terraform-provider-google: google_sql_database_instance: Error creating resources using Private IPs in parallel.

Community Note

  • Please vote on this issue by adding a đź‘Ť reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
  • If an issue is assigned to the “modular-magician” user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to “hashibot”, a community member has claimed the issue already.

Terraform Version

Terraform v0.11.11

  • provider.google v2.0.0
  • provider.google-beta v2.0.0
  • provider.random v2.0.0

Affected Resource(s)

  • google_sql_database_instance
  • google_container_cluster Probably all resources that support Private IP.

Terraform Configuration Files

provider "google" {
  region = "${var.region}"
}

provider "google-beta" {
  region = "${var.region}"
}

variable "region" {
  default = "us-central1"
}

variable "org_id" {
  default = "*****"
}

variable "billing_account" {
  default = "*******"
}

variable "count" {
  default = 2
}

resource "random_id" "project" {
  byte_length = 4
  prefix      = "test-tf-project-"
}

resource "google_project" "project" {
  name                = "Test Terraform Project"
  project_id          = "${random_id.project.hex}"
  org_id              = "${var.org_id}"
  auto_create_network = false
  billing_account     = "${var.billing_account}"
}

resource "google_project_service" "networking" {
  project                    = "${google_project.project.project_id}"
  service                    = "servicenetworking.googleapis.com"
  disable_on_destroy         = false
  disable_dependent_services = true
}

resource "google_compute_network" "network" {
  description             = "Network"
  name                    = "test-network"
  auto_create_subnetworks = "false"
  project                 = "${google_project.project.project_id}"
}

resource "google_compute_global_address" "private_ip_alloc" {
  provider      = "google-beta"
  name          = "private-ip-alloc"
  purpose       = "VPC_PEERING"
  address_type  = "INTERNAL"
  prefix_length = 16
  network       = "${google_compute_network.network.self_link}"
  project       = "${google_project_service.networking.project}"
}

resource "google_service_networking_connection" "connection" {
  provider                = "google-beta"
  network                 = "${google_compute_network.network.self_link}"
  service                 = "servicenetworking.googleapis.com"
  reserved_peering_ranges = ["${google_compute_global_address.private_ip_alloc.name}"]
}

resource "random_id" "master" {
  byte_length = 4
  prefix      = "master-"
}

resource "google_sql_database_instance" "master" {
  count            = "${var.count}"
  name             = "${random_id.master.hex}-${count.index}"
  database_version = "MYSQL_5_7"
  region           = "${var.region}"
  project          = "${google_project.project.project_id}"

  settings {
    tier      = "db-f1-micro"

    ip_configuration {
      private_network = "${google_service_networking_connection.connection.network}"
    }
  }
}

Debug Output

https://gist.github.com/yuvaldrori/034fd15acff47edf83af77dea885fa36

Panic Output

Expected Behavior

All resources should have been created successfully. If you change the variable count = 1 it will succeed.

Actual Behavior

Only one CloudSQL gets created successfully.

Steps to Reproduce

  1. terraform apply

Important Factoids

Tried similar script with one CloudSQL and one GKE cluster and many GKE clusters with private IPs - same results.

References

b/261385017

About this issue

  • Original URL
  • State: open
  • Created 5 years ago
  • Reactions: 22
  • Comments: 15 (5 by maintainers)

Most upvoted comments

Is there an update on this. I have been trying to debug an issue which turned out to be this.

At a minimum can a note be placed in the docs alerting devs to this short coming.

+7
mattseymour on Feb 18, 2021

Update - I’ve been talking with the private networking team and they are working on a fix for this. They let me know that this is happening because there is an entry that gets set up the first time any private networking feature is turned on for a project/network. Creating the 2 instances at the same time causes a collision setting up this singleton, so if you are able to set up 1 resource that uses private networking before creating others in parallel you should be able to work around this issue.

+5
chrisst on Apr 10, 2019

Can we get an update on this? We are running into it regularly when setting up databases for multiple environments and we have to do two separate terraform runs to work around this. The delay workaround does not really work in our case as we are using a module for cloudsql and you cannot have one module wait on the other (at least not in a simple non-hacky way).

+2
ctrox on Nov 1, 2019

Sorry no update at this point. The upstream team is still working on it and I’ll update if I see that anything has been resolved.

+1
chrisst on Apr 7, 2020
Read more comments on GitHub
← terraform-provider-google: google_sql_database randomly errors with failure waiting for insertion
terraform-provider-google: google_sql_database.users: operationInProgress error on `terraform apply` →