Last active
March 28, 2022 15:00
-
-
Save ShubhamTatvamasi/e7a244e23393a4f5266d6913c77c23e7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
➜ magma-orc8r-upgrade-1-6-1-to-1-7 git:(master) ✗ terraform apply | |
module.orc8r.tls_private_key.eks_workers[0]: Refreshing state... [id=ff185721d416ac939dad4326238b5689e7fb8684] | |
module.orc8r.aws_key_pair.eks_workers[0]: Refreshing state... [id=orc8r20220328073024316700000003] | |
module.orc8r.aws_sns_topic.sns_orc8r_topic: Refreshing state... [id=arn:aws:sns:us-east-2:372544488264:orc8r-sns] | |
module.orc8r.module.eks.aws_cloudwatch_log_group.this[0]: Refreshing state... [id=/aws/eks/orc8r/cluster] | |
module.orc8r.aws_secretsmanager_secret.orc8r_secrets: Refreshing state... [id=arn:aws:secretsmanager:us-east-2:372544488264:secret:orc8r-secrets-DvJPl4] | |
module.orc8r.aws_efs_file_system.eks_pv: Refreshing state... [id=fs-0968e4991dc8e2d87] | |
module.orc8r.aws_route53_zone.orc8r: Refreshing state... [id=Z0538604IBBP3359MURZ] | |
module.orc8r.module.vpc.aws_vpc.this[0]: Refreshing state... [id=vpc-0eac7ddbc62f80cfb] | |
module.orc8r.module.eks.aws_iam_policy.cluster_elb_sl_role_creation[0]: Refreshing state... [id=arn:aws:iam::372544488264:policy/orc8r-elb-sl-role-creation20220328073024315300000002] | |
module.orc8r.module.eks.aws_iam_role.cluster[0]: Refreshing state... [id=orc8r20220328073024317500000005] | |
module.orc8r.module.vpc.aws_eip.nat[0]: Refreshing state... [id=eipalloc-0a5e5845b1e4a1572] | |
module.orc8r.aws_sns_topic_subscription.sns_orc8r_db_subscription_email[0]: Refreshing state... [id=arn:aws:sns:us-east-2:372544488264:orc8r-sns:b2096040-bbbc-4cd3-8d9f-74523c449eb3] | |
module.orc8r-app.null_resource.orc8r_seed_secrets: Refreshing state... [id=7005817970374776706] | |
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSServicePolicy[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027175700000006] | |
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_elb_sl_role_creation[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027554000000009] | |
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSVPCResourceControllerPolicy[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027528700000008] | |
module.orc8r.module.eks.aws_iam_role_policy_attachment.cluster_AmazonEKSClusterPolicy[0]: Refreshing state... [id=orc8r20220328073024317500000005-20220328073027201500000007] | |
module.orc8r.aws_security_group.default: Refreshing state... [id=sg-05164ea7a49b4c2f5] | |
module.orc8r.module.eks.aws_security_group.cluster[0]: Refreshing state... [id=sg-03bce83bb382fc0a6] | |
module.orc8r.module.vpc.aws_subnet.private[2]: Refreshing state... [id=subnet-0ab2383376780f62b] | |
module.orc8r.module.vpc.aws_subnet.private[0]: Refreshing state... [id=subnet-0372e929ed9d6d249] | |
module.orc8r.module.vpc.aws_subnet.private[1]: Refreshing state... [id=subnet-048700cef4c92d25c] | |
module.orc8r.module.vpc.aws_subnet.database[1]: Refreshing state... [id=subnet-083f049efbc60d852] | |
module.orc8r.module.vpc.aws_route_table.private[0]: Refreshing state... [id=rtb-0e045f4101d678796] | |
module.orc8r.module.vpc.aws_subnet.database[2]: Refreshing state... [id=subnet-040fc901bcbb91c05] | |
module.orc8r.module.vpc.aws_subnet.database[0]: Refreshing state... [id=subnet-053d17dee6b03e64a] | |
module.orc8r.module.vpc.aws_subnet.public[2]: Refreshing state... [id=subnet-0dedbb17228ecb9bd] | |
module.orc8r.module.vpc.aws_subnet.public[1]: Refreshing state... [id=subnet-0008db2eb630a979b] | |
module.orc8r.module.vpc.aws_subnet.public[0]: Refreshing state... [id=subnet-093d2ec9016382b87] | |
module.orc8r.module.vpc.aws_internet_gateway.this[0]: Refreshing state... [id=igw-025e54d3c4fa49249] | |
module.orc8r.module.vpc.aws_route_table.public[0]: Refreshing state... [id=rtb-0454f356bb263c626] | |
module.orc8r.module.eks.aws_security_group.workers[0]: Refreshing state... [id=sg-0761beaf84b6642f7] | |
module.orc8r.module.vpc.aws_route_table_association.private[1]: Refreshing state... [id=rtbassoc-0396ffd88c4a48df9] | |
module.orc8r.module.vpc.aws_route_table_association.private[2]: Refreshing state... [id=rtbassoc-04fc3562ff3e0cca5] | |
module.orc8r.module.vpc.aws_route_table_association.private[0]: Refreshing state... [id=rtbassoc-0f746913a215cad21] | |
module.orc8r.module.eks.aws_security_group_rule.cluster_egress_internet[0]: Refreshing state... [id=sgrule-1712288784] | |
module.orc8r.module.vpc.aws_db_subnet_group.database[0]: Refreshing state... [id=orc8r] | |
module.orc8r.module.vpc.aws_route_table_association.database[1]: Refreshing state... [id=rtbassoc-0d19b8b63c26327c4] | |
module.orc8r.module.vpc.aws_route_table_association.database[0]: Refreshing state... [id=rtbassoc-03ed5d813a2902bdb] | |
module.orc8r.module.vpc.aws_route_table_association.database[2]: Refreshing state... [id=rtbassoc-019c52ba5acabc4c0] | |
module.orc8r.module.vpc.aws_nat_gateway.this[0]: Refreshing state... [id=nat-0cee9fa8a56bd8471] | |
module.orc8r.aws_efs_mount_target.eks_pv_mnt[2]: Refreshing state... [id=fsmt-0af4fd457933d6b44] | |
module.orc8r.aws_efs_mount_target.eks_pv_mnt[1]: Refreshing state... [id=fsmt-012f60e580b3c3126] | |
module.orc8r.aws_efs_mount_target.eks_pv_mnt[0]: Refreshing state... [id=fsmt-0d8838ced0475a073] | |
module.orc8r.aws_elasticsearch_domain.es[0]: Refreshing state... [id=arn:aws:es:us-east-2:372544488264:domain/orc8r-es] | |
module.orc8r.module.vpc.aws_route.public_internet_gateway[0]: Refreshing state... [id=r-rtb-0454f356bb263c6261080289494] | |
module.orc8r.module.vpc.aws_route_table_association.public[1]: Refreshing state... [id=rtbassoc-069d9acbbd0782b01] | |
module.orc8r.module.vpc.aws_route_table_association.public[0]: Refreshing state... [id=rtbassoc-03f410826342a0b2e] | |
module.orc8r.module.vpc.aws_route_table_association.public[2]: Refreshing state... [id=rtbassoc-0d07b8623ac9127dd] | |
module.orc8r.module.eks.aws_security_group_rule.workers_ingress_cluster_https[0]: Refreshing state... [id=sgrule-1890904831] | |
module.orc8r.module.eks.aws_security_group_rule.workers_ingress_self[0]: Refreshing state... [id=sgrule-3955982485] | |
module.orc8r.module.eks.aws_security_group_rule.workers_ingress_cluster[0]: Refreshing state... [id=sgrule-2449886145] | |
