feat: added migration support for consumers looking to upgrade from v…

…ersion 5.x.x<br>*- added support for OCP 4.17, and removed support for OCP 4.12 and 4.13(#938)
terraform-ibm-modules · Jan 29, 2025 · 30bf9dc · 30bf9dc
1 parent 4b48a1c
commit 30bf9dc
Show file tree

Hide file tree

Showing 9 changed files with 620 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -852,7 +852,7 @@ module "cluster_pattern" {
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_bastion_host"></a> [bastion\_host](#module\_bastion\_host) | terraform-ibm-modules/landing-zone-vsi/ibm | 4.4.0 |
-| <a name="module_cluster"></a> [cluster](#module\_cluster) | terraform-ibm-modules/base-ocp-vpc/ibm | 3.34.0 |
+| <a name="module_cluster"></a> [cluster](#module\_cluster) | terraform-ibm-modules/base-ocp-vpc/ibm | 3.37.3 |
 | <a name="module_dynamic_values"></a> [dynamic\_values](#module\_dynamic\_values) | ./dynamic_values | n/a |
 | <a name="module_f5_vsi"></a> [f5\_vsi](#module\_f5\_vsi) | terraform-ibm-modules/landing-zone-vsi/ibm | 4.4.0 |
 | <a name="module_key_management"></a> [key\_management](#module\_key\_management) | ./kms | n/a |

diff --git a/cluster.tf b/cluster.tf
@@ -91,7 +91,7 @@ resource "ibm_container_vpc_cluster" "cluster" {
   pod_subnet        = each.value.pod_subnet
   service_subnet    = each.value.service_subnet
   # if kube_version is older than 4.15, default this value to null, otherwise provider will fail
-  disable_outbound_traffic_protection = startswith((lookup(each.value, "kube_version", null) == "default" || lookup(each.value, "kube_version", null) == null ? local.default_kube_version[each.value.kube_type] : each.value.kube_version), "4.12") || startswith((lookup(each.value, "kube_version", null) == "default" || lookup(each.value, "kube_version", null) == null ? local.default_kube_version[each.value.kube_type] : each.value.kube_version), "4.13") || startswith((lookup(each.value, "kube_version", null) == "default" || lookup(each.value, "kube_version", null) == null ? local.default_kube_version[each.value.kube_type] : each.value.kube_version), "4.14") ? null : each.value.disable_outbound_traffic_protection
+  disable_outbound_traffic_protection = startswith((lookup(each.value, "kube_version", null) == "default" || lookup(each.value, "kube_version", null) == null ? local.default_kube_version[each.value.kube_type] : each.value.kube_version), "4.14") ? null : each.value.disable_outbound_traffic_protection
   force_delete_storage                = each.value.cluster_force_delete_storage
   operating_system                    = each.value.operating_system
   crk                                 = each.value.boot_volume_crk_name == null ? null : regex("key:(.*)", module.key_management.key_map[each.value.boot_volume_crk_name].crn)[0]
@@ -244,7 +244,7 @@ module "cluster" {
     if cluster.kube_type == "openshift"
   }
   source             = "terraform-ibm-modules/base-ocp-vpc/ibm"
-  version            = "3.34.0"
+  version            = "3.37.3"
   resource_group_id  = local.resource_groups[each.value.resource_group]
   region             = var.region
   cluster_name       = each.value.cluster_name

diff --git a/ibm_catalog.json b/ibm_catalog.json
@@ -1135,14 +1135,6 @@
               "type": "string",
               "required": true,
               "options": [
-                {
-                  "displayname": "4.12_openshift",
-                  "value": "4.12_openshift"
-                },
-                {
-                  "displayname": "4.13_openshift",
-                  "value": "4.13_openshift"
-                },
                 {
                   "displayname": "4.14_openshift",
                   "value": "4.14_openshift"
@@ -1154,6 +1146,10 @@
                 {
                   "displayname": "4.16_openshift",
                   "value": "4.16_openshift"
+                },
+                {
+                  "displayname": "4.17_openshift",
+                  "value": "4.17_openshift"
                 }
               ],
               "custom_config": {}

