cf-ops-automation icon indicating copy to clipboard operation
cf-ops-automation copied to clipboard

Published 20 hours ago verified publisher icon orange-cloudfoundry

Support terraform-provider-cf

Open gberche-orange opened this issue 7 years ago • 4 comments

Add support for migrating to https://github.com/mevansam/terraform-provider-cf

This is a follow up of #23

gberche-orange avatar Jan 22 '18 09:01 gberche-orange

@o-orand terraform-provider-cf version 0.9.8 was just released with import support. This sholuld help us kick off the migration. Can you please include the provider in the docker image used by COA ?

gberche-orange avatar Mar 09 '18 15:03 gberche-orange

Summary of related design session on Sep 12th:

  • a big bang to switch from orange TF provider CF to mevansam provider CF is risky and hard as: *this requires to synchronize coa, paas-templates (TF specs updates + TF state migration scripts in all root deployments) and paas-secrets TF (TF specs overrides)
  • a gradual iterative approach is preferrable
    • coexistence of orange TF provider CF and mevansam provider CF in the same TF state is an expensive step, as it requires
      • tf provider renaming
      • tf specs resource renaming and update of cross references
      • tf state tweaks, see https://github.com/mevansam/terraform-provider-cf/pull/85#issuecomment-395998798
    • a progressive switch root deployment by root deployment seems preferable, with steps such as:
      • cloudflare-deps
      • coab-deps: migrate existing resources (brokers) + experiment deploy new resources (cf_app)
      • master-deps: migrate existing resources (spaces, orgs, brokers, service plan visibility ...)

Two approaches were considered for the "progressive switch root deployment by root deployment":

  • invest and prioritize into docker image override per root deployment #189
  • add transient specific coa support to switch between TF cloudfoundry providers (mevansam/ vs orange-cloudfoundry/ per root deployment
    • include binaries for both providers in the docker image, with a default one being active
    • tweak coa tf task to select which provider to load at runtime depending on new environment variables: CURRENT_DEPL and USE_ORANGE_TF_PROVIDER_ON_DEPLS
    • introduce new global concourse pipeline variable that can be progressively turned on in paas-secrets ("USE_ORANGE_TF_PROVIDER_ON_DEPLS=coab-depls master-depls micro-depls ops-depls kubo-deps"
    • potentially each release would provide scripts to edit this variable as new root deployments switch to the new provider

gberche-orange avatar Sep 12 '18 11:09 gberche-orange

the USE_ORANGE_TF_PROVIDER_ON_DEPLS flag should be set as part of paas-template and not paas-secret

gberche-orange avatar Sep 14 '18 15:09 gberche-orange

On hold => spike in progress to use a dedicated terraform boshrelease

o-orand avatar Feb 15 '19 10:02 o-orand