SUSE Support

Here When You Need Us

Persistent RKE2 Configuration Drift and Duplicate Object Creation for RKE2 cluster created with Rancher2 Terraform provider

This document (000021739) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Rancher

Rancher2 terraform provider


Situation

Users consistently encounter unintended configuration changes and the creation of duplicate objects when managing RKE2 clusters with Terraform. Specifically, Terraform repeatedly attempts to modify the dynamic attribute within the machine_selector_files block of RKE2 cluster configurations with each terraform plan/apply, and users observe the creation of duplicate objects within their RKE2 clusters.

Symptoms:

  • Configuration Drift: Each terraform plan and terraform apply operation reveals changes within the machine_selector_files block, showing the dynamic attribute of items within a secret toggling between false and true:
~ machine_selector_files {
    ~ file_sources {
        ~ secret {
            name                = "rke2-lab-admission-configuration-psact"
            # (1 unchanged attribute hidden)

            ~ items {
                ~ dynamic     = false -> true
                # (4 unchanged attributes hidden)
            }
        }
    }
}
  • Duplicate Objects: Users report the creation of multiple instances of the same object within their RKE2 clusters, leading to inconsistencies and potential operational issues.

Resolution

The issue is resolved in version 6.0.0 and later of the rancher2 Terraform provider. Furthermore, the fix has been backported to earlier versions, so upgrading to the latest patch release of your current minor version may also resolve the issue.

Therefore the most reliable fix is to upgrade to the latest rancher2 provider. To upgrade, please modify your terraform configuration to define the proper version:

terraform {
  required_providers {
    rancher2 = {
      source  = "rancher/rancher2"
      version = ">= 6.0.0" # Specify the desired version
    }
  }
}

Cause

Both the configuration drift and duplicate object creation issues are caused by bugs in versions of the rancher2 Terraform provider prior to 6.0.0.

  • The provider incorrectly handles the dynamic attribute within the machine_selector_files block, leading to the persistent configuration drift. The core issue is a mismatch between the cluster API's default value for the dynamic attribute (which is false) and the Terraform provider's default (which was set to true in older versions). This discrepancy leads to the persistent configuration drift.
  • The provider also suffers from issues that result in the creation of duplicate objects, potentially due to incorrect state management or resource handling.

These problems are tracked in the following GitHub issue:

https://github.com/rancher/terraform-provider-rancher2/issues/1426

Status

Top Issue

Additional Information

https://github.com/rancher/terraform-provider-rancher2/pull/1427

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000021739
  • Creation Date: 17-Mar-2025
  • Modified Date:07-Apr-2025
    • SUSE Rancher

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community
tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

Support FAQ
tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center