Channels
academy
amazon
arm
azure
cabpr
chinese
ci-cd
danish
deutsch
developer
elemental
epinio
espanol
events
extensions
fleet
français
gcp
general
harvester
harvester-dev
hobbyfarm
hypper
japanese
k3d
k3os
k3s
k3s-contributor
kim
kubernetes
kubewarden
lima
logging
longhorn-dev
longhorn-storage
masterclass
mesos
mexico
nederlands
neuvector-security
office-hours
one-point-x
onlinemeetup
onlinetraining
opni
os
ozt
phillydotnet
portugues
rancher-desktop
rancher-extensions
rancher-setup
rancher-wrangler
random
rfed_ara
rio
rke
rke2
russian
s3gw
service-mesh
storage
submariner
supermicro-sixsq
swarm
terraform-controller
terraform-provider-rancher2
terraform-provider-rke
theranchcast
training-0110
training-0124
training-0131
training-0207
training-0214
training-1220
ukranian
v16-v21-migration
vsphere
windows
Title
m
most-sunset-36476
09/28/2022, 5:07 PMIs there a way to have Rancher delete the load balancer created by the user-addon ? When using terraform to create/destroy, the load balancer (which is created from the user-addon) is not destroyed together with the rke cluster and breaks the terraform destroy because it uses the cluster vnet.
q
quick-sandwich-76600
09/28/2022, 5:37 PMSorry, I don't get it, can you explain it in a different way? I don't know what you refer to when you say "load balancer created by the user-addon"
m
most-sunset-36476
09/28/2022, 5:54 PMMy problem is that I use the Terraform rancher2 provider to create downstream RKE Rancher clusters on Azure. And when I create the downstream RKE cluster with a user-addon (Which is a manifest that creates a service type LoadBalancer pointing to the ingress controller and is run as a user-addon job at cluster creation time) that resource (cloud Load Balancer) has not been provisioned by Terraform and prevents me from running
terraform destroyIt appears that Rancher does not remove the Load Balancer created on Azure when it destroys the cluster. which means the load balancer remains in the resource group and because it uses the subnet created by Terraform, it prevents Terraform from destroying the subnet and vnet.
q
quick-sandwich-76600
09/29/2022, 10:13 AMOk, understood. I guess this Reddit post was made by you, isn't it? https://www.reddit.com/r/rancher/comments/xqje3e/cloud_load_balancer_created_by_useraddon_not/
And your code may probably be similar to this: https://github.com/rancher/terraform-provider-rancher2/issues/972, am I right?
Using the above example as reference ... may it work for you to add some code to manually remove the Kubernetes LB type service created by user-addon when destroying resource "rancher2_node_template" "control_plane"? (using a provisioner + when = destroy)
Another possible option I see is that you create the service, not with the user-addon but with a kubernetes_service resource from using Terraform's Kubernetes provider.
m
most-sunset-36476
09/29/2022, 2:41 PMYes but i resolved it by using a NAT Gateway. Then i had to add an Application Gateway with WAF settings and use internal LB instead of public one. I could indeed add a script to remove the load balancer but i really don't like that solution and avoid that if possible. I also started thinking of using the K8s provider but when using the provider in the same module where the kubeconfig is generated from the cluster, it appears to sometimes reset the provider config on consecutive terraform runs which is why I wanted to avoid that as well.