Private network creation with Terraform on OVH's Openstack

Question

I'm trying to deploy some Openstack instances on OVH's Public Cloud using Terraform. The point is (for now) to have two instances on two networks. Each instance should have an external IP address (which isn't a problem) and a internal IP address on a private network (which causes me troubles).

My terraform file is :

resource "openstack_compute_keypair_v2" "keypair" {
  provider   = "openstack.ovh"
  name       = "jpin"
  public_key = "${file("~/.ssh/id_rsa.pub")}"
  region     = "GRA3"
}

resource "openstack_networking_network_v2" "network_1" {
  provider       = "openstack.ovh"
  name           = "network_1"
  admin_state_up = "true"
  region         = "GRA3"
}

resource "openstack_networking_subnet_v2" "subnet_1" {
  provider    = "openstack.ovh"
  name        = "subnet_1"
  network_id  = "${openstack_networking_network_v2.network_1.id}"
  cidr        = "192.168.199.0/24"
  ip_version  = 4
  region      = "GRA3"
  enable_dhcp = true
}

resource "openstack_networking_port_v2" "port_1" {
  provider       = "openstack.ovh"
  name           = "port_1"
  network_id     = "${openstack_networking_network_v2.network_1.id}"
  admin_state_up = "true"
  region         = "GRA3"

  fixed_ip {
    "subnet_id" = "${openstack_networking_subnet_v2.subnet_1.id}"
  }
}

resource "openstack_networking_port_v2" "port_2" {
  provider       = "openstack.ovh"
  name           = "port_2"
  network_id     = "${openstack_networking_network_v2.network_1.id}"
  admin_state_up = "true"
  region         = "GRA3"

  fixed_ip {
    "subnet_id" = "${openstack_networking_subnet_v2.subnet_1.id}"
  }
}

resource "openstack_compute_instance_v2" "instance_1" {
  provider        = "openstack.ovh"
  name            = "instance_1"
  security_groups = ["default"]
  region          = "GRA3"
  key_pair        = "${openstack_compute_keypair_v2.keypair.name}"
  flavor_name     = "s1-2"
  image_name      = "Debian 8 - Docker"

  network = [
    {
      name = "Ext-Net"
    },
    {
      port = "${openstack_networking_port_v2.port_1.id}"
    },
  ]
}

resource "openstack_compute_instance_v2" "instance_2" {
  provider        = "openstack.ovh"
  name            = "instance_2"
  security_groups = ["default"]
  region          = "GRA3"
  key_pair        = "${openstack_compute_keypair_v2.keypair.name}"
  flavor_name     = "s1-2"
  image_name      = "Debian 8 - Docker"

  network {
    port = "${openstack_networking_port_v2.port_2.id}"
  }
}

The

{
  name = "Ext-Net"
},

part allows me to connect the instance to the outside world. My two instances should have IP addresses in the 192.168.199.0/24 network, but they don't. They don't have IP addresses nor routes to communicates into this network. But I know that they have the appropriate IP addresses :

On that screenshot, instance_1 is well connected to the outside (as expected). instance_1 and instance_2 both have an private IP address. But :

root@instance-1:~# ip a
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether fa:16:3e:b1:7c:ae brd ff:ff:ff:ff:ff:ff
    inet 145.239.XXX.YY/32 brd 145.239.XXX.YY scope global eth0
       valid_lft forever preferred_lft forever

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether fa:16:3e:6a:87:8e brd ff:ff:ff:ff:ff:ff

eth1 does not have that IP address (192.168.199.2 or .3). And there is no route to the 192.168.199.0/24 subnet.

Answer 1

After a few days, everything worked. Despite what the provider's support is saying, it appears to be a bug : I didn't change anything and it worker suddenly out of nowhere.

EDIT: After a few weeks, I ended up with the following code :

Careful with copy/pasting, my compute_instance is in a module, thus all those var

resource "ovh_publiccloud_private_network" "network" {
  provider   = "ovh.ovh"
  project_id = "${var.tenant_id}"
  name       = "Private Network"
  regions    = "${values(var.regions)}"
}

resource "ovh_publiccloud_private_network_subnet" "subnet" {
  provider   = "ovh.ovh"
  project_id = "${var.tenant_id}"
  network_id = "${element(ovh_publiccloud_private_network.network.*.id, count.index)}"

  start   = FIRST_PRIVATE_IP
  end     = LAST_PRIVATE_IP
  network = PRIVATE_SUBNET

  count      = "${length(var.regions)}"
  region     = "${element(values(var.regions), count.index)}"
}

resource "openstack_compute_instance_v2" "compute_instance" {
  provider            = "openstack.ovh"
  region              = "${var.region_id}"
  key_pair            = "${var.keypair}"
  flavor_name         = "${var.instance_flavor}"
  image_name          = "${var.instance_image}"

  network = [
    {
      name = "Ext-Net"
    },
    {
      name        = "${var.private_network}"
      fixed_ip_v4 = MY_PRIVATE_IP
    },
  ]
}

I'm not using port anymore. The choice to stop using port isn't related to that issue.

Since Debian 9, the instance might try to configure the private interface as the interface to reach the Internet. Which won't work.