Comments (5)
krowlandson
commented on May 10, 2024
1
Proposed approach:
- Gather further evidence of the issue (how widespread is this problem)
- Investigate retry and backoff behaviour in Terraform / AzureRM provider / autorest (why is Terraform not backing off to allow the API to return to normal operation)
- Are customers being impacted by this?
- Can we tune the test framework down to reduce the impact of the API throttling without unreasonably increasing the test duration or reducing test coverage?
- Enable trace logs (
TF_LOG=1) and raise an issue with the provider
from terraform-azurerm-caf-enterprise-scale.
dan-leanix
commented on May 10, 2024
Don't know if this is helpful but I left the following comment on the issue with the DNS resources.
Whatever it is it was introduced with the Terraform Azure provider 2.x versions from the very beginning. We could reproduce it with version 2.1.0. So, I assume that this exists since version 2.0.0.
Terraform Azure provider version 1.44.0 just works.
hashicorp/terraform-provider-azurerm#9816
from terraform-azurerm-caf-enterprise-scale.
krowlandson
commented on May 10, 2024
Interesting observation @dan-leanix... I've not had a chance to pinpoint the exact point where it became the primary method of controlling requests to the AzureRM API, but the autorest client was introduced from v2.3.0 so I suspect there was a general effort from v2.0.0 to change the way the provider interacts with the API.
In our particular case, there has clearly been a change on the platform side which is resulting in a provider throttling requests when it didn't previously. However 429 responses are common across most others, including the DNS service as mentioned in Creating Over 2000 DNS Records Gives me StatusCode=429 hashicorp/terraform#27266.
Unfortunately it seems that when running high numbers of parallel tasks against the same API (on an individual Resource Provider / Service), Terraform isn't correlating related HTTP/429 responses, so the backoff isn't aggressive enough to let the API rate limiting to be lifted.
from terraform-azurerm-caf-enterprise-scale.
krowlandson
commented on May 10, 2024
Workaround implemented by #80 but leaving issue open to collect additional feedback and in case additional work is needed.
Not ideal having to reduce parallelism setting from 256 to 50.
from terraform-azurerm-caf-enterprise-scale.
krowlandson
commented on May 10, 2024
Closing issue as this has now been linked to an Azure platform update designed to limit API requests for this provider.
from terraform-azurerm-caf-enterprise-scale.
Related Issues (20)
- DNS Proxy disabled when using Standard Firewall SKU but not setting `address_management_prefix` HOT 3
- custom_landing_zones Keys cannot contain periods HOT 3
- 🐛 When trying to apply core resources, I'm getting errors due apparently sensitive values HOT 5
- Role definition for running provisioning of landing zones from Terraform Cloud HOT 3
- Default MG Sandboxes - lifecycle of subscriptions not clear HOT 4
- Question: hub_routing_preference HOT 7
- Bug Report - Azure Firewall Policy basic can not deploy HOT 2
- Feature Request - Role Assignment with Conditions HOT 6
- routing_intent does not find the next hop destination when deployed with the azurerm firewall in vhub. HOT 1
- Multiple secure hubs in virtual wan cannot share the same azure firewall base policy HOT 2
- Bug Report HOT 3
- Bug Report HOT 4
- Feature Request - Policy Only Deployment HOT 2
- How to add a second IP to Azure Firewall HOT 2
- Unable to create policy for custom landing zone
- Public network access must be disabled for PaaS services policy is blocking storage account even thus it set to have public_access = false HOT 5
- BGP peers at vhub level HOT 1
- Log Analytics SKU and other settings being reverted HOT 2
- Conflict Error when Deleting Linked Automation Account HOT 5
- tfstate management. HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-azurerm-caf-enterprise-scale.