This message was deleted.
# generala
adamant-kite-43734
09/28/2022, 5:07 PMThis message was deleted.
q
quick-sandwich-76600
09/28/2022, 5:37 PMSorry, I don't get it, can you explain it in a different way? I don't know what you refer to when you say "load balancer created by the user-addon"
m
most-sunset-36476
09/28/2022, 5:54 PMMy problem is that I use the Terraform rancher2 provider to create downstream RKE Rancher clusters on Azure. And when I create the downstream RKE cluster with a user-addon (Which is a manifest that creates a service type LoadBalancer pointing to the ingress controller and is run as a user-addon job at cluster creation time) that resource (cloud Load Balancer) has not been provisioned by Terraform and prevents me from running
terraform destroymost-sunset-36476
09/28/2022, 6:04 PMIt appears that Rancher does not remove the Load Balancer created on Azure when it destroys the cluster. which means the load balancer remains in the resource group and because it uses the subnet created by Terraform, it prevents Terraform from destroying the subnet and vnet.
q
quick-sandwich-76600
09/29/2022, 10:13 AMOk, understood. I guess this Reddit post was made by you, isn't it? https://www.reddit.com/r/rancher/comments/xqje3e/cloud_load_balancer_created_by_useraddon_not/
quick-sandwich-76600
09/29/2022, 11:01 AMAnd your code may probably be similar to this: https://github.com/rancher/terraform-provider-rancher2/issues/972, am I right?
quick-sandwich-76600
09/29/2022, 11:15 AMUsing the above example as reference ... may it work for you to add some code to manually remove the Kubernetes LB type service created by user-addon when destroying resource "rancher2_node_template" "control_plane"? (using a provisioner + when = destroy)
quick-sandwich-76600
09/29/2022, 11:27 AMAnother possible option I see is that you create the service, not with the user-addon but with a kubernetes_service resource from using Terraform's Kubernetes provider.
m
most-sunset-36476
09/29/2022, 2:41 PMYes but i resolved it by using a NAT Gateway. Then i had to add an Application Gateway with WAF settings and use internal LB instead of public one. I could indeed add a script to remove the load balancer but i really don't like that solution and avoid that if possible. I also started thinking of using the K8s provider but when using the provider in the same module where the kubeconfig is generated from the cluster, it appears to sometimes reset the provider config on consecutive terraform runs which is why I wanted to avoid that as well.
9 Views