running both versions
1. Consul Prepared Queries
We have now to update our Prepared Queries because we also want queries to be routed on the new service.
How Prepared Queries works
Prepared Queries allow you to find services that:
- has all the tags you supplied: it is not possible to make a logical “OR”
- has not the tags you prefixed with “!”
So, to find the socat services with the tags “1.0.0” or “2.0.0”, we have to update our Prepared Query with a query that looks like: “!0.0.0”
That’s why there are 2 inventories/demo/extra_vars_terraform_echo_green.yml files:
- one with the new version: “_one.yml”
- one accepting all versions: “_all.yml”
Update the Prepared Query
To execute Ansible, you will need to replace the following Ansible extra-vars parameters:
- my_vault_secrets_admin_password: this is the password of the a-deploy-echo-secret user
[bastion] (ansible_virtualenv) ~/ansible_playbooks/echo $ cd ../infrasecrets [bastion] (ansible_virtualenv) ~/ansible_playbooks/infrasecrets $ ansible-playbook BASTION_configs_consul.yml \ -i inventories/demo/hosts_infrasecrets.lst \ -D --force-handlers \ -e @inventories/demo/extra_vars_terraform_echo_socat_green_all.yml \ -e "my_vault_secrets_admin_username=a-deploy-echo-secret" \ -e "my_vault_secrets_admin_password=CHANGE_WITH_DEPLOY_ECHO_SECRET_PASSWORD" \ -e "my_vault_secrets_admin_consul_role_name=vault-policy-echo-prepared-query" \ -t Project::infrasecrets::consul::login \ -t Project::infrasecrets::consul::prepared_queries \ -l consul_server
2. Check the service
You can now check that both versions are running.
On your workstation, just launch:
[workstation] ~/ $ nc echo.terror.ninja 8181 ip-10-3-1-7+v1.0.0 test1 test1 ^C
Some more couple of times: On your workstation, just launch:
[workstation] ~/ $ nc echo.terror.ninja 8181 ip-10-3-1-22+v2.0.0 test2 test2 ^C
3. Next page!
We can now run only the new version.