Skip to content

Instantly share code, notes, and snippets.

@ShubhamTatvamasi

ShubhamTatvamasi/orc8r-upgrade-logs-1.7-March-28-2022

Last active March 28, 2022 15:00
Show Gist options
  • Save ShubhamTatvamasi/e7a244e23393a4f5266d6913c77c23e7 to your computer and use it in GitHub Desktop.
Save ShubhamTatvamasi/e7a244e23393a4f5266d6913c77c23e7 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
orc8r-upgrade-logs-1.7-March-28-2022
➜ magma-orc8r-upgrade-1-6-1-to-1-7 git:(master) ✗ terraform apply
module.orc8r.tls_private_key.eks_workers[0]: Refreshing state... [id=ff185721d416ac939dad4326238b5689e7fb8684]
module.orc8r.aws_key_pair.eks_workers[0]: Refreshing state... [id=orc8r20220328073024316700000003]
module.orc8r.aws_sns_topic.sns_orc8r_topic: Refreshing state... [id=arn:aws:sns:us-east-2:372544488264:orc8r-sns]
module.orc8r.module.eks.aws_cloudwatch_log_group.this[0]: Refreshing state... [id=/aws/eks/orc8r/cluster]
module.orc8r.aws_secretsmanager_secret.orc8r_secrets: Refreshing state... [id=arn:aws:secretsmanager:us-east-2:372544488264:secret:orc8r-secrets-DvJPl4]
module.orc8r.aws_efs_file_system.eks_pv: Refreshing state... [id=fs-0968e4991dc8e2d87]
module.orc8r.aws_route53_zone.orc8r: Refreshing state... [id=Z0538604IBBP3359MURZ]
module.orc8r.module.vpc.aws_vpc.this[0]: Refreshing state... [id=vpc-0eac7ddbc62f80cfb]
module.orc8r.module.eks.aws_iam_policy.cluster_elb_sl_role_creation[0]: Refreshing state... [id=arn:aws:iam::372544488264:policy/orc8r-elb-sl-role-creation20220328073024315300000002]
module.orc8r.module.eks.aws_iam_role.cluster[0]: Refreshing state... [id=orc8r20220328073024317500000005]
module.orc8r.module.vpc.aws_eip.nat[0]: Refreshing state... [id=eipalloc-0a5e5845b1e4a1572]
module.orc8r.aws_sns_topic_subscription.sns_orc8r_db_subscription_email[0]: Refreshing state... [id=arn:aws:sns:us-east-2:372544488264:orc8r-sns:b2096040-bbbc-4cd3-8d9f-74523c449eb3]
module.orc8r-app.null_resource.orc8r_seed_secrets: Refreshing state... [id=7005817970374776706]
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027175700000006]
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_elb_sl_role_creation[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027554000000009]
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSVPCResourceControllerPolicy[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027528700000008]
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027201500000007]
module.orc8r.aws_security_group.default: Refreshing state... [id=sg-05164ea7a49b4c2f5]
module.orc8r.module.eks.aws_security_group.cluster[0]: Refreshing state... [id=sg-03bce83bb382fc0a6]
module.orc8r.module.vpc.aws_subnet.private[2]: Refreshing state... [id=subnet-0ab2383376780f62b]
module.orc8r.module.vpc.aws_subnet.private[0]: Refreshing state... [id=subnet-0372e929ed9d6d249]
module.orc8r.module.vpc.aws_subnet.private[1]: Refreshing state... [id=subnet-048700cef4c92d25c]
module.orc8r.module.vpc.aws_subnet.database[1]: Refreshing state... [id=subnet-083f049efbc60d852]
module.orc8r.module.vpc.aws_route_table.private[0]: Refreshing state... [id=rtb-0e045f4101d678796]
module.orc8r.module.vpc.aws_subnet.database[2]: Refreshing state... [id=subnet-040fc901bcbb91c05]
module.orc8r.module.vpc.aws_subnet.database[0]: Refreshing state... [id=subnet-053d17dee6b03e64a]
module.orc8r.module.vpc.aws_subnet.public[2]: Refreshing state... [id=subnet-0dedbb17228ecb9bd]
module.orc8r.module.vpc.aws_subnet.public[1]: Refreshing state... [id=subnet-0008db2eb630a979b]
module.orc8r.module.vpc.aws_subnet.public[0]: Refreshing state... [id=subnet-093d2ec9016382b87]
module.orc8r.module.vpc.aws_internet_gateway.this[0]: Refreshing state... [id=igw-025e54d3c4fa49249]
module.orc8r.module.vpc.aws_route_table.public[0]: Refreshing state... [id=rtb-0454f356bb263c626]
module.orc8r.module.eks.aws_security_group.workers[0]: Refreshing state... [id=sg-0761beaf84b6642f7]
module.orc8r.module.vpc.aws_route_table_association.private[1]: Refreshing state... [id=rtbassoc-0396ffd88c4a48df9]
module.orc8r.module.vpc.aws_route_table_association.private[2]: Refreshing state... [id=rtbassoc-04fc3562ff3e0cca5]
module.orc8r.module.vpc.aws_route_table_association.private[0]: Refreshing state... [id=rtbassoc-0f746913a215cad21]
module.orc8r.module.eks.aws_security_group_rule.cluster_egress_internet[0]: Refreshing state... [id=sgrule-1712288784]
module.orc8r.module.vpc.aws_db_subnet_group.database[0]: Refreshing state... [id=orc8r]
module.orc8r.module.vpc.aws_route_table_association.database[1]: Refreshing state... [id=rtbassoc-0d19b8b63c26327c4]
module.orc8r.module.vpc.aws_route_table_association.database[0]: Refreshing state... [id=rtbassoc-03ed5d813a2902bdb]
module.orc8r.module.vpc.aws_route_table_association.database[2]: Refreshing state... [id=rtbassoc-019c52ba5acabc4c0]
module.orc8r.module.vpc.aws_nat_gateway.this[0]: Refreshing state... [id=nat-0cee9fa8a56bd8471]
module.orc8r.aws_efs_mount_target.eks_pv_mnt[2]: Refreshing state... [id=fsmt-0af4fd457933d6b44]
module.orc8r.aws_efs_mount_target.eks_pv_mnt[1]: Refreshing state... [id=fsmt-012f60e580b3c3126]
module.orc8r.aws_efs_mount_target.eks_pv_mnt[0]: Refreshing state... [id=fsmt-0d8838ced0475a073]
module.orc8r.aws_elasticsearch_domain.es[0]: Refreshing state... [id=arn:aws:es:us-east-2:372544488264:domain/orc8r-es]
