Upgrade Universal Installer 0.2 to 0.3
This guide helps you upgrading Universal Installer 0.2 to 0.3 to support terraform 0.12 With this guide we assume you’re running a DC/OS cluster similar to our example in the docs. More complex setup might need more care. But the here mentioned changes should also apply. Before doing this on your production cluster you should setup a test cluster in a similar way to make sure changes won’t render your cluster unresponsive.
Preparation
Ideally you should use tfenv to switch between terraform versions but you can also do it by yourself. so tfenv use 0.12.25 means you need to replace your 0.11 terraform version with 0.12.25 We assume you’re using a clusters main.tf similar to this:
provider "google" {}
# Used to determine your public IP for forwarding rules
data "http" "whatismyip" {
url = "http://whatismyip.akamai.com/"
}
locals {
cluster_name = "generic-dcos-ee-demo"
}
module "dcos" {
source = "dcos-terraform/dcos/azurerm"
version = "~> 0.2.0"
providers = {
google = "google"
}
location = "West US"
cluster_name = "${local.cluster_name}"
ssh_public_key_file = "~/.ssh/id_rsa.pub"
admin_ips = ["${data.http.whatismyip.body}/32"]
num_masters = 1
num_private_agents = 2
num_public_agents = 1
dcos_instance_os = "centos_7.6"
dcos_variant = "ee"
dcos_version = "2.2"
dcos_license_key_contents = "${file("~/license.txt")}"
# provide a SHA512 hashed password, here "deleteme"
dcos_superuser_password_hash = "$6$rounds=656000$YSvuFmasQDXheddh$TpYlCxNHF6PbsGkjlK99Pwxg7D0mgWJ.y0hE2JKoa61wHx.1wtxTAHVRHfsJU9zzHWDoE08wpdtToHimNR9FJ/"
dcos_superuser_username = "demo-super"
}
output "masters_dns_name" {
description = "This is the load balancer address to access the DC/OS UI"
value = "${module.dcos.masters-loadbalancer}"
}
Make sure you’re using the latest modules and your state is properly updated:
$ terraform init -upgrade
$ terraform apply
main.tf
into 0.12
Translate terraform 0.11 Now we switch to terraform 0.12.25 which offers us an option to translate terraform 0.11 code into terraform 0.12 code
$ tfenv install 0.12.25
$ tfenv use 0.12.25
Translate into 0.12 code
$ terraform 0.12upgrade
You must change the module version to 0.3.0:
change:
version = "~> 0.2.0"
to:
version = "~> 0.3.0"
First we upgrade our modules to Universal Installer 0.3 ( version change from above)
$ terraform init -upgrade
not every option might be properly translated. Lets check if our main.tf is valid.
$ terraform validate
A known issue is the providers part:
providers = {
google = "google"
}
it should look like this:
providers = {
google = google
}
the important part is that the provider reference must be without quotes ("") You can find more information about tf 0.11 to 0.12 upgrade here: https://www.terraform.io/upgrade-guides/0-12.html
Start the upgrade procedure
Now we apply the new modules to our previous terraform state.
We need to let terraform run on everything except load balancers
Due to a needed change in the way the load balancer module is being used we must exclude it from the first apply:
$ terraform apply $(terraform state list | grep -v module.dcos-forwarding-rules | xargs printf -- '-target %s ')
We expect changes to ...
and `…``
After this was successful most of the infrastructure is updated
Import forwarding rules in the new format.
The forwarding rules module had quite some changes about its addressing. Therefore we now need to create import statements from the current state, drop the old state for load balancer rules and reimport them into terraform.
$ terraform state pull | jq -r '.resources[] | select(.module != null) |select(.module|startswith("module.dcos.module.dcos-infrastructure.module.dcos-forwarding-rules")) | select(.type=="google_compute_forwarding_rule")| . as $i | .instances[] | .attributes_flat as $ attr | .attributes_flat.port_range|split("-") | "terraform import \""+$i.module+"."+$i.type+"."+$i.name+"[\\\"" + if (.[0] == .[1]) then .[0] else .|join("-") end +"\\\"]" +"\" \"" + $attr.id + "\""' > import_rules.sh
In the next step we will drop the complete state for these load balancers. We must make sure that the previous commands ran successfully and stored the forwarding rules.
In our example this looks like this:
$ cat import_rules.sh
terraform import "module.dcos.module.dcos-infrastructure.module.dcos-forwarding-rules.module.dcos-forwarding-rule-masters.module.dcos-forwarding-rule-masters.google_compute_forwarding_rule.forwarding_rule_config[\"80\"]" "m-generic-dcos-ee-demo-80"
[...]
Our file has this amount of command lines:
$ wc -l import_rules.sh
4 import_rules.sh
The numbers might differ on your infrastructure if you use additional ports. Before we import these resources again we will drop state for the load balancer rules:
for addr in $(terraform state pull | jq -r '.resources[] | select(.module != null) |select(.module|startswith("module.dcos.module.dcos-infrastructure.module.dcos-forwarding-rules")) | select(.type=="google_compute_forwarding_rule")| . as $i | .instances[] | $i.module+"."+$i.type+"."+$i.name+(if .index_key == null then "" else "["+(.index_key|tostring)+"]" end)'); do terraform state rm "${addr}";done
After dropping the state we import the load balancer rules into our new format
bash -x ./import_rules.sh
After this is finished we need to run a final apply as in the new format terraform needs to create some security rules:
$ terraform apply
from now on terraform plan
should not show any additional changes.