module.orc8r.module.eks.aws_security_group_rule.workers_egress_internet[0]: Refreshing state... [id=sgrule-681951236] | |
module.orc8r.module.eks.aws_security_group_rule.cluster_https_worker_ingress[0]: Refreshing state... [id=sgrule-1442295862] | |
module.orc8r.module.vpc.aws_route.private_nat_gateway[0]: Refreshing state... [id=r-rtb-0e045f4101d6787961080289494] | |
module.orc8r.module.eks.aws_eks_cluster.this[0]: Refreshing state... [id=orc8r] | |
module.orc8r.aws_db_instance.default: Refreshing state... [id=orc8rdb] | |
module.orc8r.aws_elasticsearch_domain_policy.es_management_access[0]: Refreshing state... [id=esd-policy-orc8r-es] | |
module.orc8r.aws_db_event_subscription.default: Refreshing state... [id=orc8r-rds-events] | |
module.orc8r.module.eks.aws_iam_role.workers[0]: Refreshing state... [id=orc8r20220328075655335300000001] | |
module.orc8r.module.eks.local_file.kubeconfig[0]: Refreshing state... [id=c5f73b212b2e097bb6c2bc4af6614fa64e065ca5] | |
module.orc8r-app.kubernetes_namespace.orc8r: Refreshing state... [id=orc8r] | |
module.orc8r-app.kubernetes_service_account.tiller[0]: Refreshing state... [id=kube-system/tiller] | |
module.orc8r-app.kubernetes_namespace.monitoring[0]: Refreshing state... [id=monitoring] | |
module.orc8r-app.kubernetes_cluster_role_binding.tiller[0]: Refreshing state... [id=tiller] | |
module.orc8r.module.eks.aws_iam_role_policy_attachment.workers_AmazonEKS_CNI_Policy[0]: Refreshing state... [id=orc8r20220328075655335300000001-20220328075658365700000005] | |
module.orc8r.module.eks.aws_iam_role_policy_attachment.workers_AmazonEKSWorkerNodePolicy[0]: Refreshing state... [id=orc8r20220328075655335300000001-20220328075658983400000007] | |
module.orc8r.module.eks.aws_iam_role_policy_attachment.workers_AmazonEC2ContainerRegistryReadOnly[0]: Refreshing state... [id=orc8r20220328075655335300000001-20220328075658680300000006] | |
module.orc8r.module.eks.aws_iam_instance_profile.workers[0]: Refreshing state... [id=orc8r20220328075658060000000002] | |
module.orc8r.aws_iam_role.efs_provisioner: Refreshing state... [id=EFSProvisionerRole20220328075658098100000004] | |
module.orc8r.aws_iam_role.external_dns: Refreshing state... [id=ExternalDNSRole20220328075658098100000003] | |
module.orc8r-app.kubernetes_secret.artifactory: Refreshing state... [id=orc8r/artifactory] | |
module.orc8r-app.kubernetes_secret.orc8r_envdir: Refreshing state... [id=orc8r/orc8r-envdir] | |
module.orc8r-app.kubernetes_secret.orc8r_configs: Refreshing state... [id=orc8r/orc8r-configs] | |
module.orc8r-app.kubernetes_secret.nms_certs[0]: Refreshing state... [id=orc8r/nms-certs] | |
module.orc8r-app.kubernetes_secret.fluentd_certs: Refreshing state... [id=orc8r/fluentd-certs] | |
module.orc8r-app.kubernetes_secret.orc8r_certs: Refreshing state... [id=orc8r/orc8r-certs] | |
module.orc8r-app.helm_release.elasticsearch_curator[0]: Refreshing state... [id=elasticsearch-curator] | |
module.orc8r.aws_iam_role_policy_attachment.efs_provisioner: Refreshing state... [id=EFSProvisionerRole20220328075658098100000004-20220328075705385800000009] | |
module.orc8r-app.helm_release.efs_provisioner[0]: Refreshing state... [id=efs-provisioner] | |
module.orc8r.module.eks.kubernetes_config_map.aws_auth[0]: Refreshing state... [id=kube-system/aws-auth] | |
module.orc8r.module.eks.aws_launch_configuration.workers[0]: Refreshing state... [id=orc8r-wg-120220328075659841200000008] | |
module.orc8r-app.helm_release.fluentd[0]: Refreshing state... [id=fluentd] | |
module.orc8r.aws_iam_role_policy.external_dns: Refreshing state... [id=ExternalDNSRole20220328075658098100000003:terraform-2022032807570933470000000b] | |
module.orc8r-app.helm_release.external_dns[0]: Refreshing state... [id=external-dns] | |
module.orc8r.module.eks.aws_autoscaling_group.workers[0]: Refreshing state... [id=orc8r-wg-12022032807570852850000000a] | |
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanaproviders"]: Refreshing state... [id=orc8r/grafanaproviders] | |
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadata"]: Refreshing state... [id=orc8r/grafanadata] | |
module.orc8r-app.kubernetes_persistent_volume_claim.storage["openvpn"]: Refreshing state... [id=orc8r/openvpn] | |
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadatasources"]: Refreshing state... [id=orc8r/grafanadatasources] | |
module.orc8r-app.kubernetes_persistent_volume_claim.storage["promcfg"]: Refreshing state... [id=orc8r/promcfg] | |
module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadashboards"]: Refreshing state... [id=orc8r/grafanadashboards] | |
module.orc8r-app.kubernetes_persistent_volume_claim.storage["promdata"]: Refreshing state... [id=orc8r/promdata] | |
module.orc8r-app.helm_release.orc8r: Refreshing state... [id=orc8r] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Refreshing state... [id=lte-orc8r] | |
Note: Objects have changed outside of Terraform | |
Terraform detected the following changes made outside of Terraform since the last "terraform apply": | |
# module.orc8r.aws_db_instance.default has been changed | |
~ resource "aws_db_instance" "default" { | |
id = "orc8rdb" | |
~ latest_restorable_time = "2022-03-28T07:58:02Z" -> "2022-03-28T08:13:03Z" | |
name = "orc8r" | |
tags = {} | |
# (48 unchanged attributes hidden) | |
} | |
# module.orc8r-app.kubernetes_secret.orc8r_certs has been changed | |
~ resource "kubernetes_secret" "orc8r_certs" { | |
id = "orc8r/orc8r-certs" | |
# (2 unchanged attributes hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "orc8r-certs" | |
# (4 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.kubernetes_secret.artifactory has been changed | |
~ resource "kubernetes_secret" "artifactory" { | |
id = "orc8r/artifactory" | |
# (2 unchanged attributes hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "artifactory" | |
# (4 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.kubernetes_secret.nms_certs[0] has been changed | |
~ resource "kubernetes_secret" "nms_certs" { | |
id = "orc8r/nms-certs" | |
# (2 unchanged attributes hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "nms-certs" | |
# (4 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.kubernetes_secret.orc8r_configs has been changed | |
~ resource "kubernetes_secret" "orc8r_configs" { | |
id = "orc8r/orc8r-configs" | |
