Skip to content

Commit

Permalink
Update terraform resource names to be 0.12 compatible.
Browse files Browse the repository at this point in the history
According to the upgrade guide [0] resource names cannot start with digits.
Currently both routes and VPC CIDR associations start with digits, so this adds prefixes to them so that they are valid resource identifiers in 0.12.

This is a significant change because on its own, terraform will destroy and recreate the route which impact the cluster networking.
To avoid this, existing clusters this will require moving the resources within the terraform state prior to the next `apply`.

```
kops update cluster --target terraform --out ./
terraform state mv aws_route.0-0-0-0--0 aws_route.route-0-0-0-0--0 # repeat for all aws_route resources
terraform plan
terraform apply
```

The exact terraform state command may vary depending on how Kops' terraform output is used.
See the command documentation [1] for more details.
Always run a terraform plan first to ensure the `aws_route` and `aws_vpc_ipv4_cidr_block_association` resources are not getting recreated.

Due to the potential impact, this notice should be very prominant in the Kops release notes

[0] https://www.terraform.io/upgrade-guides/0-12.html
[1] https://www.terraform.io/docs/commands/state/mv.html
  • Loading branch information
rifelpet committed Jan 17, 2020
1 parent 0e1f5ba commit e0cebf3
Show file tree
Hide file tree
Showing 26 changed files with 46 additions and 40 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -474,7 +474,7 @@ resource "aws_launch_configuration" "nodes-additionalcidr-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.additionalcidr-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.additionalcidr-example-com.id}"
Expand Down Expand Up @@ -708,7 +708,7 @@ resource "aws_vpc_dhcp_options_association" "additionalcidr-example-com" {
dhcp_options_id = "${aws_vpc_dhcp_options.additionalcidr-example-com.id}"
}

resource "aws_vpc_ipv4_cidr_block_association" "10-1-0-0--16" {
resource "aws_vpc_ipv4_cidr_block_association" "cidr-10-1-0-0--16" {
vpc_id = "${aws_vpc.additionalcidr-example-com.id}"
cidr_block = "10.1.0.0/16"
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -345,7 +345,7 @@ resource "aws_launch_configuration" "nodes-crosszone-example-com" {
enable_monitoring = true
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.crosszone-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.crosszone-example-com.id}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -474,13 +474,13 @@ resource "aws_nat_gateway" "us-test-1a-bastionuserdata-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.bastionuserdata-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.bastionuserdata-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-bastionuserdata-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-bastionuserdata-example-com.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/complex/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -352,7 +352,7 @@ resource "aws_launch_configuration" "nodes-complex-example-com" {
enable_monitoring = true
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.complex-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.complex-example-com.id}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -362,7 +362,7 @@ resource "aws_launch_configuration" "nodes-existing-iam-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.existing-iam-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.existing-iam-example-com.id}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -311,25 +311,25 @@ resource "aws_nat_gateway" "us-west-2c-k8s-iam-us-west-2-td-priv" {
subnet_id = "${aws_subnet.utility-us-west-2c-k8s-iam-us-west-2-td-priv.id}"
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.k8s-iam-us-west-2-td-priv.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.k8s-iam-us-west-2-td-priv.id}"
}

resource "aws_route" "private-us-west-2a-0-0-0-0--0" {
resource "aws_route" "route-private-us-west-2a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-west-2a-k8s-iam-us-west-2-td-priv.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-west-2a-k8s-iam-us-west-2-td-priv.id}"
}

resource "aws_route" "private-us-west-2b-0-0-0-0--0" {
resource "aws_route" "route-private-us-west-2b-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-west-2b-k8s-iam-us-west-2-td-priv.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-west-2b-k8s-iam-us-west-2-td-priv.id}"
}

