feat: updates for 1.80.4, update PER DCs and update deprecated apis #546
Conversation
ppc64le-cloud-bot
added
the
do-not-merge/work-in-progress
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: prb112 The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
@prb112: PR is not mergeable. DetailsThe PR state is: blocked Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
ppc64le-cloud-bot
added
the
size/M
| } | ||
|
|
||
| resource "ibm_pi_network_port" "bastion_vip" { | ||
| resource "ibm_pi_network_interface" "bastion_vip" { |
There was a problem hiding this comment.
ibm_pi_network_port was replaced with ibm_pi_network_interface
| output "bastion_external_vip" { | ||
| depends_on = [null_resource.bastion_init] | ||
| value = local.bastion_count > 1 ? ibm_pi_network_port.bastion_internal_vip[0].public_ip : "" | ||
| value = local.bastion_count > 1 ? ibm_pi_network_interface.bastion_internal_vip[0].ip_address : "" |
There was a problem hiding this comment.
This will be a problem in ssh command output, DNS host entries, wildcard DNS. Somehow can we get the public IP from network?
There was a problem hiding this comment.
Hey @yussufsh
I looked at the terraform-provider-ibm, it's unclear if this is the public IP address. Further looking into the api, it's not clear the API network, instance et cetra is suitable for returning the public ip (I anticipate they built it for VPC entry into the PowerVS workspace).
I'll have to experiment it a bit. I'll do that on Monday.
Thanks,
Paul
There was a problem hiding this comment.
Hey Yussuf, still not clear on the replacement.
There was a problem hiding this comment.
Could we loop over the public interface IPs to fetch the public VIP? Prefetch the IPs in the order and replace the ip_address at that index.
prb112
changed the title
prb112
force-pushed
the
terraform-1.76.2-updates
branch
from
2c6f428 to
785c435
Compare
prb112
force-pushed
the
terraform-1.76.2-updates
branch
2 times, most recently
from
77bb098 to
4f2abf4
Compare
prb112
force-pushed
the
terraform-1.76.2-updates
branch
from
4f2abf4 to
1c7cd76
Compare
ppc64le-cloud-bot
added
size/L
prb112
changed the title
ppc64le-cloud-bot
added
do-not-merge/contains-merge-commits
and removed
do-not-merge/work-in-progress
prb112
force-pushed
the
terraform-1.76.2-updates
branch
from
0712718 to
043463a
Compare
prb112
force-pushed
the
terraform-1.76.2-updates
branch
from
043463a to
599b04b
Compare
prb112
changed the title
prb112
force-pushed
the
terraform-1.76.2-updates
branch
from
599b04b to
0ff846b
Compare
prb112
force-pushed
the
terraform-1.76.2-updates
branch
2 times, most recently
from
cbbfb14 to
08cfbd9
Compare
prb112
force-pushed
the
terraform-1.76.2-updates
branch
2 times, most recently
from
499d606 to
b1fe4eb
Compare
added the case where the image is pulled from the catalog Signed-off-by: Paul Bastide <pbastide@us.ibm.com>
prb112
force-pushed
the
terraform-1.76.2-updates
branch
from
b1fe4eb to
39c68d8
Compare
| } | ||
| provisioner "remote-exec" { | ||
| inline = [ | ||
| "sudo timedatectl set-timezone UTC", |
There was a problem hiding this comment.
In certain circumstances, the images used are not configured with UTC, however the coreos nodes default to UTC. If Sydney, Chennai or other locations before UTC are used the certificates are evaluated as After when they should be in sync.
There was a problem hiding this comment.
Looks like this should be set by default for every install.
We can directly set it during bastion setup without a variable or new resource.
| pi_volume_type = local.bastion_storage_type == "" && local.bastion_storage_pool == "" ? "tier3" : local.bastion_storage_type | ||
| pi_volume_shareable = var.volume_shareable | ||
| pi_cloud_instance_id = var.service_instance_id | ||
| } | ||
|
|
||
| resource "ibm_pi_instance" "bastion" { | ||
| count = local.bastion_count | ||
|
|
||
| pi_memory = var.bastion["memory"] | ||
| pi_processors = var.bastion["processors"] | ||
| pi_instance_name = "${var.name_prefix}bastion-${count.index}" | ||
| pi_proc_type = var.processor_type | ||
| pi_image_id = local.bastion_image_id | ||
| pi_key_pair_name = ibm_pi_key.key.name | ||
| pi_sys_type = var.system_type | ||
| pi_cloud_instance_id = var.service_instance_id | ||
| pi_health_status = var.bastion_health_status | ||
| pi_volume_ids = var.storage_type == "nfs" ? ibm_pi_volume.volume.*.volume_id : null | ||
| pi_storage_pool = local.bastion_storage_pool | ||
| pi_storage_type = local.bastion_storage_type | ||
| pi_storage_type = local.bastion_storage_type == "" && local.bastion_storage_pool == "" ? "tier3" : local.bastion_storage_type |
There was a problem hiding this comment.
Sets the default when using the catalog image.
There was a problem hiding this comment.
Can we set it above in locals instead of here?
3 participants
1.80.4 is needed due to CIS changes which cause a NIL pointer and are addressed in this release.