# (2 unchanged attributes hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "orc8r-configs" | |
# (4 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.kubernetes_cluster_role_binding.tiller[0] has been changed | |
~ resource "kubernetes_cluster_role_binding" "tiller" { | |
id = "tiller" | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "tiller" | |
# (3 unchanged attributes hidden) | |
} | |
# (2 unchanged blocks hidden) | |
} | |
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanaproviders"] has been changed | |
~ resource "kubernetes_persistent_volume_claim" "storage" { | |
id = "orc8r/grafanaproviders" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "grafanaproviders" | |
# (4 unchanged attributes hidden) | |
} | |
~ spec { | |
# (3 unchanged attributes hidden) | |
~ resources { | |
+ limits = {} | |
# (1 unchanged attribute hidden) | |
} | |
} | |
} | |
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["openvpn"] has been changed | |
~ resource "kubernetes_persistent_volume_claim" "storage" { | |
id = "orc8r/openvpn" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "openvpn" | |
# (4 unchanged attributes hidden) | |
} | |
~ spec { | |
# (3 unchanged attributes hidden) | |
~ resources { | |
+ limits = {} | |
# (1 unchanged attribute hidden) | |
} | |
} | |
} | |
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["promcfg"] has been changed | |
~ resource "kubernetes_persistent_volume_claim" "storage" { | |
id = "orc8r/promcfg" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "promcfg" | |
# (4 unchanged attributes hidden) | |
} | |
~ spec { | |
# (3 unchanged attributes hidden) | |
~ resources { | |
+ limits = {} | |
# (1 unchanged attribute hidden) | |
} | |
} | |
} | |
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["promdata"] has been changed | |
~ resource "kubernetes_persistent_volume_claim" "storage" { | |
id = "orc8r/promdata" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "promdata" | |
# (4 unchanged attributes hidden) | |
} | |
~ spec { | |
# (3 unchanged attributes hidden) | |
~ resources { | |
+ limits = {} | |
# (1 unchanged attribute hidden) | |
} | |
} | |
} | |
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadashboards"] has been changed | |
~ resource "kubernetes_persistent_volume_claim" "storage" { | |
id = "orc8r/grafanadashboards" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "grafanadashboards" | |
# (4 unchanged attributes hidden) | |
} | |
~ spec { | |
# (3 unchanged attributes hidden) | |
~ resources { | |
+ limits = {} | |
# (1 unchanged attribute hidden) | |
} | |
} | |
} | |
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadata"] has been changed | |
~ resource "kubernetes_persistent_volume_claim" "storage" { | |
id = "orc8r/grafanadata" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "grafanadata" | |
# (4 unchanged attributes hidden) | |
} | |
~ spec { | |
# (3 unchanged attributes hidden) | |
~ resources { | |
+ limits = {} | |
# (1 unchanged attribute hidden) | |
} | |
} | |
} | |
# module.orc8r-app.kubernetes_persistent_volume_claim.storage["grafanadatasources"] has been changed | |
~ resource "kubernetes_persistent_volume_claim" "storage" { | |
id = "orc8r/grafanadatasources" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "grafanadatasources" | |
# (4 unchanged attributes hidden) | |
} | |
~ spec { | |
# (3 unchanged attributes hidden) | |
~ resources { | |
+ limits = {} | |
# (1 unchanged attribute hidden) | |
} | |
} | |
} | |
# module.orc8r-app.helm_release.external_dns has been deleted | |
- resource "helm_release" "external_dns" { | |
- atomic = false -> null | |
- chart = "external-dns" -> null | |
- cleanup_on_fail = false -> null | |
- create_namespace = false -> null | |
- dependency_update = false -> null | |
- disable_crd_hooks = false -> null | |
- disable_openapi_validation = false -> null | |
- disable_webhooks = false -> null | |
- force_update = false -> null | |
- id = "external-dns" -> null | |
- lint = false -> null | |
- max_history = 0 -> null | |
- metadata = [ | |
- { | |
- app_version = "0.6.0" | |
- chart = "external-dns" | |
- name = "external-dns" | |
- namespace = "kube-system" | |
- revision = 1 | |
- values = jsonencode( | |
{ | |
- aws = { | |
- assumeRoleArn = "arn:aws:iam::372544488264:role/ExternalDNSRole20220328075658098100000003" | |
} | |
- rbac = { | |
- create = true | |
} | |
- zoneIdFilters = [ | |
- "Z0538604IBBP3359MURZ", | |
] | |
} | |
) | |
- version = "2.19.1" | |
}, | |
] -> null | |
- name = "external-dns" -> null | |
- namespace = "kube-system" -> null | |
- recreate_pods = false -> null | |
- render_subchart_notes = true -> null | |
- replace = false -> null | |
- repository = "https://charts.helm.sh/stable" -> null | |
- reset_values = false -> null | |
- reuse_values = false -> null | |
- skip_crds = false -> null | |
- status = "deployed" -> null | |
- timeout = 300 -> null | |
- values = [ | |
- <<-EOT | |
rbac: | |
create: true | |
aws: | |
assumeRoleArn: arn:aws:iam::372544488264:role/ExternalDNSRole20220328075658098100000003 | |
zoneIdFilters: | |
- Z0538604IBBP3359MURZ | |
EOT, | |
] -> null | |
- verify = false -> null | |
- version = "2.19.1" -> null | |
- wait = true -> null | |
} | |
# module.orc8r-app.kubernetes_secret.orc8r_envdir has been changed | |
~ resource "kubernetes_secret" "orc8r_envdir" { | |
+ data = (sensitive value) | |
id = "orc8r/orc8r-envdir" | |
# (1 unchanged attribute hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "orc8r-envdir" | |
# (4 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.helm_release.efs_provisioner has been deleted | |
- resource "helm_release" "efs_provisioner" { | |
- atomic = false -> null | |
- chart = "efs-provisioner" -> null | |
- cleanup_on_fail = false -> null | |
- create_namespace = false -> null | |
- dependency_update = false -> null | |
- disable_crd_hooks = false -> null | |
- disable_openapi_validation = false -> null | |
- disable_webhooks = false -> null | |
- force_update = false -> null | |
- id = "efs-provisioner" -> null | |
- lint = false -> null | |
- max_history = 0 -> null | |
- metadata = [ | |
- { | |
- app_version = "v2.4.0" | |
- chart = "efs-provisioner" | |
- name = "efs-provisioner" | |
- namespace = "kube-system" | |
- revision = 1 | |
