Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Terraform destroy bug #1472

Closed
bensojona opened this issue Apr 9, 2015 · 13 comments
Closed

Terraform destroy bug #1472

bensojona opened this issue Apr 9, 2015 · 13 comments

Comments

@bensojona
Copy link
Contributor

I have a TF template that creates a Consul cluster using a TF module that creates the consul aws_instance resource.

The aws_instance depends on an aws_security_group and an aws_key_pair

When I do a terraform apply, it brings up the consul cluster just fine, no errors. I then do a terraform plan everything looks just fine. Then I do a terraform destroy and it fails, which screws up my tfstate.

It appears there is some dependency between the aws_key_pair and aws_security_group where it destroys the key pair but then can't destroy the security group. After the destroy fails the key pair is gone, but the security group and 3 instances that were previously brought up are still there.

screenshot 2015-04-09 15 16 28

screenshot 2015-04-09 15 18 55

@TlenCoder
Copy link

Having same behavior on terraform v0.4.0 and 0.4.1. It tries to destroy security groups and launch configuration before destroy autoscale group which leads to fail.
Update:
I think it can be related to this changeset from v0.4:

Continuous state saving during terraform apply. The state file is continuously updated as apply is running, meaning that the state is less likely to become corrupt in a catastrophic case: terraform panic or system killing Terraform.

@duggan
Copy link
Contributor

duggan commented Apr 13, 2015

Also seeing this bug since upgrading from 0.3.7 to 0.4.0+

@nadnerb
Copy link

nadnerb commented Apr 16, 2015

Have a related issue with destruction of dependent resources, made even worse by using modules :(

@c4milo
Copy link
Contributor

c4milo commented Apr 16, 2015

I ran into a similar problem. This is the output of the destroying command:

@c4milo
Copy link
Contributor

c4milo commented Apr 16, 2015

In my case I believe it is because there isn't any implicit dependency between my ec2 instances and the VPC. So, when destroying, I think it has to start by destroying the EC2 instances and then the subnets, internet gateways, the routing table and so on.

@bensojona
Copy link
Contributor Author

Terraform 0.5.0 seems to destroy everything just fine now. However, it does show errors, even though everything was destroyed fine.

See terraform destroy output below.

Error applying plan:

6 error(s) occurred:

* Resource 'atlas_artifact.consul' does not have attribute 'metadata_full.region-us-east-1' for variable 'atlas_artifact.consul.metadata_full.region-us-east-1'
* Resource 'atlas_artifact.metamon' does not have attribute 'metadata_full.region-us-east-1' for variable 'atlas_artifact.metamon.metadata_full.region-us-east-1'
* Resource 'aws_key_pair.consul' does not have attribute 'key_name' for variable 'aws_key_pair.consul.key_name'
* Resource 'aws_security_group.allow_all' does not have attribute 'name' for variable 'aws_security_group.allow_all.name'
* Resource 'aws_security_group.allow_all' does not have attribute 'name' for variable 'aws_security_group.allow_all.name'
* Resource 'aws_key_pair.metamon' does not have attribute 'key_name' for variable 'aws_key_pair.metamon.key_name'

Full terraform destroy output

@mitchellh
Copy link
Contributor

@bensojona This was fixed in master, will be part of 0.5.1 coming out hopefully this week sometime

@bensojona
Copy link
Contributor Author

Awesome 👍

@nadnerb
Copy link

nadnerb commented May 13, 2015

I currently have an issue if a subnets creation failed (as in I configured the cidr incorrectly) I then cannot destroy/refresh/plan/apply again using Terraform 0.5.

I get the error * Resource 'aws_subnet.foo' not found for variable 'aws_subnet.foo.id' even though the subnet was never created and does not exist in tfstate.

Is this related or a separate issue?

Thanks.

@nadnerb
Copy link

nadnerb commented May 20, 2015

0.5.1/2 seems to have resolved my issues, subnet and security group destruction.

Thanks!

@nathanielks
Copy link
Contributor

Terraform v0.6.3 is showing similar errors to what @bensojona was seeing for me:

* Resource 'terraform_remote_state.static' does not have attribute 'output.codedeploy.instance_profile.name' for variable 'terraform_remote_state.static.output.codedeploy.instance_profile.name'
* Resource 'aws_key_pair.deployer' does not have attribute 'key_name' for variable 'aws_key_pair.deployer.key_name'
* Resource 'terraform_remote_state.persistent' does not have attribute 'output.vpc.id' for variable 'terraform_remote_state.persistent.output.vpc.id'
* Resource 'terraform_remote_state.persistent' does not have attribute 'output.sg.default.id' for variable 'terraform_remote_state.persistent.output.sg.default.id'

Full output at the click.

@shanielh
Copy link
Contributor

I'm also having some destroy problems with terraform 0.6.2 :

8 error(s) occurred:

* Resource 'aws_security_group.consul-agents' does not have attribute 'id' for variable 'aws_security_group.consul-agents.id'
* Resource 'aws_security_group.aerospike' does not have attribute 'id' for variable 'aws_security_group.aerospike.id'
* Resource 'aws_security_group.aerospike' does not have attribute 'id' for variable 'aws_security_group.aerospike.id'
* Resource 'aws_security_group.aerospike' does not have attribute 'id' for variable 'aws_security_group.aerospike.id'
* Resource 'aws_security_group.consul-agents' does not have attribute 'id' for variable 'aws_security_group.consul-agents.id'
* Resource 'aws_security_group.ssh' does not have attribute 'id' for variable 'aws_security_group.ssh.id'
* Resource 'aws_security_group.consul-agents' does not have attribute 'id' for variable 'aws_security_group.consul-agents.id'
* Resource 'aws_security_group.consul' does not have attribute 'id' for variable 'aws_security_group.consul.id'

https://gist.github.com/shanielh/415f654efeb8b36fe841

@ghost
Copy link

ghost commented May 1, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators May 1, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

9 participants