upcloud: update terraform provider strict anti-affinity (#10474)

5194d830 · Robin Wallace · GitHub · 4846f331 · 5194d830 · 5194d830
Unverified Commit 5194d830 authored 1 year ago by Robin Wallace Committed by GitHub 1 year ago
--- a/contrib/terraform/upcloud/README.md
+++ b/contrib/terraform/upcloud/README.md
@@ -140,4 +140,4 @@ terraform destroy --var-file cluster-settings.tfvars \
  * `backend_servers`: List of servers that traffic to the port should be forwarded to.
 * `server_groups`: Group servers together
  * `servers`: The servers that should be included in the group.
-  * `anti_affinity`: If anti-affinity should be enabled, try to spread the VMs out on separate nodes.
+  * `anti_affinity_policy`: Defines if a server group is an anti-affinity group. Setting this to "strict" or yes" will result in all servers in the group being placed on separate compute hosts. The value can be "strict", "yes" or "no". "strict" refers to strict policy doesn't allow servers in the same server group to be on the same host. "yes" refers to best-effort policy and tries to put servers on different hosts, but this is not guaranteed.
--- a/contrib/terraform/upcloud/cluster-settings.tfvars
+++ b/contrib/terraform/upcloud/cluster-settings.tfvars
@@ -18,7 +18,7 @@ ssh_public_keys = [

 # check list of available plan https://developers.upcloud.com/1.3/7-plans/
 machines = {
-  "master-0" : {
+  "control-plane-0" : {
    "node_type" : "master",
    # plan to use instead of custom cpu/mem
    "plan" : null,
@@ -133,9 +133,9 @@ loadbalancers = {
 server_groups = {
  # "control-plane" = {
  #   servers = [
-  #     "master-0"
+  #     "control-plane-0"
  #   ]
-  #   anti_affinity = true
+  #   anti_affinity_policy = "strict"
  # },
  # "workers" = {
  #   servers = [
@@ -143,6 +143,6 @@ server_groups = {
  #     "worker-1",
  #     "worker-2"
  #   ]
-  #   anti_affinity = true
+  #   anti_affinity_policy = "yes"
  # }
 }
\ No newline at end of file
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
@@ -165,7 +165,7 @@ resource "upcloud_firewall_rules" "master" {
  for_each  = upcloud_server.master
  server_id = each.value.id

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.master_allowed_remote_ips

    content {
@@ -181,7 +181,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = length(var.master_allowed_remote_ips) > 0 ? [1] : []

    content {
@@ -197,7 +197,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.k8s_allowed_remote_ips

    content {
@@ -213,7 +213,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = length(var.k8s_allowed_remote_ips) > 0 ? [1] : []

    content {
@@ -229,7 +229,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.master_allowed_ports

    content {
@@ -245,7 +245,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -261,7 +261,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -277,7 +277,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -293,7 +293,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -309,7 +309,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["udp"] : []

    content {
@@ -325,7 +325,7 @@ resource "upcloud_firewall_rules" "master" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["udp"] : []

    content {
@@ -354,7 +354,7 @@ resource "upcloud_firewall_rules" "k8s" {
  for_each  = upcloud_server.worker
  server_id = each.value.id

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.k8s_allowed_remote_ips

    content {
@@ -370,7 +370,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = length(var.k8s_allowed_remote_ips) > 0 ? [1] : []

    content {
@@ -386,7 +386,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.worker_allowed_ports

    content {
@@ -402,7 +402,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -418,7 +418,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -434,7 +434,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -450,7 +450,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["tcp", "udp"] : []

    content {
@@ -466,7 +466,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["udp"] : []

    content {
@@ -482,7 +482,7 @@ resource "upcloud_firewall_rules" "k8s" {
    }
  }

-  dynamic firewall_rule {
+  dynamic "firewall_rule" {
    for_each = var.firewall_default_deny_in ? ["udp"] : []

    content {
@@ -552,7 +552,7 @@ resource "upcloud_loadbalancer_static_backend_member" "lb_backend_member" {
 resource "upcloud_server_group" "server_groups" {
  for_each             = var.server_groups
  title                = each.key
-  anti_affinity = each.value.anti_affinity
+  anti_affinity_policy = each.value.anti_affinity_policy
  labels               = {}
  members              = [for server in each.value.servers : merge(upcloud_server.master, upcloud_server.worker)[server].id]
 }
\ No newline at end of file
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/output.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/output.tf
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
@@ -99,7 +99,7 @@ variable "server_groups" {
  description = "Server groups"

  type = map(object({
-    anti_affinity   = bool
+    anti_affinity_policy = string
    servers              = list(string)
  }))
 }
\ No newline at end of file
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/versions.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/versions.tf
@@ -3,7 +3,7 @@ terraform {
  required_providers {
    upcloud = {
      source  = "UpCloudLtd/upcloud"
-      version = "~>2.7.1"
+      version = "~>2.12.0"
    }
  }
  required_version = ">= 0.13"

--- a/contrib/terraform/upcloud/sample-inventory/cluster.tfvars
+++ b/contrib/terraform/upcloud/sample-inventory/cluster.tfvars
@@ -18,7 +18,7 @@ ssh_public_keys = [

 # check list of available plan https://developers.upcloud.com/1.3/7-plans/
 machines = {
-  "master-0" : {
+  "control-plane-0" : {
    "node_type" : "master",
    # plan to use instead of custom cpu/mem
    "plan" : null,
@@ -134,9 +134,9 @@ loadbalancers = {
 server_groups = {
  # "control-plane" = {
  #   servers = [
-  #     "master-0"
+  #     "control-plane-0"
  #   ]
-  #   anti_affinity = true
+  #   anti_affinity_policy = "strict"
  # },
  # "workers" = {
  #   servers = [
@@ -144,6 +144,6 @@ server_groups = {
  #     "worker-1",
  #     "worker-2"
  #   ]
-  #   anti_affinity = true
+  #   anti_affinity_policy = "yes"
  # }
 }
\ No newline at end of file
--- a/contrib/terraform/upcloud/variables.tf
+++ b/contrib/terraform/upcloud/variables.tf
@@ -136,7 +136,7 @@ variable "server_groups" {
  description = "Server groups"

  type = map(object({
-    anti_affinity = bool
+    anti_affinity_policy = string
    servers              = list(string)
  }))


--- a/contrib/terraform/upcloud/versions.tf
+++ b/contrib/terraform/upcloud/versions.tf
@@ -3,7 +3,7 @@ terraform {
  required_providers {
    upcloud = {
      source  = "UpCloudLtd/upcloud"
-      version = "~>2.7.1"
+      version = "~>2.12.0"
    }
  }
  required_version = ">= 0.13"