- values = jsonencode( | |
{ | |
- efsProvisioner = { | |
- awsRegion = "us-east-2" | |
- efsFileSystemId = "fs-0968e4991dc8e2d87" | |
- path = "/pv-volume" | |
- provisionerName = "aws-efs" | |
- storageClass = { | |
- name = "efs" | |
} | |
} | |
- podAnnotations = { | |
- iam-assumable-role = "arn:aws:iam::372544488264:role/EFSProvisionerRole20220328075658098100000004" | |
} | |
} | |
) | |
- version = "0.11.0" | |
}, | |
] -> null | |
- name = "efs-provisioner" -> null | |
- namespace = "kube-system" -> null | |
- recreate_pods = false -> null | |
- render_subchart_notes = true -> null | |
- replace = false -> null | |
- repository = "https://charts.helm.sh/stable" -> null | |
- reset_values = false -> null | |
- reuse_values = false -> null | |
- skip_crds = false -> null | |
- status = "deployed" -> null | |
- timeout = 300 -> null | |
- values = [ | |
- <<-EOT | |
efsProvisioner: | |
efsFileSystemId: fs-0968e4991dc8e2d87 | |
awsRegion: us-east-2 | |
path: /pv-volume | |
provisionerName: aws-efs | |
storageClass: | |
name: efs | |
podAnnotations: | |
iam-assumable-role: arn:aws:iam::372544488264:role/EFSProvisionerRole20220328075658098100000004 | |
EOT, | |
] -> null | |
- verify = false -> null | |
- version = "0.11.0" -> null | |
- wait = true -> null | |
} | |
# module.orc8r-app.kubernetes_namespace.orc8r has been changed | |
~ resource "kubernetes_namespace" "orc8r" { | |
id = "orc8r" | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "orc8r" | |
# (3 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.kubernetes_namespace.monitoring[0] has been changed | |
~ resource "kubernetes_namespace" "monitoring" { | |
id = "monitoring" | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "monitoring" | |
# (3 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.kubernetes_namespace.monitoring has been deleted | |
- resource "kubernetes_namespace" "monitoring" { | |
- id = "monitoring" -> null | |
- metadata { | |
- generation = 0 -> null | |
- name = "monitoring" -> null | |
- resource_version = "2216" -> null | |
- uid = "bbc999ac-7b52-43f1-bf6c-0ffc96c85d03" -> null | |
} | |
} | |
# module.orc8r-app.kubernetes_secret.fluentd_certs has been changed | |
~ resource "kubernetes_secret" "fluentd_certs" { | |
id = "orc8r/fluentd-certs" | |
# (2 unchanged attributes hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "fluentd-certs" | |
# (4 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r-app.kubernetes_service_account.tiller[0] has been changed | |
~ resource "kubernetes_service_account" "tiller" { | |
id = "kube-system/tiller" | |
# (2 unchanged attributes hidden) | |
~ metadata { | |
+ annotations = {} | |
+ labels = {} | |
name = "tiller" | |
# (4 unchanged attributes hidden) | |
} | |
} | |
# module.orc8r.module.eks.aws_security_group.workers[0] has been changed | |
~ resource "aws_security_group" "workers" { | |
id = "sg-0761beaf84b6642f7" | |
~ ingress = [ | |
+ { | |
+ cidr_blocks = [] | |
+ description = "" | |
+ from_port = 0 | |
+ ipv6_cidr_blocks = [] | |
+ prefix_list_ids = [] | |
+ protocol = "-1" | |
+ security_groups = [ | |
+ "sg-00883acaed0c22fa8", | |
+ "sg-00e49e8198af48ca7", | |
+ "sg-0680f00709f68d503", | |
+ "sg-0a6778605e392a672", | |
+ "sg-0e8d07cc395285d3e", | |
] | |
+ self = false | |
+ to_port = 0 | |
}, | |
# (3 unchanged elements hidden) | |
] | |
name = "orc8r2022032807304215500000000a" | |
tags = { | |
"Name" = "orc8r-eks_worker_sg" | |
"kubernetes.io/cluster/orc8r" = "owned" | |
} | |
# (8 unchanged attributes hidden) | |
} | |
Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following | |
plan may include actions to undo or respond to these changes. | |
──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── | |
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following | |
symbols: | |
+ create | |
~ update in-place | |
<= read (data resources) | |
Terraform will perform the following actions: | |
# module.orc8r-app.data.template_file.orc8r_values will be read during apply | |
# (config refers to values not yet known) | |
<= data "template_file" "orc8r_values" { | |
~ id = "94b3672de83dc3bfc5cd4e822a7b4d60fc5aff1ffc8e509a8a21dd3d10717978" -> (known after apply) | |
~ rendered = <<-EOT | |
################################################################################ | |
# Copyright 2020 The Magma Authors. | |
# This source code is licensed under the BSD-style license found in the | |
# LICENSE file in the root directory of this source tree. | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
################################################################################ | |
imagePullSecrets: | |
- name: artifactory | |
secrets: | |
create: false | |
secret: | |
certs: orc8r-certs | |
configs: | |
orc8r: orc8r-configs | |
envdir: orc8r-envdir | |
nginx: | |
create: true | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: docker.artifactory.magmacore.org/nginx | |
tag: "1.6.1" | |
replicas: 2 | |
service: | |
enabled: true | |
legacyEnabled: true | |
annotations: | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default" | |
extraAnnotations: | |
proxy: | |
external-dns.alpha.kubernetes.io/hostname: api.orc8r.magmacore.link | |
bootstrapLagacy: | |
external-dns.alpha.kubernetes.io/hostname: bootstrapper-controller.orc8r.magmacore.link | |
clientcertLegacy: | |
external-dns.alpha.kubernetes.io/hostname: controller.orc8r.magmacore.link | |
name: orc8r-bootstrap-nginx | |
type: LoadBalancer | |
spec: | |
hostname: controller.orc8r.magmacore.link | |
controller: | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: docker.artifactory.magmacore.org/controller | |
tag: "1.6.1" | |
replicas: 2 | |
spec: | |
database: | |
db: orc8r | |
host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com | |
port: 5432 | |
user: orc8r | |
service_registry: | |
mode: "k8s" | |
metrics: | |
imagePullSecrets: | |
- name: artifactory | |
metrics: | |
volumes: | |
prometheusData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: promdata | |
prometheusConfig: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: promcfg | |
prometheus: | |
create: true | |
includeOrc8rAlerts: true | |
prometheusCacheHostname: orc8r-prometheus-cache | |
alertmanagerHostname: orc8r-alertmanager | |
alertmanager: | |
create: true | |
prometheusConfigurer: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/prometheus-configurer | |
tag: 1.0.4 | |
prometheusURL: orc8r-prometheus:9090 | |
alertmanagerConfigurer: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/alertmanager-configurer | |
tag: 1.0.4 | |
alertmanagerURL: orc8r-alertmanager:9093 | |
prometheusCache: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/prometheus-edge-hub | |
tag: 1.1.0 | |
limit: 500000 | |
grafana: | |
create: false | |
userGrafana: | |
image: | |
repository: docker.io/grafana/grafana | |
tag: 6.6.2 | |
create: true | |
volumes: | |
datasources: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadatasources | |
dashboardproviders: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanaproviders | |
dashboards: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadashboards | |
grafanaData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadata | |
thanos: | |
enabled: false | |
compact: | |
nodeSelector: | |
{} | |
store: | |
nodeSelector: | |
{} | |
query: | |
nodeSelector: | |
compute-type: thanos | |
objstore: | |
type: S3 | |
config: | |
bucket: | |
endpoint: s3.us-east-2.amazonaws.com | |
region: us-east-2 | |
access_key: | |
secret_key: | |
insecure: false | |
signature_version2: false | |
put_user_metadata: {} | |
http_config: | |
idle_conn_timeout: 0s | |
response_header_timeout: 0s | |
insecure_skip_verify: false | |
trace: | |
enable: false | |
part_size: 0 | |
nms: | |
enabled: true | |
imagePullSecrets: | |
- name: artifactory | |
secret: | |
certs: nms-certs | |
magmalte: | |
create: true | |
image: | |
repository: docker.artifactory.magmacore.org/magmalte | |
tag: "1.6.1" | |
env: | |
api_host: api.orc8r.magmacore.link | |
mysql_db: orc8r | |
mysql_dialect: postgres | |
mysql_host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com | |
mysql_port: 5432 | |
mysql_user: orc8r | |
mysql_pass: mypassword | |
grafana_address: orc8r-user-grafana:3000 | |
nginx: | |
create: true | |
service: | |
type: LoadBalancer | |
annotations: | |
external-dns.alpha.kubernetes.io/hostname: "*.nms.orc8r.magmacore.link" | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default" | |
deployment: | |
spec: | |
ssl_cert_name: controller.crt | |
ssl_cert_key_name: controller.key | |
logging: | |
enabled: false | |
EOT -> (known after apply) | |
~ template = <<-EOT | |
################################################################################ | |
# Copyright 2020 The Magma Authors. | |
# This source code is licensed under the BSD-style license found in the | |
# LICENSE file in the root directory of this source tree. | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
################################################################################ | |
imagePullSecrets: | |
- name: ${image_pull_secret} | |
secrets: | |
create: false | |
secret: | |
certs: ${certs_secret} | |
configs: | |
orc8r: ${configs_secret} | |
envdir: ${envdir_secret} | |
+ # certs sub-chart configuration. | |
+ certs: | |
+ create: ${managed_certs_create} | |
+ enabled: ${managed_certs_enabled} | |
+ domainName: ${managed_certs_domain_name} | |
+ nms: | |
+ customIssuer: ${nms_custom_issuer} | |
+ route53: | |
+ enabled: ${managed_certs_route53_enabled} | |
+ region: ${region} | |
+ | |
nginx: | |
create: true | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: ${docker_registry}/nginx | |
tag: "${docker_tag}" | |
replicas: ${nginx_replicas} | |
service: | |
enabled: true | |
legacyEnabled: true | |
annotations: | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=${magma_uuid}" | |
extraAnnotations: | |
proxy: | |
external-dns.alpha.kubernetes.io/hostname: ${api_hostname} | |
bootstrapLagacy: | |
external-dns.alpha.kubernetes.io/hostname: bootstrapper-${controller_hostname} | |
clientcertLegacy: | |
external-dns.alpha.kubernetes.io/hostname: ${controller_hostname} | |
name: orc8r-bootstrap-nginx | |
type: LoadBalancer | |
spec: | |
hostname: ${controller_hostname} | |
controller: | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: ${docker_registry}/controller | |
tag: "${docker_tag}" | |
+ env: | |
+ orc8r_domain_name: "${orc8r_domain_name}" | |
+ version_tag: "${docker_tag}" | |
+ helm_version_tag: "${orc8r_chart_version}" | |
replicas: ${controller_replicas} | |
spec: | |
database: | |
db: ${orc8r_db_name} | |
host: ${orc8r_db_host} | |
port: ${orc8r_db_port} | |
user: ${orc8r_db_user} | |
service_registry: | |
mode: "k8s" | |
metrics: | |
imagePullSecrets: | |
- name: ${image_pull_secret} | |
metrics: | |
volumes: | |
prometheusData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: ${metrics_pvc_promdata} | |
prometheusConfig: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: ${metrics_pvc_promcfg} | |
prometheus: | |
- create: true | |
+ create: ${enable_metrics} | |
includeOrc8rAlerts: true | |
prometheusCacheHostname: ${prometheus_cache_hostname} | |
alertmanagerHostname: ${alertmanager_hostname} | |
alertmanager: | |
- create: true | |
+ create: ${enable_metrics} | |
prometheusConfigurer: | |
- create: true | |
+ create: ${enable_metrics} | |
image: | |
repository: docker.io/facebookincubator/prometheus-configurer | |
tag: ${prometheus_configurer_version} | |
prometheusURL: ${prometheus_url} | |
alertmanagerConfigurer: | |
- create: true | |
+ create: ${enable_metrics} | |
image: | |
repository: docker.io/facebookincubator/alertmanager-configurer | |
tag: ${alertmanager_configurer_version} | |
alertmanagerURL: ${alertmanager_url} | |
prometheusCache: | |
- create: true | |
+ create: ${enable_metrics} | |
image: | |
repository: docker.io/facebookincubator/prometheus-edge-hub | |
tag: 1.1.0 | |
limit: 500000 | |
grafana: | |
- create: false | |
+ create: ${enable_metrics} | |
userGrafana: | |
image: | |
repository: docker.io/grafana/grafana | |
tag: 6.6.2 | |
create: ${create_usergrafana} | |
volumes: | |
datasources: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: ${grafana_pvc_grafanaDatasources} | |
dashboardproviders: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: ${grafana_pvc_grafanaProviders} | |
dashboards: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: ${grafana_pvc_grafanaDashboards} | |
grafanaData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: ${grafana_pvc_grafanaData} | |
