I began using Terraform specifically for building App Segments several months ago when my client asked me to add about 300 servers and I’ve stuck with it and expanded use because it’s just so good at managing things like this.
However, I’ve recently been running into issues where terraform apply results in overlapping port errors every time I run it for app segments. Typically, this would mean that I actually had an overlapping server name, not ports, but I pored over everything and had no overlapping server names and eventually got so frustrated to a point the other week where I simply blew everything away and re-imported it all into state. I was able to then push changes to the imported items for that day, but it stopped working again the next day. This is happening on all of my computers (macOS 13.0, Linux Pop!_OS 22.04, and Windows 10 Pro 22H1). I have everything stored in a GitLab project so I am always working from the same workset.
I tried downgrading back to provider 2.3.2, but this did not help. Has anyone else run into this?
Hi @dan.carlson.
By default, ZPA does not allow the use of the same FQDN/IP and ports across multiple application segments. Until v2.3.2 of the Terraform plugin, the the ZPA API would return an error about TCP port overlap. The new v2.4.0 plugin validates that before submitting the request; however, an issue has been identified and is currently being addressed and a fix will be released in the next few days as part of the v2.4.1 release.
In the meantime, I recommend to downgrade to 2.3.2 and ensure there are not repeated FQDNS/port combinations across multiple application segments.
I am definitely sure I don’t have any overlapping server/port combos, so I’m glad the issue with validation is being fixed. I will keep my eyes out for 2.4.1.
Hi @dan.carlson Can you give it a go with the v2.4.1?
I just put out a release that fixes this problem and I tested using the same configuration files you provided. Let me know if there are still any issues.