#terraform-0_12 (2019-10)
Discuss upgrading to terraform 0.12
Archive: https://archive.sweetops.com/terraform-0_12/
2019-10-01
That’s so awsome @Andriy Knysh (Cloud Posse) Thanks!
this is a very interesting article https://kubedex.com/90-days-of-aws-eks-in-production
the additional settings it describes can be set here
When you create an EKS cluster, the user that actually creates the cluster is the only one that can access the cluster by default. Even IAM Administrator users can't login. This seems to be due to the way AWS bootstraps the cluster behind the scenes in AWS-land. Once the cluster is up, you can add users as per normal as you might in any Kubernetes setup.
My recommendation, in a production environment, to use an IAM role to create the cluster.
which you can do here https://github.com/cloudposse/terraform-aws-eks-cluster/blob/master/variables.tf#L126
2019-10-02
Hi, does anybody know a Ruby hack/gem to load HCL2 files into a ruby objects?
Hi, I was trying to dynamically create some resources in 0.12 and I I do not know if this is possible :
resource "aws_vpc_endpoint_route_table_association" "main_us_east_2" {
count = length(local.private_subnet_ids_us_east_2)
route_table_id = HERE I need the route _table_id for the subnet_id[count.index]
vpc_endpoint_id = aws_vpc_endpoint.s3_us_east_2.id
provider = aws.primary
}
is it possible to do something like that ? like an inline data resource lookup ?
Exactly what I need, thanks @Andriy Knysh (Cloud Posse)
2019-10-03
Create Jenkinsfile to deploy UI code to S3 bucket. Any help ?
you need to use something like withAws jenkins plugin and then the aws s3 sync command, there is many examples out there on how to do this
Is it possible in 0.12 to create resources in two regions without having to run TF twice passing the region as a var ?
like provider = [ aws.primary, aws.secondary]
create two providers with two diff regions, then create two resources each using a diff provider
I have that already
I was hoping to do something more dynamic
like a for loop
but I think is cleaner to just run an create one region at a time
2019-10-08
Lookin for a terraform Module For - RDS- Instance Configuration : SQL Server Standard 2017, 2017 v14
2019-10-09
Hi @all
I’m wondering how to deal with terraform 0.12 update.
Say I have 3 terraform repositories, A, B and …tadam : C! Both B & C rely on A states (mututlizaton of some components) /——–B A ——/ -——— C
(Please note my graphical skills )
All repositories are in terraform 0.11. What would be the best way to achieve that (and avoid conflicts) ? Can I simply update B then A and C ? Or should I take care about a particular order ?
Is it possible to do it in multiple time ? like doing repo A first while still updating repos B and C (so a 0.11 repo references a 0.12 state), then deal with others repos few weeks/months later.
The main point is that I would avoid any compatibility issue
Any advice is welcome :)
I’m not an expert, but I think the safest option is big bang - move everything at once. However I would be very happy if someone corrected me
@Gocho I think @Erik Osterman (Cloud Posse)’s advice in #terraform was already correct, to first migrate to the latest minor of 0.11 then to 0.12
As long as you have backup of the state and you don’t make any actual changes as in adding or updating resources you should be safe.
I think terraform is a bit more flexible now and has build in backwards compatibility so the following is not applicable.. but when it really comes to remote state and order of applying new versions, I remember that with the upgrade of I think terraform 0.9 to first do A, and then B, C. This way the remote state A is updated, and when B and C are ran they understand the remote state of A. Good luck.
2019-10-10
2019-10-17
Is there a good pattern for overriding input variables
For example, if I have a big map as a default variable on the module, and I want to provide an override to a part of that map, instead of giving the whole list in?
you can make the var an object with specified item types. For those items that you don’t want to provide a specific type, you can use any. For default values that you don’t want to specify, you can use null
in this case you could provide a part of object as input with only the necessary fields specified
2019-10-18
2019-10-28
In the dynamic content block, any ideas on how to add if-else condition ?
many ways of doing it, one example https://github.com/cloudposse/terraform-aws-ecs-alb-service-task/blob/master/main.tf#L247
(for_each can iterate not only over the existing collection, but over a sequence you create using some expressions)
Thanks @Andriy Knysh (Cloud Posse) , I am looking for something like for_each = [for s in [{“name”<i class=”em em-“abc”},{“name””></i>“xyz”}] if(s.name==abc) {content {…}} if(s.name=xyz) {content{..}}
dynamic "..." {
for_each = [for s in [...]: s if s.name=="abc"]
content {
}
}
dynamic "..." {
for_each = [for s in [...]: s if s.name=="xyz"]
content {
}
}
but if content is the same for thhe two dynamic blocks, then you can check the condition in the content values
dynamic "block" {
for_each = [...]
content {
a = block.value.name == "abc" ? "a1" : "a2"
}
}
Thanks a lot @Andriy Knysh (Cloud Posse)
What is the variable type for this kind of data in terraform? security_group_rules:
- from_port: 49152 to_port: 65535 protocol: tcp source: [10.0.0.0/8,172.16.0.0/12,192.168.0.0/16]
- from_port: 0 to_port: 0 protocol: “-1” source: [10.0.0.0/8,172.16.0.0/12,192.168.0.0/16]
- from_port: 53 to_port: 53 protocol: udp source: source: [10.0.0.0/8,172.16.0.0/12,192.168.0.0/16]
list(object({
from_port = number
to_port = number
protocol = string
source = list(string)
})
2019-10-29
Thank you.
new gotcha introduced in tf 0.12.11… bummed. i really was liking the ability to use the 0-index everywhere to reference attributes of optional resources… linking straight to the workaround: https://github.com/hashicorp/terraform/issues/23222#issuecomment-547462883
yes, terraform 0.12upgrade converts everything to using [0] to get the item from an array
we always convert it to use splat+join like in join("", random_pet.this.*.id)
i liked that it was returned as null in tf <0.12.11 oh well
@Andriy Knysh (Cloud Posse) I’m trying the new version : https://github.com/cloudposse/terraform-aws-ecs-alb-service-task?ref=0.17.0 and I’m setting a ALB so I added this :
ecs_load_balancers = [
{
container_name = module.webworker_server_label.id
container_port = var.container_port
target_group_arn = local.alb_default_target_group_arn
}
that is how is supposed to look like ?
ecs_load_balancers = [
{
container_name = module.webworker_server_label.id
container_port = var.container_port
target_group_arn = local.alb_default_target_group_arn
elb_name = null
}
set elb_name to null since it’s in the var definition, but is not required for ALB
elb_name - (Required for ELB Classic) The name of the ELB (Classic) to associate with the service.
target_group_arn - (Required for ALB/NLB) The ARN of the Load Balancer target group to associate with the service.
got it working
awesome
I had a bit of trouble with the autoscaling group module
block_device_mappings = [
{
device_name = var.device_name
no_device = false
virtual_name = var.device_name
ebs = {
delete_on_termination = true
encrypted = true
iops = 0
snapshot_id = ""
kms_key_id = data.aws_kms_key.cluster.arn
volume_size = var.volume_size
volume_type = var.volume_type
}
}
]
after many iterations
was was the problem you had?
I’m just getting used to the new object types
so I was doing some 0.11 things
left over from the upgrade to 0.12
doing things like :
ebs = [{
volume_size = var.volume_size
volume_type = var.volume_type
}]