From f3c05e9511b3d739d5f1e57ccb3e491c62d091ce Mon Sep 17 00:00:00 2001 From: Tim Clark Date: Mon, 8 Apr 2024 10:53:58 -0400 Subject: [PATCH 1/6] update CL --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fa45918a7f6..1d701d2a7e3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -84,6 +84,8 @@ the CloudWatch logs for your async operations (e.g. `PREFIX-AsyncOperationEcsLog ### Changed +- **CUMULUS-3669** + - Updates deployment template to create and utilize an Aurora Serverless V2 PostgreSQL cluster. - **CUMULUS-3609** - Adds dla-migration lambda to async-operations to be used for updating existing DLA records - Moved hoistCumulusMessageDetails function from write-db-dlq-records-to-s3 lambda to @cumulus/message/DeadLetterMessage From 64639c7aa063743a3dd7e160f638ca0b765157a2 Mon Sep 17 00:00:00 2001 From: Tim Clark Date: Wed, 10 Apr 2024 12:28:02 -0400 Subject: [PATCH 2/6] update terraform templates to serverless v2 --- example/rds-cluster-tf/main.tf | 1 + example/rds-cluster-tf/outputs.tf | 4 ++++ .../rds-cluster-tf/terraform.tfvars.example | 19 ++++++++++--------- example/rds-cluster-tf/variables.tf | 8 +++++++- tf-modules/cumulus-rds-tf/main.tf | 16 +++++++++++++--- tf-modules/cumulus-rds-tf/outputs.tf | 4 ++++ tf-modules/cumulus-rds-tf/variables.tf | 10 ++++++++++ 7 files changed, 49 insertions(+), 13 deletions(-) diff --git a/example/rds-cluster-tf/main.tf b/example/rds-cluster-tf/main.tf index 21af3ba5514..93cfe4a29f2 100644 --- a/example/rds-cluster-tf/main.tf +++ b/example/rds-cluster-tf/main.tf @@ -23,6 +23,7 @@ module "rds_cluster" { engine_version = var.engine_version deletion_protection = true cluster_identifier = var.cluster_identifier + cluster_instance_count = var.cluster_instance_count tags = var.tags snapshot_identifier = var.snapshot_identifier lambda_timeouts = var.lambda_timeouts diff --git a/example/rds-cluster-tf/outputs.tf b/example/rds-cluster-tf/outputs.tf index 0a40f639128..96cd45ee51d 100644 --- a/example/rds-cluster-tf/outputs.tf +++ b/example/rds-cluster-tf/outputs.tf @@ -6,6 +6,10 @@ output "rds_endpoint" { value = module.rds_cluster.rds_endpoint } +output "rds_reader_endpoint" { + value = module.rds_cluster.rds_reader_endpoint +} + output "admin_db_login_secret_arn" { value = module.rds_cluster.admin_db_login_secret_arn } diff --git a/example/rds-cluster-tf/terraform.tfvars.example b/example/rds-cluster-tf/terraform.tfvars.example index 1dab60afd0e..2d41f1b8d18 100644 --- a/example/rds-cluster-tf/terraform.tfvars.example +++ b/example/rds-cluster-tf/terraform.tfvars.example @@ -1,9 +1,10 @@ -prefix = "prefix" -db_admin_username = "changethisuser" -db_admin_password = "changethispassword" -region = "us-east-1" -vpc_id = "vpc_id" -subnets = ["subnet-some-subnet-1", "subnet-some-subnet-in-another-az-2"] -deletion_protection = false -cluster_identifier = "some_cluster" -tags = { "Deployment" = "some_deployment_identifier" } +prefix = "prefix" +db_admin_username = "changethisuser" +db_admin_password = "changethispassword" +region = "us-east-1" +vpc_id = "vpc_id" +subnets = ["subnet-some-subnet-1", "subnet-some-subnet-in-another-az-2"] +deletion_protection = false +cluster_identifier = "some_cluster" +cluster_instance_count = 1 +tags = { "Deployment" = "some_deployment_identifier" } diff --git a/example/rds-cluster-tf/variables.tf b/example/rds-cluster-tf/variables.tf index debab4950e3..ac3eba279ba 100644 --- a/example/rds-cluster-tf/variables.tf +++ b/example/rds-cluster-tf/variables.tf @@ -48,6 +48,12 @@ variable "cluster_identifier" { default = "cumulus-rds-serverless-default-cluster" } +variable "cluster_instance_count" { + description = "Number of instances to create inside of the cluster" + type = number + default = 1 +} + variable "snapshot_identifier" { description = "Optional database snapshot for restoration" type = string @@ -103,7 +109,7 @@ variable "lambda_timeouts" { variable "parameter_group_family" { description = "Database family to use for creating database parameter group" type = string - default = "aurora-postgresql11" + default = "aurora-postgresql13" } variable "parameter_group_family_v13" { diff --git a/tf-modules/cumulus-rds-tf/main.tf b/tf-modules/cumulus-rds-tf/main.tf index d18068083ff..271dedd5f36 100644 --- a/tf-modules/cumulus-rds-tf/main.tf +++ b/tf-modules/cumulus-rds-tf/main.tf @@ -38,6 +38,7 @@ resource "aws_secretsmanager_secret_version" "rds_login" { database = "postgres" engine = "postgres" host = aws_rds_cluster.cumulus.endpoint + hostReader = aws_rds_cluster.cumulus.reader_endpoint port = 5432 dbClusterIdentifier = aws_rds_cluster.cumulus.id }) @@ -84,7 +85,7 @@ resource "aws_rds_cluster_parameter_group" "rds_cluster_group_v13" { resource "aws_rds_cluster" "cumulus" { depends_on = [aws_db_subnet_group.default, aws_rds_cluster_parameter_group.rds_cluster_group] cluster_identifier = var.cluster_identifier - engine_mode = "serverless" + engine_mode = "provisioned" engine = "aurora-postgresql" engine_version = var.engine_version database_name = "postgres" @@ -94,11 +95,11 @@ resource "aws_rds_cluster" "cumulus" { preferred_backup_window = var.backup_window db_subnet_group_name = aws_db_subnet_group.default.id apply_immediately = var.apply_immediately + storage_encrypted = true - scaling_configuration { + serverlessv2_scaling_configuration { max_capacity = var.max_capacity min_capacity = var.min_capacity - timeout_action = var.rds_scaling_timeout_action } vpc_security_group_ids = [aws_security_group.rds_cluster_access.id] deletion_protection = var.deletion_protection @@ -112,3 +113,12 @@ resource "aws_rds_cluster" "cumulus" { ignore_changes = [engine_version] } } + +resource "aws_rds_cluster_instance" "cumulus" { + cluster_identifier = aws_rds_cluster.cumulus.id + identifier = "${aws_rds_cluster.cumulus.id}-instance-${count.index+1}" + count = var.cluster_instance_count + instance_class = "db.serverless" + engine = aws_rds_cluster.cumulus.engine + engine_version = aws_rds_cluster.cumulus.engine_version +} \ No newline at end of file diff --git a/tf-modules/cumulus-rds-tf/outputs.tf b/tf-modules/cumulus-rds-tf/outputs.tf index f94d4680b5f..814b731ad8a 100644 --- a/tf-modules/cumulus-rds-tf/outputs.tf +++ b/tf-modules/cumulus-rds-tf/outputs.tf @@ -6,6 +6,10 @@ output "rds_endpoint" { value = aws_rds_cluster.cumulus.endpoint } +output "rds_reader_endpoint" { + value = aws_rds_cluster.cumulus.reader_endpoint +} + output "admin_db_login_secret_arn" { value = aws_secretsmanager_secret_version.rds_login.arn } diff --git a/tf-modules/cumulus-rds-tf/variables.tf b/tf-modules/cumulus-rds-tf/variables.tf index 0b3dedca5c1..2690f20789c 100644 --- a/tf-modules/cumulus-rds-tf/variables.tf +++ b/tf-modules/cumulus-rds-tf/variables.tf @@ -119,6 +119,16 @@ variable "min_capacity" { default = 2 } +variable "cluster_instance_count" { + description = "Number of instances to create inside of the cluster" + type = number + default = 1 + validation { + condition = var.cluster_instance_count >= 1 && var.cluster_instance_count <= 16 + error_message = "Variable cluster_instance_count should be between 1 and 16." + } +} + ### Required for user/database provisioning variable "prefix" { type = string From 3be0a8a86200ea7229293adbbc67d7b91c1f988f Mon Sep 17 00:00:00 2001 From: Tim Clark Date: Wed, 10 Apr 2024 16:10:07 -0400 Subject: [PATCH 3/6] add terraform variable validation --- example/rds-cluster-tf/variables.