diff --git a/patterns/roks-quickstart/scripts/migration-pre-ansible-playbook.yaml b/patterns/roks-quickstart/scripts/migration-pre-ansible-playbook.yaml
@@ -0,0 +1,95 @@
+- name: migration pre playbook
+  hosts: localhost
+  tasks:
+    - name: get running ansible env variables
+      set_fact:
+        config_crn_token: "{{ lookup('env', 'config_crn_token') }}"
+        project_id: "{{ lookup('env', 'project_id') }}"
+        config_id: "{{ lookup('env', 'config_id') }}"
+        project_url: "{{ lookup('env', 'project_url') }}"
+    - name: Get Statefile
+      uri:
+        url: "{{ project_url }}/v1/projects/{{ project_id }}/configs/{{ config_id }}/retrieve_schematics_statefile"
+        method: GET
+        headers:
+          Authorization: "Bearer {{ config_crn_token }}"
+      register: result
+    - name: Set Statefile
+      set_fact:
+        statefile: "{{ result.json | string }}"
+    - name: Creating script
+      copy:
+        dest: "script.sh"
+        content: |
+          #!/bin/bash
+          STATE="$(cat terraform.tfstate.tmp)"
+          CLUSTER_LIST=()
+          while IFS='' read -r line; do CLUSTER_LIST+=("$line"); done < <(echo "$STATE" | jq -r '.resources[] | select((.type == "ibm_container_vpc_cluster") and (.mode == "managed") and (.name == "cluster")) | .instances[] | .index_key')
+          WORKER_POOLS=()
+          while IFS='' read -r line; do WORKER_POOLS+=("$line"); done < <(echo "$STATE" | jq -r '.resources[] | select((.type == "ibm_container_vpc_worker_pool") and (.mode == "managed") and (.name == "pool")) | .instances[] | .index_key')
+          ADDRESS_LIST="$(echo "$STATE" | jq -r '.resources[] | select((.type == "ibm_container_vpc_cluster") and (.mode == "managed") and (.name == "cluster")) | .module')"
+
+          for i in "${!CLUSTER_LIST[@]}"; do
+              SOURCE="${ADDRESS_LIST}.ibm_container_vpc_cluster.cluster[\"${CLUSTER_LIST[$i]}\"]"
+              DESTINATION="${ADDRESS_LIST}.module.cluster[\"${CLUSTER_LIST[$i]}\"].ibm_container_vpc_cluster.cluster[0]"
+              if [ -n "${CLUSTER_LIST[$i]}" ]; then
+                  MOVED_PARAMS+=("$SOURCE, $DESTINATION")
+              fi
+
+              ADDONS_RESOURCE=$(echo "$STATE" | jq -r --arg CLUSTER "${CLUSTER_LIST[$i]}" '.resources[] | select((.type == "ibm_container_vpc_cluster") and (.mode == "managed") and (.name == "cluster")) | .instances[] |  select(.index_key == $CLUSTER) | .index_key')
+              if [ -n "$ADDONS_RESOURCE" ]; then
+                  ADDONS_SOURCE="${ADDRESS_LIST}.ibm_container_addons.addons[\"${CLUSTER_LIST[$i]}\"]"
+                  ADDONS_DESTINATION="${ADDRESS_LIST}.module.cluster[\"${CLUSTER_LIST[$i]}\"].ibm_container_addons.addons"
+                  MOVED_PARAMS+=("$ADDONS_SOURCE, $ADDONS_DESTINATION")
+              fi
+
+              for x in "${!WORKER_POOLS[@]}"; do
+                  if [[ "${WORKER_POOLS[$x]}" == *"${CLUSTER_LIST[$i]}"* ]]; then
+                      pool_name=${WORKER_POOLS[$x]//"${CLUSTER_LIST[$i]}-"/}
+                      WORKER_POOL_SOURCE="${ADDRESS_LIST}.ibm_container_vpc_worker_pool.pool[\"${WORKER_POOLS[$x]}\"]"
+                      WORKER_POOL_DESTINATION="${ADDRESS_LIST}.module.cluster[\"${CLUSTER_LIST[$i]}\"].ibm_container_vpc_worker_pool.pool[\"$pool_name\"]"
+                      MOVED_PARAMS+=("$WORKER_POOL_SOURCE, $WORKER_POOL_DESTINATION")
+                  fi
+              done
+          done
+          for mv in "${!MOVED_PARAMS[@]}"; do
+              echo "${MOVED_PARAMS[$mv]}"
+          done
+
+    - name: Create state file
+      copy: content="{{ statefile }}" dest="terraform.tfstate.tmp"
+    - name: Run the script
+      ansible.builtin.script:
+        cmd: ./script.sh
+      register: move_list
+    - name: Initiate Commands List
+      set_fact:
+        commands: []
+    - name: Add new JSON Objects to List
+      set_fact:
+        commands: "{{ commands +
+          [{ 'command': 'state mv',
+          'command_params': item,
+          'command_name': 'Move' + count|string,
+          'command_onerror': 'abort'}] }}"
+      loop: "{{ move_list.stdout_lines }}"
+      loop_control:
+        index_var: count
+    - name: Create complete JSON body
+      set_fact:
+        commands: "{{
+          { 'commands': commands ,
+          'operation_name': 'workspace Command',
+          'description': 'Executing command'}
+          }}"
+    - name: Run Terraform commands
+      uri:
+        url: "{{ project_url }}/v1/projects/{{ project_id }}/configs/{{ config_id }}/execute_schematics_commands"
+        method: POST
+        headers:
+          Authorization: "Bearer {{ config_crn_token }}"
+          Content-Type: application/json
+        body: "{{ commands }}"
+        body_format: json
+        status_code: [200, 202]
+      register: result
diff --git a/patterns/roks/scripts/migration-pre-ansible-playbook.yaml b/patterns/roks/scripts/migration-pre-ansible-playbook.yaml
@@ -0,0 +1,95 @@
+- name: migration pre playbook
+  hosts: localhost
+  tasks:
+    - name: get running ansible env variables
+      set_fact:
+        config_crn_token: "{{ lookup('env', 'config_crn_token') }}"
+        project_id: "{{ lookup('env', 'project_id') }}"
+        config_id: "{{ lookup('env', 'config_id') }}"
+        project_url: "{{ lookup('env', 'project_url') }}"
+    - name: Get Statefile
+      uri:
+        url: "{{ project_url }}/v1/projects/{{ project_id }}/configs/{{ config_id }}/retrieve_schematics_statefile"
+        method: GET
+        headers:
+          Authorization: "Bearer {{ config_crn_token }}"
+      register: result
+    - name: Set Statefile
+      set_fact:
+        statefile: "{{ result.json | string }}"
+    - name: Creating script
+      copy:
+        dest: "script.sh"
+        content: |
+          #!/bin/bash
+          STATE="$(cat terraform.tfstate.tmp)"
+          CLUSTER_LIST=()
+          while IFS='' read -r line; do CLUSTER_LIST+=("$line"); done < <(echo "$STATE" | jq -r '.resources[] | select((.type == "ibm_container_vpc_cluster") and (.mode == "managed") and (.name == "cluster")) | .instances[] | .index_key')
+          WORKER_POOLS=()
+          while IFS='' read -r line; do WORKER_POOLS+=("$line"); done < <(echo "$STATE" | jq -r '.resources[] | select((.type == "ibm_container_vpc_worker_pool") and (.mode == "managed") and (.name == "pool")) | .instances[] | .index_key')
+          ADDRESS_LIST="$(echo "$STATE" | jq -r '.resources[] | select((.type == "ibm_container_vpc_cluster") and (.mode == "managed") and (.name == "cluster")) | .module')"
+
+          for i in "${!CLUSTER_LIST[@]}"; do
+              SOURCE="${ADDRESS_LIST}.ibm_container_vpc_cluster.cluster[\"${CLUSTER_LIST[$i]}\"]"
+              DESTINATION="${ADDRESS_LIST}.module.cluster[\"${CLUSTER_LIST[$i]}\"].ibm_container_vpc_cluster.cluster[0]"
+              if [ -n "${CLUSTER_LIST[$i]}" ]; then
+                  MOVED_PARAMS+=("$SOURCE, $DESTINATION")
+              fi
+
+              ADDONS_RESOURCE=$(echo "$STATE" | jq -r --arg CLUSTER "${CLUSTER_LIST[$i]}" '.resources[] | select((.type == "ibm_container_vpc_cluster") and (.mode == "managed") and (.name == "cluster")) | .instances[] |  select(.index_key == $CLUSTER) | .index_key')
+              if [ -n "$ADDONS_RESOURCE" ]; then
+                  ADDONS_SOURCE="${ADDRESS_LIST}.ibm_container_addons.addons[\"${CLUSTER_LIST[$i]}\"]"
+                  ADDONS_DESTINATION="${ADDRESS_LIST}.module.cluster[\"${CLUSTER_LIST[$i]}\"].ibm_container_addons.addons"
+                  MOVED_PARAMS+=("$ADDONS_SOURCE, $ADDONS_DESTINATION")
+              fi
+
+              for x in "${!WORKER_POOLS[@]}"; do
+                  if [[ "${WORKER_POOLS[$x]}" == *"${CLUSTER_LIST[$i]}"* ]]; then
+                      pool_name=${WORKER_POOLS[$x]//"${CLUSTER_LIST[$i]}-"/}
+                      WORKER_POOL_SOURCE="${ADDRESS_LIST}.ibm_container_vpc_worker_pool.pool[\"${WORKER_POOLS[$x]}\"]"
+                      WORKER_POOL_DESTINATION="${ADDRESS_LIST}.module.cluster[\"${CLUSTER_LIST[$i]}\"].ibm_container_vpc_worker_pool.pool[\"$pool_name\"]"
+                      MOVED_PARAMS+=("$WORKER_POOL_SOURCE, $WORKER_POOL_DESTINATION")
+                  fi
+              done
+          done
+          for mv in "${!MOVED_PARAMS[@]}"; do
+              echo "${MOVED_PARAMS[$mv]}"
+          done
+
+    - name: Create state file
+      copy: content="{{ statefile }}" dest="terraform.tfstate.tmp"
+    - name: Run the script
+      ansible.builtin.script:
+        cmd: ./script.sh
+      register: move_list
+    - name: Initiate Commands List
+      set_fact:
+        commands: []
+    - name: Add new JSON Objects to List
+      set_fact:
+        commands: "{{ commands +
+          [{ 'command': 'state mv',
+          'command_params': item,
+          'command_name': 'Move' + count|string,
+          'command_onerror': 'abort'}] }}"
+      loop: "{{ move_list.stdout_lines }}"
+      loop_control:
+        index_var: count
+    - name: Create complete JSON body
+      set_fact:
+        commands: "{{
+          { 'commands': commands ,
+          'operation_name': 'workspace Command',
+          'description': 'Executing command'}
+          }}"
+    - name: Run Terraform commands
+      uri:
+        url: "{{ project_url }}/v1/projects/{{ project_id }}/configs/{{ config_id }}/execute_schematics_commands"
+        method: POST
+        headers:
+          Authorization: "Bearer {{ config_crn_token }}"
+          Content-Type: application/json
+        body: "{{ commands }}"
+        body_format: json
+        status_code: [200, 202]
+      register: result
diff --git a/patterns/roks/variables.tf b/patterns/roks/variables.tf
@@ -192,20 +192,19 @@ variable "cluster_zones" {
 }
 
