running the new version

1. Consul Prepared Queries

We only want to use the new version now. We are going to to update the query to only find the tag “2.0.0”.

To execute Ansible, you will need to replace the following Ansible extra-vars parameters:

  • my_vault_secrets_admin_password: this is the password of the a-deploy-echo-secret user
[bastion] (ansible_virtualenv) ~/ansible_playbooks/infrasecrets
$ ansible-playbook BASTION_configs_consul.yml \
-i inventories/demo/hosts_infrasecrets.lst \
-D --force-handlers \
-e @inventories/demo/extra_vars_terraform_echo_socat_green_one.yml \
-e "my_vault_secrets_admin_username=a-deploy-echo-secret" \
-e "my_vault_secrets_admin_password=CHANGE_WITH_DEPLOY_ECHO_SECRET_PASSWORD" \
-e "my_vault_secrets_admin_consul_role_name=vault-policy-echo-prepared-query" \
-t Project::infrasecrets::consul::login \
-t Project::infrasecrets::consul::prepared_queries \
-l consul_server

2. Check the service

You can now check that only the new version is running.

On your workstation, just launch:

[workstation] ~/
$ nc 8181

Some more couple of times: On your workstation, just launch:

[workstation] ~/
$ nc 8181

Well done! the upgrade ran smoothly

3. Destroy the “blue” socat hosts

We can now destroy the hosts with the old version.

[bastion] (ansible_virtualenv) ~/ansible_playbooks/infrasecrets
$ cd ~/ansible_playbooks/echo/terraform/demo/echo/system_socat_blue
$ terraform destroy -var-file '../../' -var-file '../../' 

4. Next page!

The demo is now almost over: