From 86d08312488c53465b935c390a9c7c945e21037e Mon Sep 17 00:00:00 2001 From: Rodrigue Koffi Date: Mon, 12 Jun 2023 20:40:54 +0200 Subject: [PATCH] Remove Grafana provider for EKS (#179) * Remove Grafana provider for EKS * Drop provider * Add provider constraint config --- README.md | 24 +++++++++++++++---- docs/concepts.md | 2 -- examples/eks-cluster-with-vpc/versions.tf | 4 ---- examples/eks-multicluster/main.tf | 3 --- examples/eks-multicluster/providers.tf | 5 ---- examples/eks-multicluster/variables.tf | 2 +- examples/eks-multicluster/versions.tf | 4 ---- examples/existing-cluster-java/README.md | 3 +-- examples/existing-cluster-java/main.tf | 10 -------- examples/existing-cluster-java/variables.tf | 2 +- examples/existing-cluster-java/versions.tf | 4 ---- examples/existing-cluster-nginx/README.md | 3 +-- examples/existing-cluster-nginx/main.tf | 6 ----- examples/existing-cluster-nginx/variables.tf | 2 +- examples/existing-cluster-nginx/versions.tf | 4 ---- .../README.md | 1 - .../main.tf | 12 ---------- .../versions.tf | 4 ---- main.tf | 5 ---- modules/eks-monitoring/README.md | 1 - .../eks-monitoring/patterns/java/README.md | 1 - .../eks-monitoring/patterns/java/versions.tf | 4 ---- .../eks-monitoring/patterns/nginx/README.md | 1 - .../eks-monitoring/patterns/nginx/versions.tf | 4 ---- modules/eks-monitoring/versions.tf | 4 ---- variables.tf | 5 ---- versions.tf | 4 ---- 27 files changed, 25 insertions(+), 99 deletions(-) diff --git a/README.md b/README.md index a40774fd..5973ab33 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,26 @@ costs, active series with [this module](./modules/managed-prometheus-monitoring) To explore the complete project documentation, please visit our [documentation site.](https://aws-observability.github.io/terraform-aws-observability-accelerator/) + +## Migration to v2.5 + +If you are migrating from earlier versions to v2.5, please follow this guide. + +v2.5.0 removes the dependency to the Terraform Grafana provider in the EKS +monitoring module. As Grafana Operator manages and syncs the Grafana contents, +Terraform is not required anymore in this context. + +However, if you migrate from earlier versions, you might leave some data orphans +as the Grafana provider is dropped. Terraform will throw an error. We have +released [v2.5.0-rc.1](https://github.com/aws-observability/terraform-aws-observability-accelerator/releases/tag/v2.5.0-rc.1) +which removes all the Grafana resources provisioned by Terraform in the EKS +context, without removing the provider configurations. + +- Step 1: migrate to [v2.5.0-rc.1](https://github.com/aws-observability/terraform-aws-observability-accelerator/releases/tag/v2.5.0-rc.1) +and run `apply` +- Step 2: migrate to `v2.5.0` or above + + ## Getting started To quick start with a complete workflow and view Amazon EKS infrastructure dashboards, @@ -57,7 +77,6 @@ module "aws_observability_accelerator" { # As Grafana shares a different lifecycle, we recommend using an existing workspace. managed_grafana_workspace_id = var.managed_grafana_workspace_id - grafana_api_key = var.grafana_api_key } ``` @@ -79,7 +98,6 @@ module "aws_observability_accelerator" { managed_prometheus_workspace_id = "ws-abcd123..." managed_grafana_workspace_id = "g-abcdef123" - grafana_api_key = var.grafana_api_key } ``` @@ -153,7 +171,6 @@ If you are interested in contributing, see the | [terraform](#requirement\_terraform) | >= 1.1.0 | | [aws](#requirement\_aws) | >= 4.0.0 | | [awscc](#requirement\_awscc) | >= 0.24.0 | -| [grafana](#requirement\_grafana) | >= 1.25.0 | ## Providers @@ -181,7 +198,6 @@ No modules. | [aws\_region](#input\_aws\_region) | AWS Region | `string` | n/a | yes | | [enable\_alertmanager](#input\_enable\_alertmanager) | Creates Amazon Managed Service for Prometheus AlertManager for all workloads | `bool` | `false` | no | | [enable\_managed\_prometheus](#input\_enable\_managed\_prometheus) | Creates a new Amazon Managed Service for Prometheus Workspace | `bool` | `true` | no | -| [grafana\_api\_key](#input\_grafana\_api\_key) | Grafana API key for the Amazon Managed Grafana workspace | `string` | n/a | yes | | [managed\_grafana\_workspace\_id](#input\_managed\_grafana\_workspace\_id) | Amazon Managed Grafana Workspace ID | `string` | n/a | yes | | [managed\_prometheus\_workspace\_id](#input\_managed\_prometheus\_workspace\_id) | Amazon Managed Service for Prometheus Workspace ID | `string` | `""` | no | | [managed\_prometheus\_workspace\_region](#input\_managed\_prometheus\_workspace\_region) | Region where Amazon Managed Service for Prometheus is deployed | `string` | `null` | no | diff --git a/docs/concepts.md b/docs/concepts.md index 4c659f8e..d4ead3a5 100644 --- a/docs/concepts.md +++ b/docs/concepts.md @@ -78,7 +78,6 @@ module "aws_observability_accelerator" { # As Grafana shares a different lifecycle, we recommend using an existing workspace. managed_grafana_workspace_id = var.managed_grafana_workspace_id - grafana_api_key = var.grafana_api_key } ``` @@ -100,7 +99,6 @@ module "aws_observability_accelerator" { managed_prometheus_workspace_id = "ws-abcd123..." managed_grafana_workspace_id = "g-abcdef123" - grafana_api_key = var.grafana_api_key } ``` diff --git a/examples/eks-cluster-with-vpc/versions.tf b/examples/eks-cluster-with-vpc/versions.tf index fef34d89..235ecc10 100644 --- a/examples/eks-cluster-with-vpc/versions.tf +++ b/examples/eks-cluster-with-vpc/versions.tf @@ -18,10 +18,6 @@ terraform { source = "hashicorp/helm" version = ">= 2.10.0" } - grafana = { - source = "grafana/grafana" - version = ">= 1.40.1" - } } # ## Used for end-to-end testing on project; update to suit your needs diff --git a/examples/eks-multicluster/main.tf b/examples/eks-multicluster/main.tf index fba7cf81..6d1f4986 100644 --- a/examples/eks-multicluster/main.tf +++ b/examples/eks-multicluster/main.tf @@ -3,7 +3,6 @@ module "aws_observability_accelerator" { aws_region = var.eks_cluster_1_region enable_managed_prometheus = false enable_alertmanager = true - grafana_api_key = var.grafana_api_key managed_prometheus_workspace_region = null managed_prometheus_workspace_id = var.managed_prometheus_workspace_id managed_grafana_workspace_id = var.managed_grafana_workspace_id @@ -44,7 +43,6 @@ module "eks_cluster_1_monitoring" { aws = aws.eks_cluster_1 kubernetes = kubernetes.eks_cluster_1 helm = helm.eks_cluster_1 - grafana = grafana } depends_on = [ @@ -82,7 +80,6 @@ module "eks_cluster_2_monitoring" { aws = aws.eks_cluster_2 kubernetes = kubernetes.eks_cluster_2 helm = helm.eks_cluster_2 - grafana = grafana } depends_on = [ diff --git a/examples/eks-multicluster/providers.tf b/examples/eks-multicluster/providers.tf index a84abec2..6f9e4d36 100644 --- a/examples/eks-multicluster/providers.tf +++ b/examples/eks-multicluster/providers.tf @@ -39,8 +39,3 @@ provider "aws" { region = var.eks_cluster_2_region alias = "eks_cluster_2" } - -provider "grafana" { - url = module.aws_observability_accelerator.managed_grafana_workspace_endpoint - auth = var.grafana_api_key -} diff --git