Skip to content

Commit

Permalink
RDS network fix auto-drive (#404)
Browse files Browse the repository at this point in the history 
* RDS network fix auto-drive

* increase DB instance type
  • Loading branch information
@DaMandal0rian
DaMandal0rian authored Jan 24, 2025
1 parent 5ad9dcd commit 5c5e0d6
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 28 deletions.
33 changes: 12 additions & 21 deletions auto-drive/db.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ module "db" {
engine_lifecycle_support = "open-source-rds-extended-support-disabled"
family = "postgres16" # DB parameter group
major_engine_version = "16" # DB option group
instance_class = "db.t4g.large"
instance_class = "db.t4g.2xlarge"

allocated_storage = 50
max_allocated_storage = 500
Expand All @@ -30,8 +30,9 @@ module "db" {
master_user_password_rotation_schedule_expression = "rate(15 days)"

multi_az = true
db_subnet_group_name = module.vpc_rds.database_subnet_group
db_subnet_group_name = aws_db_subnet_group.db_subnet_group.name
vpc_security_group_ids = [module.security_group.security_group_id]
publicly_accessible = false

maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
Expand Down Expand Up @@ -73,6 +74,13 @@ module "db" {
}
}

resource "aws_db_subnet_group" "db_subnet_group" {
name = "${local.name}-db-subnet-group"
subnet_ids = module.vpc.private_subnets

tags = local.tags
}

################################################################################
# RDS Automated Backups Replication Module
################################################################################
Expand Down Expand Up @@ -115,30 +123,13 @@ module "db_automated_backups_replication" {
# Supporting Resources
################################################################################

module "vpc_rds" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 5.0"

name = local.name
cidr = local.vpc_cidr

azs = local.azs
public_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k)]
private_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 3)]
database_subnets = [for k, v in local.azs : cidrsubnet(local.vpc_cidr, 8, k + 6)]

create_database_subnet_group = true

tags = local.tags
}

module "security_group" {
source = "terraform-aws-modules/security-group/aws"
version = "~> 5.0"

name = local.name
description = "Auto Drive PostgreSQL security group"
vpc_id = module.vpc_rds.vpc_id
vpc_id = module.vpc.vpc_id

# ingress
ingress_with_cidr_blocks = [
Expand All @@ -147,7 +138,7 @@ module "security_group" {
to_port = 5432
protocol = "tcp"
description = "PostgreSQL access from within VPC"
cidr_blocks = module.vpc_rds.vpc_cidr_block
cidr_blocks = module.vpc.vpc_cidr_block
},
]

Expand Down
12 changes: 6 additions & 6 deletions auto-drive/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,16 +29,16 @@ locals {
module "vpc" {
source = "../templates/terraform/aws/vpc"

name = "${local.name}-vpc"
cidr = var.vpc_cidr
azs = local.azs
public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
name = "${local.name}-vpc"
cidr = var.vpc_cidr
azs = local.azs
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]

# Configure NAT gateways and private subnets settings
enable_nat_gateway = false # Set to true to use NAT gateways and private subnets without public IPs
single_nat_gateway = false # Set to true to use a single NAT gateway

tags = local.tags
tags = local.tags
}

################################################################################
Expand Down
12 changes: 11 additions & 1 deletion templates/terraform/aws/ec2/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,6 +190,14 @@ resource "aws_instance" "this" {

tags = merge({ "Name" = var.name }, var.instance_tags, var.tags)
volume_tags = var.enable_volume_tags ? merge({ "Name" = var.name }, var.volume_tags) : null

lifecycle {
ignore_changes = [
ami,
private_ip,
associate_public_ip_address,
]
}
}

################################################################################
Expand Down Expand Up @@ -371,7 +379,9 @@ resource "aws_instance" "ignore_ami" {

lifecycle {
ignore_changes = [
ami
ami,
private_ip,
associate_public_ip_address,
]
}
}
Expand Down

0 comments on commit 5c5e0d6

Please sign in to comment.