Upgrading Forseti from v2.24.2 to v2.25.0 error
39 views
Skip to first unread message
Peter
Jul 15, 2020, 11:28:10 AM7/15/20
to Forseti Security Discussion
I use terraform module to deploy forseti and I'm upgrading to newer version:
so what I changed is the variable file is the var >>>>> forseti_version = "v2.25.0".
After installation is finished, I found that forseti application is not found on the server which means no forseti software has been installed !! and no config validator was found also!!!!
So, please help, what am i Sopposed to do to upgrade to the newer version of forseti using Terraform not Deployment manager.
I hope you response quickly, because we really need it.
Thanks
so what I changed is the variable file is the var >>>>> forseti_version = "v2.25.0".
After installation is finished, I found that forseti application is not found on the server which means no forseti software has been installed !! and no config validator was found also!!!!
So, please help, what am i Sopposed to do to upgrade to the newer version of forseti using Terraform not Deployment manager.
I hope you response quickly, because we really need it.
Thanks
Gregg Kowalski
Jul 15, 2020, 11:32:41 AM7/15/20
to Peter, Forseti Security Discussion
Hi Peter,
It's recommended to not modify or provide the forseti_version in your Terraform configuration. Instead, target the Forseti Terraform module using the version field. The Forseti Terraform modules are pinned to specific versions. In some cases it can be OK to modify the forseti_version, but for the standard/recommended installation, it's best to leave it out.
Can you provide your Terraform configuration? Specifically I'm interested in what the values are for source and version. I suspect that if you remove the forseti_version and set source/version to the following then you will be OK.
Sample config:
module "forseti" {
source = "terraform-google-modules/forseti/google"
version = "~> 5.2.0"
gsuite_admin_email = "super...@yourdomain.com"
domain = "yourdomain.com"
project_id = "my-forseti-project"
org_id = "2313934234"
config_validator_enabled = "true"
}
Please let me know if that helps.
Gregg
--
You received this message because you are subscribed to the Google Groups "Forseti Security Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss+u...@forsetisecurity.org.
To view this discussion on the web visit https://groups.google.com/a/forsetisecurity.org/d/msgid/discuss/39b98943-2970-4b44-81b7-4912b6384c85o%40forsetisecurity.org.
Peter
Jul 15, 2020, 11:39:02 AM7/15/20
to Forseti Security Discussion, peter....@vodafone.com
Hi Gregg,
thank you very much for the quick response,
For the source I'm using a private module of Forseti, which has been heavily modified to comply with our needs.
Hence we are not using version also in our module,
Regards,
thank you very much for the quick response,
For the source I'm using a private module of Forseti, which has been heavily modified to comply with our needs.
Hence we are not using version also in our module,
Regards,
On Wednesday, 15 July 2020 17:32:41 UTC+2, Gregg Kowalski wrote:
Hi Peter,It's recommended to not modify or provide the forseti_version in your Terraform configuration. Instead, target the Forseti Terraform module using the version field. The Forseti Terraform modules are pinned to specific versions. In some cases it can be OK to modify the forseti_version, but for the standard/recommended installation, it's best to leave it out.Can you provide your Terraform configuration? Specifically I'm interested in what the values are for source and version. I suspect that if you remove the forseti_version and set source/version to the following then you will be OK.Sample config:module "forseti" { source = "terraform-google-modules/forseti/google" version = "~> 5.2.0" gsuite_admin_email = "super...@yourdomain.com" domain = "yourdomain.com" project_id = "my-forseti-project" org_id = "2313934234" config_validator_enabled = "true" }Please let me know if that helps.Gregg
On Wed, Jul 15, 2020 at 8:28 AM Peter <peter....@vodafone.com> wrote:
I use terraform module to deploy forseti and I'm upgrading to newer version:--
so what I changed is the variable file is the var >>>>> forseti_version = "v2.25.0".
After installation is finished, I found that forseti application is not found on the server which means no forseti software has been installed !! and no config validator was found also!!!!
