Migrate from Terraform v0.12.x to v0.13.x

* Recommend Terraform v0.13.x
* Support automatic install of poseidon's provider plugins
* Update tutorial docs for Terraform v0.13.x
* Add migration guide for Terraform v0.13.x (best-effort)
* Require Terraform v0.12.26+ (migration compatibility)
* Require `terraform-provider-ct` v0.6.1
* Require `terraform-provider-matchbox` v0.4.1
* Require `terraform-provider-digitalocean` v1.20+

Related:

* https://www.hashicorp.com/blog/announcing-hashicorp-terraform-0-13/
* https://www.terraform.io/upgrade-guides/0-13.html
* https://registry.terraform.io/providers/poseidon/ct/latest
* https://registry.terraform.io/providers/poseidon/matchbox/latest
This commit is contained in:
Dalton Hubble 2020-08-10 21:02:56 -07:00
parent aab071309f
commit 5e70d7e2c8
39 changed files with 421 additions and 212 deletions

View File

@ -4,6 +4,14 @@ Notable changes between versions.
## Latest
* Migrate from Terraform v0.12.x to v0.13.x (action required)
* Recommend Terraform v0.13.x ([migration guide](https://github.com/poseidon/typhoon/blob/260033e978f03d068b79e553e7c428a64b22a475/docs/topics/maintenance.md#terraform-versions))
* Support automatic install of poseidon's provider plugins
* [poseidon/ct](https://registry.terraform.io/providers/poseidon/ct/latest)
* [poseidon/matchbox](https://registry.terraform.io/providers/poseidon/matchbox/latest)
* Require Terraform v0.12.26+ (migration compatibility)
* Require `terraform-provider-ct` v0.6.1
* Require `terraform-provider-matchbox` v0.4.1
* Update etcd from v3.4.9 to [v3.4.10](https://github.com/etcd-io/etcd/releases/tag/v3.4.10)
* Update CoreDNS from v1.6.7 to [v1.7.0](https://coredns.io/2020/06/15/coredns-1.7.0-release/)
* Update Cilium from v1.8.1 to [v1.8.2](https://github.com/cilium/cilium/releases/tag/v1.8.2)
@ -17,6 +25,11 @@ Notable changes between versions.
* Recommend updating `terraform-provider-aws` to v3.0+
* Continue to allow v2.23+, no v3.x specific features are used
### DigitalOcean
* Require `terraform-provider-digitalocean` v1.21+ for Terraform v0.13.x (unenforced)
* Require `terraform-provider-digitalocean` v1.20+ for Terraform v0.12.x
### Fedora CoreOS
* Fix support for Flannel with Fedora CoreOS ([#795](https://github.com/poseidon/typhoon/pull/795))

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,11 +1,15 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
aws = ">= 2.23, <= 4.0"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,9 +1,14 @@
# Terraform version and plugin versions
terraform {
required_version = ">= 0.12"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
aws = ">= 2.23, <= 4.0"
ct = "~> 0.4"
template = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,11 +1,15 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
aws = ">= 2.23, <= 4.0"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,9 +1,14 @@
# Terraform version and plugin versions
terraform {
required_version = ">= 0.12"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
aws = ">= 2.23, <= 4.0"
ct = "~> 0.4"
template = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,12 +1,16 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
azurerm = "~> 2.8"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,4 +1,14 @@
# Terraform version and plugin versions
terraform {
required_version = ">= 0.12"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
azurerm = "~> 2.8"
template = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,12 +1,16 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
azurerm = "~> 2.8"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,4 +1,14 @@
# Terraform version and plugin versions
terraform {
required_version = ">= 0.12"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
azurerm = "~> 2.8"
template = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]

View File

@ -1,12 +1,20 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
matchbox = "~> 0.3"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
matchbox = {
source = "poseidon/matchbox"
version = "~> 0.4.1"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [var.k8s_domain_name]

