-
GCP: Added a new variablelocationon the variables which sets the location of the bucketops-manager. -
Updated the templates to use
terraformversion1.0.11. -
Terraform providers updated and templates adjusted to remove deprecation warnings and errors.
Provider version GCP 4.1.0 AWS 3.65.0 Azure 2.85.0
- #70 :
GCPAdd NAT router configuration also for Ops Manager. - #64 :
Azurefix subnet reserved ranges. - #63 :
All ProvidersInconsistent DNS A record entries for PKS API endpoints. All Providers: All the version constraints for the providers were moved to theversion.tffiles.Azure: Updated theazurerm_subnetresources to use the newaddress_prefixesproperty.Azure: Fixed an interpolation warning onazure/ops-manager-resource-groups.tf.Azure: Removed the propertyenable_advanced_thread_protectionfrom theazurerm_storage_accountresource, which was removed on the latest version of the provider.Azure: Added resourcceazurerm_advanced_thread_protectionwhich substitutes the use of the propertyenable_advanced_thread_protectionon theazurerm_storage_accountresources.Azure: Added the propertyallow_blob_public_accesswith valuetrueon theazurerm_storage_account.boshresource, this should mimic previous behavior which was throwing errors after the provider upgrade.Azure: Changed the value of therole_definition_idof theazurerm_role_assignmentresources to use theazurerm_role_definition.resource_name.resourceproperty instead ofazurerm_role_definition.pks-worker.id, this fixes a problem introduced after upgrading the provider, caused by a change on the format on the propertyidfor theazurerm_role_definition.Azure: Removed the use of the propertresource_group_nameon theazurerm_lb_backend_address_poolresources.Azure: Updated theazurerm_lb_proberesources to use the propertybackend_address_pool_idsinstead of the propertybackend_address_pool_id, this removes a deprecation warning.GCP: Added propertsource_rangesto firewall rules which didn't had it, this setting can be change using theingress_source_rangesvariable on theterraform.tfvarsfile.
- Fixed an issue introduced by fc36573 which caused the terraform to fail on certain circumstances.
- 47539b2 - Add an override to use http2 in gcp load balancer
- 0e5e31c - Add note about the environment FQDN
- c8d8eb4 - Update example.tfvars for GCP to be more clear
- 5cb3ce3 - Add a prerequisite to paving GCP
- fc36573 - Generate list of backends dynamically in the PAS lb
- 1691aea - adding api prefix to the configuration value
- ff21c1c - Create ssl certificate before destroying it so certs can be rotated
- 8bd00d7 - Restrict Google Platform Provider to v3.90 patch releases, this fixes a breaking change present on
v4.00of thegcpprovider.
- Updated to terraform v0.13.0 HCL formatting.
-
When using
pavingfor creating a foundation, there are instances provisioned that may not be used. For example, only deploying Ops Manager and PAS tile, but still having networking resources created for PKS.This update allows control over that. The terraform resources have been organized into namespaced files. The namespacing identifies the resources and what they are for. For example,
pas-iam.tfcreates IAM resources for PAS tile. There are corresponding namespaces forops-manager-*.tfandpks-*.tf.If you don't require PAS, run
rm pas-*.tf. If you don't require PKS, runrm pks-*.tf.OpsManager resources cannot be removed as Ops Manager is required.
This change also affects the
stable_configpattern of outputs. Because there is no way to test the existence of a resource interraform,stable_confighas to be separated by Ops Managerstable_config_opsmanager, PASstable_config_pas, and PKSstable_config_pks.These changes are on all IAASes. NOTE:
nsxtdoes not have paving resources for PKS, which is why prefixed files are not there.
- AWS, GCP, and Azure includes resources to pave Ops Manager, PAS, and PKS.
- NSX-T include includes resources to pave Ops Manager and PAS.