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/example/rds-cluster-tf/variables.tf b/example/rds-cluster-tf/variables.tf index ac3eba279ba..c852cd61c78 100644 --- a/example/rds-cluster-tf/variables.tf +++ b/example/rds-cluster-tf/variables.tf @@ -52,6 +52,10 @@ variable "cluster_instance_count" { description = "Number of instances to create inside of the cluster" type = number default = 1 + validation { + condition = var.cluster_instance_count >= 1 && var.cluster_instance_count <= 16 + error_message = "Variable cluster_instance_count should be between 1 and 16." + } } variable "snapshot_identifier" { From fddeec5103899304ec5bfbdd8f7a17b09758e09e Mon Sep 17 00:00:00 2001 From: Tim Clark Date: Tue, 16 Apr 2024 17:23:34 -0400 Subject: [PATCH 4/6] remove upgrade variables --- example/rds-cluster-tf/main.tf | 2 -- example/rds-cluster-tf/variables.tf | 12 ------------ tf-modules/cumulus-rds-tf/main.tf | 19 ++----------------- tf-modules/cumulus-rds-tf/variables.tf | 12 ------------ 4 files changed, 2 insertions(+), 43 deletions(-) diff --git a/example/rds-cluster-tf/main.tf b/example/rds-cluster-tf/main.tf index 93cfe4a29f2..5ed57004218 100644 --- a/example/rds-cluster-tf/main.tf +++ b/example/rds-cluster-tf/main.tf @@ -28,7 +28,5 @@ module "rds_cluster" { snapshot_identifier = var.snapshot_identifier lambda_timeouts = var.lambda_timeouts lambda_memory_sizes = var.lambda_memory_sizes - enable_upgrade = var.enable_upgrade - parameter_group_family = var.parameter_group_family parameter_group_family_v13 = var.parameter_group_family_v13 } diff --git a/example/rds-cluster-tf/variables.tf b/example/rds-cluster-tf/variables.tf index c852cd61c78..4cffcb042d2 100644 --- a/example/rds-cluster-tf/variables.tf +++ b/example/rds-cluster-tf/variables.tf @@ -96,12 +96,6 @@ variable "lambda_memory_sizes" { } } -variable "enable_upgrade" { - description = "Flag to enable use of updated parameter group" - type = bool - default = false -} - variable "lambda_timeouts" { description = "Configurable map of timeouts for lambdas" type = map(number) @@ -110,12 +104,6 @@ variable "lambda_timeouts" { } } -variable "parameter_group_family" { - description = "Database family to use for creating database parameter group" - type = string - default = "aurora-postgresql13" -} - variable "parameter_group_family_v13" { description = "Database family to use for creating database parameter group under postgres 13 upgrade conditions" type = string diff --git a/tf-modules/cumulus-rds-tf/main.tf b/tf-modules/cumulus-rds-tf/main.tf index 271dedd5f36..e4cb6449ef2 100644 --- a/tf-modules/cumulus-rds-tf/main.tf +++ b/tf-modules/cumulus-rds-tf/main.tf @@ -53,21 +53,6 @@ resource "aws_security_group_rule" "rds_security_group_allow_postgres" { self = true } -resource "aws_rds_cluster_parameter_group" "rds_cluster_group" { - count = var.enable_upgrade ? 0 : 1 - name = "${var.prefix}-cluster-parameter-group" - family = var.parameter_group_family - - dynamic "parameter" { - for_each = var.db_parameters - content { - apply_method = parameter.value["apply_method"] - name = parameter.value["name"] - value = parameter.value["value"] - } - } -} - resource "aws_rds_cluster_parameter_group" "rds_cluster_group_v13" { name = "${var.prefix}-cluster-parameter-group-v13" family = var.parameter_group_family_v13 @@ -83,7 +68,7 @@ resource "aws_rds_cluster_parameter_group" "rds_cluster_group_v13" { } resource "aws_rds_cluster" "cumulus" { - depends_on = [aws_db_subnet_group.default, aws_rds_cluster_parameter_group.rds_cluster_group] + depends_on = [aws_db_subnet_group.default, aws_rds_cluster_parameter_group.rds_cluster_group_v13] cluster_identifier = var.cluster_identifier engine_mode = "provisioned" engine = "aurora-postgresql" @@ -107,7 +92,7 @@ resource "aws_rds_cluster" "cumulus" { tags = var.tags final_snapshot_identifier = "${var.cluster_identifier}-final-snapshot" snapshot_identifier = var.snapshot_identifier - db_cluster_parameter_group_name = var.enable_upgrade ? aws_rds_cluster_parameter_group.rds_cluster_group_v13.id : aws_rds_cluster_parameter_group.rds_cluster_group[0].id + db_cluster_parameter_group_name = aws_rds_cluster_parameter_group.rds_cluster_group_v13.id lifecycle { ignore_changes = [engine_version] diff --git a/tf-modules/cumulus-rds-tf/variables.tf b/tf-modules/cumulus-rds-tf/variables.tf index 2690f20789c..4230260b077 100644 --- a/tf-modules/cumulus-rds-tf/variables.tf +++ b/tf-modules/cumulus-rds-tf/variables.tf @@ -91,24 +91,12 @@ variable "engine_version" { default = "13.12" } -variable "parameter_group_family" { - description = "Database family to use for creating database parameter group" - type = string - default = "aurora-postgresql11" -} - variable "parameter_group_family_v13" { description = "Database family to use for creating database parameter group under postgres 13 upgrade conditions" type = string default = "aurora-postgresql13" } -variable "enable_upgrade" { - description = "Flag to enable use of updated parameter group for postgres v13" - type = bool - default = true -} - variable "max_capacity" { type = number default = 4 From 2b0ef7cc19bc354156f51bda430a6383045298d5 Mon Sep 17 00:00:00 2001 From: Tim Clark Date: Thu, 18 Apr 2024 11:27:39 -0400 Subject: [PATCH 5/6] add prevent_destroy = true --- tf-modules/cumulus-rds-tf/main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tf-modules/cumulus-rds-tf/main.tf b/tf-modules/cumulus-rds-tf/main.tf index e4cb6449ef2..7cac92a530e 100644 --- a/tf-modules/cumulus-rds-tf/main.tf +++ b/tf-modules/cumulus-rds-tf/main.tf @@ -106,4 +106,8 @@ resource "aws_rds_cluster_instance" "cumulus" { instance_class = "db.serverless" engine = aws_rds_cluster.cumulus.engine engine_version = aws_rds_cluster.cumulus.engine_version + + # lifecycle { + # prevent_destroy = true + # } } \ No newline at end of file From 16254be8e44df4850086a15a8e13189ab2b11417 Mon Sep 17 00:00:00 2001 From: Tim Clark Date: Thu, 18 Apr 2024 11:58:58 -0400 Subject: [PATCH 6/6] add prevent_destroy = true --- tf-modules/cumulus-rds-tf/main.tf | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tf-modules/cumulus-rds-tf/main.tf b/tf-modules/cumulus-rds-tf/main.tf index 7cac92a530e..567ac8a2001 100644 --- a/tf-modules/cumulus-rds-tf/main.tf +++ b/tf-modules/cumulus-rds-tf/main.tf @@ -96,6 +96,7 @@ resource "aws_rds_cluster" "cumulus" { lifecycle { ignore_changes = [engine_version] + prevent_destroy = true } } @@ -107,7 +108,7 @@ resource "aws_rds_cluster_instance" "cumulus" { engine = aws_rds_cluster.cumulus.engine engine_version = aws_rds_cluster.cumulus.engine_version - # lifecycle { - # prevent_destroy = true - # } + lifecycle { + prevent_destroy = true + } } \ No newline at end of file