View File

@ -1,11 +1,19 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
matchbox = "~> 0.3"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
matchbox = {
source = "poseidon/matchbox"
version = "~> 0.4.1"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,12 +1,20 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
digitalocean = "~> 1.16"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 1.20"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,12 +1,20 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
digitalocean = "~> 1.16"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 1.20"
}
}
}

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* AWS Account and IAM credentials
* AWS Route53 DNS Zone (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -49,13 +41,23 @@ Configure the AWS provider to use your access key credentials in a `providers.tf
```tf
provider "aws" {
version = "3.1.0"
region = "eu-central-1"
shared_credentials_file = "/home/user/.config/aws/credentials"
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
aws = {
source = "hashicorp/aws"
version = "3.1.0"
}
}
}
```

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* Azure account
* Azure DNS Zone (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -47,11 +39,22 @@ Configure the Azure provider in a `providers.tf` file.
```tf
provider "azurerm" {
version = "2.22.0"
features {}
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
azurerm = {
source = "hashicorp/azurerm"
version = "2.22.0"
}
}
}
```

View File

@ -12,7 +12,7 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* PXE-enabled [network boot](https://coreos.com/matchbox/docs/latest/network-setup.html) environment (with HTTPS support)
* Matchbox v0.6+ deployment with API enabled
* Matchbox credentials `client.crt`, `client.key`, `ca.crt`
* Terraform v0.12.6+, [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox), and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Machines
@ -107,27 +107,11 @@ Read about the [many ways](https://coreos.com/matchbox/docs/latest/network-setup
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-matchbox/releases/download/v0.3.0/terraform-provider-matchbox-v0.3.0-linux-amd64.tar.gz
tar xzf terraform-provider-matchbox-v0.3.0-linux-amd64.tar.gz
mv terraform-provider-matchbox-v0.3.0-linux-amd64/terraform-provider-matchbox ~/.terraform.d/plugins/terraform-provider-matchbox_v0.3.0
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -142,15 +126,25 @@ Configure the Matchbox provider to use your Matchbox API endpoint and client cer
```tf
provider "matchbox" {
version = "0.4.0"
endpoint = "matchbox.example.com:8081"
client_cert = file("~/.config/matchbox/client.crt")
client_key = file("~/.config/matchbox/client.key")
ca = file("~/.config/matchbox/ca.crt")
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
matchbox = {
source = "poseidon/matchbox"
version = "0.4.1"
}
}
}
```

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* Digital Ocean Account and Token
* Digital Ocean Domain (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -50,12 +42,22 @@ Configure the DigitalOcean provider to use your token in a `providers.tf` file.
```tf
provider "digitalocean" {
version = "1.20.0"
token = "${chomp(file("~/.config/digital-ocean/token"))}"
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
digitalocean = {
source = "digitalocean/digitalocean"
version = "1.22.1"
}
}
}
```

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* Google Cloud Account and Service Account
* Google Cloud DNS Zone (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -49,14 +41,24 @@ Configure the Google Cloud provider to use your service account key, project-id,
```tf
provider "google" {
version = "3.33.0"
project = "project-id"
region = "us-central1"
credentials = file("~/.config/google-cloud/terraform.json")
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
google = {
source = "hashicorp/google"
version = "3.33.0"
}
}
}
```

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* AWS Account and IAM credentials
* AWS Route53 DNS Zone (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -49,13 +41,23 @@ Configure the AWS provider to use your access key credentials in a `providers.tf
```tf
provider "aws" {
version = "3.1.0"
region = "eu-central-1"
shared_credentials_file = "/home/user/.config/aws/credentials"
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
aws = {
source = "hashicorp/aws"
version = "3.1.0"
}
}
}
```

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* Azure account
* Azure DNS Zone (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -47,11 +39,22 @@ Configure the Azure provider in a `providers.tf` file.
```tf
provider "azurerm" {
version = "2.22.0"
features {}
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
azurerm = {
source = "hashicorp/azurerm"
version = "2.22.0"
}
}
}
```