a/examples/eks-multicluster/variables.tf b/examples/eks-multicluster/variables.tf index 29561d15..e6fd68a1 100644 --- a/examples/eks-multicluster/variables.tf +++ b/examples/eks-multicluster/variables.tf @@ -39,7 +39,7 @@ variable "managed_grafana_workspace_id" { } variable "grafana_api_key" { - description = "API key for authorizing the Grafana provider to make changes to Amazon Managed Grafana" + description = "API key for external-secrets to create secrets for grafana-operator" type = string default = "" sensitive = true diff --git a/examples/eks-multicluster/versions.tf b/examples/eks-multicluster/versions.tf index 2bb06860..7334c9f1 100644 --- a/examples/eks-multicluster/versions.tf +++ b/examples/eks-multicluster/versions.tf @@ -21,9 +21,5 @@ terraform { source = "gavinbunney/kubectl" version = ">= 1.14" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } } diff --git a/examples/existing-cluster-java/README.md b/examples/existing-cluster-java/README.md index f96fc551..1577ca2d 100644 --- a/examples/existing-cluster-java/README.md +++ b/examples/existing-cluster-java/README.md @@ -193,7 +193,6 @@ terraform destroy -var-file=terraform.tfvars |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.0 | | [aws](#requirement\_aws) | >= 4.0.0 | -| [grafana](#requirement\_grafana) | >= 1.25.0 | | [helm](#requirement\_helm) | >= 2.4.1 | | [kubectl](#requirement\_kubectl) | >= 1.14 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | @@ -225,7 +224,7 @@ terraform destroy -var-file=terraform.tfvars | [aws\_region](#input\_aws\_region) | AWS Region | `string` | n/a | yes | | [eks\_cluster\_id](#input\_eks\_cluster\_id) | Name of the EKS cluster | `string` | n/a | yes | | [enable\_dashboards](#input\_enable\_dashboards) | Enables or disables curated dashboards | `bool` | `true` | no | -| [grafana\_api\_key](#input\_grafana\_api\_key) | API key for authorizing the Grafana provider to make changes to Amazon Managed Grafana | `string` | n/a | yes | +| [grafana\_api\_key](#input\_grafana\_api\_key) | API key for external-secrets to create secrets for grafana-operator | `string` | n/a | yes | | [managed\_grafana\_workspace\_id](#input\_managed\_grafana\_workspace\_id) | Amazon Managed Grafana Workspace ID | `string` | n/a | yes | | [managed\_prometheus\_workspace\_id](#input\_managed\_prometheus\_workspace\_id) | Amazon Managed Service for Prometheus Workspace ID | `string` | `""` | no | diff --git a/examples/existing-cluster-java/main.tf b/examples/existing-cluster-java/main.tf index cf28d4a7..302b4ced 100644 --- a/examples/existing-cluster-java/main.tf +++ b/examples/existing-cluster-java/main.tf @@ -48,20 +48,10 @@ module "aws_observability_accelerator" { # reusing existing Amazon Managed Grafana workspace managed_grafana_workspace_id = var.managed_grafana_workspace_id - grafana_api_key = var.grafana_api_key tags = local.tags } -# https://www.terraform.io/language/modules/develop/providers -# A module intended to be called by one or more other modules must not contain -# any provider blocks. -# This allows forcing dependency between base and workloads module -provider "grafana" { - url = module.aws_observability_accelerator.managed_grafana_workspace_endpoint - auth = var.grafana_api_key -} - module "eks_monitoring" { source = "../../modules/eks-monitoring" # source = "github.com/aws-observability/terraform-aws-observability-accelerator//modules/eks-monitoring?ref=v2.0.0" diff --git a/examples/existing-cluster-java/variables.tf b/examples/existing-cluster-java/variables.tf index 034d18e1..89595625 100644 --- a/examples/existing-cluster-java/variables.tf +++ b/examples/existing-cluster-java/variables.tf @@ -20,7 +20,7 @@ variable "managed_grafana_workspace_id" { } variable "grafana_api_key" { - description = "API key for authorizing the Grafana provider to make changes to Amazon Managed Grafana" + description = "API key for external-secrets to create secrets for grafana-operator" type = string sensitive = true } diff --git a/examples/existing-cluster-java/versions.tf b/examples/existing-cluster-java/versions.tf index 58f4d099..30b03707 100644 --- a/examples/existing-cluster-java/versions.tf +++ b/examples/existing-cluster-java/versions.tf @@ -18,10 +18,6 @@ terraform { source = "hashicorp/helm" version = ">= 2.4.1" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } # ## Used for end-to-end testing on project; update to suit your needs diff --git a/examples/existing-cluster-nginx/README.md b/examples/existing-cluster-nginx/README.md index 5ef1fc77..6c1c6f7d 100644 --- a/examples/existing-cluster-nginx/README.md +++ b/examples/existing-cluster-nginx/README.md @@ -204,7 +204,6 @@ add this `managed_prometheus_region=xxx` and `managed_prometheus_workspace_id=ws |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.0 | | [aws](#requirement\_aws) | >= 4.0.0 | -| [grafana](#requirement\_grafana) | >= 1.25.0 | | [helm](#requirement\_helm) | >= 2.4.1 | | [kubectl](#requirement\_kubectl) | >= 1.14 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | @@ -236,7 +235,7 @@ add this `managed_prometheus_region=xxx` and `managed_prometheus_workspace_id=ws | [aws\_region](#input\_aws\_region) | AWS Region | `string` | n/a | yes | | [eks\_cluster\_id](#input\_eks\_cluster\_id) | EKS Cluster Id | `string` | n/a | yes | | [enable\_dashboards](#input\_enable\_dashboards) | Enables or disables curated dashboards | `bool` | `true` | no | -| [grafana\_api\_key](#input\_grafana\_api\_key) | API key for authorizing the Grafana provider to make changes to Amazon Managed Grafana | `string` | n/a | yes | +| [grafana\_api\_key](#input\_grafana\_api\_key) | API key for external-secrets to create secrets for grafana-operator | `string` | n/a | yes | | [managed\_grafana\_workspace\_id](#input\_managed\_grafana\_workspace\_id) | Amazon Managed Grafana (AMG) workspace ID | `string` | n/a | yes | | [managed\_prometheus\_workspace\_id](#input\_managed\_prometheus\_workspace\_id) | Amazon Managed Service for Prometheus (AMP) workspace ID | `string` | `""` | no | diff --git a/examples/existing-cluster-nginx/main.tf b/examples/existing-cluster-nginx/main.tf index 9667cabd..987e18b1 100644 --- a/examples/existing-cluster-nginx/main.tf +++ b/examples/existing-cluster-nginx/main.tf @@ -48,16 +48,10 @@ module "aws_observability_accelerator" { # reusing existing Amazon Managed Grafana workspace managed_grafana_workspace_id = var.managed_grafana_workspace_id - grafana_api_key = var.grafana_api_key tags = local.tags } -provider "grafana" { - url = module.aws_observability_accelerator.managed_grafana_workspace_endpoint - auth = var.grafana_api_key -} - module "eks_monitoring" { source = "../../modules/eks-monitoring" # source = "github.com/aws-observability/terraform-aws-observability-accelerator//modules/eks-monitoring?ref=v2.0.0" diff --git a/examples/existing-cluster-nginx/variables.tf b/examples/existing-cluster-nginx/variables.tf index f8e54fcd..363583bd 100644 --- a/examples/existing-cluster-nginx/variables.tf +++ b/examples/existing-cluster-nginx/variables.tf @@ -20,7 +20,7 @@ variable "managed_grafana_workspace_id" { } variable "grafana_api_key" { - description = "API key for authorizing the Grafana provider to make changes to Amazon Managed Grafana" + description = "API key for external-secrets to create secrets for grafana-operator" type = string sensitive = true } diff --git a/examples/existing-cluster-nginx/versions.tf b/examples/existing-cluster-nginx/versions.tf index 1c7d8bdf..3b3e201e 100644 --- a/examples/existing-cluster-nginx/versions.tf +++ b/examples/existing-cluster-nginx/versions.tf @@ -18,10 +18,6 @@ terraform { source = "hashicorp/helm" version = ">= 2.4.1" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } # ## Used for end-to-end testing on project; update to suit your needs diff --git a/examples/existing-cluster-with-base-and-infra/README.md b/examples/existing-cluster-with-base-and-infra/README.md index ac90123c..16dc0a8e 100644 --- a/examples/existing-cluster-with-base-and-infra/README.md +++ b/examples/existing-cluster-with-base-and-infra/README.md @@ -21,7 +21,6 @@ View the full documentation for this example [here](https://aws-observability.gi |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.0 | | [aws](#requirement\_aws) | >= 4.0.0 | -| [grafana](#requirement\_grafana) | >= 1.25.0 | | [helm](#requirement\_helm) | >= 2.4.1 | | [kubectl](#requirement\_kubectl) | >= 1.14 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | diff --git a/examples/existing-cluster-with-base-and-infra/main.tf b/examples/existing-cluster-with-base-and-infra/main.tf index 8e528a53..a4024364 100644 --- a/examples/existing-cluster-with-base-and-infra/main.tf +++ b/examples/existing-cluster-with-base-and-infra/main.tf @@ -50,23 +50,11 @@ module "aws_observability_accelerator" { enable_alertmanager = true # reusing existing Amazon Managed Grafana workspace - # This is not needed anymore but kept here for a two step transition into - # removing the Terraform Grafana provider managed_grafana_workspace_id = var.managed_grafana_workspace_id - grafana_api_key = var.grafana_api_key tags = local.tags } -# https://www.terraform.io/language/modules/develop/providers -# A module intended to be called by one or more other modules must not contain -# any provider blocks. -# This allows forcing dependency between base and workloads module -provider "grafana" { - url = module.aws_observability_accelerator.managed_grafana_workspace_endpoint - auth = var.grafana_api_key -} - module "eks_monitoring" { source = "../../modules/eks-monitoring" # source = "github.com/aws-observability/terraform-aws-observability-accelerator//modules/eks-monitoring?ref=v2.0.0" diff --git a/examples/existing-cluster-with-base-and-infra/versions.tf b/examples/existing-cluster-with-base-and-infra/versions.tf index 308e5fe4..9d3e51fa 100644 --- a/examples/existing-cluster-with-base-and-infra/versions.tf +++ b/examples/existing-cluster-with-base-and-infra/versions.tf @@ -18,10 +18,6 @@ terraform { source = "hashicorp/helm" version = ">= 2.4.1" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } # ## Used for end-to-end testing on project; update to suit your needs diff --git a/main.tf b/main.tf index 287e502d..d7e7ae62 100644 --- a/main.tf +++ b/main.tf @@ -5,11 +5,6 @@ resource "aws_prometheus_workspace" "this" { tags = var.tags } -provider "grafana" { - url = local.amg_ws_endpoint - auth = var.grafana_api_key -} - resource "aws_prometheus_alert_manager_definition" "this" { count = var.enable_alertmanager ? 1 : 0 diff --git a/modules/eks-monitoring/README.md b/modules/eks-monitoring/README.md index 503dd909..c697adc2 100644 --- a/modules/eks-monitoring/README.md +++ b/modules/eks-monitoring/README.md @@ -21,7 +21,6 @@ See examples using this Terraform modules in the **Amazon EKS** section of [this |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.0 | | [aws](#requirement\_aws) | >= 4.0.0 | -| [grafana](#requirement\_grafana) | >= 1.25.0 | | [helm](#requirement\_helm) | >= 2.4.1 | | [kubectl](#requirement\_kubectl) | >= 1.14 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | diff --git a/modules/eks-monitoring/patterns/java/README.md b/modules/eks-monitoring/patterns/java/README.md index 5566f520..a53cbc67 100644 --- a/modules/eks-monitoring/patterns/java/README.md +++ b/modules/eks-monitoring/patterns/java/README.md @@ -12,7 +12,6 @@ Provides monitoring for Java based workloads with the following resources: |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.0 | | [aws](#requirement\_aws) | >= 4.0.0 | -| [grafana](#requirement\_grafana) | >= 1.25.0 | | [helm](#requirement\_helm) | >= 2.4.1 | | [kubectl](#requirement\_kubectl) | >= 1.14 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | diff --git a/modules/eks-monitoring/patterns/java/versions.tf b/modules/eks-monitoring/patterns/java/versions.tf index 595fb3e5..155807b3 100644 --- a/modules/eks-monitoring/patterns/java/versions.tf +++ b/modules/eks-monitoring/patterns/java/versions.tf @@ -18,9 +18,5 @@ terraform { source = "hashicorp/helm" version = ">= 2.4.1" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } } diff --git a/modules/eks-monitoring/patterns/nginx/README.md b/modules/eks-monitoring/patterns/nginx/README.md index 35334fea..06e6ea77 100644 --- a/modules/eks-monitoring/patterns/nginx/README.md +++ b/modules/eks-monitoring/patterns/nginx/README.md @@ -14,7 +14,6 @@ It provides the following resources: |------|---------| | [terraform](#requirement\_terraform) | >= 1.1.0 | | [aws](#requirement\_aws) | >= 4.0.0 | -| [grafana](#requirement\_grafana) | >= 1.25.0 | | [kubectl](#requirement\_kubectl) | >= 1.14 | | [kubernetes](#requirement\_kubernetes) | >= 2.10 | diff --git a/modules/eks-monitoring/patterns/nginx/versions.tf b/modules/eks-monitoring/patterns/nginx/versions.tf index d3092e60..4dd4befe 100644 --- a/modules/eks-monitoring/patterns/nginx/versions.tf +++ b/modules/eks-monitoring/patterns/nginx/versions.tf @@ -14,9 +14,5 @@ terraform { source = "gavinbunney/kubectl" version = ">= 1.14" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } } diff --git a/modules/eks-monitoring/versions.tf b/modules/eks-monitoring/versions.tf index 595fb3e5..155807b3 100644 --- a/modules/eks-monitoring/versions.tf +++ b/modules/eks-monitoring/versions.tf @@ -18,9 +18,5 @@ terraform { source = "hashicorp/helm" version = ">= 2.4.1" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } } diff --git a/variables.tf b/variables.tf index 0048a723..a86ba801 100644 --- a/variables.tf +++ b/variables.tf @@ -33,11 +33,6 @@ variable "tags" { default = {} } -variable "grafana_api_key" { - description = "Grafana API key for the Amazon Managed Grafana workspace" - type = string -} - variable "managed_grafana_workspace_id" { description = "Amazon Managed Grafana Workspace ID" type = string diff --git a/versions.tf b/versions.tf index 428c25ee..9ad3114f 100644 --- a/versions.tf +++ b/versions.tf @@ -10,9 +10,5 @@ terraform { source = "hashicorp/awscc" version = ">= 0.24.0" } - grafana = { - source = "grafana/grafana" - version = ">= 1.25.0" - } } }