So, please help, what am i Sopposed to do to upgrade to the newer version of forseti using Terraform not Deployment manager.
I hope you response quickly, because we really need it.
Thanks
You received this message because you are subscribed to the Google Groups "Forseti Security Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dis...@forsetisecurity.org.
Gregg Kowalski
Jul 15, 2020, 11:43:32 AM7/15/20
to Peter, Forseti Security Discussion
Hi Peter,
In that case it's hard for me to provide support as I don't know what changes have been made. If you can provide any error messages that would help. Have you been keeping your private module up to date with the changes introduced in the Forseti Terraform module releases (e.g. 5.2.1)? If not, then please compare your private module to the public release 5.2.1 and see what is missing. This page will show you all of the changes that were made to the 5.2.1 module from 5.1.3 (which corresponds to 2.24.2).
Gregg
To unsubscribe from this group and stop receiving emails from it, send an email to discuss+u...@forsetisecurity.org.
To view this discussion on the web visit https://groups.google.com/a/forsetisecurity.org/d/msgid/discuss/5dbc7108-0f46-43f0-8944-5c15f9e9cfd0o%40forsetisecurity.org.
Peter
Jul 15, 2020, 12:04:57 PM7/15/20
to Forseti Security Discussion, peter....@vodafone.com
Hi Gregg,
Actually my module is not up to date, I'll update it.
Actually my module is not up to date, I'll update it.
I'm providing the forseti.log file, if it helps to fix the problem or we have to make the module up to date.
Regards,
To view this discussion on the web visit https://groups.google.com/a/forsetisecurity.org/d/msgid/discuss/5dbc7108-0f46-43f0-8944-5c15f9e9cfd0o%40forsetisecurity.org.
Gregg Kowalski
Jul 15, 2020, 12:19:37 PM7/15/20
to Peter, Forseti Security Discussion
Ok thanks, let me know how that goes. I don't see any errors in the forseti log. It might be easier to filter the Stackdriver logs for any errors, but my guess is that you will need to apply those 5.2.1 updates to your private module first.
Gregg
To unsubscribe from this group and stop receiving emails from it, send an email to discuss+u...@forsetisecurity.org.
To view this discussion on the web visit https://groups.google.com/a/forsetisecurity.org/d/msgid/discuss/8e7439c8-e696-4c19-9481-2903f05441a4o%40forsetisecurity.org.
Peter
Jul 28, 2020, 2:56:28 AM7/28/20
to Forseti Security Discussion, peter....@vodafone.com
Hi Gregg,
Thank you for Sharing the changes that were made to the 5.2.1 module from 5.1.3 page, It was really helpful and I could get a running config validator.
Apologies for the late response, as I was trying to fix some issues regarding this upgarde, and the issue of model creation, you released a change and I used master instead of v2.25.1 as you recommended here: "https://github.com/forseti-security/forseti-security/issues/3770"
But forseti was not installed properly, but I've seen that in the current module of terraform you are using Config validator docker image, so I added all the changes from the master branch directly, but got many new errors related to CAI Creation and other new ones,
So, may share with me the changes, like you shared with me before, to upgarde it to the newer version?
Thank you so much Gregg,
Thank you for Sharing the changes that were made to the 5.2.1 module from 5.1.3 page, It was really helpful and I could get a running config validator.
Apologies for the late response, as I was trying to fix some issues regarding this upgarde, and the issue of model creation, you released a change and I used master instead of v2.25.1 as you recommended here: "https://github.com/forseti-security/forseti-security/issues/3770"
But forseti was not installed properly, but I've seen that in the current module of terraform you are using Config validator docker image, so I added all the changes from the master branch directly, but got many new errors related to CAI Creation and other new ones,
So, may share with me the changes, like you shared with me before, to upgarde it to the newer version?
Thank you so much Gregg,
To view this discussion on the web visit https://groups.google.com/a/forsetisecurity.org/d/msgid/discuss/8e7439c8-e696-4c19-9481-2903f05441a4o%40forsetisecurity.org.
Reply all
Reply to author
Forward
Message has been deleted
0 new messages