Commit Graph

7435 Commits

Author SHA1 Message Date
Paul Hinze 6b6b5a43c3 provider/aws: serialize SG rule access to fix race condition
Because `aws_security_group_rule` resources are an abstraction on top of
Security Groups, they must interact with the AWS Security Group APIs in
a pattern that often results in lots of parallel requests interacting
with the same security group.

We've found that this pattern can trigger race conditions resulting in
inconsistent behavior, including:

 * Rules that report as created but don't actually exist on AWS's side
 * Rules that show up in AWS but don't register as being created
   locally, resulting in follow up attempts to authorize the rule
   failing w/ Duplicate errors

Here, we introduce a per-SG mutex that must be held by any security
group before it is allowed to interact with AWS APIs. This protects the
space between `DescribeSecurityGroup` and `Authorize*` / `Revoke*`
calls, ensuring that no other rules interact with the SG during that
span.

The included test exposes the race by applying a security group with
lots of rules, which based on the dependency graph can all be handled in
parallel. This fails most of the time without the new locking behavior.

I've omitted the mutex from `Read`, since it is only called during the
Refresh walk when no changes are being made, meaning a bunch of parallel
`DescribeSecurityGroup` API calls should be consistent in that case.
2015-11-18 12:39:59 -06:00
James Nugent b177370bdc Merge pull request #3962 from miguelaferreira/patch-1
provider/cloudstack docs: use underscore in virtual machine attribute
2015-11-18 17:14:58 +02:00
James Nugent ce1bcd7ccc Merge pull request #3959 from chrislovecnm/vsphere-ipv4-documentation-updates
Update docs to reflect vsphere provider only supporting IPv4 addresses
2015-11-18 17:11:37 +02:00
James Nugent 0a7e545b55 Merge pull request #3956 from Banno/fix-template-docs
docs: fix template_file syntax error
2015-11-18 17:10:15 +02:00
James Nugent 00824d2ea9 Merge pull request #3950 from hashicorp/f-make-core
Add `core` target to Makefile
2015-11-18 17:09:05 +02:00
James Nugent 13548fcaa2 Add `core-dev` target to Makefile
This is shorthand to build and install the core of terraform, without
touching the providers.
2015-11-18 16:59:58 +02:00
James Nugent 6a74f74ab8 Merge pull request #3961 from aznashwan/b-aws-provider-build
provider/aws: remove build-blocking unused variable.
2015-11-18 16:32:48 +02:00
Miguel Ferreira 9e42207fee Use underscore in virtual machine attribute 2015-11-18 14:47:21 +01:00
Nashwan Azhari da8314ce8a provider/aws: removed build-blocking unused variable. 2015-11-18 15:08:45 +02:00
Chris Love 9de7319b63 Update virtual_machine.html.markdown
Typo
2015-11-17 21:56:58 -07:00
chrislovecnm 2d0ceb51c4 updating documenation that vsphere provider only supports ipv4 addressing 2015-11-17 21:53:55 -07:00
Joe Topjian 21f93ca455 Update CHANGELOG.md 2015-11-17 20:20:30 -07:00
Joe Topjian 51a2fbd6ae Merge pull request #3927 from jtopjian/jtopjian-openstack-lbvip-attr-cleanup
provider/openstack: Clean up some attributes in LBaaS VIP resource
2015-11-17 20:19:25 -07:00
Luke Amdor f23a4994ae docs: fix template_file syntax error 2015-11-17 16:45:08 -06:00
Radek Simko b21438f700 Update CHANGELOG.md 2015-11-17 22:40:26 +00:00
Radek Simko 306046b82b Merge pull request #3955 from cbusbey/db_subnet_spaces
allow spaces in db subnet name
2015-11-17 22:38:36 +00:00
Clint e0dfddce75 Update CHANGELOG.md 2015-11-17 16:38:09 -06:00
Clint 0bd8b32637 Merge pull request #3237 from GrayCoder/group-work
provider/aws: add support for group name and path changes with group update function
2015-11-17 16:37:40 -06:00
Chris Busbey 12d51edeb6 allow spaces in db subnet name 2015-11-17 12:48:56 -08:00
Clint e7a054c9dd Update CHANGELOG.md 2015-11-17 09:11:22 -06:00