resource "aws_route" "private-us-west-2c-0-0-0-0--0" {
resource "aws_route" "route-private-us-west-2c-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-west-2c-k8s-iam-us-west-2-td-priv.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-west-2c-k8s-iam-us-west-2-td-priv.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/existing_sg/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -520,7 +520,7 @@ resource "aws_launch_configuration" "nodes-existingsg-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.existingsg-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.existingsg-example-com.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/externallb/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -293,7 +293,7 @@ resource "aws_launch_configuration" "nodes-externallb-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.externallb-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.externallb-example-com.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/ha/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -474,7 +474,7 @@ resource "aws_launch_configuration" "nodes-ha-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.ha-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.ha-example-com.id}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -76,13 +76,13 @@ resource "aws_nat_gateway" "us-test-1a-lifecyclephases-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.lifecyclephases-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.lifecyclephases-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-lifecyclephases-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-lifecyclephases-example-com.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/minimal-141/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -278,7 +278,7 @@ resource "aws_launch_configuration" "nodes-minimal-141-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.minimal-141-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.minimal-141-example-com.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/minimal/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -278,7 +278,7 @@ resource "aws_launch_configuration" "nodes-minimal-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.minimal-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.minimal-example-com.id}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -512,7 +512,7 @@ resource "aws_launch_template" "nodes-mixedinstances-example-com" {
user_data = "${file("${path.module}/data/aws_launch_template_nodes.mixedinstances.example.com_user_data")}"
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.mixedinstances-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.mixedinstances-example-com.id}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -512,7 +512,7 @@ resource "aws_launch_template" "nodes-mixedinstances-example-com" {
user_data = "${file("${path.module}/data/aws_launch_template_nodes.mixedinstances.example.com_user_data")}"
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.mixedinstances-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.mixedinstances-example-com.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/nosshkey/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -338,7 +338,7 @@ resource "aws_launch_configuration" "nodes-nosshkey-example-com" {
enable_monitoring = true
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.nosshkey-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.nosshkey-example-com.id}"
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/update_cluster/privatecalico/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -474,13 +474,13 @@ resource "aws_nat_gateway" "us-test-1a-privatecalico-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.privatecalico-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.privatecalico-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-privatecalico-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-privatecalico-example-com.id}"
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/update_cluster/privatecanal/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -474,13 +474,13 @@ resource "aws_nat_gateway" "us-test-1a-privatecanal-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.privatecanal-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.privatecanal-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-privatecanal-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-privatecanal-example-com.id}"
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/update_cluster/privatedns1/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -474,13 +474,13 @@ resource "aws_nat_gateway" "us-test-1a-privatedns1-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.privatedns1-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.privatedns1-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-privatedns1-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-privatedns1-example-com.id}"
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/update_cluster/privatedns2/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -459,13 +459,13 @@ resource "aws_nat_gateway" "us-test-1a-privatedns2-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.privatedns2-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "igw-1"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-privatedns2-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-privatedns2-example-com.id}"
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/update_cluster/privateflannel/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -474,13 +474,13 @@ resource "aws_nat_gateway" "us-test-1a-privateflannel-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.privateflannel-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.privateflannel-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-privateflannel-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-privateflannel-example-com.id}"
Expand Down
6 changes: 3 additions & 3 deletions tests/integration/update_cluster/privatekopeio/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -468,19 +468,19 @@ resource "aws_launch_configuration" "nodes-privatekopeio-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.privatekopeio-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.privatekopeio-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-privatekopeio-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "nat-a2345678"
}

resource "aws_route" "private-us-test-1b-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1b-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1b-privatekopeio-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "nat-b2345678"
Expand Down
4 changes: 2 additions & 2 deletions tests/integration/update_cluster/privateweave/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -474,13 +474,13 @@ resource "aws_nat_gateway" "us-test-1a-privateweave-example-com" {
}
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.privateweave-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.privateweave-example-com.id}"
}

resource "aws_route" "private-us-test-1a-0-0-0-0--0" {
resource "aws_route" "route-private-us-test-1a-0-0-0-0--0" {
route_table_id = "${aws_route_table.private-us-test-1a-privateweave-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
nat_gateway_id = "${aws_nat_gateway.us-test-1a-privateweave-example-com.id}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -278,7 +278,7 @@ resource "aws_launch_configuration" "nodes-restrictaccess-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.restrictaccess-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "${aws_internet_gateway.restrictaccess-example-com.id}"
Expand Down
2 changes: 1 addition & 1 deletion tests/integration/update_cluster/shared_vpc/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -263,7 +263,7 @@ resource "aws_launch_configuration" "nodes-sharedvpc-example-com" {
enable_monitoring = false
}

resource "aws_route" "0-0-0-0--0" {
resource "aws_route" "route-0-0-0-0--0" {
route_table_id = "${aws_route_table.sharedvpc-example-com.id}"
destination_cidr_block = "0.0.0.0/0"
gateway_id = "igw-1"
Expand Down
5 changes: 4 additions & 1 deletion upup/pkg/fi/cloudup/awstasks/route.go
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,10 @@ func (_ *Route) RenderTerraform(t *terraform.TerraformTarget, a, e, changes *Rou
tf.InstanceID = e.Instance.TerraformLink()
}

return t.RenderResource("aws_route", *e.Name, tf)
// Terraform 0.12 doesn't support resource names that start with digits. See #7052
// and https://www.terraform.io/upgrade-guides/0-12.html#pre-upgrade-checklist
name := fmt.Sprintf("route-%v", *e.Name)
return t.RenderResource("aws_route", name, tf)
}

type cloudformationRoute struct {
Expand Down
5 changes: 4 additions & 1 deletion upup/pkg/fi/cloudup/awstasks/vpccidrblock.go
Original file line number Diff line number Diff line change
Expand Up @@ -124,7 +124,10 @@ func (_ *VPCCIDRBlock) RenderTerraform(t *terraform.TerraformTarget, a, e, chang
CIDRBlock: e.CIDRBlock,
}

return t.RenderResource("aws_vpc_ipv4_cidr_block_association", *e.Name, tf)
// Terraform 0.12 doesn't support resource names that start with digits. See #7052
// and https://www.terraform.io/upgrade-guides/0-12.html#pre-upgrade-checklist
name := fmt.Sprintf("cidr-%v", *e.Name)
return t.RenderResource("aws_vpc_ipv4_cidr_block_association", name, tf)
}

type cloudformationVPCCIDRBlock struct {
Expand Down

0 comments on commit e0cebf3

Please sign in to comment.