Bringing Brownfield AWS Infrastructure Deployment into Terraform managed control

-

It is easy to raise a AWS infrastructure using Terraform IaC in case of greenfield deployments.

But how about the existing infrastructure in AWS that lets’ say was spawned either using cloud formation templates or even manually.

Spotlight, terraform import.

The import option of terraform command line, can help you create state file that adds the AWS deployed resource as terraform managed resource. There is some work involved though. You will need to create the main.tf file, defining your infrastructure resources as they exist using their resource names as you have created them.

For instance, a resource named EgressVPC and its subnet, Egress-Public-AZ2, will need to have following entries in main.tf entered by author,

Likewise all your AWS resources will need to be mentioned manually or through some manually crafted intelligent automation scripting that generates your main.tf file, along side the existing AWS resource id, to be used with terraform import command.

Once you have your resources defined in main.tf, run import option for each resources, like below:

# terraform import aws_vpc.EgressVPC vpc-051f9b4xxxxxxxx

# terraform import aws_subnet.Egress-Public-AZ2 subnet-01a35b6bxxxxxxx

This creates and appends your terraform.tfstates file with imported resources under its managed control. 

And yes you will need to have the resource type, resource name and resource id handy to run the import command, in the fromat above as 

<resource_type >.<resource_name> <resource_id>

Comments

Post a Comment

Popular posts from this blog

VLAN External Network in Openshift using NMState Operators and Multus

-
Image
NMstate operators and Multus CNI provide us with plugins and APIs, to set up external network in openshift container ecosystem. Let us see how we can implement a external VLAN networking for certain pods/VMs apart from, pods/VMs using internal cluster networking. When we install NMState operator, it avails us 3 different APIs, namely: Node Network Configuration Policy : Node level network settings implementation.          # oc get nncp Node Network State : The current state of node network is stored in this.         # oc get nns/<node-name> Node Network Configuration Enactment : The status of NNCP implementation across cluster nodes, is checked in this object.         # oc get nnce Network Attachment Definition (NAD) : Apart from above APIs, we will also make use of NAD from multus CNI plugin framework. This implements namespaced object that exposes existing layer 2 network dev...
Read more

Migrating from OpenshiftSDN to OVNKubernetes CNI

-
APIs involved in this migrations are: Network.operator.openshift.io Network.config.openshift.io Operators involved in this migrations are: Cluster Network Operator (CNO) Machine Config Operator (MCO) Refer to pre-requisite steps here , jotted in another post. Update to latest compatible z-stream .  With  that taken care, proceed below. 1> Backup existing cluster network config:      # oc get Network.config.openshift.io cluster -o yaml > cluster-openshiftSDN.yaml 2> Verify that  OVN_SDN_MIGRATION_TIMEOUT   environment variable is set and is  equal to  0s. 3> Set the migration value to null in CNO object cluster:                  # oc patch Network.operator.openshift.io cluster  -- type='merge'  --patch '{"spec":{"migration":null}}' At this time, CNO updates status of Network.config.openshift.io   CR  named  cluster accordingly. MCO rolls out an update to sys...
Read more

Updating Z-stream of version in Openshift Container Platform

-
Whenever we want to upgrade the OCP to next recommended upgrade path, we want to first move to latest patch version of major and minor version of OCP we are running. For instance, if your Openshift is version 4.15.11 (x.y.z) then, Major (x) version is 4, Minor (y) version is 15 and patch (z) version is 11. First update the master/control node and then worker nodes. The worker nodes in case of update can differ from control node by y-2. This allows to plan for update in large clusters that is staggered across in time. With that bit cleared let us see the procedure to update the z version of OCP version. 1> Just run following to lists the compatible update releases # oc adm upgrade Or run below to see available updates, # oc adm upgrade --include-not-recommended Note: Always consult the OSUS upgrade Graph for valid path upgrades 2> After having made the decision, considering impact of updates on existing set-up, go ahead and update the control node. # oc adm upgrade --to=4.15.3...
Read more