Clint 2ed867b5ab Merge pull request #3945 from hashicorp/b-aws-r53-record-zone-fix
provider/aws: Fix crash in Route53 Record if Zone not found
2015-11-17 09:10:50 -06:00
James Nugent b057ef78ff Update CHANGELOG.md 2015-11-17 13:28:21 +00:00
James Nugent edaaab9f62 Merge pull request #3948 from pshima/f-packet-net-provisioner-ip
Populate the provisioner connection info for packet.net devices
2015-11-17 13:26:10 +00:00
Pete Shima e2ef92f50f Populate the provisioner connection info for packet.net devices with the ipv4 public address 2015-11-16 21:02:57 -08:00
Brandon Rochon 6875e9aaec Issue #3894 RDS publicly_accessible param shouldn't force new resource
Change-Id: I0a10e050ca1c4f2dde5e04f237de6115723522d8
2015-11-16 17:47:35 -08:00
Paul Hinze 24ee56326d Update CHANGELOG.md 2015-11-16 17:58:28 -06:00
Paul Hinze 7e59d7f67c Merge pull request #3901 from hashicorp/phinze/google-credentials
provider/google: read credentials as contents instead of path
2015-11-16 17:57:54 -06:00
Paul Hinze 1905766cf8 Update CHANGELOG.md 2015-11-16 17:55:25 -06:00
Paul Hinze 010293992a Merge pull request #3899 from hashicorp/phinze/azure-publish-settings
provider/azure: read publish_settings as contents instead of path
2015-11-16 17:54:43 -06:00
Paul Hinze 5d898f1c5f Merge pull request #3946 from hashicorp/fix-ecs-datatype
aws: Add missing dereference operator
2015-11-16 17:49:59 -06:00
Paul Hinze fb0dc4951d provider/azure: read publish_settings as contents instead of path
Building on the work in #3846, shifting the Azure provider's
configuration option from `settings_file` to `publish_settings`.
2015-11-16 17:47:56 -06:00
Radek Simko 00d0551933 aws: Add missing dereference operator 2015-11-16 23:19:45 +00:00
clint shryock 1413d032ee provider/aws: Fix crash in Route53 Record if Zone not found 2015-11-16 17:15:17 -06:00
clint shryock 901e5fbf9f fix log reference 2015-11-16 17:14:02 -06:00
Clint 6cb5ce2a7c Merge pull request #3943 from hashicorp/b-aws-ecs-service-hotfix
Fix issue with undefined var
2015-11-16 16:34:13 -06:00
clint shryock 8085e55eda fix issue with undefined var 2015-11-16 16:29:52 -06:00
Radek Simko 48e1e96078 Merge pull request #3936 from hashicorp/f-remove-depgraph
Remove unused depgraph package
2015-11-16 22:05:54 +00:00
Clint 0346c66d1c Merge pull request #3839 from hashicorp/new_header
New header/footer redesign
2015-11-16 16:05:37 -06:00
Radek Simko dfb474dd7c Update CHANGELOG.md 2015-11-16 21:47:06 +00:00
Radek Simko a8ceda1b15 Merge pull request #3914 from TimeIncOSS/b-aws-ecs-service-gone
provider/aws: Prevent crashing when deleting ecs_service which is gone
2015-11-16 21:46:06 +00:00
clint shryock 70f1c9c1e6 remove duplicate readInstance call 2015-11-16 15:16:41 -06:00
Paul Hinze eb9a93862b provider/google: read credentials as contents instead of path
Building on the work in #3846, shifting the Google provider's
configuration option from `account_file` to `credentials`.
2015-11-16 15:14:32 -06:00
clint shryock 66ad974193 add acceptance test for spot instanace updates 2015-11-16 15:11:44 -06:00
Paul Hinze 31586028c4 Update CHANGELOG.md 2015-11-16 14:51:19 -06:00
clint shryock f31b30d4a5 minor tweaks to connection info setup 2015-11-16 14:51:14 -06:00
Paul Hinze 993ec0a320 Merge pull request #3909 from hashicorp/phinze/template-file-contents
template_file: source contents instead of path
2015-11-16 14:50:45 -06:00
Sander van Harmelen 0cdc81f390 Merge pull request #3896 from hashicorp/phinze/chef-keys-as-contents
chef: read key contents instead of paths
2015-11-16 21:44:09 +01:00
clint shryock d998e883fb providers/aws: Update Spot Instance request to provide connection information 2015-11-16 14:43:24 -06:00
Paul Hinze fed3095455 Update CHANGELOG.md 2015-11-16 13:55:25 -06:00
Paul Hinze afb416fba4 Merge pull request #2807 from dwradcliffe/f-dyn-provider
add Dyn provider
2015-11-16 13:53:44 -06:00