View File

@ -12,7 +12,7 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* PXE-enabled [network boot](https://coreos.com/matchbox/docs/latest/network-setup.html) environment (with HTTPS support)
* Matchbox v0.6+ deployment with API enabled
* Matchbox credentials `client.crt`, `client.key`, `ca.crt`
* Terraform v0.12.6+, [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox), and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Machines
@ -107,27 +107,11 @@ Read about the [many ways](https://coreos.com/matchbox/docs/latest/network-setup
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-matchbox](https://github.com/poseidon/terraform-provider-matchbox) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-matchbox/releases/download/v0.3.0/terraform-provider-matchbox-v0.3.0-linux-amd64.tar.gz
tar xzf terraform-provider-matchbox-v0.3.0-linux-amd64.tar.gz
mv terraform-provider-matchbox-v0.3.0-linux-amd64/terraform-provider-matchbox ~/.terraform.d/plugins/terraform-provider-matchbox_v0.3.0
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -142,15 +126,25 @@ Configure the Matchbox provider to use your Matchbox API endpoint and client cer
```tf
provider "matchbox" {
version = "0.4.0"
endpoint = "matchbox.example.com:8081"
client_cert = file("~/.config/matchbox/client.crt")
client_key = file("~/.config/matchbox/client.key")
ca = file("~/.config/matchbox/ca.crt")
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
matchbox = {
source = "poseidon/matchbox"
version = "0.4.1"
}
}
}
```

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* Digital Ocean Account and Token
* Digital Ocean Domain (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -50,12 +42,22 @@ Configure the DigitalOcean provider to use your token in a `providers.tf` file.
```tf
provider "digitalocean" {
version = "1.20.0"
token = "${chomp(file("~/.config/digital-ocean/token"))}"
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
digitalocean = {
source = "digitalocean/digitalocean"
version = "1.22.1"
}
}
}
```