module.orc8r.module.vpc.aws_route.public_internet_gateway[0]: Refreshing state... [id=r-rtb-0454f356bb263c6261080289494]
module.orc8r.module.vpc.aws_route_table_association.public[1]: Refreshing state... [id=rtbassoc-069d9acbbd0782b01]
module.orc8r.module.vpc.aws_route_table_association.public[0]: Refreshing state... [id=rtbassoc-03f410826342a0b2e]
module.orc8r.module.vpc.aws_route_table_association.public[2]: Refreshing state... [id=rtbassoc-0d07b8623ac9127dd]
module.orc8r.module.eks.aws_security_group_rule.workers_ingress_cluster_https[0]: Refreshing state... [id=sgrule-1890904831]
module.orc8r.module.eks.aws_security_group_rule.workers_ingress_self[0]: Refreshing state... [id=sgrule-3955982485]
module.orc8r.module.eks.aws_security_group_rule.workers_ingress_cluster[0]: Refreshing state... [id=sgrule-2449886145]
module.orc8r.module.eks.aws_security_group_rule.workers_egress_internet[0]: Refreshing state... [id=sgrule-681951236]
module.orc8r.module.eks.aws_security_group_rule.cluster_https_worker_ingress[0]: Refreshing state... [id=sgrule-1442295862]
module.orc8r.module.vpc.aws_route.private_nat_gateway[0]: Refreshing state... [id=r-rtb-0e045f4101d6787961080289494]
module.orc8r.module.eks.aws_eks_cluster.this[0]: Refreshing state... [id=orc8r]
module.orc8r.aws_db_instance.default: Refreshing state... [id=orc8rdb]
module.orc8r.aws_elasticsearch_domain_policy.es_management_access[0]: Refreshing state... [id=esd-policy-orc8r-es]
module.orc8r.aws_db_event_subscription.default: Refreshing state... [id=orc8r-rds-events]
module.orc8r.module.eks.aws_iam_role.workers[0]: Refreshing state... [id=orc8r20220328075655335300000001]
module.orc8r.module.eks.local_file.kubeconfig[0]: Refreshing state... [id=c5f73b212b2e097bb6c2bc4af6614fa64e065ca5]
module.orc8r-app.kubernetes_namespace.orc8r: Refreshing state... [id=orc8r]
module.orc8r-app.kubernetes_service_account.tiller[0]: Refreshing state... [id=kube-system/tiller]
module.orc8r-app.kubernetes_namespace.monitoring[0]: Refreshing state... [id=monitoring]
module.orc8r-app.kubernetes_cluster_role_binding.tiller[0]: Refreshing state... [id=tiller]
module.orc8r.module.eks.aws_iam_role_policy_attachment.workers_AmazonEKS_CNI_Policy[0]: Refreshing state... [id=orc8r20220328075655335300000001-20220328075658365700000005]
module.orc8r.module.eks.aws_iam_role_policy_attachment.workers_AmazonEKSWorkerNodePolicy[0]: Refreshing state... [id=orc8r20220328075655335300000001-20220328075658983400000007]
module.orc8r.module.eks.aws_iam_role_policy_attachment.workers_AmazonEC2ContainerRegistryReadOnly[0]: Refreshing state... [id=orc8r20220328075655335300000001-20220328075658680300000006]
module.orc8r.module.eks.aws_iam_instance_profile.workers[0]: Refreshing state... [id=orc8r20220328075658060000000002]
module.orc8r.aws_iam_role.efs_provisioner: Refreshing state... [id=EFSProvisionerRole20220328075658098100000004]
module.orc8r.aws_iam_role.external_dns: Refreshing state... [id=ExternalDNSRole20220328075658098100000003]
module.orc8r-app.kubernetes_secret.artifactory: Refreshing state... [id=orc8r/artifactory]
module.orc8r-app.kubernetes_secret.orc8r_envdir: Refreshing state... [id=orc8r/orc8r-envdir]
module.orc8r-app.kubernetes_secret.orc8r_configs: Refreshing state... [id=orc8r/orc8r-configs]
module.orc8r-app.kubernetes_secret.nms_certs[0]: Refreshing state... [id=orc8r/nms-certs]
module.orc8r-app.kubernetes_secret.fluentd_certs: Refreshing state... [id=orc8r/fluentd-certs]
module.orc8r-app.kubernetes_secret.orc8r_certs: Refreshing state... [id=orc8r/orc8r-certs]
module.orc8r-app.helm_release.elasticsearch_curator[0]: Refreshing state... [id=elasticsearch-curator]
module.orc8r.aws_iam_role_policy_attachment.efs_provisioner: Refreshing state... [id=EFSProvisionerRole20220328075658098100000004-20220328075705385800000009]
module.orc8r-app.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner]
module.orc8r.module.eks.kubernetes_config_map.aws_auth[0]: Refreshing state... [id=kube-system/aws-auth]
module.orc8r.module.eks.aws_launch_configuration.workers[0]: Refreshing state... [id=orc8r-wg-120220328075659841200000008]
module.orc8r-app.helm_release.fluentd[0]: Refreshing state... [id=fluentd]
module.orc8r.aws_iam_role_policy.external_dns: Refreshing state... [id=ExternalDNSRole20220328075658098100000003:terraform-2022032807570933470000000b]
module.orc8r-app.helm_release.external_dns[0]: Refreshing state... [id=external-dns]
module.orc8r.module.eks.aws_autoscaling_group.workers[0]: Refreshing state... [id=orc8r-wg-12022032807570852850000000a]
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanaproviders"]: Refreshing state... [id=orc8r/grafanaproviders]
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadata"]: Refreshing state... [id=orc8r/grafanadata]
module.orc8r-app.kubernetes_persistent_volume_claim.storage["openvpn"]: Refreshing state... [id=orc8r/openvpn]
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadatasources"]: Refreshing state... [id=orc8r/grafanadatasources]
module.orc8r-app.kubernetes_persistent_volume_claim.storage["promcfg"]: Refreshing state... [id=orc8r/promcfg]
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadashboards"]: Refreshing state... [id=orc8r/grafanadashboards]
module.orc8r-app.kubernetes_persistent_volume_claim.storage["promdata"]: Refreshing state... [id=orc8r/promdata]
