Upgrading OCI Modules for Terraform
Automation is all the rage now; yet I’ve though automation has been the key to a lot of improvements over the years. Part of any automation process is to make the process simple to use and repeatable. When you start looking at cloud platforms the first thing that sticks out to you is all the resources that are available to you. When you start looking at these cloud resources you can very quickly become overwhelmed with all the possibilities for building as well as maintenance. How do you improve and solve these concerns?
With the rise of concepts like CI/CD, the staff over at HashiCorp have written a lot of tools that complement the these cloud platforms and allow for continuous automation of the platform while making process human-readable. The tool in question here is Terraform. Terraform provides a lot of great providers that can be use for a lot of cloud platforms. Additionally Terraform can be extended to use modules.
Modules are just code blocks that were built to do a defined process and simplify the complexity of the cloud deployment models. As good as modules are they should be used when needed and sparingly. In this blog post, we’re going to cover how to upgrade an existing Oracle Cloud Infrastructure (OCI) module from an earlier version to the 0.12 format for Terraform.
Pulling Modules
Publicly accessible modules can be found and listed out on the Terraform Registry. By doing a simple search for Oracle, you are listed with all the public modules for OCI.
Once the module that is needed is found, click on it and it will take you to a page with more details about the module. On this page there are a few things to pay attention to; version and provision instructions. The version will pull that version of the module and the provision instructions will provide a block of code that can be copied and used within your Terraform file (typically main.tf). Lastly, pay attention to the “inputs” required. Inputs are what is needed to make sure the module has all the required information to build the underlying structures.
After identifying the information needed for the module and including the module code block into the terraform file, the module will be pulled when running terraform init. When the module is pulled it will be placed in the .terraform directory. Example of this pull is listed below:
Bobbys-MacBook-Pro:OCI bocurtis$ terraform init
Initializing modules…
Downloading oracle-terraform-modules/compute-instance/oci 2.0.1 for compute-instance…
– compute-instance in .terraform/modules/compute-instance/terraform-oci-compute-instance-2.0.1
Initializing the backend…
Initializing provider plugins…
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running “terraform plan” to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Bobbys-MacBook-Pro:OCI bocurtis$
At this point, the module is ready to run and can be used to build the resource in the cloud.
Running Module (current state)
After pulling the module for OCI and attempting to run terraform plan, you may be met with a slew of errors. These errors are mostly related to syntax issues with the module. All of the Oracle provided modules for OCI are written for Terraform 0.11. What this means is that Terraform 0.12 will throw errors.
Bobbys-MacBook-Pro:OCI bocurtis$ terraform plan
Refreshing Terraform state in-memory prior to plan…
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
module.identity.data.oci_identity_api_keys.test_api_keys: Refreshing state…
module.compute-instance.data.oci_core_subnet.this[0]: Refreshing state…
Warning: Interpolation-only expressions are deprecated
on .terraform/modules/compute-instance/terraform-oci-compute-instance-2.0.1/main.tf line 15, in resource “oci_core_instance” “this”:
15: count = “${var.instance_count}”
Terraform 0.11 and earlier required all non-constant expressions to be
provided via interpolation syntax, but this pattern is now deprecated. To
silence this warning, remove the “${ sequence from the start and the }”
sequence from the end of this expression, leaving just the inner expression.
Template interpolation syntax is still used to construct strings from
expressions when the template includes multiple interpolation sequences or a
mixture of literal strings and interpolations. This deprecation applies only
to templates that consist entirely of a single interpolation sequence.
(and 27 more similar warnings elsewhere)
Warning: Quoted type constraints are deprecated
on .terraform/modules/compute-instance/terraform-oci-compute-instance-2.0.1/variables.tf line 54, in variable “private_ips”:
54: type = “list”
Terraform 0.11 and earlier required type constraints to be given in quotes,
but that form is now deprecated and will be removed in a future version of
Terraform. To silence this warning, remove the quotes around “list” and write
list(string) instead to explicitly indicate that the list elements are
strings.
(and one more similar warning elsewhere)
Error: Error in function call
on .terraform/modules/compute-instance/terraform-oci-compute-instance-2.0.1/main.tf line 34, in resource “oci_core_instance” “this”:
34: ssh_authorized_keys = “${file(“${var.ssh_authorized_keys}”)}”
|—————-
| var.ssh_authorized_keys is “”
Call to function “file” failed: failed to read ..
Bobbys-MacBook-Pro:OCI bocurtis$
If you read the error messages, you’ll notice that the errors being received are due to the module being written based on Terraform 0.11. How do you fix these errors?
Upgrade Module
Due to the syntax changes between Terraform 0.11 and 0.12, HashiCorp provided a utility to upgrade terraform files from 0.11 to 0.12. This utility is names 0.12upgrade and it ran by running terraform 0.12upgrade <path to files>. The utility will rewrite the files in the current working directory in to the 0.12 format. If you need more information on how to use this utility, check out terraform 0.12upgrade -help.
To perform the upgrade on the OCI module that was downloaded with the terraform init process, the command looks like this:
$ cd /oracle/OCI/
$ terraform 0.12upgrade .terraform/modules/compute-instance/terraform-oci-compute-instance-2.0.1
After running this command, navigate to the sub-directory for the module and verify that it is written in 0.12 format (versions.tf). There may still need to be small things that need to be edited before running your Terraform code, but this eases the development time and enables the use of existing modules that are publicly available.
Summary
Terraform uses the concepts of modules to enable users to build faster for the cloud provider of their choice. With the use of a public Terraform Registery, many companies and users can product modules for end-user consumption. The downside to this is that they modules have to be maintained and updated on a regular bases. For the short term, HashiCorp has solved this by providing a way for end-users to quickly upgrade the modules to 0.12 format due to changes made within the HCL. Overall, by upgrading the modules to 0.12, users can quickly build their environments using the same code with minor changes.
Current Oracle Certs
Bobby Curtis
I’m Bobby Curtis and I’m just your normal average guy who has been working in the technology field for awhile (started when I was 18 with the US Army). The goal of this blog has changed a bit over the years. Initially, it was a general blog where I wrote thoughts down. Then it changed to focus on the Oracle Database, Oracle Enterprise Manager, and eventually Oracle GoldenGate.
If you want to follow me on a more timely manner, I can be followed on twitter at @dbasolved or on LinkedIn under “Bobby Curtis MBA”.
Muchas gracias. ?Como puedo iniciar sesion?