View File

@ -10,23 +10,15 @@ Controller hosts are provisioned to run an `etcd-member` peer and a `kubelet` se
* Google Cloud Account and Service Account
* Google Cloud DNS Zone (registered Domain Name or delegated subdomain)
* Terraform v0.12.6+ and [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) installed locally
* Terraform v0.13.0+
## Terraform Setup
Install [Terraform](https://www.terraform.io/downloads.html) v0.12.6+ on your system.
Install [Terraform](https://www.terraform.io/downloads.html) v0.13.0+ on your system.
```sh
$ terraform version
Terraform v0.12.21
```
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
Terraform v0.13.0
```
Read [concepts](/architecture/concepts/) to learn about Terraform, modules, and organizing resources. Change to your infrastructure repository (e.g. `infra`).
@ -49,14 +41,24 @@ Configure the Google Cloud provider to use your service account key, project-id,
```tf
provider "google" {
version = "3.33.0"
project = "project-id"
region = "us-central1"
credentials = file("~/.config/google-cloud/terraform.json")
}
provider "ct" {
version = "0.5.0"
provider "ct" {}
terraform {
required_providers {
ct = {
source = "poseidon/ct"
version = "0.6.1"
}
google = {
source = "hashicorp/google"
version = "3.33.0"
}
}
}
```

View File

@ -134,9 +134,9 @@ The [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) p
Add the [terraform-provider-ct](https://github.com/poseidon/terraform-provider-ct) plugin binary for your system to `~/.terraform.d/plugins/`, noting the final name.
```sh
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.5.0-linux-amd64.tar.gz
mv terraform-provider-ct-v0.5.0-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.5.0
wget https://github.com/poseidon/terraform-provider-ct/releases/download/v0.5.0/terraform-provider-ct-v0.6.1-linux-amd64.tar.gz
tar xzf terraform-provider-ct-v0.6.1-linux-amd64.tar.gz
mv terraform-provider-ct-v0.6.1-linux-amd64/terraform-provider-ct ~/.terraform.d/plugins/terraform-provider-ct_v0.6.1
```
Binary names are versioned. This enables the ability to upgrade different plugins and have clusters pin different versions.
@ -147,8 +147,8 @@ $ tree ~/.terraform.d/
└── plugins
├── terraform-provider-ct_v0.2.1
├── terraform-provider-ct_v0.3.0
├── terraform-provider-ct_v0.5.0
└── terraform-provider-matchbox_v0.3.0
├── terraform-provider-ct_v0.6.1
└── terraform-provider-matchbox_v0.4.1
```
@ -157,7 +157,7 @@ Update the version of the `ct` plugin in each Terraform working directory. Typho
```
# providers.tf
provider "ct" {
version = "0.5.0"
version = "0.6.1"
}
```
@ -193,7 +193,7 @@ terraform apply
# add kubeconfig to new workers
terraform state list | grep null_resource
terraform taint -module digital-ocean-nemo null_resource.copy-worker-secrets[N]
terraform taint module.nemo.null_resource.copy-worker-secrets[N]
terraform apply
```
@ -203,17 +203,92 @@ Expect downtime.
Google Cloud creates a new worker template and edits the worker instance group instantly. Manually terminate workers and replacement workers will use the user-data.
## Terraform v0.12.x
## Terraform Versions
Terraform [v0.12](https://www.hashicorp.com/blog/announcing-terraform-0-12) introduced major changes to the provider plugin protocol and HCL language (first-class expressions, formal list and map types, nullable variables, variable constraints, and short-circuiting ternary operators).
Terraform [v0.13](https://www.hashicorp.com/blog/announcing-hashicorp-terraform-0-13) introduced major changes to the provider plugin system. Terraform `init` can automatically install both `hashicorp` and `poseidon` provider plugins, eliminating the need to manually install plugin binaries.
Typhoon modules have been adapted for Terraform v0.12. Provider plugins requirements now enforce v0.12 compatibility. However, some HCL language changes were breaking (list [type hint](https://www.terraform.io/upgrade-guides/0-12.html#referring-to-list-variables) workarounds in v0.11 now have new meaning). Typhoon cannot offer both v0.11 and v0.12 compatibility in the same release. Upcoming releases require upgrading Terraform to v0.12.
Typhoon modules have been updated for v0.13.x, but retain compatibility with v0.12.26+ to ease migration. Poseidon publishes [providers](/topics/security/#terraform-providers) to the Terraform Provider Registry for usage with v0.13+.
| Typhoon Release | Terraform version |
|-------------------|---------------------|
| ? | v0.13.x |
| ? | v0.12.26+, v0.13.x |
| v1.15.0 - ? | v0.12.x |
| v1.10.3 - v1.15.0 | v0.11.x |
| v1.9.2 - v1.10.2 | v0.10.4+ or v0.11.x |
| v1.7.3 - v1.9.1 | v0.10.x |
| v1.6.4 - v1.7.2 | v0.9.x |
### New Workspace
With a new Terraform workspace, use Terraform v0.13.x and the updated Typhoon [tutorials](/fedora-coreos/aws/#provider).
### Existing Workspace
An existing Terraform workspace may already manage earlier Typhoon clusters created with Terraform v0.12.x.
First, upgrade `terraform-provider-ct` to v0.6.1 following the [guide](#upgrade-terraform-provider-ct) above. As usual, read about how `apply` affects existing cluster nodes when `ct` is upgraded. But `terraform-provider-ct` v0.6.1 is compatible with both Terraform v0.12 and v0.13, so do this first.
```
provider "ct" {
version = "0.6.1"
}
```
Next, create Typhoon clusters using the `ref` that introduced Terraform v0.13 forward compatibility (SHA) or later. You will see a compatibility warning. Use blue/green cluster replacement to shift to these new clusters, then eliminate older clusters.
```
module "nemo" {
source = "git::https://github.com/poseidon/typhoon//digital-ocean/fedora-coreos/kubernetes?ref=SHA"
...
}
```
Install Terraform v0.13. Once all clusters in a workspace are on SHA or above, you are ready to start using Terraform v0.13.
```
terraform version
v0.13.0
```
Update `providers.tf` to match the Typhoon [tutorials](/fedora-coreos/aws/#provider) and use new `required_providers` block.
```
terraform init
terraform 0.13upgrade # sometimes helpful
```
!!! note
You will see `Could not retrieve the list of available versions for provider -/ct: provider`
In state files, existing clusters use Terraform v0.12 providers (e.g. `-/aws`). Pivot to Terraform v0.13 providers (e.g. `hashicorp/aws`) with the following commands, as applicable. Repeat until `terraform init` no longer shows old-style providers.
```
terraform state replace-provider -- -/aws hashicorp/aws
terraform state replace-provider -- -/azurerm hashicorp/azurerm
terraform state replace-provider -- -/google hashicorp/google
terraform state replace-provider -- -/digitalocean digitalocean/digitalocean
terraform state replace-provider -- -/ct poseidon/ct
terraform state replace-provider -- -/matchbox poseidon/matchbox
terraform state replace-provider -- -/local hashicorp/local
terraform state replace-provider -- -/null hashicorp/null
terraform state replace-provider -- -/random hashicorp/random
terraform state replace-provider -- -/template hashicorp/template
terraform state replace-provider -- -/tls hashicorp/tls
```
Finally, verify Terraform v0.13 plan shows no diff.
```
terraform plan
No changes. Infrastructure is up-to-date.
```
### v0.12.x
Terraform [v0.12](https://www.hashicorp.com/blog/announcing-terraform-0-12) introduced major changes to the provider plugin protocol and HCL language (first-class expressions, formal list and map types, nullable variables, variable constraints, and short-circuiting ternary operators).
Typhoon modules have been adapted for Terraform v0.12. Provider plugins requirements now enforce v0.12 compatibility. However, some HCL language changes were breaking (list [type hint](https://www.terraform.io/upgrade-guides/0-12.html#referring-to-list-variables) workarounds in v0.11 now have new meaning). Typhoon cannot offer both v0.11 and v0.12 compatibility in the same release. Upcoming releases require upgrading Terraform to v0.12.

View File

@ -72,6 +72,15 @@ Typhoon packages the [flannel-cni](https://github.com/poseidon/flannel-cni) cont
* [quay.io/poseidon/flannel-cni](https://quay.io/repository/poseidon/flannel-cni) (official)
## Terraform Providers
Typhoon publishes Terraform providers to the Terraform Registry, GPG signed by 0x8F515AD1602065C8.
| Name | Source | Registry |
|----------|--------|----------|
| ct | [github](https://github.com/poseidon/terraform-provider-ct) | [poseidon/ct](https://registry.terraform.io/providers/poseidon/ct/latest) |
| matchbox | [github](https://github.com/poseidon/terraform-provider-matchbox) | [poseidon/matchbox](https://registry.terraform.io/providers/poseidon/matchbox/latest) |
## Disclosures
If you find security issues, please email `security@psdn.io`. If the issue lies in upstream Kubernetes, please inform upstream Kubernetes as well.

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,11 +1,15 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
google = ">= 2.19, < 4.0"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,4 +1,14 @@
# Terraform version and plugin versions
terraform {
required_version = ">= 0.12"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
google = ">= 2.19, < 4.0"
template = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,6 +1,6 @@
# Kubernetes assets (kubeconfig, manifests)
module "bootstrap" {
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=3675b3a539efd8d341277f0c03322883f97fd992"
source = "git::https://github.com/poseidon/terraform-render-bootstrap.git?ref=60540868e070ea95da05fc5a6a5c9a55ce68c58d"
cluster_name = var.cluster_name
api_servers = [format("%s.%s", var.cluster_name, var.dns_zone)]

View File

@ -1,11 +1,15 @@
# Terraform version and plugin versions
terraform {
required_version = "~> 0.12.6"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
google = ">= 2.19, < 4.0"
ct = "~> 0.4"
template = "~> 2.1"
null = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}

View File

@ -1,4 +1,14 @@
# Terraform version and plugin versions
terraform {
required_version = ">= 0.12"
required_version = ">= 0.12.26, < 0.14.0"
required_providers {
google = ">= 2.19, < 4.0"
template = "~> 2.1"
ct = {
source = "poseidon/ct"
version = "~> 0.6.1"
}
}
}