thanos: | |
enabled: ${thanos_enabled} | |
compact: | |
nodeSelector: | |
${thanos_compact_selector} | |
store: | |
nodeSelector: | |
${thanos_store_selector} | |
query: | |
nodeSelector: | |
${thanos_query_selector} | |
objstore: | |
type: S3 | |
config: | |
bucket: ${thanos_bucket} | |
endpoint: s3.${region}.amazonaws.com | |
region: ${region} | |
access_key: ${thanos_aws_access_key} | |
secret_key: ${thanos_aws_secret_key} | |
insecure: false | |
signature_version2: false | |
put_user_metadata: {} | |
http_config: | |
idle_conn_timeout: 0s | |
response_header_timeout: 0s | |
insecure_skip_verify: false | |
trace: | |
enable: false | |
part_size: 0 | |
nms: | |
enabled: ${deploy_nms} | |
imagePullSecrets: | |
- name: ${image_pull_secret} | |
secret: | |
certs: ${nms_certs_secret} | |
+ certs: | |
+ enabled: ${nms_managed_certs_enabled} | |
+ | |
magmalte: | |
create: true | |
image: | |
repository: ${docker_registry}/magmalte | |
tag: "${docker_tag}" | |
env: | |
api_host: ${api_hostname} | |
mysql_db: ${orc8r_db_name} | |
mysql_dialect: ${orc8r_db_dialect} | |
mysql_host: ${orc8r_db_host} | |
mysql_port: ${orc8r_db_port} | |
mysql_user: ${orc8r_db_user} | |
mysql_pass: ${orc8r_db_pass} | |
grafana_address: ${user_grafana_hostname} | |
+ version_tag: "${docker_tag}" | |
nginx: | |
create: true | |
service: | |
type: LoadBalancer | |
annotations: | |
external-dns.alpha.kubernetes.io/hostname: "${nms_hostname}" | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=${magma_uuid}" | |
deployment: | |
spec: | |
ssl_cert_name: controller.crt | |
ssl_cert_key_name: controller.key | |
logging: | |
- enabled: false | |
+ enabled: ${enable_logging} | |
+ | |
+ dp: | |
+ create: ${dp_enabled} | |
+ | |
+ configuration_controller: | |
+ sasEndpointUrl: "${dp_sas_endpoint_url}" | |
+ image: | |
+ repository: "${docker_registry}/configuration-controller" | |
+ tag: "${docker_tag}" | |
+ | |
+ database: | |
+ driver: postgres | |
+ db: ${orc8r_db_name} | |
+ host: ${orc8r_db_host} | |
+ port: ${orc8r_db_port} | |
+ user: ${orc8r_db_user} | |
+ pass: ${orc8r_db_pass} | |
+ | |
+ protocol_controller: | |
+ enabled: false | |
+ image: | |
+ repository: "${docker_registry}/protocol-controller" | |
+ tag: "${docker_tag}" | |
+ | |
+ radio_controller: | |
+ image: | |
+ repository: "${docker_registry}/radio-controller" | |
+ tag: "${docker_tag}" | |
+ | |
+ database: | |
+ driver: postgres | |
+ db: ${orc8r_db_name} | |
+ host: ${orc8r_db_host} | |
+ port: ${orc8r_db_port} | |
+ user: ${orc8r_db_user} | |
+ pass: ${orc8r_db_pass} | |
+ | |
+ active_mode_controller: | |
+ image: | |
+ repository: "${docker_registry}/active-mode-controller" | |
+ tag: "${docker_tag}" | |
+ | |
+ db_service: | |
+ image: | |
+ repository: "${docker_registry}/db-service" | |
+ tag: "${docker_tag}" | |
+ | |
+ database: | |
+ driver: postgres | |
+ db: ${orc8r_db_name} | |
+ host: ${orc8r_db_host} | |
+ port: ${orc8r_db_port} | |
+ user: ${orc8r_db_user} | |
+ pass: ${orc8r_db_pass} | |
EOT | |
~ vars = { | |
~ "docker_registry" = "docker.artifactory.magmacore.org" -> "shubhamtatvamasi" | |
~ "docker_tag" = "1.6.1" -> "2474470" | |
+ "dp_enabled" = "false" | |
+ "dp_sas_endpoint_url" = "" | |
+ "enable_logging" = "true" | |
+ "enable_metrics" = "true" | |
+ "managed_certs_create" = "false" | |
+ "managed_certs_domain_name" = "orc8r.magmacore.link" | |
+ "managed_certs_enabled" = "false" | |
+ "managed_certs_route53_enabled" = "true" | |
+ "nms_custom_issuer" = "orc8r-route53-issuer" | |
+ "nms_managed_certs_enabled" = "false" | |
+ "orc8r_chart_version" = "1.5.27" | |
+ "orc8r_domain_name" = "orc8r.magmacore.link" | |
# (40 unchanged elements hidden) | |
} | |
} | |
# module.orc8r-app.helm_release.lte-orc8r[0] will be updated in-place | |
~ resource "helm_release" "lte-orc8r" { | |
id = "lte-orc8r" | |
name = "lte-orc8r" | |
~ repository = "https://artifactory.magmacore.org/artifactory/helm" -> "https://shubhamtatvamasi.github.io/magma-charts-3-17-2022" | |
~ values = [ | |
- <<-EOT | |
################################################################################ | |
# Copyright 2020 The Magma Authors. | |
# This source code is licensed under the BSD-style license found in the | |
# LICENSE file in the root directory of this source tree. | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
################################################################################ | |
imagePullSecrets: | |
- name: artifactory | |
secrets: | |
create: false | |
secret: | |
certs: orc8r-certs | |
configs: | |
orc8r: orc8r-configs | |
envdir: orc8r-envdir | |
nginx: | |
create: true | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: docker.artifactory.magmacore.org/nginx | |
tag: "1.6.1" | |
replicas: 2 | |
service: | |
enabled: true | |
legacyEnabled: true | |
annotations: | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default" | |
extraAnnotations: | |
proxy: | |
external-dns.alpha.kubernetes.io/hostname: api.orc8r.magmacore.link | |
bootstrapLagacy: | |
external-dns.alpha.kubernetes.io/hostname: bootstrapper-controller.orc8r.magmacore.link | |
clientcertLegacy: | |
external-dns.alpha.kubernetes.io/hostname: controller.orc8r.magmacore.link | |
name: orc8r-bootstrap-nginx | |
type: LoadBalancer | |
spec: | |
hostname: controller.orc8r.magmacore.link | |
controller: | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: docker.artifactory.magmacore.org/controller | |
tag: "1.6.1" | |
replicas: 2 | |
spec: | |
database: | |
db: orc8r | |
host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com | |
port: 5432 | |
user: orc8r | |
service_registry: | |
mode: "k8s" | |
metrics: | |
imagePullSecrets: | |
- name: artifactory | |
metrics: | |
volumes: | |
prometheusData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: promdata | |
prometheusConfig: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: promcfg | |
prometheus: | |
create: true | |
includeOrc8rAlerts: true | |
prometheusCacheHostname: orc8r-prometheus-cache | |
alertmanagerHostname: orc8r-alertmanager | |
alertmanager: | |
create: true | |
prometheusConfigurer: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/prometheus-configurer | |
tag: 1.0.4 | |
prometheusURL: orc8r-prometheus:9090 | |