module.orc8r-app.helm_release.orc8r: Refreshing state... [id=orc8r]
module.orc8r-app.helm_release.lte-orc8r[0]: Refreshing state... [id=lte-orc8r]
Note: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the last "terraform apply":
# module.orc8r.aws_db_instance.default has been changed
~ resource "aws_db_instance" "default" {
id = "orc8rdb"
~ latest_restorable_time = "2022-03-28T07:58:02Z" -> "2022-03-28T08:13:03Z"
name = "orc8r"
tags = {}
# (48 unchanged attributes hidden)
}
# module.orc8r-app.kubernetes_secret.orc8r_certs has been changed
~ resource "kubernetes_secret" "orc8r_certs" {
id = "orc8r/orc8r-certs"
# (2 unchanged attributes hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "orc8r-certs"
# (4 unchanged attributes hidden)
}
}
# module.orc8r-app.kubernetes_secret.artifactory has been changed
~ resource "kubernetes_secret" "artifactory" {
id = "orc8r/artifactory"
# (2 unchanged attributes hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "artifactory"
# (4 unchanged attributes hidden)
}
}
# module.orc8r-app.kubernetes_secret.nms_certs[0] has been changed
~ resource "kubernetes_secret" "nms_certs" {
id = "orc8r/nms-certs"
# (2 unchanged attributes hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "nms-certs"
# (4 unchanged attributes hidden)
}
}
# module.orc8r-app.kubernetes_secret.orc8r_configs has been changed
~ resource "kubernetes_secret" "orc8r_configs" {
id = "orc8r/orc8r-configs"
# (2 unchanged attributes hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "orc8r-configs"
# (4 unchanged attributes hidden)
}
}
# module.orc8r-app.kubernetes_cluster_role_binding.tiller[0] has been changed
~ resource "kubernetes_cluster_role_binding" "tiller" {
id = "tiller"
~ metadata {
+ annotations = {}
+ labels = {}
name = "tiller"
# (3 unchanged attributes hidden)
}
# (2 unchanged blocks hidden)
}
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanaproviders"] has been changed
~ resource "kubernetes_persistent_volume_claim" "storage" {
id = "orc8r/grafanaproviders"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "grafanaproviders"
# (4 unchanged attributes hidden)
}
~ spec {
# (3 unchanged attributes hidden)
~ resources {
+ limits = {}
# (1 unchanged attribute hidden)
}
}
}
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["openvpn"] has been changed
~ resource "kubernetes_persistent_volume_claim" "storage" {
id = "orc8r/openvpn"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "openvpn"
# (4 unchanged attributes hidden)
}
~ spec {
# (3 unchanged attributes hidden)
~ resources {
+ limits = {}
# (1 unchanged attribute hidden)
}
}
}
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["promcfg"] has been changed
~ resource "kubernetes_persistent_volume_claim" "storage" {
id = "orc8r/promcfg"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "promcfg"
# (4 unchanged attributes hidden)
}
~ spec {
# (3 unchanged attributes hidden)
~ resources {
+ limits = {}
# (1 unchanged attribute hidden)
}
}
}
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["promdata"] has been changed
~ resource "kubernetes_persistent_volume_claim" "storage" {
id = "orc8r/promdata"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "promdata"
# (4 unchanged attributes hidden)
}
~ spec {
# (3 unchanged attributes hidden)
~ resources {
+ limits = {}
# (1 unchanged attribute hidden)
}
}
}
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadashboards"] has been changed
~ resource "kubernetes_persistent_volume_claim" "storage" {
id = "orc8r/grafanadashboards"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "grafanadashboards"
# (4 unchanged attributes hidden)
}
~ spec {
# (3 unchanged attributes hidden)
~ resources {
+ limits = {}
# (1 unchanged attribute hidden)
}
}
}
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadata"] has been changed
~ resource "kubernetes_persistent_volume_claim" "storage" {
id = "orc8r/grafanadata"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "grafanadata"
# (4 unchanged attributes hidden)
}
~ spec {
# (3 unchanged attributes hidden)
~ resources {
+ limits = {}
# (1 unchanged attribute hidden)
}
}
}
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadatasources"] has been changed
~ resource "kubernetes_persistent_volume_claim" "storage" {
id = "orc8r/grafanadatasources"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "grafanadatasources"
# (4 unchanged attributes hidden)
}
~ spec {
# (3 unchanged attributes hidden)
~ resources {
+ limits = {}
# (1 unchanged attribute hidden)
}
}
}
# module.orc8r-app.helm_release.external_dns has been deleted
- resource "helm_release" "external_dns" {
- atomic = false -> null
- chart = "external-dns" -> null
- cleanup_on_fail = false -> null
- create_namespace = false -> null
- dependency_update = false -> null
- disable_crd_hooks = false -> null
- disable_openapi_validation = false -> null
- disable_webhooks = false -> null
- force_update = false -> null
- id = "external-dns" -> null
- lint = false -> null
- max_history = 0 -> null
- metadata = [
- {
- app_version = "0.6.0"
- chart = "external-dns"
- name = "external-dns"
- namespace = "kube-system"
- revision = 1
- values = jsonencode(
{
- aws = {
- assumeRoleArn = "arn:aws:iam::372544488264:role/ExternalDNSRole20220328075658098100000003"
}