 variable "kube_version" {
-  description = "The version of the OpenShift cluster that should be provisioned. Current supported values are '4.16_openshift', '4.15_openshift', '4.14_openshift', '4.13_openshift', or '4.12_openshift'. NOTE: This is only used during initial cluster provisioning, but ignored for future updates. Cluster version updates should be done outside of terraform to prevent possible destructive changes."
+  description = "The version of the OpenShift cluster that should be provisioned. Current supported values are '4.17_openshift', '4.16_openshift', '4.15_openshift' or '4.14_openshift'. NOTE: This is only used during initial cluster provisioning, but ignored for future updates. Cluster version updates should be done outside of terraform to prevent possible destructive changes."
   type        = string
   default     = "4.16_openshift"
   validation {
     condition = anytrue([
       var.kube_version == null,
       var.kube_version == "default",
+      var.kube_version == "4.17_openshift",
       var.kube_version == "4.16_openshift",
       var.kube_version == "4.15_openshift",
       var.kube_version == "4.14_openshift",
-      var.kube_version == "4.13_openshift",
-      var.kube_version == "4.12_openshift",
     ])
-    error_message = "The kube_version value can currently only be '4.16_openshift', '4.15_openshift', '4.14_openshift', '4.13_openshift', or '4.12_openshift'"
+    error_message = "The kube_version value can currently only be '4.17_openshift', '4.16_openshift', '4.15_openshift' or '4.14_openshift'"
   }
 }