alertmanagerConfigurer: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/alertmanager-configurer | |
tag: 1.0.4 | |
alertmanagerURL: orc8r-alertmanager:9093 | |
prometheusCache: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/prometheus-edge-hub | |
tag: 1.1.0 | |
limit: 500000 | |
grafana: | |
create: false | |
userGrafana: | |
image: | |
repository: docker.io/grafana/grafana | |
tag: 6.6.2 | |
create: true | |
volumes: | |
datasources: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadatasources | |
dashboardproviders: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanaproviders | |
dashboards: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadashboards | |
grafanaData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadata | |
thanos: | |
enabled: false | |
compact: | |
nodeSelector: | |
{} | |
store: | |
nodeSelector: | |
{} | |
query: | |
nodeSelector: | |
compute-type: thanos | |
objstore: | |
type: S3 | |
config: | |
bucket: | |
endpoint: s3.us-east-2.amazonaws.com | |
region: us-east-2 | |
access_key: | |
secret_key: | |
insecure: false | |
signature_version2: false | |
put_user_metadata: {} | |
http_config: | |
idle_conn_timeout: 0s | |
response_header_timeout: 0s | |
insecure_skip_verify: false | |
trace: | |
enable: false | |
part_size: 0 | |
nms: | |
enabled: true | |
imagePullSecrets: | |
- name: artifactory | |
secret: | |
certs: nms-certs | |
magmalte: | |
create: true | |
image: | |
repository: docker.artifactory.magmacore.org/magmalte | |
tag: "1.6.1" | |
env: | |
api_host: api.orc8r.magmacore.link | |
mysql_db: orc8r | |
mysql_dialect: postgres | |
mysql_host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com | |
mysql_port: 5432 | |
mysql_user: orc8r | |
mysql_pass: mypassword | |
grafana_address: orc8r-user-grafana:3000 | |
nginx: | |
create: true | |
service: | |
type: LoadBalancer | |
annotations: | |
external-dns.alpha.kubernetes.io/hostname: "*.nms.orc8r.magmacore.link" | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default" | |
deployment: | |
spec: | |
ssl_cert_name: controller.crt | |
ssl_cert_key_name: controller.key | |
logging: | |
enabled: false | |
EOT, | |
] -> (known after apply) | |
~ version = "0.2.5" -> "0.2.6" | |
# (26 unchanged attributes hidden) | |
set_sensitive { | |
# At least one attribute in this block is (or was) sensitive, | |
# so its contents will not be displayed. | |
} | |
} | |
# module.orc8r-app.helm_release.orc8r will be updated in-place | |
~ resource "helm_release" "orc8r" { | |
id = "orc8r" | |
name = "orc8r" | |
~ repository = "https://artifactory.magmacore.org/artifactory/helm" -> "https://shubhamtatvamasi.github.io/magma-charts-3-17-2022" | |
~ values = [ | |
- <<-EOT | |
################################################################################ | |
# Copyright 2020 The Magma Authors. | |
# This source code is licensed under the BSD-style license found in the | |
# LICENSE file in the root directory of this source tree. | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
################################################################################ | |
imagePullSecrets: | |
- name: artifactory | |
secrets: | |
create: false | |
secret: | |
certs: orc8r-certs | |
configs: | |
orc8r: orc8r-configs | |
envdir: orc8r-envdir | |
nginx: | |
create: true | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: docker.artifactory.magmacore.org/nginx | |
tag: "1.6.1" | |
replicas: 2 | |
service: | |
enabled: true | |
legacyEnabled: true | |
annotations: | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default" | |
extraAnnotations: | |
proxy: | |
external-dns.alpha.kubernetes.io/hostname: api.orc8r.magmacore.link | |
bootstrapLagacy: | |
external-dns.alpha.kubernetes.io/hostname: bootstrapper-controller.orc8r.magmacore.link | |
clientcertLegacy: | |
external-dns.alpha.kubernetes.io/hostname: controller.orc8r.magmacore.link | |
name: orc8r-bootstrap-nginx | |
type: LoadBalancer | |
spec: | |
hostname: controller.orc8r.magmacore.link | |
controller: | |
podDisruptionBudget: | |
enabled: true | |
image: | |
repository: docker.artifactory.magmacore.org/controller | |
tag: "1.6.1" | |
replicas: 2 | |
spec: | |
database: | |
db: orc8r | |
host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com | |
port: 5432 | |
user: orc8r | |
service_registry: | |
mode: "k8s" | |
metrics: | |
imagePullSecrets: | |
- name: artifactory | |
metrics: | |
volumes: | |
prometheusData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: promdata | |
prometheusConfig: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: promcfg | |
prometheus: | |
create: true | |
includeOrc8rAlerts: true | |
prometheusCacheHostname: orc8r-prometheus-cache | |
alertmanagerHostname: orc8r-alertmanager | |
alertmanager: | |
create: true | |
prometheusConfigurer: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/prometheus-configurer | |
tag: 1.0.4 | |
prometheusURL: orc8r-prometheus:9090 | |
alertmanagerConfigurer: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/alertmanager-configurer | |
tag: 1.0.4 | |
alertmanagerURL: orc8r-alertmanager:9093 | |
prometheusCache: | |
create: true | |
image: | |
repository: docker.io/facebookincubator/prometheus-edge-hub | |
tag: 1.1.0 | |
limit: 500000 | |
grafana: | |
create: false | |
userGrafana: | |
image: | |
repository: docker.io/grafana/grafana | |
tag: 6.6.2 | |
create: true | |
volumes: | |
datasources: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadatasources | |
dashboardproviders: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanaproviders | |
dashboards: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadashboards | |
grafanaData: | |
volumeSpec: | |
persistentVolumeClaim: | |
claimName: grafanadata | |
thanos: | |
enabled: false | |
compact: | |
nodeSelector: | |
{} | |
store: | |
nodeSelector: | |
{} | |
query: | |
nodeSelector: | |
compute-type: thanos | |
objstore: | |
type: S3 | |
config: | |
bucket: | |
endpoint: s3.us-east-2.amazonaws.com | |
region: us-east-2 | |
access_key: | |
secret_key: | |
insecure: false | |
signature_version2: false | |
put_user_metadata: {} | |
http_config: | |
idle_conn_timeout: 0s | |
response_header_timeout: 0s | |
insecure_skip_verify: false | |
trace: | |
enable: false | |
part_size: 0 | |
nms: | |
enabled: true | |
imagePullSecrets: | |