- rbac = {
- create = true
}
- zoneIdFilters = [
- "Z0538604IBBP3359MURZ",
]
}
)
- version = "2.19.1"
},
] -> null
- name = "external-dns" -> null
- namespace = "kube-system" -> null
- recreate_pods = false -> null
- render_subchart_notes = true -> null
- replace = false -> null
- repository = "https://charts.helm.sh/stable" -> null
- reset_values = false -> null
- reuse_values = false -> null
- skip_crds = false -> null
- status = "deployed" -> null
- timeout = 300 -> null
- values = [
- <<-EOT
rbac:
create: true
aws:
assumeRoleArn: arn:aws:iam::372544488264:role/ExternalDNSRole20220328075658098100000003
zoneIdFilters:
- Z0538604IBBP3359MURZ
EOT,
] -> null
- verify = false -> null
- version = "2.19.1" -> null
- wait = true -> null
}
# module.orc8r-app.kubernetes_secret.orc8r_envdir has been changed
~ resource "kubernetes_secret" "orc8r_envdir" {
+ data = (sensitive value)
id = "orc8r/orc8r-envdir"
# (1 unchanged attribute hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "orc8r-envdir"
# (4 unchanged attributes hidden)
}
}
# module.orc8r-app.helm_release.efs_provisioner has been deleted
- resource "helm_release" "efs_provisioner" {
- atomic = false -> null
- chart = "efs-provisioner" -> null
- cleanup_on_fail = false -> null
- create_namespace = false -> null
- dependency_update = false -> null
- disable_crd_hooks = false -> null
- disable_openapi_validation = false -> null
- disable_webhooks = false -> null
- force_update = false -> null
- id = "efs-provisioner" -> null
- lint = false -> null
- max_history = 0 -> null
- metadata = [
- {
- app_version = "v2.4.0"
- chart = "efs-provisioner"
- name = "efs-provisioner"
- namespace = "kube-system"
- revision = 1
- values = jsonencode(
{
- efsProvisioner = {
- awsRegion = "us-east-2"
- efsFileSystemId = "fs-0968e4991dc8e2d87"
- path = "/pv-volume"
- provisionerName = "aws-efs"
- storageClass = {
- name = "efs"
}
}
- podAnnotations = {
- iam-assumable-role = "arn:aws:iam::372544488264:role/EFSProvisionerRole20220328075658098100000004"
}
}
)
- version = "0.11.0"
},
] -> null
- name = "efs-provisioner" -> null
- namespace = "kube-system" -> null
- recreate_pods = false -> null
- render_subchart_notes = true -> null
- replace = false -> null
- repository = "https://charts.helm.sh/stable" -> null
- reset_values = false -> null
- reuse_values = false -> null
- skip_crds = false -> null
- status = "deployed" -> null
- timeout = 300 -> null
- values = [
- <<-EOT
efsProvisioner:
efsFileSystemId: fs-0968e4991dc8e2d87
awsRegion: us-east-2
path: /pv-volume
provisionerName: aws-efs
storageClass:
name: efs
podAnnotations:
iam-assumable-role: arn:aws:iam::372544488264:role/EFSProvisionerRole20220328075658098100000004
EOT,
] -> null
- verify = false -> null
- version = "0.11.0" -> null
- wait = true -> null
}
# module.orc8r-app.kubernetes_namespace.orc8r has been changed
~ resource "kubernetes_namespace" "orc8r" {
id = "orc8r"
~ metadata {
+ annotations = {}
+ labels = {}
name = "orc8r"
# (3 unchanged attributes hidden)
}
}
# module.orc8r-app.kubernetes_namespace.monitoring[0] has been changed
~ resource "kubernetes_namespace" "monitoring" {
id = "monitoring"
~ metadata {
+ annotations = {}
+ labels = {}
name = "monitoring"
# (3 unchanged attributes hidden)
}
}
# module.orc8r-app.kubernetes_namespace.monitoring has been deleted
- resource "kubernetes_namespace" "monitoring" {
- id = "monitoring" -> null
- metadata {
- generation = 0 -> null
- name = "monitoring" -> null
- resource_version = "2216" -> null
- uid = "bbc999ac-7b52-43f1-bf6c-0ffc96c85d03" -> null
}
}
# module.orc8r-app.kubernetes_secret.fluentd_certs has been changed
~ resource "kubernetes_secret" "fluentd_certs" {
id = "orc8r/fluentd-certs"
# (2 unchanged attributes hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "fluentd-certs"
# (4 unchanged attributes hidden)
}
}
# module.orc8r-app.kubernetes_service_account.tiller[0] has been changed
~ resource "kubernetes_service_account" "tiller" {
id = "kube-system/tiller"
# (2 unchanged attributes hidden)
~ metadata {
+ annotations = {}
+ labels = {}
name = "tiller"
# (4 unchanged attributes hidden)
}
}
# module.orc8r.module.eks.aws_security_group.workers[0] has been changed
~ resource "aws_security_group" "workers" {
id = "sg-0761beaf84b6642f7"
~ ingress = [
+ {
+ cidr_blocks = []
+ description = ""
+ from_port = 0
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "-1"
+ security_groups = [
+ "sg-00883acaed0c22fa8",
+ "sg-00e49e8198af48ca7",
+ "sg-0680f00709f68d503",
+ "sg-0a6778605e392a672",
+ "sg-0e8d07cc395285d3e",
]
+ self = false
+ to_port = 0
},
# (3 unchanged elements hidden)
]
name = "orc8r2022032807304215500000000a"
tags = {
"Name" = "orc8r-eks_worker_sg"
"kubernetes.io/cluster/orc8r" = "owned"
}
# (8 unchanged attributes hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following
plan may include actions to undo or respond to these changes.
────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
+ create
~ update in-place
<= read (data resources)
Terraform will perform the following actions:
# module.orc8r-app.data.template_file.orc8r_values will be read during apply
# (config refers to values not yet known)
<= data "template_file" "orc8r_values" {
~ id = "94b3672de83dc3bfc5cd4e822a7b4d60fc5aff1ffc8e509a8a21dd3d10717978" -> (known after apply)
