An Ec2 ubuntu 16 AMI was created, it had a code for ebs volumes like
root_block_device = {
volume_type = “gp2”
volume_size = “${var.volume1_size}”
delete_on_termination = true
}
ebs_block_device = {
device_name = “/dev/sda2”
volume_type = “gp2”
volume_size = “${var.volume2_size}”
encrypted = “${var.ebs_encryption}”
}
When I create EC2 with the AMI created from above, i see that the AMI has two volumes. I want to use this AMI but want to attach additional EBS volumes as necessary. So When i create the EC2 i used the same code as above so i can set the size of my volumes appropriately. And everything works fine and it creates a Ec2 with 3 volumes. But anytime after if i use terraform to make any change, be it increasing the volume size or even chanbing something as simple as a security group or role, terraform is saying it has to destroy the instance and recreate it?
do we know why this happens? here is my output first time when i did terraform apply and created ec2 and the 2nd time i am changing the size of ebs_volume i attached from 40 to 60, instead of just changing the volume size it says it has destroy and recreate the ec2 itself
First time output while creating EC2 with 2 volumes from AMI (root and ebs_block_device) and one volume added (ebs_volume_attachment)
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- create
Terraform will perform the following actions:
aws_ebs_volume.volsdh will be created
- resource “aws_ebs_volume” “volsdh” {
- arn = (known after apply)
- availability_zone = “us-east-1a”
- encrypted = (known after apply)
- id = (known after apply)
- iops = (known after apply)
- kms_key_id = (known after apply)
- size = 40
- snapshot_id = (known after apply)
- tags = {
- “Environment” = “aws_dev”
- “LOB” = “temp”
- “Name” = “sampleec2”
- “Project” = “testec2”
- “System Number” = “”
}
- type = (known after apply)
}
aws_instance.ec2 will be created
- resource “aws_instance” “ec2” {
-
ami = “ami-00d1d98dfde2c3742”
-
arn = (known after apply)
-
associate_public_ip_address = (known after apply)
-
availability_zone = (known after apply)
-
cpu_core_count = (known after apply)
-
cpu_threads_per_core = (known after apply)
-
ebs_optimized = false
-
get_password_data = false
-
host_id = (known after apply)
-
id = (known after apply)
-
instance_state = (known after apply)
-
instance_type = “t2.medium”
-
ipv6_address_count = (known after apply)
-
ipv6_addresses = (known after apply)
-
key_name = (known after apply)
-
network_interface_id = (known after apply)
-
password_data = (known after apply)
-
placement_group = (known after apply)
-
primary_network_interface_id = (known after apply)
-
private_dns = (known after apply)
-
private_ip = (known after apply)
-
public_dns = (known after apply)
-
public_ip = (known after apply)
-
security_groups = (known after apply)
-
subnet_id = (known after apply)
-
tags = {
- “Environment” = “lab”
- “LOB” = “oi”
- “Name” = “testec2EC2-2fromtestec2AMI-2”
- “Project” = “Core”
- “System Number” = " "
- “snapsvc” = “false”
}
-
tenancy = (known after apply)
-
user_data = “25e32189148f1c938282b516141f109deb9888c4”
-
volume_tags = {
- “Environment” = “lab”
- “LOB” = “oi”
- “Name” = “sampleec2”
- “Project” = “Core”
- “System Number” = " "
- “snapsvc” = “false”
}
-
vpc_security_group_ids = (known after apply)
-
ebs_block_device {
- delete_on_termination = true
- device_name = “/dev/sda2”
- encrypted = (known after apply)
- iops = (known after apply)
- snapshot_id = (known after apply)
- volume_id = (known after apply)
- volume_size = 50
- volume_type = “gp2”
}
-
ephemeral_block_device {
- device_name = (known after apply)
- no_device = (known after apply)
- virtual_name = (known after apply)
}
-
network_interface {
- delete_on_termination = false
- device_index = 0
- network_interface_id = (known after apply)
}
-
root_block_device {
- delete_on_termination = true
- iops = (known after apply)
- volume_id = (known after apply)
- volume_size = 40
- volume_type = “gp2”
}
}
-
aws_network_interface.ec2_nic will be created
- resource “aws_network_interface” “ec2_nic” {
-
description = “ENI for testec2EC2-2fromtestec2AMI-2”
-
id = (known after apply)
-
private_dns_name = (known after apply)
-
private_ip = (known after apply)
-
private_ips = (known after apply)
-
private_ips_count = (known after apply)
-
security_groups = [
- “sg-03c5dcd4492399a51”,
- “sg-078ad65ef12c9e7af”,
- “sg-0a8159ff0109ae900”,
]
-
source_dest_check = true
-
subnet_id = “subnet-00d12b5903a6cb3f5”
-
tags = {
- “Environment” = “lab”
- “LOB” = “oi”
- “Name” = “ENI for testec2EC2-2fromtestec2AMI-2”
- “Project” = “Core”
- “System Number” = " "
- “snapsvc” = “false”
}
-
attachment {
- attachment_id = (known after apply)
- device_index = (known after apply)
- instance = (known after apply)
}
}
-
aws_volume_attachment.ebs_att will be created
- resource “aws_volume_attachment” “ebs_att” {
- device_name = “/dev/sdh”
- id = (known after apply)
- instance_id = (known after apply)
- skip_destroy = true
- volume_id = (known after apply)
}
Plan: 4 to add, 0 to change, 0 to destroy.
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
~ update in-place
-/+ destroy and then create replacement
Terraform will perform the following actions:
aws_ebs_volume.volsdh will be updated in-place
~ resource “aws_ebs_volume” “volsdh” {
arn = “arn:aws:ec2:us-east-1:163326074592:volume/vol-03a97d0d5336537e5”
availability_zone = “us-east-1a”
encrypted = true
id = “vol-03a97d0d5336537e5”
iops = 120
kms_key_id = “arn:aws:kms:us-east-1:163326074592:key/fbedf51e-b1b0-46a9-be2b-1c7d57c35620”
~ size = 40 -> 60
tags = {
“Environment” = “aws_dev”
“LOB” = “EBIA”
“Name” = “Volume for testec2EC2EC2-2fromtestec2EC2AMI-2”
“Project” = “testec2EC2”
“System Number” = “Z150”
}
type = “gp2”
}
aws_instance.ec2 must be replaced
-/+ resource “aws_instance” “ec2” {
ami = “ami-----------------------”
~ arn = “-----------------” -> (known after apply)
~ associate_public_ip_address = false -> (known after apply)
~ availability_zone = “us-east-1a” -> (known after apply)
~ cpu_core_count = 2 -> (known after apply)
~ cpu_threads_per_core = 1 -> (known after apply)
- disable_api_termination = false -> null
ebs_optimized = false
get_password_data = false
+ host_id = (known after apply)
~ id = “i-0a2e8c70311030ff8” -> (known after apply)
~ instance_state = “running” -> (known after apply)
instance_type = “t2.medium”
~ ipv6_address_count = 0 -> (known after apply)
~ ipv6_addresses = -> (known after apply)
+ key_name = (known after apply)
- monitoring = false -> null
+ network_interface_id = (known after apply)
+ password_data = (known after apply)
+ placement_group = (known after apply)
~ primary_network_interface_id = “eni-0ee7d7b894a99e65b” -> (known after apply)
~ private_dns = “ip-10-181-114-126.ec2.internal” -> (known after apply)
~ private_ip = “10.181.114.126” -> (known after apply)
+ public_dns = (known after apply)
+ public_ip = (known after apply)
~ security_groups = -> (known after apply)
- source_dest_check = true -> null
~ subnet_id = “subnet-00d12b5903a6cb3f5” -> (known after apply)
tags = {
“Environment” = “lab”
“LOB” = “oi”
“Name” = “testec2EC2EC2-2fromtestec2EC2AMI-2”
“Project” = “Core”
“System Number” = " "
“snapsvc” = “false”
}
~ tenancy = “default” -> (known after apply)
user_data = “25e32189148f1c938282b516141f109deb9888c4”
volume_tags = {
“Environment” = “lab”
“LOB” = “oi”
“Name” = “Volume for testec2EC2EC2-2fromtestec2EC2AMI-2”
“Project” = “Core”
“System Number” = " "
“snapsvc” = “false”
}
~ vpc_security_group_ids = [
- “sg-03c5dcd4492399a51”,
- “sg-078ad65ef12c9e7af”,
- “sg-0a8159ff0109ae900”,
] -> (known after apply)
- credit_specification {
- cpu_credits = "standard" -> null
}
- ebs_block_device { # forces replacement
- delete_on_termination = false -> null
- device_name = "/dev/sdh" -> null
- encrypted = true -> null
- iops = 120 -> null
- volume_id = "vol-03a97d0d5336537e5" -> null
- volume_size = 40 -> null
- volume_type = "gp2" -> null
}
+ ebs_block_device { # forces replacement
+ delete_on_termination = true
+ device_name = "/dev/sda2"
+ encrypted = (known after apply)
+ iops = (known after apply)
+ snapshot_id = (known after apply)
+ volume_id = (known after apply)
+ volume_size = 50
+ volume_type = "gp2"
}
- ebs_block_device { # forces replacement
- delete_on_termination = true -> null
- device_name = "/dev/sda2" -> null
- encrypted = true -> null
- iops = 150 -> null
- snapshot_id = "snap-0dc4e2b5e7ea6a033" -> null
- volume_id = "vol-024e723d29b24463b" -> null
- volume_size = 50 -> null
- volume_type = "gp2" -> null
}
+ ephemeral_block_device {
+ device_name = (known after apply)
+ no_device = (known after apply)
+ virtual_name = (known after apply)
}
network_interface {
delete_on_termination = false
device_index = 0
network_interface_id = "eni-0ee7d7b894a99e65b"
}
~ root_block_device {
delete_on_termination = true
~ iops = 120 -> (known after apply)
~ volume_id = "vol-0cb73def749d6f171" -> (known after apply)
volume_size = 40
volume_type = "gp2"
}
}
aws_volume_attachment.ebs_att must be replaced
-/+ resource “aws_volume_attachment” “ebs_att” {
device_name = “/dev/sdh”
~ id = “vai-3950028857” -> (known after apply)
~ instance_id = “i-0a2e8c70311030ff8” -> (known after apply) # forces replacement
skip_destroy = true
volume_id = “vol-03a97d0d5336537e5”
}
Plan: 2 to add, 1 to change, 2 to destroy.
Please help, thanks