Ignore controller user_data changes to allow plugin updates #335
Conversation
dghubble
force-pushed
the
ignore-controller-user-data
branch
from
7be543f to
be42ffc
Compare
* Updating the `terraform-provider-ct` plugin is known to produce a `user_data` diff in all pre-existing clusters. Applying the diff to pre-existing cluster destroys controller nodes * Ignore changes to controller `user_data`. Once all managed clusters use a release containing this change, it is possible to update the `terraform-provider-ct` plugin (worker `user_data` will still be modified) * Changing the module `ref` for an existing cluster and re-applying is still NOT supported (although this PR would protect controllers from being destroyed)
dghubble
force-pushed
the
ignore-controller-user-data
branch
from
be42ffc to
0e71f7e
Compare
|
Once all managed clusters run v1.12.2 or higher, you can optionally update to the v0.3.0 In a Terraform config directory with clusters that are v1.12.2 or higher, re-run init and plan. Double check that no diff's are proposed for controller nodes, as those will destroy cluster state. Otheriwse, proceed with the apply. Worker node user-data will be altered slightly (the new plugin generates Ignition with a newer version number). Rolling workers happens differently depending on platform: AWSAWS creates a new worker ASG, then removes the old ASG. New workers will join the cluster, then old workers will disappear. Expect AzureAzure edits the worker scale set in-place instantly. Manually terminate workers to create replacement workers using the new user-data. Bare-MetalNo action is needed. Bare-Metal machines do not re-PXE unless explicitly made to do so. DigitalOceanDigitalOcean destroys existing worker nodes and DNS records. Then it creates new workers and records. Since DigitalOcean lacks a "managed group" or "auto-scaling group" equivalent, you must taint the secret copy step to secure copy a kubeconfig to the new workers, otherwise they won't join the cluster. Google CloudGoogle Cloud creates a new worker template and edits the worker instance group in-place instantly. Manually terminate workers to create replacement workers using the new user-data (or just wait 24 hours if they're preemptible instances). |
terraform-provider-ctplugin is known to produce auser_datadiff in all pre-existing clusters. Applying the diff to pre-existing cluster destroys controller nodesuser_data. Once all managed clusters use a release containing this change, it is possible to update theterraform-provider-ctplugin (workeruser_datawill still be modified)reffor an existing cluster and re-applying is still NOT supported (although this PR would protect controllers from being destroyed)Related: