I’ve been trying to figure out how to migrate a module to run under terraform version 1.x but cannot find any good examples or documentation.
The code below is my starting point - any suggestions on what I need to change?
My Chef knowledge is VERY basic so this https://github.com/hashicorp/terraform-provisioner-migration really doesn’t provide enough information for me to get started.
resource "vsphere_virtual_machine" "vm" {
lifecycle {
ignore_changes = [
disk,
custom_attributes,
boot_delay
]
}
name = var.node_name
resource_pool_id = data.vsphere_compute_cluster.cluster.resource_pool_id
datastore_cluster_id = data.vsphere_datastore_cluster.datastore_cluster.id
guest_id = data.vsphere_virtual_machine.template.guest_id
num_cpus = var.num_cpus
memory = var.memory
folder = "${var.dc}${var.compute_cluster_name}${var.vm_path}"
enable_logging = true
cpu_hot_add_enabled = true
cpu_hot_remove_enabled = true
memory_hot_add_enabled = true
enable_disk_uuid = var.enable_disk_uuid
custom_attributes = {
"${data.vsphere_custom_attribute.ApplicationID.id}" = var.ApplicationID,
"${data.vsphere_custom_attribute.BackupRequired.id}" = var.BackupRequired,
"${data.vsphere_custom_attribute.CreatorSalaryID.id}" = var.CreatorSalaryID,
"${data.vsphere_custom_attribute.Environment.id}" = var.Environment,
"${data.vsphere_custom_attribute.SupportRU.id}" = var.SupportRU,
"${data.vsphere_custom_attribute.Squad.id}" = var.Squad,
"${data.vsphere_custom_attribute.ExpiryDate.id}" = local.expiry
}
# Create the FRONT NIC on demand if needed.
dynamic "network_interface" {
for_each = data.vsphere_network.network_front
content {
network_id = data.vsphere_network.network_front[network_interface.key].id
}
}
# Each virtual server has at least one NIC (AKA rear NIC).
network_interface {
network_id = data.vsphere_network.network_rear.id
}
cdrom {
client_device = "1"
}
disk {
label = "disk0"
size = data.vsphere_virtual_machine.template.disks.0.size
eagerly_scrub = data.vsphere_virtual_machine.template.disks.0.eagerly_scrub
thin_provisioned = data.vsphere_virtual_machine.template.disks.0.thin_provisioned
}
dynamic "disk" {
for_each = var.disks
content {
label = "disk${disk.key + 1}"
size = disk.value
unit_number = disk.key + 1
}
}
clone {
template_uuid = data.vsphere_virtual_machine.template.id
customize {
linux_options {
host_name = var.hostname
domain = var.domain_name
}
dynamic "network_interface" {
for_each = var.ipv4_address_list
content {
ipv4_address = split("/", network_interface.value)[0]
ipv4_netmask = split("/", network_interface.value)[1]
}
}
ipv4_gateway = var.ipv4_gateway_list[0]
dns_suffix_list = [var.domain_name]
dns_server_list = var.dns_server_list
}
}
provisioner "remote-exec" {
inline = [
"sudo hostnamectl set-hostname ${var.hostname}.${var.domain_name}",
"sudo hostnamectl set-location ${var.dc}",
"sudo hostnamectl set-deployment Terraform-${var.Environment}-${var.CreatorSalaryID}",
"sudo echo -e '[Chef]\nname=local Chef repository\nbaseurl=https://artifactory.internal.co.nz/yum-chef-remote/el/7/x86_64/\nenabled=1\nfastestmirror_enabled=0\ngpgcheck=0'>/tmp/Chef.repo",
"sudo cp /tmp/Chef.repo /etc/yum.repos.d/Chef.repo",
"sudo yum install ${var.chef_version} -y",
# Below commands are required to allow GEMs to be successfully installed from artifactory2 - which uses SSL. Required if any cookbooks have gem dependencies as Chef will put GEM installs BEFORE initial Chef runlist
"for geminstall in `find /opt/chef -name ssl_certs`; do sudo mkdir -p $${geminstall}/artifactory.internal.co.nz; for sourcecert in `ls /etc/pki/ca-trust/source/anchors`; do pemfile=`basename $${sourcecert} .crt`; sudo ln -s /etc/pki/ca-trust/source/anchors/$${sourcecert} $${geminstall}/artifactory.internal.co.nz/$${pemfile}.pem; done; done",
"sudo /opt/chef/embedded/bin/gem sources -r https://rubygems.org/",
"sudo /opt/chef/embedded/bin/gem sources -a https://artifactory.internal.co.nz/api/gems/gems-remote/"
]
connection {
host = local.remote_exec_ip
type = "ssh"
user = var.remote_ssh_user
private_key = file(var.remote_ssh_key)
script_path = "/var/tmp/init.sh"
}
}
provisioner "chef" {
attributes_json = jsonencode(
var.chef_node_extra_attributes == {} ?
merge(local.chef_node_basic_attributes, local.chef_node_basic_attributes) :
merge(local.chef_node_basic_attributes, var.chef_node_extra_attributes)
)
server_url = var.chef_server_url
node_name = var.node_name
use_policyfile = true
policy_name = var.policy_name
policy_group = var.policy_group
os_type = "linux"
client_options = [
"chef_license 'accept'",
"rubygems_url 'https://artifactory.internal.co.nz/api/gems/gems-remote/'",
]
skip_install = true
fetch_chef_certificates = true
recreate_client = true
vault_json = var.chef_vaults
user_name = var.chef_user_name
user_key = file(var.private_chef_key)
# If you have a self signed cert on your chef server change this to :verify_none
ssl_verify_mode = ":verify_none"
connection {
host = local.remote_exec_ip
type = "ssh"
user = var.remote_ssh_user
private_key = file(var.remote_ssh_key)
}
}
}