google_compute_route with next_hop_instance = google_compute_instance.INSTANCE.self_link is recreated every time

[fdcds]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

❯ terraform -v
Terraform v1.0.4
on linux_amd64
+ provider registry.terraform.io/hashicorp/google v3.79.0

Affected Resource(s)

• google_compute_instance
• google_compute_route

Terraform Configuration Files

resource "google_compute_network" "NETWORK" {
  name                    = "NETWORK"
  auto_create_subnetworks = false
}

resource "google_compute_subnetwork" "NETWORK-europe-west1" {
  name          = "NETWORK"
  ip_cidr_range = "198.51.100.0/24"
  region        = "europe-west1"
  network       = google_compute_network.NETWORK.id
}

resource "google_compute_instance" "INSTANCE" {
  name         = "INSTANCE"
  machine_type = "e2-micro"

  tags = [var.INSTANCE_TAG]

  metadata = {
    (module.CONTAINER_VM.metadata_key) = module.CONTAINER_VM.metadata_value
  }

  metadata_startup_script = templatefile("startup-script.sh.template", {
    # REDACTED
  })

  labels = {
    (module.CONTAINER_VM.vm_container_label_key) = module.CONTAINER_VM.vm_container_label
  }

  boot_disk {
    initialize_params {
      image = module.CONTAINER_VM.source_image
    }
  }

  can_ip_forward = true

  network_interface {
    subnetwork = google_compute_subnetwork.NETWORK-europe-west1.self_link

    access_config {} # Ephemeral IP
  }

  service_account {
    scopes = [
      "https://www.googleapis.com/auth/cloud-platform",
    ]
  }
}

resource "google_compute_route" "ROUTE1" {
  name              = "ROUTE1"
  dest_range        = "192.0.2.1/32"
  network           = google_compute_network.NETWORK.self_link
  next_hop_instance = google_compute_instance.INSTANCE.self_link
}

IP addresses are not the actual addresses, but taken from TEST-NET-1 and TEST-NET-2 for this paste. UPPERCASE names are redacted names. modules.CONTAINER_VM is an instance of https://github.com/terraform-google-modules/terraform-google-container-vm/

Debug Output

  # google_compute_route.ROUTE1 must be replaced
-/+ resource "google_compute_route" "ROUTE1" {
      ~ id                     = "projects/PROJECT_ID/global/routes/ROUTE1" -> (known after apply)
        name                   = "ROUTE1"
      ~ next_hop_instance      = "projects/PROJECT_ID/zones/europe-west1-b/instances/INSTANCE" -> "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/zones/europe-west1-b/instances/INSTANCE"
      - next_hop_instance_zone = "europe-west1-b" -> null # forces replacement
      + next_hop_ip            = (known after apply)
      + next_hop_network       = (known after apply)
      ~ project                = "PROJECT_ID" -> (known after apply)
      ~ self_link              = "https://www.googleapis.com/compute/v1/projects/PROJECT_ID/global/routes/ROUTE1" -> (known after apply)
      - tags                   = [] -> null
        # (3 unchanged attributes hidden)
    }

Panic Output

Expected Behavior

The route should not have to be changed, if the instance does not change.

Actual Behavior

The route is recreated every time terraform apply runs, even if the instance does not change.

Steps to Reproduce

1. terraform apply

Important Factoids

References

[edwardmedia]

@fdcds there are codes that is supposed to handle this. Can you share your full debug log?

[edwardmedia]

@fdcds is this still an issue?

[fdcds]

@fdcds is this still an issue?

Yes it is. I just reproduced it in a simpler setup.

@fdcds there are codes that is supposed to handle this. Can you share your full debug log?

Sadly I cannot do that. I simply do not have a Google Cloud project that I could safely share information about.

[fdcds]

Could this be caused by Terraform thinking that the next_hop_instance_zone being unset in the desired configuration, but set in the actual configuration is a cause to replace the whole route?

The documentation says "The zone of the instance specified in next_hop_instance. Omit if next_hop_instance is specified as a URL.", but maybe next_hop_instance_zone also needs a DiffSuppressFunc that omits a diff if next_hop_instance is a URL?

[fdcds]

I confirm that v3.84.0 fixes the issue. (I did not try intermediate versions.)

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.