-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependency stacks cause update failure #3414
Comments
Observing similar behaviour with python based CDK, where I went for the Cfn* set of resources (for pure experimentation purposes):
The dependency has been declared - stack-lab-ecc depends on stack-lab-edu2. When EC2 is commented out (diff): The deploy fails trying to delete the subnet export from the first stack BEFORE deleting the EC2 instance from the second: Why: CDK CLI Version: 1.3.0 Python: |
@rix0rrr this is the issue I meant. My current workaround for this is to create a "dummy" resource and attach the dependencies to that dummy resource. Something like this:
|
I'm encountering this as well, but with trying to update dependent stacks. In one example of my use case, I'm trying to separate the creation of ECS tasks from services. Ideally, I'd like to be able to destroy a service, without destroy the corresponding task (and its history). By placing tasks and services in separate stacks, and just passing the relevant ref/arn information between stacks, I can accomplish destroying a service without the destroying the task, but I can't update the task stack, since I'm blocked by the "in use by services" error. That's just one example. Overall, it helps from a code organization and re-usability standpoint for complex builds to separate and consolidate the creation of stacks according to the resources built. But the "in-use" dependency creates the need to consolidate complex builds into a single long, complex stack, with components that can't be reused, to ensure each component can be updated. |
A little more information on the above... I'm using Cfn functions almost entirely, as the default VPC creates a decidedly expensive (for my purposes, anyway) arrangement, and follow up components expect that default VPC. I connect stacks, notably almost everything shares the CfnVPC I created, using the "Accessing Resources in a Different Stack" method outlined here: https://docs.aws.amazon.com/cdk/latest/guide/resources.html In that section, it details that the method uses "ImportValue" to transfer information across stacks. However, when making changes to a "child" stack which is exported, I run into the issue outlined here: https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-stack-export-name-error/ In that article, it essentially says you should replace the ImportValue function with direct resource references. I may be missing something, but it doesn't seem possible to create a cross-stack CDK that outputs the imported value instead of the ImportValue function. |
see #4014 for a feature request regarding that would solve this issue |
This bug is caused by the automatic dependency resolution mechanism in the CDK CLI, which means that when you update This will fail if you at the same time add something to The proper way to solve all problems like this is to use Not sure what should actually be done about this in CDK - one solution would be to just add a note when a stack update fails to an export being used that "perhaps try updating stack with |
Same as #7602 |
My two cents:
|
@nakedible given This seems to be the most basic feature of dependencies. :/ |
As @nakedible said, one of the workarounds is splitting the deploy into two steps. The # first step will remove the usage of the export
cdk deploy --exclusively SecondStack
# second step can now remove the export
cdk deploy --all |
I created the following script to help automate the process. It phases out the exports in two deployments. On the first deployment it restores any removed exports but marks them to be removed. This allows the first deployment to safely remove its usage. On the second deployment the script actually removes the exports after no other stack is using them. To use the script you have to separate the synth and deploy steps and run the script in between them.
It requires permissions to read the stack, so it will probably not work well with cross-account deployments.
|
|
This explains the problem and solution very nicely. |
This was usefull for me. In my case I was using CDK and wanted to remove one stack (lets say stackA) with outputs referenced as input in another stacks (lets say stackB and stackC). So I broke all cross stack references puting the value manually on the cloudFormation template and then I deployed the template to every stack (stackB and stackC). Then I removed the stackA on CDK and deployed and it was successful. |
While I recognize that there is a solution for this, it still feels like a workaround rather than the library working as expected. In CICD pipelines where the deployments are more rigid, it's awkward for developers to keep track of this and prepare PRs specifically to address this problem before merging the real PRs with their desired updates. The current approach feels too aggressive in removing the OutputValue from To me, it makes more sense for CDK to be lazier and simply leave the Suggested workflow where developers intuitively work with StackB's dependency on StackA: Day 1
Day 2
Day 2 or 3 or 74
Not sure if others are more comfortable with the current solution, but I still spend a lot of time thinking about these cross-stack dependencies due to this issue and I don't fully understand why the above flow isn't the standard behavior. |
Note: for support questions, please first reference our documentation, then use Stackoverflow. This repository's issues are intended for feature requests and bug reports.
I'm submitting a ...
What is the current behavior?
If the current behavior is a 🪲bug🪲: Please provide the steps to reproduce
This causes a dependency via stack output. When I decide not to use construct_from_stack_1 anymore (by deleting its usage from stack_2), the stack_2 fails to update - for instance:
Looks like CDK tries to delete resource in wrong order - starting from the output first rather than its usage in dependent stacks and then from the souce stack itself.
What is the expected behavior (or behavior of feature suggested)?
Update removes resources that are no longer used
What is the motivation / use case for changing the behavior or adding this feature?
Life-time dependecies are created which prevents dependent stacks from being updated.
Please tell us about your environment:
Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. associated pull-request, stackoverflow, gitter, etc)
The text was updated successfully, but these errors were encountered: