network_plugin_mode expects "Overlay" but azurerm provider expect "overlay" resulting in constant cluster destroy

[daximillian]

Is there an existing issue for this?

• I have searched the existing issues

Greenfield/Brownfield provisioning

greenfield

Terraform Version

1.5.4

Module Version

7.2.0

AzureRM Provider Version

3.64.0

Affected Resource(s)/Data Source(s)

azurerm_kubernetes_cluster

Terraform Configuration Files

network_plugin                    = "azure"
  network_plugin_mode               = "Overlay"    
  ebpf_data_plane                   = "cilium"

tfvars variables values

N/A

Debug Output/Panic Output

network_profile {
          + network_mode        = (known after apply)
          ~ network_plugin_mode = "overlay" -> "Overlay" # forces replacement
          ~ network_policy      = "cilium" -> (known after apply)
          ~ pod_cidr            = "10.244.0.0/16" -> (known after apply)
          ~ pod_cidrs           = [
              - "10.244.0.0/16",
            ] -> (known after apply)

Expected Behaviour

Not have the capitalization of the network_plugin_mode force a replacement.

Actual Behaviour

Setting the network_plugin_mode to "Overlay" forces a replacement, and setting it to "overlay" results in an error.

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[zioproto]

hello @daximillian ,
this is a provider issue, and should be opened on the repo https://github.com/hashicorp/terraform-provider-azurerm

I checked, and the issue has already been fixed with provider version v3.66.0
hashicorp/terraform-provider-azurerm#22621

I see you are using provider version 3.64.0, please upgrade

[zioproto]

Should we upgrade the requirement to v3.66.0 if using Overlay ?

terraform-azurerm-aks/versions.tf

Lines 9 to 12 in 0833586

	azurerm = {
	source = "hashicorp/azurerm"
	version = ">= 3.51.0, < 4.0"
	}

[lonegunmanb]

Hi

Should we upgrade the requirement to v3.66.0 if using Overlay ?

terraform-azurerm-aks/versions.tf

Lines 9 to 12 in 0833586

	azurerm = {
	source = "hashicorp/azurerm"
	version = ">= 3.51.0, < 4.0"
	}

After reading the issue comment

The latest release v3.66.0 shipped a documentation fix to the casing of the value in hashicorp/terraform-provider-azurerm#22554.

v3.66.0 only fixed the document, so now the user must use overlay instead of Overlay @daximillian .

[daximillian]

I have upgraded to provider 3.79.0 and to module version 7.4.0.
The bug remains, it just isn't forcing a cluster replacement, it's just doing a cluster update every single time.
When the module receives "overlay" it outputs the following error:

╷
│ Error: Resource precondition failed
│ 
│   on .terraform/modules/test2_aks/main.tf line 523, in resource "azurerm_kubernetes_cluster" "main":
│  523:       condition     = var.ebpf_data_plane != "cilium" || var.network_plugin_mode == "Overlay" || var.pod_subnet_id != null
│     ├────────────────
│     │ var.ebpf_data_plane is "cilium"
│     │ var.network_plugin_mode is "overlay"
│     │ var.pod_subnet_id is null
│ 
│ When ebpf_data_plane is set to cilium, one of either network_plugin_mode = `Overlay` or pod_subnet_id must be specified.
╵

When the module receives "Overlay" it forces an update:

Terraform will perform the following actions:

  # module.test2_aks.azurerm_kubernetes_cluster.main will be updated in-place
  ~ resource "azurerm_kubernetes_cluster" "main" {
        id                                  = "********"
        name                                = "test2-aks"
        tags                                = {
            "env"        = "test2"
            "managed_by" = "terraform"
            "name"       = "test2-aks"
        }
        # (32 unchanged attributes hidden)

      ~ network_profile {
          ~ network_plugin_mode = "overlay" -> "Overlay"
            # (11 unchanged attributes hidden)

            # (1 unchanged block hidden)
        }

        # (11 unchanged blocks hidden)
    }

Please change the condition of the module to specify "overlay" and not "Overlay" so that we can specify the correct value and not have our cluster updated with no need.

[lonegunmanb]

I think this issue has been fix by #472 so I'm closing it now, please feel free to reopen it if you still meet the error after you've upgraded to v7.5.0 @daximillian .