Azure provider: blob lease conflict when reprovisioning instances

[keymon]

With azure provide, when you taint an instance and apply terraform again
(so it destroys and creates the instance again), the creation process will
likely fail with the following error: A lease conflict occurred with the blob http://... (see below for all output).

Reruning after a while works.

I suspect it is because these resources (disk, in this case) are freed asynchronously, and an immediatelly.

Full error output:

$ terraform taint azure_instance.bastion
$?=1 12:00:06 (feature/101030380_bosh_on_azure ?:4 ✗) rb:2.1.1 
[email protected]:~/gds/cf-terraform/azure$ terraform apply -var env=hectorjimazure 
azure_instance.bastion: Refreshing state... (ID: hectorjimazure-cf-bastion)
azure_hosted_service.bastion: Refreshing state... (ID: hectorjimazure-cf-bastion-service)
azure_storage_service.cf-storage: Refreshing state... (ID: hectorjimazurecfstorage)
azure_virtual_network.default: Refreshing state... (ID: hectorjimazure-default-network)
azure_instance.bastion: Destroying...
azure_instance.bastion: Creating...
  automatic_updates:                "" => "0"
  description:                      "" => "<computed>"
  endpoint.#:                       "" => "1"
  endpoint.2462817782.name:         "" => "SSH"
  endpoint.2462817782.private_port: "" => "22"
  endpoint.2462817782.protocol:     "" => "tcp"
  endpoint.2462817782.public_port:  "" => "22"
  hosted_service_name:              "" => "hectorjimazure-cf-bastion-service"
  image:                            "" => "Ubuntu Server 14.04 LTS"
  ip_address:                       "" => "<computed>"
  location:                         "" => "West Europe"
  name:                             "" => "hectorjimazure-cf-bastion"
  security_group:                   "" => "<computed>"
  size:                             "" => "Basic_A0"
  ssh_key_thumbprint:               "" => "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
  storage_service_name:             "" => "hectorjimazurecfstorage"
  subnet:                           "" => "hectorjimazure-cf-bastion"
  username:                         "" => "ubuntu"
  vip_address:                      "" => "<computed>"
  virtual_network:                  "" => "hectorjimazure-default-network"
Error applying plan:

1 error(s) occurred:

* azure_instance.bastion: Error waiting for instance hectorjimazure-cf-bastion to be created: Error response from Azure. Code: BadRequest, Message: A lease conflict occurred with the blob http://hectorjimazurecfstorage.blob.core.windows.net/vhds/hectorjimazure-cf-bastion.vhd.

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure

Code Example (copied and adapted from here, not really tested):

resource "azure_virtual_network" "bastion" {
  name = "bastion-network"
  address_space = ["10.0.0.0/16"]
  location = "West Europe"

  subnet {
    name = "bastion-subnet"
    address_prefix = "10.0.0.0/24"
  }
}

resource "azure_storage_service" "cf-storage" {
    name = "storage"
    location = "West Europe"
    description = "Default storage for CF installation"
    account_type = "Standard_LRS"
}


resource "azure_hosted_service" "bastion" {
    name = "bastion-hosted-service"
    location = "West Europe"
    ephemeral_contents = false
    description = "Hosted service for the bastion host."
    label = "cf-bastion-hs-01"
}

resource "azure_instance" "bastion" {
  name = "bastion"
  hosted_service_name = "${azure_hosted_service.bastion.name}"
  depends_on = "azure_hosted_service.bastion"
  depends_on = "azure_virtual_network.bastion"
  depends_on = "azure_storage_service.cf-storage"
  image = "Ubuntu Server 14.04 LTS"
  size = "Basic_A3"
  storage_service_name = "hoststorage"
  location = "West Europe"
  virtual_network = "bastion-network"
  subnet = "bastion-subnet"

  username = "${var.ssh_user}"
  ssh_key_thumbprint = "..."

}

[spuder]

+1

I can reproduce by adding the line virtual_network = "mail-network" which causes terraform to destroy and recreate the VM. Azure then throws this error. If I immediately run terraform apply again, it works.

A simple retry option would be great for working around this.

provider "azure" {
  settings_file = "${file("credentials.publishsettings")}"
}

resource "azure_hosted_service" "terraform-service" {
    name = "netdocsmail"
    location = "West US"
    ephemeral_contents = false
    description = "foo Mail created by Terraform."
    label = "foo Mail"
}

resource "azure_storage_service" "ndmailstorage1" {
  name = "ndmailstorage1"
  location = "West US"
  description = "Made by Terraform"
  account_type = "Standard_GRS"
}

resource "azure_storage_container" "stor-cont" {
  name = "ndstorage"
  container_access_type = "container"
  storage_service_name = "${azure_storage_service.ndmailstorage1.name}"
}

resource "azure_virtual_network" "mail-network" {
  "name" = "mail-network"
  address_space = ["172.16.0.0/24"]
  location = "West US"
  subnet {
     "name" = "subnet1"
     "address_prefix" = "172.16.0.0/28"
  }
  #TODO how do you set a Resource Group? It is required
}

resource "azure_instance" "web01" {
  name = "nd-mail01"
  hosted_service_name = "${azure_hosted_service.terraform-service.name}"
  image = "Windows Server 2012 R2 Datacenter, August 2015"
  // size = "Large" #A3
  size = "Small"
  storage_service_name = "ndmailstorage1"
  location = "West US"
  time_zone = "America/Denver"
  username = "terraform"
  password = "correct-horse-battery-staple"
  virtual_network = "mail-network"
  subnet = "subnet1"
}

[aznashwan]

@keymon @spuder: thanks a lot for the detailed bug reports!

This issue has been resolved in #3695

[kbxkb]

Tested, working

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.