Terraform DynamoDB 索引循环
Terraform DynamoDB index loop
我在 Terraform 中有以下配置
resource "aws_dynamodb_table" "scanner" {
name = "scanner"
read_capacity = 2
write_capacity = 1
hash_key = "public_ip"
attribute {
name = "public_ip"
type = "S"
}
attribute {
name = "region"
type = "S"
}
attribute {
name = "account_id"
type = "N"
}
global_secondary_index {
name = "cleanup-index"
hash_key = "account_id"
range_key = "region"
read_capacity = 1
write_capacity = 1
projection_type = "INCLUDE"
non_key_attributes = ["vpc_id", "instance_id", "integration_id", "private_ip"]
}
}
在我从 Terraform 0.7.13 升级到 0.9.6 之前,它一直运行良好。此后,Terraform 每次都尝试重新创建索引:
~ aws_dynamodb_table.scanner
global_secondary_index.3508752412.hash_key: "" => "account_id"
global_secondary_index.3508752412.name: "" => "cleanup-index"
global_secondary_index.3508752412.non_key_attributes.#: "0" => "4"
global_secondary_index.3508752412.non_key_attributes.0: "" => "vpc_id"
global_secondary_index.3508752412.non_key_attributes.1: "" => "instance_id"
global_secondary_index.3508752412.non_key_attributes.2: "" => "integration_id"
global_secondary_index.3508752412.non_key_attributes.3: "" => "private_ip"
global_secondary_index.3508752412.projection_type: "" => "INCLUDE"
global_secondary_index.3508752412.range_key: "" => "region"
global_secondary_index.3508752412.read_capacity: "" => "1"
global_secondary_index.3508752412.write_capacity: "" => "1"
global_secondary_index.3860163270.hash_key: "account_id" => ""
global_secondary_index.3860163270.name: "cleanup-index" => ""
global_secondary_index.3860163270.non_key_attributes.#: "4" => "0"
global_secondary_index.3860163270.non_key_attributes.0: "vpc_id" => ""
global_secondary_index.3860163270.non_key_attributes.1: "instance_id" => ""
global_secondary_index.3860163270.non_key_attributes.2: "private_ip" => ""
global_secondary_index.3860163270.non_key_attributes.3: "integration_id" => ""
global_secondary_index.3860163270.projection_type: "INCLUDE" => ""
global_secondary_index.3860163270.range_key: "region" => ""
global_secondary_index.3860163270.read_capacity: "1" => "0"
global_secondary_index.3860163270.write_capacity: "1" => "0"
Terraform 在他们的文档中说:DynamoDB API 希望在创建或更新 GSI/LSIs 或创建初始 table。在这些情况下,它希望提供哈希/范围键;因为这些在许多地方被重复使用(即 table 的范围键可能是一个或多个 GSI 的一部分),所以它们存储在 table 对象上以防止重复并提高一致性。如果您在此处添加这些场景中未使用的属性,可能会导致规划中的无限循环。 但我认为我的配置与此无关。有没有类似的经历?我怀疑与 this 有关。谢谢!
有时底层提供者API会对Terraform提交的数据进行归一化或重构,使得回读时数据不同
看来这就是这种情况的一个例子。在配置中,non_key_attributes 被列为 ["vpc_id", "instance_id", "integration_id", "private_ip"],但它们被 return 从 API 编辑为 ["vpc_id", "instance_id", "private_ip", "integration_id"]。
Terraform 中的一个错误是它没有将这两者视为等同的,如果确实(看起来)排序不敏感并且 DynamoDB API 可以 return 它们在一个与提交的订单不同。
作为解决此错误之前的解决方法,它可能会重新排序配置中的列表以匹配 API 正在 returning 的内容,这应该会导致 Terraform 不再看到差异。只要 API return 中的列表在从一个请求到下一个请求的 一致 顺序中,这应该有效。
我在 Terraform 中有以下配置
resource "aws_dynamodb_table" "scanner" {
name = "scanner"
read_capacity = 2
write_capacity = 1
hash_key = "public_ip"
attribute {
name = "public_ip"
type = "S"
}
attribute {
name = "region"
type = "S"
}
attribute {
name = "account_id"
type = "N"
}
global_secondary_index {
name = "cleanup-index"
hash_key = "account_id"
range_key = "region"
read_capacity = 1
write_capacity = 1
projection_type = "INCLUDE"
non_key_attributes = ["vpc_id", "instance_id", "integration_id", "private_ip"]
}
}
在我从 Terraform 0.7.13 升级到 0.9.6 之前,它一直运行良好。此后,Terraform 每次都尝试重新创建索引:
~ aws_dynamodb_table.scanner
global_secondary_index.3508752412.hash_key: "" => "account_id"
global_secondary_index.3508752412.name: "" => "cleanup-index"
global_secondary_index.3508752412.non_key_attributes.#: "0" => "4"
global_secondary_index.3508752412.non_key_attributes.0: "" => "vpc_id"
global_secondary_index.3508752412.non_key_attributes.1: "" => "instance_id"
global_secondary_index.3508752412.non_key_attributes.2: "" => "integration_id"
global_secondary_index.3508752412.non_key_attributes.3: "" => "private_ip"
global_secondary_index.3508752412.projection_type: "" => "INCLUDE"
global_secondary_index.3508752412.range_key: "" => "region"
global_secondary_index.3508752412.read_capacity: "" => "1"
global_secondary_index.3508752412.write_capacity: "" => "1"
global_secondary_index.3860163270.hash_key: "account_id" => ""
global_secondary_index.3860163270.name: "cleanup-index" => ""
global_secondary_index.3860163270.non_key_attributes.#: "4" => "0"
global_secondary_index.3860163270.non_key_attributes.0: "vpc_id" => ""
global_secondary_index.3860163270.non_key_attributes.1: "instance_id" => ""
global_secondary_index.3860163270.non_key_attributes.2: "private_ip" => ""
global_secondary_index.3860163270.non_key_attributes.3: "integration_id" => ""
global_secondary_index.3860163270.projection_type: "INCLUDE" => ""
global_secondary_index.3860163270.range_key: "region" => ""
global_secondary_index.3860163270.read_capacity: "1" => "0"
global_secondary_index.3860163270.write_capacity: "1" => "0"
Terraform 在他们的文档中说:DynamoDB API 希望在创建或更新 GSI/LSIs 或创建初始 table。在这些情况下,它希望提供哈希/范围键;因为这些在许多地方被重复使用(即 table 的范围键可能是一个或多个 GSI 的一部分),所以它们存储在 table 对象上以防止重复并提高一致性。如果您在此处添加这些场景中未使用的属性,可能会导致规划中的无限循环。 但我认为我的配置与此无关。有没有类似的经历?我怀疑与 this 有关。谢谢!
有时底层提供者API会对Terraform提交的数据进行归一化或重构,使得回读时数据不同
看来这就是这种情况的一个例子。在配置中,non_key_attributes 被列为 ["vpc_id", "instance_id", "integration_id", "private_ip"],但它们被 return 从 API 编辑为 ["vpc_id", "instance_id", "private_ip", "integration_id"]。
Terraform 中的一个错误是它没有将这两者视为等同的,如果确实(看起来)排序不敏感并且 DynamoDB API 可以 return 它们在一个与提交的订单不同。
作为解决此错误之前的解决方法,它可能会重新排序配置中的列表以匹配 API 正在 returning 的内容,这应该会导致 Terraform 不再看到差异。只要 API return 中的列表在从一个请求到下一个请求的 一致 顺序中,这应该有效。