WingNews logo WingNews
top | item 20092481

(no title)

aeijdenberg | 6 years ago

We use Terraform a lot too - and most of the time it's great, but not infallible.

Our team managed to screw-up some pretty major DNS due to a valid terraform plan that looked OK, but in reality then deleted a bunch of records, before failing (for some reason I can't remember) before it could create new ones.

And of course, we forgot that although we had shortened TTL on our records, the TTL on the parent records that I think get hit when no records are found were much longer, so we had a real bad afternoon. :)

discuss

order

navaati|6 years ago

> but in reality then deleted a bunch of records, before failing […] before it could create new ones.

    lifecycle {
      create_before_destroy = true
    }
may be your friend :) (not sure if applicable though)