Try Aurora read replica creation another way (#563)

EmlynK · gregharvey · github-actions[bot] · web-flow · commit 982a6e5edfe9 · 2022-02-04T15:37:57.000Z
* Need to check if is_local is defined in webserver meta dependencies. (#522) * Ce dev refactor pr 1.x (#518) * Making it easier to test with provision-target and ce-dev. * Moving the provision forcing var back to plays so _init has it. * Adding defaults vars and test script extra options. * Adding a web server test to CI. * examples string needs to be in quotes. * Making sure is_local and _ce_provision_force_play are available to the _init role. * Adding SSH keys to the provision user. * Adding a --force to the test script. * Explicitly adding vars to role. * Fixing _init behaviour and adding SSH key for web role. * Setting default PHP version to 7.4. * Looking up the generated ce-dev SSH key instead of hard-coding one. * We cannot run the ssh_server role locally, so excluding for tests of webserver role. * Trying to remove user_root.yml in case it's breaking CI. * Adding a verbose mode to the test script. * Exposing the command in the test script. * Trying hard-coded keys again. * Changing location of data dir for test containers. * Putting vars back and restricting CI to the 'web' example. * Adding backup handling to ldap_server. (#525) * Adding backup handling to ldap_server. * Improving SSL docs and handling perms for openldap and letsencrypt. * Cron user must be specified with file. * Running as root, do not need a 'sudo' in this cron. * Allowing 'gitLab' to disable Prometheus. (#530) * Allowing 'gitLab' to disable Prometheus. * Booleans to use in jinja2 as strings must be cast as strings. * GitHub Actions - Rebuilt documentation. (#526) Co-authored-by: Code Enigma CI <sysadm@codeenigma.com> * Prometheus pr 1.x (#533) * Allowing 'gitLab' to disable Prometheus. * Booleans to use in jinja2 as strings must be cast as strings. * Tidying up CI and adding a GitLab test. * Fixing CI job description. * Add private files support for Drupal in Nginx. (#535) * Prometheus pr 1.x (#539) * Allowing 'gitLab' to disable Prometheus. * Booleans to use in jinja2 as strings must be cast as strings. * Tidying up CI and adding a GitLab test. * Fixing CI job description. * Adding a firewall config preset to open port 80 for LetsEncrypt. * Removing our unused ClamAV roles and adding a Galaxy role to common base. (#541) * Revert "Moving OSSEC pkill to use process_manager role instead. (#258)" (#544) This reverts commit 73c7bd0. * Moving key servers to a variable so we can set them. (#555) * Moving key servers to a variable so we can set them. * Allowing us to disable sending keys completely. * Oops, doubled up on existing functionality. * Fixing var name. * Attempt to create an RDS read replica. * Use new task to create Aurora RDS instances. * Try and fix linting issues. * Don't pass max_storage variable for Aurora instances. * Remove more storage related vars from Aurora RDS instance creation task. * Add profile and region to read replica creation. * Try creating the Aurora read replica another way. Co-authored-by: Greg Harvey <greg.harvey@gmail.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Code Enigma CI <sysadm@codeenigma.com>
diff --git a/roles/aws/aws_rds/tasks/main.yml b/roles/aws/aws_rds/tasks/main.yml
@@ -47,6 +47,26 @@
   register: _rds_instance_info
   when: "'aurora' in aws_rds.engine"
 
+- name: Create Aurora RDS read replica instance.
+  community.aws.rds_instance:
+    db_instance_identifier: "{{ aws_rds.name }}-replica"
+    db_cluster_identifier: "{{ aws_rds.db_cluster_identifier }}"
+    db_instance_class: "{{ aws_rds.db_instance_class }}"
+    state: "{{ aws_rds.state }}"
+    engine: "{{ aws_rds.engine }}"
+    copy_tags_to_snapshot: true
+    publicly_accessible: "{{ aws_rds.publicly_accessible }}"
+    profile: "{{ aws_rds.aws_profile }}"
+    tags: "{{ aws_rds.tags | combine({ 'Name': aws_rds.name + '-replica' }) }}"
+    allow_major_version_upgrade: false
+    apply_immediately: true
+    wait: true
+    region: "{{ aws_rds.region }}"
+    engine_version: "{{ aws_rds.engine_version | default(omit) }}"
+  when:
+    - "'aurora' in aws_rds.engine"
+    - aws_rds.replica
+
 - name: Create RDS instance
   community.aws.rds_instance:
     db_instance_identifier: "{{ aws_rds.name }}"
@@ -82,18 +102,6 @@
   register: _rds_instance_info
   when: "'aurora' not in aws_rds.engine"
 
-- name: Create RDS read replica instance.
-  community.aws.rds_instance:
-    db_instance_identifier: "{{ aws_rds.name }}-replica"
-    db_cluster_identifier: "{{ aws_rds.db_cluster_identifier | default(omit) }}"
-    db_instance_class: "{{ aws_rds.db_instance_class }}"
-    read_replica: true
-    creation_source: "instance"
-    source_db_instance_identifier: "{{ aws_rds.name }}"
-    profile: "{{ aws_rds.aws_profile }}"
-    region: "{{ aws_rds.region }}"
-  when: aws_rds.replica
-
 - name: Create SNS topic.
   ansible.builtin.include_role:
     name: aws/aws_sns
