdate_Listener (144.79s)
=== RUN   TestAccAWSELB_HealthCheck
--- PASS: TestAccAWSELB_HealthCheck (57.45s)
=== RUN   TestAccAWSELBUpdate_HealthCheck
--- PASS: TestAccAWSELBUpdate_HealthCheck (87.36s)
=== RUN   TestAccAWSELB_Timeout
--- PASS: TestAccAWSELB_Timeout (53.88s)
=== RUN   TestAccAWSELBUpdate_Timeout
--- PASS: TestAccAWSELBUpdate_Timeout (98.38s)
=== RUN   TestAccAWSELB_ConnectionDraining
--- PASS: TestAccAWSELB_ConnectionDraining (50.38s)
=== RUN   TestAccAWSELBUpdate_ConnectionDraining
--- PASS: TestAccAWSELBUpdate_ConnectionDraining (170.50s)
=== RUN   TestAccAWSELB_SecurityGroups
--- PASS: TestAccAWSELB_SecurityGroups (136.36s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	2762.009s

Here's a snippet from log to prove that it's actually working:

$ tail -f ~/tf.log | grep 'ENIs to cleanup for ELB '
2017/07/02 12:08:46 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8e9f"
2017/07/02 12:13:08 [DEBUG] Found 2 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8ea0"
2017/07/02 12:15:26 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8ea5"
2017/07/02 12:17:22 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8ea8"
2017/07/02 12:18:11 [DEBUG] Found 0 ENIs to cleanup for ELB "Tf-7935718592059225879"
2017/07/02 12:20:45 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8ea9"
2017/07/02 12:23:51 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eaa"
2017/07/02 12:25:24 [DEBUG] Found 0 ENIs to cleanup for ELB "test-00085d58eac7f62f3ed38e8eab"
2017/07/02 12:26:42 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eac"
2017/07/02 12:27:29 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8ead"
2017/07/02 12:28:57 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eae"
2017/07/02 12:31:04 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eaf"
2017/07/02 12:32:10 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb0"
2017/07/02 12:35:17 [DEBUG] Found 1 ENIs to cleanup for ELB "terraform-asg-deployment-example"
2017/07/02 12:39:00 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb1"
2017/07/02 12:42:11 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb2"
2017/07/02 12:43:55 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb3"
2017/07/02 12:45:23 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb4"
2017/07/02 12:46:17 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb5"
2017/07/02 12:47:43 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb6"
2017/07/02 12:48:44 [DEBUG] Found 0 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb7"
2017/07/02 12:50:50 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb8"
2017/07/02 12:53:16 [DEBUG] Found 1 ENIs to cleanup for ELB "tf-lb-00085d58eac7f62f3ed38e8eb9"

@radeksimko radeksimko added the enhancement Requests to existing resources that expand the functionality or scope. label Jul 2, 2017
@s-urbaniak
Copy link

@radeksimko thanks a lot! I will use this PR also in our CI build. I am personally not aware of the ENI/ELB relationship, but maybe @alexsomesan has more insights.

@s-urbaniak s-urbaniak mentioned this pull request Jul 6, 2017
Closed
catsby
catsby approved these changes Jul 7, 2017
View reviewed changes
Copy link
Contributor

@catsby catsby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As long as failure doesn't stop the Terraform destroy process, which it looks like it does not, then this looks good to me 👍

@radeksimko radeksimko merged commit 30f0c6b into master Jul 8, 2017
@radeksimko radeksimko deleted the b-aws-elb-detach branch July 8, 2017 11:49
@radeksimko radeksimko mentioned this pull request Jul 8, 2017
Closed
@radeksimko radeksimko mentioned this pull request Aug 7, 2017
Closed
This was referenced Aug 16, 2017
Merged
Closed
@radeksimko radeksimko mentioned this pull request Oct 9, 2017
Closed
@radeksimko radeksimko mentioned this pull request Nov 26, 2017
Merged
@ghost
Copy link

ghost commented Apr 11, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 11, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@catsby catsby catsby approved these changes

Assignees
No one assigned
Labels
enhancement Requests to existing resources that expand the functionality or scope.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@radeksimko @s-urbaniak @catsby