- name: artifactory | |
secret: | |
certs: nms-certs | |
magmalte: | |
create: true | |
image: | |
repository: docker.artifactory.magmacore.org/magmalte | |
tag: "1.6.1" | |
env: | |
api_host: api.orc8r.magmacore.link | |
mysql_db: orc8r | |
mysql_dialect: postgres | |
mysql_host: orc8rdb.c9zfkz9zxj0h.us-east-2.rds.amazonaws.com | |
mysql_port: 5432 | |
mysql_user: orc8r | |
mysql_pass: mypassword | |
grafana_address: orc8r-user-grafana:3000 | |
nginx: | |
create: true | |
service: | |
type: LoadBalancer | |
annotations: | |
external-dns.alpha.kubernetes.io/hostname: "*.nms.orc8r.magmacore.link" | |
service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: "magma-uuid=default" | |
deployment: | |
spec: | |
ssl_cert_name: controller.crt | |
ssl_cert_key_name: controller.key | |
logging: | |
enabled: false | |
EOT, | |
] -> (known after apply) | |
~ version = "1.5.23" -> "1.5.27" | |
# (26 unchanged attributes hidden) | |
set_sensitive { | |
# At least one attribute in this block is (or was) sensitive, | |
# so its contents will not be displayed. | |
} | |
} | |
# module.orc8r-app.kubernetes_secret.artifactory will be updated in-place | |
~ resource "kubernetes_secret" "artifactory" { | |
~ data = (sensitive value) | |
id = "orc8r/artifactory" | |
# (1 unchanged attribute hidden) | |
# (1 unchanged block hidden) | |
} | |
# module.orc8r.module.eks.aws_iam_openid_connect_provider.oidc_provider[0] will be created | |
+ resource "aws_iam_openid_connect_provider" "oidc_provider" { | |
+ arn = (known after apply) | |
+ client_id_list = [ | |
+ "sts.amazonaws.com", | |
] | |
+ id = (known after apply) | |
+ tags = { | |
+ "Name" = "orc8r-eks-irsa" | |
} | |
+ tags_all = { | |
+ "Name" = "orc8r-eks-irsa" | |
} | |
+ thumbprint_list = [ | |
+ "9e99a48a9960b14926bb7f3b02e22da2b0ab7280", | |
] | |
+ url = "https://oidc.eks.us-east-2.amazonaws.com/id/62B2BF0D4F8B119DA8541D62A4527094" | |
} | |
Plan: 1 to add, 3 to change, 0 to destroy. | |
╷ | |
│ Warning: Argument is deprecated | |
│ | |
│ with module.orc8r.aws_db_instance.default, | |
│ on .terraform/modules/orc8r/orc8r/cloud/deploy/terraform/orc8r-aws/db.tf line 21, in resource "aws_db_instance" "default": | |
│ 21: name = var.orc8r_db_name | |
│ | |
│ Use db_name instead | |
│ | |
│ (and one more similar warning elsewhere) | |
╵ | |
╷ | |
│ Warning: Version constraints inside provider configuration blocks are deprecated | |
│ | |
│ on .terraform/modules/orc8r/orc8r/cloud/deploy/terraform/orc8r-aws/providers.tf line 19, in provider "random": | |
│ 19: version = "~> 2.1" | |
│ | |
│ Terraform 0.13 and earlier allowed provider version constraints inside the provider configuration block, but that is now deprecated | |
│ and will be removed in a future version of Terraform. To silence this warning, move the provider version constraint into the | |
│ required_providers block. | |
╵ | |
Do you want to perform these actions? | |
Terraform will perform the actions described above. | |
Only 'yes' will be accepted to approve. | |
Enter a value: yes | |
module.orc8r-app.kubernetes_secret.artifactory: Modifying... [id=orc8r/artifactory] | |
module.orc8r-app.kubernetes_secret.artifactory: Modifications complete after 1s [id=orc8r/artifactory] | |
module.orc8r-app.data.template_file.orc8r_values: Reading... [id=94b3672de83dc3bfc5cd4e822a7b4d60fc5aff1ffc8e509a8a21dd3d10717978] | |
module.orc8r.module.eks.aws_iam_openid_connect_provider.oidc_provider[0]: Creating... | |
module.orc8r-app.data.template_file.orc8r_values: Read complete after 0s [id=29e22cd94ffd73d950b3b116268556cb7093a32a1e75b3f64281f0c68282d5a0] | |
module.orc8r.module.eks.aws_iam_openid_connect_provider.oidc_provider[0]: Creation complete after 2s [id=arn:aws:iam::372544488264:oidc-provider/oidc.eks.us-east-2.amazonaws.com/id/62B2BF0D4F8B119DA8541D62A4527094] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Modifying... [id=lte-orc8r] | |
module.orc8r-app.helm_release.orc8r: Modifying... [id=orc8r] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 10s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 10s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 20s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 20s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 30s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 30s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 40s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 40s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 50s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 50s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m0s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m0s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m10s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m10s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m20s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m20s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m30s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m30s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Still modifying... [id=lte-orc8r, 1m40s elapsed] | |
module.orc8r-app.helm_release.lte-orc8r[0]: Modifications complete after 1m40s [id=lte-orc8r] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m40s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 1m50s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m0s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m10s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m20s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m30s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m40s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 2m50s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m0s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m10s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m20s elapsed] | |
module.orc8r-app.helm_release.orc8r: Still modifying... [id=orc8r, 3m30s elapsed] | |
module.orc8r-app.helm_release.orc8r: Modifications complete after 3m34s [id=orc8r] | |
Apply complete! Resources: 1 added, 3 changed, 0 destroyed. | |
Outputs: | |
nameservers = tolist([ | |
"ns-1323.awsdns-37.org", | |
"ns-136.awsdns-17.com", | |
"ns-1717.awsdns-22.co.uk", | |
"ns-813.awsdns-37.net", | |
]) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment