升级至Terraform v0.13

1 年 ago
新, 韵
4 minutes

总结

我总结了在个人开发中升级Terraform到v0.13版本时的处理方法。
v0.12.24 -> v0.13.0

提供商使用了Terraform AWS Provider。

目标读者

    TerraformとAWSを運用レベルで利用している方

源代码

以下是实际更新时的更改内容。这是通过terraform 0.13upgrade命令进行的更改。
关于该命令的说明请参见下文。

准备工作

按照HashiCorp的文档,进行升级到Terraform v0.13的前期准备工作。

如果您正在使用v0.11版本,请升级到v0.12。

在v0.13版本中,将不再包含用于从v0.11升级到v0.12的terraform 0.12upgrade命令。因此,如果您正在使用v0.11之前的版本,则需要先升级到v0.12。

由于这次是从v0.12.24开始的更改,所以我们没有执行这个步骤。

Terraform的个人开发已经升级到了v0.12版本,关于此升级的详细说明请参考下面。

执行 terraform plan

执行terraform plan,并使其处于无差异的状态。
在文档中提到,升级到v0.13后需要执行terraform apply来更新state文件。为了避免升级后出现问题,建议先使其处于无差异的状态。

请将terraform的required_version更改为>= 0.13。

当该版本为v0.12时,在执行后面提到的terraform 0.13升级时会发生错误。

$ terraform 0.13upgrade -yes

Error: Unsupported Terraform Core version

  on versions.tf line 2, in terraform:
   2:   required_version = "0.12.24"

This configuration does not support Terraform version 0.13.0. To proceed,
either choose another supported Terraform version or update this version
constraint. Version constraints are normally set for good reason, so updating
the constraint may lead to other errors or unexpected behavior.

当按照以下方式更改版本时,没有发生错误。

terraform {
  required_version = ">= 0.13"

  required_providers {
    aws = "~> 2.56"
  }
}

升级至v0.13。

通过执行升级命令,将更改提供商设置的位置。
在管理状态文件的以下目录中执行terraform 0.13升级。

- providers/aws/environments/prod/10-network
- providers/aws/environments/stg/10-network
- providers/aws/environments/stg/11-acm
- providers/aws/environments/stg/12-ecr
- providers/aws/environments/stg/13-ses
- providers/aws/environments/stg/14-cognito
- providers/aws/environments/stg/20-api

$ terraform 0.13upgrade

This command will update the configuration files in the given directory to use
the new provider source features from Terraform v0.13. It will also highlight
any providers for which the source cannot be detected, and advise how to
proceed.

We recommend using this command in a clean version control work tree, so that
you can easily see the proposed changes as a diff against the latest commit.
If you have uncommited changes already present, we recommend aborting this
command and dealing with them before running this command again.

Would you like to upgrade the module in the current directory?
  Only 'yes' will be accepted to confirm.

  Enter a value: yes

-----------------------------------------------------------------------------

Upgrade complete!

Use your version control system to review the proposed changes, make any
necessary adjustments, and then commit.

执行升级命令后,提供者的配置方法将发生变化。

## terraform 0.13upgrade 実行前
terraform {
  required_version = ">= 0.13"

  required_providers {
    aws = "2.70.0"
  }
}

## terraform 0.13upgrade 実行後
terraform {
  required_version = ">= 0.13"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "2.70.0"
    }
  }
}

如果有多个管理state文件的目录,您可以通过执行以下操作一次性更改。

find . -name '*.tf' | xargs -n1 dirname | uniq | xargs -n1 terraform 0.13upgrade -yes

命令:0.13升级 – 这是HashiCorp的Terraform文件中提到的步骤。

修改state文件的Provider指定方法

升级后,为了验证操作,尝试执行了terraform init和terraform plan,但遇到了一些错误。经过尝试和研究最终解决了问题,以下是解决步骤。

第一个问题

执行terraform init时发生了以下错误。

terraform init
Initializing modules...

Initializing the backend...

Error: Failed to decode current backend config

The backend configuration created by the most recent run of "terraform init"
could not be decoded: unsupported attribute "lock_table". The configuration
may have been initialized by an earlier version that used an incompatible
configuration structure. Run "terraform init -reconfigure" to force
re-initialization of the backend.

问题1的解决方案

删除/.terraform文件夹后,再次运行terraform init指令即可成功。

第二個問題

我已经能够执行 terraform init 了,但是当我执行 terraform init 后,将会安装 Terraform AWS Provider v3.3.0。

terraform init
Initializing modules...
- ap_northeast_1_acm in ../../../../../modules/aws/acm
- us_east_1_acm in ../../../../../modules/aws/acm

Initializing the backend...

Successfully configured the backend "s3"! Terraform will automatically
use this backend unless the backend configuration changes.

Initializing provider plugins...
- Finding hashicorp/aws versions matching "2.70.0"...
- Finding latest version of -/aws...
- Installing hashicorp/aws v2.70.0...
- Installed hashicorp/aws v2.70.0 (signed by HashiCorp)
- Installing -/aws v3.3.0...
- Installed -/aws v3.3.0 (signed by HashiCorp)

The following providers do not have any version constraints in configuration,
so the latest version was installed.

在这种情况下,如果执行terraform plan命令,则会使用AWS Provider v3.3.0进行执行,并在某些资源中发生错误。

問題2的解決方法是什麼?

通过执行以下步骤,可以更新state文件的Provider配置。这个过程将更新state文件。

$ terraform state replace-provider 'registry.terraform.io/-/aws' 'registry.terraform.io/hashicorp/aws'

修改state文件

# 変更前
"provider": "provider.aws",

# 変更後
"provider": "provider[\"registry.terraform.io/hashicorp/aws\"]",

填补

以下是升级至v0.13之前和之后的.terraform目录结构。

変更前

.
├── modules
│   └── modules.json
├── plugins
│   └── linux_amd64
│       ├── lock.json
│       └── terraform-provider-aws_v2.70.0_x4
└── terraform.tfstate


変更後

├── modules
│   └── modules.json
├── plugins
│   ├── registry.terraform.io
│   │   └── hashicorp
│   │       └── aws
│   │           └── 2.70.0
│   │               └── linux_amd64
│   │                   └── terraform-provider-aws_v2.70.0_x4
│   └── selections.json
└── terraform.tfstate

其他问题

该模块不支持0.13版本。

我使用了在 Terraform Registry 注册的模块,但由于该模块不支持 v0.13,因此出现了错误。
通过将模块升级至 v0.13,解决了错误。

$ terraform init
Initializing modules...

Error: Unsupported Terraform Core version

  on .terraform/modules/vpc/terraform-aws-vpc-1.0.1/versions.tf line 2, in terraform:
   2:   required_version = "~> 0.12.24"

Module module.vpc (from nekochans/vpc/aws) does not support Terraform version
0.13.0. To proceed, either choose another supported Terraform version or
update this version constraint. Version constraints are normally set for good
reason, so updating the constraint may lead to other errors or unexpected
behavior.

发生了一次差异

在使用数据源的部分发生了差异。由于影响不大,因此我们执行了terraform apply以进行更改。

/data/providers/aws/environments/stg/11-acm # terraform apply
  # module.ap_northeast_1_acm.data.aws_acm_certificate.main will be read during apply
  # (config refers to values not yet known)
 <= data "aws_acm_certificate" "main"  {
        arn         = "arn:aws:acm:ap-northeast-1:123456789012:certificate/xxxxx"
        domain      = "*.xxxxx.net"
      ~ id          = "2020-08-25 14:07:15.7532032 +0000 UTC" -> "2020-08-25 14:07:24.2474538 +0000 UTC"
        most_recent = false
        tags        = {}
    }

  # module.us_east_1_acm.data.aws_acm_certificate.main will be read during apply
  # (config refers to values not yet known)
 <= data "aws_acm_certificate" "main"  {
        arn         = "arn:aws:acm:us-east-1:123456789012:certificate/xxxxx"
        domain      = "*.xxxxx.net"
      ~ id          = "2020-08-25 14:07:17.7421785 +0000 UTC" -> "2020-08-25 14:07:26.2110586 +0000 UTC"
        most_recent = false
        tags        = {}
    }

Plan: 0 to add, 0 to change, 0 to destroy.

最后

与升级到 Terraform v0.12 相比,升级很容易实施。
如果有一些地方出现错误,希望这些信息对您有所帮助。

我没有列出关于v0.13新增功能的说明,但建议您参考HashiCorp的博客。

请参考

    • Announcing HashiCorp Terraform 0.13 General Availability

 

    Upgrading to Terraform v0.13 – Terraform by HashiCorp
广告
将在 10 秒后关闭
bannerAds