~ rendered = <<-EOT
################################################################################
# Copyright 2020 The Magma Authors.
# This source code is licensed under the BSD-style license found in the
# LICENSE file in the root directory of this source tree.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
################################################################################
imagePullSecrets:
- name: artifactory
secrets:
create: false
secret:
certs: orc8r-certs
configs:
orc8r: orc8r-configs
envdir: orc8r-envdir
nginx:
create: true
podDisruptionBudget:
enabled: true
image:
repository: docker.artifactory.magmacore.org/nginx
tag: "1.6.1"
replicas: 2
service:
enabled: true
legacyEnabled: true
annotations:
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default"
extraAnnotations:
proxy:
external-dns.alpha.kubernetes.io/hostname: api.orc8r.magmacore.link
bootstrapLagacy:
external-dns.alpha.kubernetes.io/hostname: bootstrapper-controller.orc8r.magmacore.link
clientcertLegacy:
external-dns.alpha.kubernetes.io/hostname: controller.orc8r.magmacore.link
name: orc8r-bootstrap-nginx
type: LoadBalancer
spec:
hostname: controller.orc8r.magmacore.link
controller:
podDisruptionBudget:
enabled: true
image:
repository: docker.artifactory.magmacore.org/controller
tag: "1.6.1"
replicas: 2
spec:
database:
db: orc8r
host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com
port: 5432
user: orc8r
service_registry:
mode: "k8s"
metrics:
imagePullSecrets:
- name: artifactory
metrics:
volumes:
prometheusData:
volumeSpec:
persistentVolumeClaim:
claimName: promdata
prometheusConfig:
volumeSpec:
persistentVolumeClaim:
claimName: promcfg
prometheus:
create: true
includeOrc8rAlerts: true
prometheusCacheHostname: orc8r-prometheus-cache
alertmanagerHostname: orc8r-alertmanager
alertmanager:
create: true
prometheusConfigurer:
create: true
image:
repository: docker.io/facebookincubator/prometheus-configurer
tag: 1.0.4
prometheusURL: orc8r-prometheus:9090
alertmanagerConfigurer:
create: true
image:
repository: docker.io/facebookincubator/alertmanager-configurer
tag: 1.0.4
alertmanagerURL: orc8r-alertmanager:9093
prometheusCache:
create: true
image:
repository: docker.io/facebookincubator/prometheus-edge-hub
tag: 1.1.0
limit: 500000
grafana:
create: false
userGrafana:
image:
repository: docker.io/grafana/grafana
tag: 6.6.2
create: true
volumes:
datasources:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadatasources
dashboardproviders:
volumeSpec:
persistentVolumeClaim:
claimName: grafanaproviders
dashboards:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadashboards
grafanaData:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadata
thanos:
enabled: false
compact:
nodeSelector:
{}
store:
nodeSelector:
{}
query:
nodeSelector:
compute-type: thanos
objstore:
type: S3
config:
bucket:
endpoint: s3.us-east-2.amazonaws.com
region: us-east-2
access_key:
secret_key:
insecure: false
signature_version2: false
put_user_metadata: {}
http_config:
idle_conn_timeout: 0s
response_header_timeout: 0s
insecure_skip_verify: false
trace:
enable: false
part_size: 0
nms:
enabled: true
imagePullSecrets:
- name: artifactory
secret:
certs: nms-certs
magmalte:
create: true
image:
repository: docker.artifactory.magmacore.org/magmalte
tag: "1.6.1"
env:
api_host: api.orc8r.magmacore.link
mysql_db: orc8r
mysql_dialect: postgres
mysql_host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com
mysql_port: 5432
mysql_user: orc8r
mysql_pass: mypassword
grafana_address: orc8r-user-grafana:3000
nginx:
create: true
service:
type: LoadBalancer
annotations:
external-dns.alpha.kubernetes.io/hostname: "*.nms.orc8r.magmacore.link"
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default"
deployment:
spec:
ssl_cert_name: controller.crt
ssl_cert_key_name: controller.key
logging:
enabled: false
EOT -> (known after apply)
~ template = <<-EOT
################################################################################
# Copyright 2020 The Magma Authors.
# This source code is licensed under the BSD-style license found in the
# LICENSE file in the root directory of this source tree.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
################################################################################
imagePullSecrets:
- name: ${image_pull_secret}
secrets:
create: false
secret:
certs: ${certs_secret}
configs:
orc8r: ${configs_secret}
envdir: ${envdir_secret}
+ # certs sub-chart configuration.
+ certs:
+ create: ${managed_certs_create}
+ enabled: ${managed_certs_enabled}
+ domainName: ${managed_certs_domain_name}
+ nms:
+ customIssuer: ${nms_custom_issuer}
+ route53:
+ enabled: ${managed_certs_route53_enabled}
+ region: ${region}
+
nginx:
create: true
podDisruptionBudget:
enabled: true
image:
repository: ${docker_registry}/nginx
tag: "${docker_tag}"
replicas: ${nginx_replicas}
service:
enabled: true
legacyEnabled: true
annotations:
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=${magma_uuid}"
extraAnnotations:
proxy:
external-dns.alpha.kubernetes.io/hostname: ${api_hostname}
bootstrapLagacy:
external-dns.alpha.kubernetes.io/hostname: bootstrapper-${controller_hostname}
clientcertLegacy:
external-dns.alpha.kubernetes.io/hostname: ${controller_hostname}
name: orc8r-bootstrap-nginx
type: LoadBalancer
spec:
hostname: ${controller_hostname}
controller:
podDisruptionBudget:
enabled: true
image:
repository: ${docker_registry}/controller
tag: "${docker_tag}"
+ env:
+ orc8r_domain_name: "${orc8r_domain_name}"
+ version_tag: "${docker_tag}"
+ helm_version_tag: "${orc8r_chart_version}"
replicas: ${controller_replicas}
spec:
database:
db: ${orc8r_db_name}
host: ${orc8r_db_host}
port: ${orc8r_db_port}
user: ${orc8r_db_user}
service_registry:
mode: "k8s"
metrics:
imagePullSecrets:
- name: ${image_pull_secret}
metrics:
volumes:
prometheusData:
volumeSpec:
persistentVolumeClaim:
claimName: ${metrics_pvc_promdata}
prometheusConfig:
volumeSpec:
persistentVolumeClaim:
claimName: ${metrics_pvc_promcfg}
prometheus:
- create: true
+ create: ${enable_metrics}
includeOrc8rAlerts: true
prometheusCacheHostname: ${prometheus_cache_hostname}
alertmanagerHostname: ${alertmanager_hostname}
alertmanager:
- create: true
+ create: ${enable_metrics}
prometheusConfigurer:
- create: true
+ create: ${enable_metrics}
image:
repository: docker.io/facebookincubator/prometheus-configurer
tag: ${prometheus_configurer_version}
prometheusURL: ${prometheus_url}
alertmanagerConfigurer:
- create: true
+ create: ${enable_metrics}
image:
repository: docker.io/facebookincubator/alertmanager-configurer
tag: ${alertmanager_configurer_version}
alertmanagerURL: ${alertmanager_url}
prometheusCache:
- create: true
+ create: ${enable_metrics}
image:
repository: docker.io/facebookincubator/prometheus-edge-hub
tag: 1.1.0
limit: 500000
grafana:
- create: false
+ create: ${enable_metrics}
userGrafana:
image:
repository: docker.io/grafana/grafana
tag: 6.6.2
create: ${create_usergrafana}
volumes:
datasources:
volumeSpec:
persistentVolumeClaim:
claimName: ${grafana_pvc_grafanaDatasources}
dashboardproviders:
volumeSpec:
persistentVolumeClaim:
claimName: ${grafana_pvc_grafanaProviders}
dashboards:
volumeSpec:
persistentVolumeClaim:
claimName: ${grafana_pvc_grafanaDashboards}
grafanaData:
volumeSpec:
persistentVolumeClaim:
claimName: ${grafana_pvc_grafanaData}
thanos:
enabled: ${thanos_enabled}
compact:
nodeSelector:
${thanos_compact_selector}
store:
nodeSelector:
${thanos_store_selector}
query:
nodeSelector:
${thanos_query_selector}
objstore:
type: S3
config:
bucket: ${thanos_bucket}
endpoint: s3.${region}.amazonaws.com
region: ${region}
access_key: ${thanos_aws_access_key}
secret_key: ${thanos_aws_secret_key}
insecure: false
signature_version2: false
put_user_metadata: {}
http_config:
idle_conn_timeout: 0s
response_header_timeout: 0s
insecure_skip_verify: false
trace:
enable: false
part_size: 0
nms:
enabled: ${deploy_nms}
imagePullSecrets:
- name: ${image_pull_secret}
secret:
certs: ${nms_certs_secret}
+ certs:
+ enabled: ${nms_managed_certs_enabled}
+
magmalte:
create: true
image:
repository: ${docker_registry}/magmalte
tag: "${docker_tag}"
env:
api_host: ${api_hostname}
mysql_db: ${orc8r_db_name}
mysql_dialect: ${orc8r_db_dialect}
mysql_host: ${orc8r_db_host}
mysql_port: ${orc8r_db_port}
mysql_user: ${orc8r_db_user}
mysql_pass: ${orc8r_db_pass}
grafana_address: ${user_grafana_hostname}
+ version_tag: "${docker_tag}"
nginx:
create: true
service:
type: LoadBalancer
annotations:
external-dns.alpha.kubernetes.io/hostname: "${nms_hostname}"
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=${magma_uuid}"
deployment:
spec:
ssl_cert_name: controller.crt
ssl_cert_key_name: controller.key
logging:
- enabled: false
+ enabled: ${enable_logging}
+
+ dp:
+ create: ${dp_enabled}
+
+ configuration_controller:
+ sasEndpointUrl: "${dp_sas_endpoint_url}"
+ image:
+ repository: "${docker_registry}/configuration-controller"
+ tag: "${docker_tag}"
+
+ database:
+ driver: postgres
+ db: ${orc8r_db_name}
+ host: ${orc8r_db_host}
+ port: ${orc8r_db_port}
+ user: ${orc8r_db_user}
+ pass: ${orc8r_db_pass}
+
+ protocol_controller:
+ enabled: false
+ image:
+ repository: "${docker_registry}/protocol-controller"
+ tag: "${docker_tag}"
+
+ radio_controller:
+ image:
+ repository: "${docker_registry}/radio-controller"
+ tag: "${docker_tag}"
+
+ database:
+ driver: postgres
+ db: ${orc8r_db_name}
+ host: ${orc8r_db_host}
+ port: ${orc8r_db_port}
+ user: ${orc8r_db_user}
+ pass: ${orc8r_db_pass}
+
+ active_mode_controller:
+ image:
+ repository: "${docker_registry}/active-mode-controller"
+ tag: "${docker_tag}"
+
+ db_service:
+ image:
+ repository: "${docker_registry}/db-service"
+ tag: "${docker_tag}"
+
+ database:
+ driver: postgres
+ db: ${orc8r_db_name}
+ host: ${orc8r_db_host}
+ port: ${orc8r_db_port}
+ user: ${orc8r_db_user}
+ pass: ${orc8r_db_pass}
EOT
~ vars = {
~ "docker_registry" = "docker.artifactory.magmacore.org" -> "shubhamtatvamasi"
~ "docker_tag" = "1.6.1" -> "2474470"
+ "dp_enabled" = "false"
+ "dp_sas_endpoint_url" = ""
+ "enable_logging" = "true"
+ "enable_metrics" = "true"
+ "managed_certs_create" = "false"
+ "managed_certs_domain_name" = "orc8r.magmacore.link"
+ "managed_certs_enabled" = "false"
+ "managed_certs_route53_enabled" = "true"
+ "nms_custom_issuer" = "orc8r-route53-issuer"
+ "nms_managed_certs_enabled" = "false"
+ "orc8r_chart_version" = "1.5.27"
+ "orc8r_domain_name" = "orc8r.magmacore.link"
# (40 unchanged elements hidden)
}
}
# module.orc8r-app.helm_release.lte-orc8r[0] will be updated in-place
~ resource "helm_release" "lte-orc8r" {
id = "lte-orc8r"
name = "lte-orc8r"
~ repository = "https://artifactory.magmacore.org/artifactory/helm" -> "https://shubhamtatvamasi.github.io/magma-charts-3-17-2022"
~ values = [
- <<-EOT
################################################################################
# Copyright 2020 The Magma Authors.
# This source code is licensed under the BSD-style license found in the
# LICENSE file in the root directory of this source tree.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
################################################################################
imagePullSecrets:
- name: artifactory
secrets:
create: false
secret:
certs: orc8r-certs
configs:
orc8r: orc8r-configs
envdir: orc8r-envdir
nginx:
create: true
podDisruptionBudget:
enabled: true
image:
repository: docker.artifactory.magmacore.org/nginx
tag: "1.6.1"
replicas: 2
service:
enabled: true
legacyEnabled: true
annotations:
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default"
extraAnnotations:
proxy:
external-dns.alpha.kubernetes.io/hostname: api.orc8r.magmacore.link
bootstrapLagacy:
external-dns.alpha.kubernetes.io/hostname: bootstrapper-controller.orc8r.magmacore.link
clientcertLegacy:
external-dns.alpha.kubernetes.io/hostname: controller.orc8r.magmacore.link
name: orc8r-bootstrap-nginx
type: LoadBalancer
spec:
hostname: controller.orc8r.magmacore.link
controller:
podDisruptionBudget:
enabled: true
image:
repository: docker.artifactory.magmacore.org/controller
tag: "1.6.1"
replicas: 2
spec:
database:
db: orc8r
host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com
port: 5432
user: orc8r
service_registry:
mode: "k8s"
metrics:
imagePullSecrets:
- name: artifactory
metrics:
volumes:
prometheusData:
volumeSpec:
persistentVolumeClaim:
claimName: promdata
prometheusConfig:
volumeSpec:
persistentVolumeClaim:
claimName: promcfg
prometheus:
create: true
includeOrc8rAlerts: true
prometheusCacheHostname: orc8r-prometheus-cache
alertmanagerHostname: orc8r-alertmanager
alertmanager:
create: true
prometheusConfigurer:
create: true
image:
repository: docker.io/facebookincubator/prometheus-configurer
tag: 1.0.4
prometheusURL: orc8r-prometheus:9090
alertmanagerConfigurer:
create: true
image:
repository: docker.io/facebookincubator/alertmanager-configurer
tag: 1.0.4
alertmanagerURL: orc8r-alertmanager:9093
prometheusCache:
create: true
image:
repository: docker.io/facebookincubator/prometheus-edge-hub
tag: 1.1.0
limit: 500000
grafana:
create: false
userGrafana:
image:
repository: docker.io/grafana/grafana
tag: 6.6.2
create: true
volumes:
datasources:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadatasources
dashboardproviders:
volumeSpec:
persistentVolumeClaim:
claimName: grafanaproviders
dashboards:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadashboards
grafanaData:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadata
thanos:
enabled: false
compact:
nodeSelector:
{}
store:
nodeSelector:
{}
query:
nodeSelector:
compute-type: thanos
objstore:
type: S3
config:
bucket:
endpoint: s3.us-east-2.amazonaws.com
region: us-east-2
access_key:
secret_key:
insecure: false
signature_version2: false
put_user_metadata: {}
http_config:
idle_conn_timeout: 0s
response_header_timeout: 0s
insecure_skip_verify: false
trace:
enable: false
part_size: 0
nms:
enabled: true
imagePullSecrets:
- name: artifactory
secret:
certs: nms-certs
magmalte:
create: true
image:
repository: docker.artifactory.magmacore.org/magmalte
tag: "1.6.1"
env:
api_host: api.orc8r.magmacore.link
mysql_db: orc8r
mysql_dialect: postgres
mysql_host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com
mysql_port: 5432
mysql_user: orc8r
mysql_pass: mypassword
grafana_address: orc8r-user-grafana:3000
nginx:
create: true
service:
type: LoadBalancer
annotations:
external-dns.alpha.kubernetes.io/hostname: "*.nms.orc8r.magmacore.link"
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default"
deployment:
spec:
ssl_cert_name: controller.crt
ssl_cert_key_name: controller.key
logging:
enabled: false
EOT,
] -> (known after apply)
~ version = "0.2.5" -> "0.2.6"
# (26 unchanged attributes hidden)
set_sensitive {
# At least one attribute in this block is (or was) sensitive,
# so its contents will not be displayed.
}
}
# module.orc8r-app.helm_release.orc8r will be updated in-place
~ resource "helm_release" "orc8r" {
id = "orc8r"
name = "orc8r"
~ repository = "https://artifactory.magmacore.org/artifactory/helm" -> "https://shubhamtatvamasi.github.io/magma-charts-3-17-2022"
~ values = [
- <<-EOT
################################################################################
# Copyright 2020 The Magma Authors.
# This source code is licensed under the BSD-style license found in the
# LICENSE file in the root directory of this source tree.
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
################################################################################
imagePullSecrets:
- name: artifactory
secrets:
create: false
secret:
certs: orc8r-certs
configs:
orc8r: orc8r-configs
envdir: orc8r-envdir
nginx:
create: true
podDisruptionBudget:
enabled: true
image:
repository: docker.artifactory.magmacore.org/nginx
tag: "1.6.1"
replicas: 2
service:
enabled: true
legacyEnabled: true
annotations:
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default"
extraAnnotations:
proxy:
external-dns.alpha.kubernetes.io/hostname: api.orc8r.magmacore.link
bootstrapLagacy:
external-dns.alpha.kubernetes.io/hostname: bootstrapper-controller.orc8r.magmacore.link
clientcertLegacy:
external-dns.alpha.kubernetes.io/hostname: controller.orc8r.magmacore.link
name: orc8r-bootstrap-nginx
type: LoadBalancer
spec:
hostname: controller.orc8r.magmacore.link
controller:
podDisruptionBudget:
enabled: true
image:
repository: docker.artifactory.magmacore.org/controller
tag: "1.6.1"
replicas: 2
spec:
database:
db: orc8r
host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com
port: 5432
user: orc8r
service_registry:
mode: "k8s"
metrics:
imagePullSecrets:
- name: artifactory
metrics:
volumes:
prometheusData:
volumeSpec:
persistentVolumeClaim:
claimName: promdata
prometheusConfig:
volumeSpec:
persistentVolumeClaim:
claimName: promcfg
prometheus:
create: true
includeOrc8rAlerts: true
prometheusCacheHostname: orc8r-prometheus-cache
alertmanagerHostname: orc8r-alertmanager
alertmanager:
create: true
prometheusConfigurer:
create: true
image:
repository: docker.io/facebookincubator/prometheus-configurer
tag: 1.0.4
prometheusURL: orc8r-prometheus:9090
alertmanagerConfigurer:
create: true
image:
repository: docker.io/facebookincubator/alertmanager-configurer
tag: 1.0.4
alertmanagerURL: orc8r-alertmanager:9093
prometheusCache:
create: true
image:
repository: docker.io/facebookincubator/prometheus-edge-hub
tag: 1.1.0
limit: 500000
grafana:
create: false
userGrafana:
image:
repository: docker.io/grafana/grafana
tag: 6.6.2
create: true
volumes:
datasources:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadatasources
dashboardproviders:
volumeSpec:
persistentVolumeClaim:
claimName: grafanaproviders
dashboards:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadashboards
grafanaData:
volumeSpec:
persistentVolumeClaim:
claimName: grafanadata
thanos:
enabled: false
compact:
nodeSelector:
{}
store:
nodeSelector:
{}
query:
nodeSelector:
compute-type: thanos
objstore:
type: S3
config:
bucket:
endpoint: s3.us-east-2.amazonaws.com
region: us-east-2
access_key:
secret_key:
insecure: false
signature_version2: false
put_user_metadata: {}
http_config:
idle_conn_timeout: 0s
response_header_timeout: 0s
insecure_skip_verify: false
trace:
enable: false
part_size: 0
nms:
enabled: true
imagePullSecrets:
- name: artifactory
secret:
certs: nms-certs
magmalte:
create: true
image:
repository: docker.artifactory.magmacore.org/magmalte
tag: "1.6.1"
env:
api_host: api.orc8r.magmacore.link
mysql_db: orc8r
mysql_dialect: postgres
mysql_host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com
mysql_port: 5432
mysql_user: orc8r
mysql_pass: mypassword
grafana_address: orc8r-user-grafana:3000
nginx:
create: true
service:
type: LoadBalancer
annotations:
external-dns.alpha.kubernetes.io/hostname: "*.nms.orc8r.magmacore.link"
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default"
deployment:
spec:
ssl_cert_name: controller.crt
ssl_cert_key_name: controller.key
logging:
enabled: false
EOT,
] -> (known after apply)
~ version = "1.5.23" -> "1.5.27"
# (26 unchanged attributes hidden)
set_sensitive {
# At least one attribute in this block is (or was) sensitive,
# so its contents will not be displayed.
}
}
# module.orc8r-app.kubernetes_secret.artifactory will be updated in-place
~ resource "kubernetes_secret" "artifactory" {
~ data = (sensitive value)
id = "orc8r/artifactory"
# (1 unchanged attribute hidden)
# (1 unchanged block hidden)
}
# module.orc8r.module.eks.aws_iam_openid_connect_provider.oidc_provider[0] will be created
+ resource "aws_iam_openid_connect_provider" "oidc_provider" {
+ arn = (known after apply)
+ client_id_list = [
+ "sts.amazonaws.com",
]
+ id = (known after apply)
+ tags = {
+ "Name" = "orc8r-eks-irsa"
}
+ tags_all = {
+ "Name" = "orc8r-eks-irsa"
}
+ thumbprint_list = [
+ "9e99a48a9960b14926bb7f3b02e22da2b0ab7280",
]
+ url = "https://oidc.eks.us-east-2.amazonaws.com/id/62B2BF0D4F8B119DA8541D62A4527094"
}
Plan: 1 to add, 3 to change, 0 to destroy.
│ Warning: Argument is deprecated
│ with module.orc8r.aws_db_instance.default,
│ on .terraform/modules/orc8r/orc8r/cloud/deploy/terraform/orc8r-aws/db.tf line 21, in resource "aws_db_instance" "default":
│ 21: name = var.orc8r_db_name
│ Use db_name instead
│ (and one more similar warning elsewhere)
│ Warning: Version constraints inside provider configuration blocks are deprecated
│ on .terraform/modules/orc8r/orc8r/cloud/deploy/terraform/orc8r-aws/providers.tf line 19, in provider "random":
│ 19: version = "~> 2.1"
│ Terraform 0.13 and earlier allowed provider version constraints inside the provider configuration block, but that is now deprecated
│ and will be removed in a future version of Terraform. To silence this warning, move the provider version constraint into the
│ required_providers block.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
module.orc8r-app.kubernetes_secret.artifactory: Modifying... [id=orc8r/artifactory]
module.orc8r-app.kubernetes_secret.artifactory: Modifications complete after 1s [id=orc8r/artifactory]
module.orc8r-app.data.template_file.orc8r_values: Reading... [id=94b3672de83dc3bfc5cd4e822a7b4d60fc5aff1ffc8e509a8a21dd3d10717978]
module.orc8r.module.eks.aws_iam_openid_connect_provider.oidc_provider[0]: Creating...
module.orc8r-app.data.template_file.orc8r_values: Read complete after 0s [id=29e22cd94ffd73d950b3b116268556cb7093a32a1e75b3f64281f0c68282d5a0]
module.orc8r.module.eks.aws_iam_openid_connect_provider.oidc_provider[0]: Creation complete after 2s [id=arn:aws:iam::372544488264:oidc-provider/oidc.eks.us-east-2.amazonaws.com/id/62B2BF0D4F8B119DA8541D62A4527094]
module.orc8r-app.helm_release.lte-orc8r[0]: Modifying... [id=lte-orc8r]
module.orc8r-app.helm_release.orc8r: Modifying... [id=orc8r]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 10s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 10s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 20s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 20s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 30s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 30s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 40s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 40s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 50s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 50s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m0s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m0s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m10s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m10s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m20s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m20s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m30s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m30s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m40s elapsed]
module.orc8r-app.helm_release.lte-orc8r[0]: Modifications complete after 1m40s [id=lte-orc8r]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m40s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m50s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m0s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m10s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m20s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m30s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m40s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m50s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m0s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m10s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m20s elapsed]
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m30s elapsed]
module.orc8r-app.helm_release.orc8r: Modifications complete after 3m34s [id=orc8r]
Apply complete! Resources: 1 added, 3 changed, 0 destroyed.
Outputs:
nameservers = tolist([
"ns-1323.awsdns-37.org",
"ns-136.awsdns-17.com",
"ns-1717.awsdns-22.co.uk",
"ns-813.awsdns-37.net",
])
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment