From 5e1ae20e5b7efdbb35f733897f5a4378389337d3 Mon Sep 17 00:00:00 2001 From: Devan Patel Date: Fri, 5 Jun 2020 02:51:44 +0100 Subject: [PATCH 1/2] feat: Rework replicas to use `for_each` and new configuration style BREAKING CHANGE: Replica configuration has been reworked. Please see the upgrade guide for details. --- examples/mysql-ha/main.tf | 102 +++--- examples/mysql-private/main.tf | 4 +- examples/mysql-public/main.tf | 2 +- examples/postgresql-ha/main.tf | 99 +++--- examples/postgresql-public/main.tf | 2 +- modules/mysql/README.md | 42 +-- modules/mysql/failover_replica.tf | 112 ------- modules/mysql/main.tf | 4 +- modules/mysql/outputs.tf | 43 +-- modules/mysql/read_replica.tf | 78 ++--- modules/mysql/variables.tf | 306 ++---------------- modules/mysql/versions.tf | 2 +- modules/postgresql/README.md | 22 +- modules/postgresql/main.tf | 12 +- modules/postgresql/outputs.tf | 16 +- modules/postgresql/read_replica.tf | 80 ++--- modules/postgresql/variables.tf | 154 ++------- modules/safer_mysql/README.md | 38 +-- modules/safer_mysql/main.tf | 52 +-- modules/safer_mysql/outputs.tf | 21 -- modules/safer_mysql/variables.tf | 269 ++------------- test/integration/mysql-ha/controls/mysql.rb | 2 - test/integration/postgresql-ha/controls/pg.rb | 2 - 23 files changed, 238 insertions(+), 1226 deletions(-) delete mode 100644 modules/mysql/failover_replica.tf diff --git a/examples/mysql-ha/main.tf b/examples/mysql-ha/main.tf index 700c90ae..efba78bf 100644 --- a/examples/mysql-ha/main.tf +++ b/examples/mysql-ha/main.tf @@ -15,7 +15,7 @@ */ provider "google" { - version = "~> 3.5" + version = "~> 3.22" } provider "null" { @@ -37,8 +37,22 @@ locals { See https://cloud.google.com/sql/docs/mysql/delete-instance for details. */ instance_name = "${var.mysql_ha_name}-${random_id.instance_name_suffix.hex}" + + read_replica_ip_configuration = { + ipv4_enabled = true + require_ssl = false + private_network = null + authorized_networks = [ + { + name = "${var.project_id}-cidr" + value = var.mysql_ha_external_ip_range + }, + ] + } + } + module "mysql" { source = "../../modules/mysql" name = local.instance_name @@ -54,12 +68,7 @@ module "mysql" { maintenance_window_hour = 12 maintenance_window_update_track = "stable" - database_flags = [ - { - name = "long_query_time" - value = 1 - }, - ] + database_flags = [{ name = "long_query_time", value = 1 }] user_labels = { foo = "bar" @@ -84,56 +93,43 @@ module "mysql" { } // Read replica configurations - read_replica_name_suffix = "-test" - read_replica_size = 3 - read_replica_tier = "db-n1-standard-1" - read_replica_zones = "a,b,c" - read_replica_activation_policy = "ALWAYS" - read_replica_crash_safe_replication = true - read_replica_disk_autoresize = true - read_replica_disk_type = "PD_HDD" - read_replica_replication_type = "SYNCHRONOUS" - read_replica_maintenance_window_day = 1 - read_replica_maintenance_window_hour = 22 - read_replica_maintenance_window_update_track = "stable" - - read_replica_user_labels = { - bar = "baz" - } - - read_replica_database_flags = [ + read_replica_name_suffix = "-test" + read_replicas = [ { - name = "long_query_time" - value = "1" + name = "0" + zone = "us-central1-a" + tier = "db-n1-standard-1" + ip_configuration = local.read_replica_ip_configuration + database_flags = [{ name = "long_query_time", value = 1 }] + disk_autoresize = null + disk_size = null + disk_type = "PD_HDD" + user_labels = { bar = "baz" } + }, + { + name = "1" + zone = "us-central1-b" + tier = "db-n1-standard-1" + ip_configuration = local.read_replica_ip_configuration + database_flags = [{ name = "long_query_time", value = 1 }] + disk_autoresize = null + disk_size = null + disk_type = "PD_HDD" + user_labels = { bar = "baz" } + }, + { + name = "2" + zone = "us-central1-c" + tier = "db-n1-standard-1" + ip_configuration = local.read_replica_ip_configuration + database_flags = [{ name = "long_query_time", value = 1 }] + disk_autoresize = null + disk_size = null + disk_type = "PD_HDD" + user_labels = { bar = "baz" } }, ] - read_replica_configuration = { - dump_file_path = "gs://${var.project_id}.appspot.com/tmp" - connect_retry_interval = 5 - ca_certificate = null - client_certificate = null - client_key = null - failover_target = null - master_heartbeat_period = null - password = null - ssl_cipher = null - username = null - verify_server_certificate = null - } - - read_replica_ip_configuration = { - ipv4_enabled = true - require_ssl = false - private_network = null - authorized_networks = [ - { - name = "${var.project_id}-cidr" - value = var.mysql_ha_external_ip_range - }, - ] - } - db_name = var.mysql_ha_name db_charset = "utf8mb4" db_collation = "utf8mb4_general_ci" diff --git a/examples/mysql-private/main.tf b/examples/mysql-private/main.tf index f4f30c23..ef03cb2a 100644 --- a/examples/mysql-private/main.tf +++ b/examples/mysql-private/main.tf @@ -15,11 +15,11 @@ */ provider "google" { - version = "~> 3.5" + version = "~> 3.22" } provider "google-beta" { - version = "~> 3.5" + version = "~> 3.22" } provider "null" { diff --git a/examples/mysql-public/main.tf b/examples/mysql-public/main.tf index 3280f491..1d9f453b 100644 --- a/examples/mysql-public/main.tf +++ b/examples/mysql-public/main.tf @@ -15,7 +15,7 @@ */ provider "google" { - version = "~> 3.5" + version = "~> 3.22" } provider "null" { diff --git a/examples/postgresql-ha/main.tf b/examples/postgresql-ha/main.tf index 433f4ec2..9fedb551 100644 --- a/examples/postgresql-ha/main.tf +++ b/examples/postgresql-ha/main.tf @@ -15,7 +15,7 @@ */ provider "google" { - version = "~> 3.5" + version = "~> 3.22" } provider "null" { @@ -37,6 +37,18 @@ locals { See https://cloud.google.com/sql/docs/mysql/delete-instance for details. */ instance_name = "${var.pg_ha_name}-${random_id.instance_name_suffix.hex}" + + read_replica_ip_configuration = { + ipv4_enabled = true + require_ssl = false + private_network = null + authorized_networks = [ + { + name = "${var.project_id}-cidr" + value = var.pg_ha_external_ip_range + }, + ] + } } module "pg" { @@ -54,12 +66,7 @@ module "pg" { maintenance_window_hour = 12 maintenance_window_update_track = "stable" - database_flags = [ - { - name = "autovacuum" - value = "off" - }, - ] + database_flags = [{ name = "autovacuum", value = "off" }] user_labels = { foo = "bar" @@ -83,56 +90,44 @@ module "pg" { } // Read replica configurations - read_replica_name_suffix = "-test" - read_replica_size = 3 - read_replica_tier = "db-custom-2-13312" - read_replica_zones = "a,b,c" - read_replica_activation_policy = "ALWAYS" - read_replica_crash_safe_replication = true - read_replica_disk_autoresize = true - read_replica_disk_type = "PD_HDD" - read_replica_replication_type = "SYNCHRONOUS" - read_replica_maintenance_window_day = 1 - read_replica_maintenance_window_hour = 22 - read_replica_maintenance_window_update_track = "stable" - - read_replica_user_labels = { - bar = "baz" - } + read_replica_name_suffix = "-test" - read_replica_database_flags = [ + read_replicas = [ + { + name = "0" + zone = "us-central1-a" + tier = "db-custom-2-13312" + ip_configuration = local.read_replica_ip_configuration + database_flags = [{ name = "autovacuum", value = "off" }] + disk_autoresize = null + disk_size = null + disk_type = "PD_HDD" + user_labels = { bar = "baz" } + }, + { + name = "1" + zone = "us-central1-b" + tier = "db-custom-2-13312" + ip_configuration = local.read_replica_ip_configuration + database_flags = [{ name = "autovacuum", value = "off" }] + disk_autoresize = null + disk_size = null + disk_type = "PD_HDD" + user_labels = { bar = "baz" } + }, { - name = "autovacuum" - value = "off" + name = "2" + zone = "us-central1-c" + tier = "db-custom-2-13312" + ip_configuration = local.read_replica_ip_configuration + database_flags = [{ name = "autovacuum", value = "off" }] + disk_autoresize = null + disk_size = null + disk_type = "PD_HDD" + user_labels = { bar = "baz" } }, ] - read_replica_configuration = { - dump_file_path = "gs://${var.project_id}.appspot.com/tmp" - connect_retry_interval = 5 - ca_certificate = null - client_certificate = null - client_key = null - failover_target = null - master_heartbeat_period = null - password = null - ssl_cipher = null - username = null - verify_server_certificate = null - } - - read_replica_ip_configuration = { - ipv4_enabled = true - require_ssl = false - private_network = null - authorized_networks = [ - { - name = "${var.project_id}-cidr" - value = var.pg_ha_external_ip_range - }, - ] - } - db_name = var.pg_ha_name db_charset = "UTF8" db_collation = "en_US.UTF8" diff --git a/examples/postgresql-public/main.tf b/examples/postgresql-public/main.tf index a4cef942..d92f72f7 100644 --- a/examples/postgresql-public/main.tf +++ b/examples/postgresql-public/main.tf @@ -15,7 +15,7 @@ */ provider "google" { - version = "~> 3.5" + version = "~> 3.22" } provider "google-beta" { diff --git a/modules/mysql/README.md b/modules/mysql/README.md index 5284aaa1..2a7d98a7 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -22,24 +22,6 @@ | disk\_size | The disk size for the master instance | number | `"10"` | no | | disk\_type | The disk type for the master instance. | string | `"PD_SSD"` | no | | encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | string | `"null"` | no | -| failover\_replica | Specify true if the failover instance is required | bool | `"false"` | no | -| failover\_replica\_activation\_policy | The activation policy for the failover replica instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `"ALWAYS"` | no | -| failover\_replica\_configuration | The replica configuration for the failover replica instance. In order to create a failover instance, need to specify this argument. | object | `` | no | -| failover\_replica\_crash\_safe\_replication | The crash safe replication is to indicates when crash-safe replication flags are enabled. | bool | `"true"` | no | -| failover\_replica\_database\_flags | The database flags for the failover replica instance. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | object | `` | no | -| failover\_replica\_disk\_autoresize | Configuration to increase storage size. | bool | `"true"` | no | -| failover\_replica\_disk\_size | The disk size for the failover replica instance. | number | `"10"` | no | -| failover\_replica\_disk\_type | The disk type for the failover replica instance. | string | `"PD_SSD"` | no | -| failover\_replica\_ip\_configuration | The ip configuration for the failover replica instances. | object | `` | no | -| failover\_replica\_maintenance\_window\_day | The day of week (1-7) for the failover replica instance maintenance. | number | `"1"` | no | -| failover\_replica\_maintenance\_window\_hour | The hour of day (0-23) maintenance window for the failover replica instance maintenance. | number | `"23"` | no | -| failover\_replica\_maintenance\_window\_update\_track | The update track of maintenance window for the failover replica instance maintenance. Can be either `canary` or `stable`. | string | `"canary"` | no | -| failover\_replica\_name\_suffix | The optional suffix to add to the failover instance name | string | `""` | no | -| failover\_replica\_pricing\_plan | The pricing plan for the failover replica instance. | string | `"PER_USE"` | no | -| failover\_replica\_replication\_type | The replication type for the failover replica instance. Can be one of ASYNCHRONOUS or SYNCHRONOUS. | string | `"SYNCHRONOUS"` | no | -| failover\_replica\_tier | The tier for the failover replica instance. | string | `""` | no | -| failover\_replica\_user\_labels | The key/value labels for the failover replica instance. | map(string) | `` | no | -| failover\_replica\_zone | The zone for the failover replica instance, it should be something like: `a`, `c`. | string | `""` | no | | ip\_configuration | The ip_configuration settings subblock | object | `` | no | | maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | number | `"1"` | no | | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | number | `"23"` | no | @@ -49,24 +31,8 @@ | pricing\_plan | The pricing plan for the master instance. | string | `"PER_USE"` | no | | project\_id | The project ID to manage the Cloud SQL resources | string | n/a | yes | | random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | bool | `"false"` | no | -| read\_replica\_activation\_policy | The activation policy for the read replica instances. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `"ALWAYS"` | no | -| read\_replica\_configuration | The replica configuration for use in all read replica instances. | object | `` | no | -| read\_replica\_crash\_safe\_replication | The crash safe replication is to indicates when crash-safe replication flags are enabled. | bool | `"true"` | no | -| read\_replica\_database\_flags | The database flags for the read replica instances. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | object | `` | no | -| read\_replica\_disk\_autoresize | Configuration to increase storage size. | bool | `"true"` | no | -| read\_replica\_disk\_size | The disk size for the read replica instances. | number | `"10"` | no | -| read\_replica\_disk\_type | The disk type for the read replica instances. | string | `"PD_SSD"` | no | -| read\_replica\_ip\_configuration | The ip configuration for the read replica instances. | object | `` | no | -| read\_replica\_maintenance\_window\_day | The day of week (1-7) for the read replica instances maintenance. | number | `"1"` | no | -| read\_replica\_maintenance\_window\_hour | The hour of day (0-23) maintenance window for the read replica instances maintenance. | number | `"23"` | no | -| read\_replica\_maintenance\_window\_update\_track | The update track of maintenance window for the read replica instances maintenance. Can be either `canary` or `stable`. | string | `"canary"` | no | | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | string | `""` | no | -| read\_replica\_pricing\_plan | The pricing plan for the read replica instances. | string | `"PER_USE"` | no | -| read\_replica\_replication\_type | The replication type for read replica instances. Can be one of ASYNCHRONOUS or SYNCHRONOUS. | string | `"SYNCHRONOUS"` | no | -| read\_replica\_size | The size of read replicas | number | `"0"` | no | -| read\_replica\_tier | The tier for the read replica instances. | string | `""` | no | -| read\_replica\_user\_labels | The key/value labels for the read replica instances. | map(string) | `` | no | -| read\_replica\_zones | The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas. | string | `""` | no | +| read\_replicas | List of read replicas to create | object | `` | no | | region | The region of the Cloud SQL resources | string | `"us-central1"` | no | | tier | The tier for the master instance. | string | `"db-n1-standard-1"` | no | | update\_timeout | The optional timout that is applied to limit long database updates. | string | `"10m"` | no | @@ -80,12 +46,6 @@ | Name | Description | |------|-------------| -| failover-replica\_instance\_connection\_name | The connection name of the failover-replica instance to be used in connection strings | -| failover-replica\_instance\_first\_ip\_address | The first IPv4 address of the addresses assigned for the failover-replica instance | -| failover-replica\_instance\_name | The instance name for the failover replica instance | -| failover-replica\_instance\_self\_link | The URI of the failover-replica instance | -| failover-replica\_instance\_server\_ca\_cert | The CA certificate information used to connect to the failover-replica instance via SSL | -| failover-replica\_instance\_service\_account\_email\_address | The service account email addresses assigned to the failover-replica instance | | generated\_user\_password | The auto generated default user password if not input password was provided | | instance\_connection\_name | The connection name of the master instance to be used in connection strings | | instance\_first\_ip\_address | The first IPv4 address of the addresses assigned for the master instance. | diff --git a/modules/mysql/failover_replica.tf b/modules/mysql/failover_replica.tf deleted file mode 100644 index 0499d4c2..00000000 --- a/modules/mysql/failover_replica.tf +++ /dev/null @@ -1,112 +0,0 @@ -/** - * Copyright 2019 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -locals { - failover_replica_ip_configuration_enabled = length(keys(var.failover_replica_ip_configuration)) > 0 ? true : false - - failover_replica_ip_configurations = { - enabled = var.failover_replica_ip_configuration - disabled = {} - } -} - -resource "google_sql_database_instance" "failover-replica" { - count = var.failover_replica ? 1 : 0 - project = var.project_id - name = "${var.name}-failover${var.failover_replica_name_suffix}" - database_version = var.database_version - region = var.region - master_instance_name = google_sql_database_instance.default.name - dynamic "replica_configuration" { - for_each = [var.failover_replica_configuration] - content { - ca_certificate = lookup(replica_configuration.value, "ca_certificate", null) - client_certificate = lookup(replica_configuration.value, "client_certificate", null) - client_key = lookup(replica_configuration.value, "client_key", null) - connect_retry_interval = lookup(replica_configuration.value, "connect_retry_interval", null) - dump_file_path = lookup(replica_configuration.value, "dump_file_path", null) - failover_target = lookup(replica_configuration.value, "failover_target", true) - master_heartbeat_period = lookup(replica_configuration.value, "master_heartbeat_period", null) - password = lookup(replica_configuration.value, "password", null) - ssl_cipher = lookup(replica_configuration.value, "ssl_cipher", null) - username = lookup(replica_configuration.value, "username", null) - verify_server_certificate = lookup(replica_configuration.value, "verify_server_certificate", null) - } - } - - settings { - tier = var.failover_replica_tier - activation_policy = var.failover_replica_activation_policy - authorized_gae_applications = var.authorized_gae_applications - dynamic "ip_configuration" { - for_each = [local.failover_replica_ip_configurations[local.failover_replica_ip_configuration_enabled ? "enabled" : "disabled"]] - content { - ipv4_enabled = lookup(ip_configuration.value, "ipv4_enabled", null) - private_network = lookup(ip_configuration.value, "private_network", null) - require_ssl = lookup(ip_configuration.value, "require_ssl", null) - - dynamic "authorized_networks" { - for_each = lookup(ip_configuration.value, "authorized_networks", []) - content { - expiration_time = lookup(authorized_networks.value, "expiration_time", null) - name = lookup(authorized_networks.value, "name", null) - value = lookup(authorized_networks.value, "value", null) - } - } - } - } - - crash_safe_replication = var.failover_replica_crash_safe_replication - disk_autoresize = var.failover_replica_disk_autoresize - disk_size = var.failover_replica_disk_size - disk_type = var.failover_replica_disk_type - pricing_plan = var.failover_replica_pricing_plan - replication_type = var.failover_replica_replication_type - user_labels = var.failover_replica_user_labels - dynamic "database_flags" { - for_each = var.failover_replica_database_flags - content { - name = lookup(database_flags.value, "name", null) - value = lookup(database_flags.value, "value", null) - } - } - - location_preference { - zone = "${var.region}-${var.failover_replica_zone}" - } - - maintenance_window { - day = var.failover_replica_maintenance_window_day - hour = var.failover_replica_maintenance_window_hour - update_track = var.failover_replica_maintenance_window_update_track - } - } - - depends_on = [google_sql_database_instance.default] - - lifecycle { - ignore_changes = [ - settings[0].disk_size - ] - } - - timeouts { - create = var.create_timeout - update = var.update_timeout - delete = var.delete_timeout - } -} - diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf index d965d7f6..866084a6 100644 --- a/modules/mysql/main.tf +++ b/modules/mysql/main.tf @@ -15,6 +15,8 @@ */ locals { + master_instance_name = var.random_instance_name ? "${var.name}-${random_id.suffix[0].hex}" : var.name + default_user_host = "%" ip_configuration_enabled = length(keys(var.ip_configuration)) > 0 ? true : false @@ -40,7 +42,7 @@ resource "random_id" "suffix" { resource "google_sql_database_instance" "default" { provider = google-beta project = var.project_id - name = var.random_instance_name ? "${var.name}-${random_id.suffix[0].hex}" : var.name + name = local.master_instance_name database_version = var.database_version region = var.region encryption_key_name = var.encryption_key_name diff --git a/modules/mysql/outputs.tf b/modules/mysql/outputs.tf index fbb4a77c..c03e4b14 100644 --- a/modules/mysql/outputs.tf +++ b/modules/mysql/outputs.tf @@ -57,66 +57,35 @@ output "instance_service_account_email_address" { // Replicas output "replicas_instance_first_ip_addresses" { - value = google_sql_database_instance.replicas[*].ip_address + value = concat([for r in google_sql_database_instance.replicas : r.ip_address], [""]) description = "The first IPv4 addresses of the addresses assigned for the replica instances" } output "replicas_instance_connection_names" { - value = google_sql_database_instance.replicas[*].connection_name + value = concat([for r in google_sql_database_instance.replicas : r.connection_name], [""]) description = "The connection names of the replica instances to be used in connection strings" } output "replicas_instance_self_links" { - value = google_sql_database_instance.replicas[*].self_link + value = concat([for r in google_sql_database_instance.replicas : r.self_link], [""]) description = "The URIs of the replica instances" } output "replicas_instance_server_ca_certs" { - value = google_sql_database_instance.replicas[*].server_ca_cert + value = concat([for r in google_sql_database_instance.replicas : r.server_ca_cert], [""]) description = "The CA certificates information used to connect to the replica instances via SSL" } output "replicas_instance_service_account_email_addresses" { - value = google_sql_database_instance.replicas[*].service_account_email_address + value = concat([for r in google_sql_database_instance.replicas : r.service_account_email_address], [""]) description = "The service account email addresses assigned to the replica instances" } output "read_replica_instance_names" { - value = google_sql_database_instance.replicas[*].name + value = concat([for r in google_sql_database_instance.replicas : r.name], [""]) description = "The instance names for the read replica instances" } -// Failover Replicas -output "failover-replica_instance_first_ip_address" { - value = google_sql_database_instance.failover-replica[*].ip_address - description = "The first IPv4 address of the addresses assigned for the failover-replica instance" -} - -output "failover-replica_instance_connection_name" { - value = google_sql_database_instance.failover-replica[*].connection_name - description = "The connection name of the failover-replica instance to be used in connection strings" -} - -output "failover-replica_instance_self_link" { - value = google_sql_database_instance.failover-replica[*].self_link - description = "The URI of the failover-replica instance" -} - -output "failover-replica_instance_server_ca_cert" { - value = google_sql_database_instance.failover-replica[*].server_ca_cert - description = "The CA certificate information used to connect to the failover-replica instance via SSL" -} - -output "failover-replica_instance_service_account_email_address" { - value = google_sql_database_instance.failover-replica[*].service_account_email_address - description = "The service account email addresses assigned to the failover-replica instance" -} - -output "failover-replica_instance_name" { - value = google_sql_database_instance.failover-replica[*].name - description = "The instance name for the failover replica instance" -} - output "generated_user_password" { description = "The auto generated default user password if not input password was provided" value = random_id.user-password.hex diff --git a/modules/mysql/read_replica.tf b/modules/mysql/read_replica.tf index c88bad9e..a30fbd6f 100644 --- a/modules/mysql/read_replica.tf +++ b/modules/mysql/read_replica.tf @@ -15,56 +15,29 @@ */ locals { - primary_zone = var.zone - read_replica_zones = compact(split(",", var.read_replica_zones)) - - zone_mapping = { - enabled = local.read_replica_zones - disabled = local.primary_zone - } - - zones_enabled = length(local.read_replica_zones) > 0 - mod_by = local.zones_enabled ? length(local.read_replica_zones) : 1 - - zones = local.zone_mapping[local.zones_enabled ? "enabled" : "disabled"] - - read_replica_ip_configuration_enabled = length(keys(var.read_replica_ip_configuration)) > 0 ? true : false - - read_replica_ip_configurations = { - enabled = var.read_replica_ip_configuration - disabled = {} + replicas = { + for x in var.read_replicas : x.name => x } } resource "google_sql_database_instance" "replicas" { - count = var.read_replica_size + for_each = local.replicas project = var.project_id - name = "${var.name}-replica${var.read_replica_name_suffix}${count.index}" + name = "${local.master_instance_name}-replica${var.read_replica_name_suffix}${each.value.name}" database_version = var.database_version - region = var.region + region = join("-", slice(split("-", lookup(each.value, "zone", var.zone)), 0, 2)) master_instance_name = google_sql_database_instance.default.name - dynamic "replica_configuration" { - for_each = [var.read_replica_configuration] - content { - ca_certificate = lookup(replica_configuration.value, "ca_certificate", null) - client_certificate = lookup(replica_configuration.value, "client_certificate", null) - client_key = lookup(replica_configuration.value, "client_key", null) - connect_retry_interval = lookup(replica_configuration.value, "connect_retry_interval", null) - dump_file_path = lookup(replica_configuration.value, "dump_file_path", null) - failover_target = lookup(replica_configuration.value, "failover_target", false) - master_heartbeat_period = lookup(replica_configuration.value, "master_heartbeat_period", null) - password = lookup(replica_configuration.value, "password", null) - ssl_cipher = lookup(replica_configuration.value, "ssl_cipher", null) - username = lookup(replica_configuration.value, "username", null) - verify_server_certificate = lookup(replica_configuration.value, "verify_server_certificate", null) - } + + replica_configuration { + failover_target = false } settings { - tier = var.read_replica_tier - activation_policy = var.read_replica_activation_policy + tier = lookup(each.value, "tier", var.tier) + activation_policy = "ALWAYS" + dynamic "ip_configuration" { - for_each = [local.read_replica_ip_configurations[local.read_replica_ip_configuration_enabled ? "enabled" : "disabled"]] + for_each = [lookup(each.value, "ip_configuration", {})] content { ipv4_enabled = lookup(ip_configuration.value, "ipv4_enabled", null) private_network = lookup(ip_configuration.value, "private_network", null) @@ -80,17 +53,15 @@ resource "google_sql_database_instance" "replicas" { } } } - authorized_gae_applications = var.authorized_gae_applications - crash_safe_replication = var.read_replica_crash_safe_replication - disk_autoresize = var.read_replica_disk_autoresize - disk_size = var.read_replica_disk_size - disk_type = var.read_replica_disk_type - pricing_plan = var.read_replica_pricing_plan - replication_type = var.read_replica_replication_type - user_labels = var.read_replica_user_labels + disk_autoresize = lookup(each.value, "disk_autoresize", var.disk_autoresize) + disk_size = lookup(each.value, "disk_size", var.disk_size) + disk_type = lookup(each.value, "disk_type", var.disk_type) + pricing_plan = "PER_USE" + user_labels = lookup(each.value, "user_labels", var.user_labels) + dynamic "database_flags" { - for_each = var.read_replica_database_flags + for_each = lookup(each.value, "database_flags", []) content { name = lookup(database_flags.value, "name", null) value = lookup(database_flags.value, "value", null) @@ -98,21 +69,16 @@ resource "google_sql_database_instance" "replicas" { } location_preference { - zone = length(local.zones) == 0 ? "" : "${var.region}-${local.zones[count.index % local.mod_by]}" + zone = lookup(each.value, "zone", var.zone) } - maintenance_window { - day = var.read_replica_maintenance_window_day - hour = var.read_replica_maintenance_window_hour - update_track = var.read_replica_maintenance_window_update_track - } } depends_on = [google_sql_database_instance.default] - lifecycle { ignore_changes = [ - settings[0].disk_size + settings[0].disk_size, + settings[0].maintenance_window, ] } diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index 599f56be..991e2ea9 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -162,300 +162,36 @@ variable "ip_configuration" { } // Read Replicas - -variable "read_replica_configuration" { - description = "The replica configuration for use in all read replica instances." - type = object({ - connect_retry_interval = number - dump_file_path = string - ca_certificate = string - client_certificate = string - client_key = string - failover_target = bool - master_heartbeat_period = number - password = string - ssl_cipher = string - username = string - verify_server_certificate = bool - }) - default = { - connect_retry_interval = null - dump_file_path = null - ca_certificate = null - client_certificate = null - client_key = null - failover_target = null - master_heartbeat_period = null - password = null - ssl_cipher = null - username = null - verify_server_certificate = null - } -} - -variable "read_replica_name_suffix" { - description = "The optional suffix to add to the read instance name" - type = string - default = "" -} - -variable "read_replica_size" { - description = "The size of read replicas" - type = number - default = 0 -} - -variable "read_replica_tier" { - description = "The tier for the read replica instances." - type = string - default = "" -} - -variable "read_replica_zones" { - description = "The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas." - type = string - default = "" -} - -variable "read_replica_activation_policy" { - description = "The activation policy for the read replica instances. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`." - type = string - default = "ALWAYS" -} - -variable "read_replica_crash_safe_replication" { - description = "The crash safe replication is to indicates when crash-safe replication flags are enabled." - type = bool - default = true -} - -variable "read_replica_disk_autoresize" { - description = "Configuration to increase storage size." - type = bool - default = true -} - -variable "read_replica_disk_size" { - description = "The disk size for the read replica instances." - type = number - default = 10 -} - -variable "read_replica_disk_type" { - description = "The disk type for the read replica instances." - type = string - default = "PD_SSD" -} - -variable "read_replica_pricing_plan" { - description = "The pricing plan for the read replica instances." - type = string - default = "PER_USE" -} - -variable "read_replica_replication_type" { - description = "The replication type for read replica instances. Can be one of ASYNCHRONOUS or SYNCHRONOUS." - type = string - default = "SYNCHRONOUS" -} - -variable "read_replica_database_flags" { - description = "The database flags for the read replica instances. See [more details](https://cloud.google.com/sql/docs/mysql/flags)" +variable "read_replicas" { + description = "List of read replicas to create" type = list(object({ - name = string - value = string + name = string + tier = string + zone = string + disk_type = string + disk_autoresize = bool + disk_size = string + user_labels = map(string) + database_flags = list(object({ + name = string + value = string + })) + ip_configuration = object({ + authorized_networks = list(map(string)) + ipv4_enabled = bool + private_network = string + require_ssl = bool + }) })) default = [] } -variable "read_replica_maintenance_window_day" { - description = "The day of week (1-7) for the read replica instances maintenance." - type = number - default = 1 -} - -variable "read_replica_maintenance_window_hour" { - description = "The hour of day (0-23) maintenance window for the read replica instances maintenance." - type = number - default = 23 -} - -variable "read_replica_maintenance_window_update_track" { - description = "The update track of maintenance window for the read replica instances maintenance. Can be either `canary` or `stable`." - type = string - default = "canary" -} - -variable "read_replica_user_labels" { - type = map(string) - default = {} - description = "The key/value labels for the read replica instances." -} - -variable "read_replica_ip_configuration" { - description = "The ip configuration for the read replica instances." - type = object({ - authorized_networks = list(map(string)) - ipv4_enabled = bool - private_network = string - require_ssl = bool - }) - default = { - authorized_networks = [] - ipv4_enabled = true - private_network = null - require_ssl = null - } -} - -// Failover replica - -variable "failover_replica" { - description = "Specify true if the failover instance is required" - type = bool - default = false -} - -variable "failover_replica_name_suffix" { - description = "The optional suffix to add to the failover instance name" - type = string - default = "" -} - -variable "failover_replica_configuration" { - description = "The replica configuration for the failover replica instance. In order to create a failover instance, need to specify this argument." - type = object({ - connect_retry_interval = number - dump_file_path = string - ca_certificate = string - client_certificate = string - client_key = string - failover_target = bool - master_heartbeat_period = number - password = string - ssl_cipher = string - username = string - verify_server_certificate = bool - }) - default = { - connect_retry_interval = null - dump_file_path = null - ca_certificate = null - client_certificate = null - client_key = null - failover_target = null - master_heartbeat_period = null - password = null - ssl_cipher = null - username = null - verify_server_certificate = null - } -} - - -variable "failover_replica_tier" { - description = "The tier for the failover replica instance." - type = string - default = "" -} - -variable "failover_replica_zone" { - description = "The zone for the failover replica instance, it should be something like: `a`, `c`." +variable "read_replica_name_suffix" { + description = "The optional suffix to add to the read instance name" type = string default = "" } -variable "failover_replica_activation_policy" { - description = "The activation policy for the failover replica instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`." - type = string - default = "ALWAYS" -} - -variable "failover_replica_crash_safe_replication" { - description = "The crash safe replication is to indicates when crash-safe replication flags are enabled." - type = bool - default = true -} - -variable "failover_replica_disk_autoresize" { - description = "Configuration to increase storage size." - type = bool - default = true -} - -variable "failover_replica_disk_size" { - description = "The disk size for the failover replica instance." - type = number - default = 10 -} - -variable "failover_replica_disk_type" { - description = "The disk type for the failover replica instance." - type = string - default = "PD_SSD" -} - -variable "failover_replica_pricing_plan" { - description = "The pricing plan for the failover replica instance." - type = string - default = "PER_USE" -} - -variable "failover_replica_replication_type" { - description = "The replication type for the failover replica instance. Can be one of ASYNCHRONOUS or SYNCHRONOUS." - type = string - default = "SYNCHRONOUS" -} - -variable "failover_replica_database_flags" { - description = "The database flags for the failover replica instance. See [more details](https://cloud.google.com/sql/docs/mysql/flags)" - type = list(object({ - name = string - value = string - })) - default = [] -} - -variable "failover_replica_maintenance_window_day" { - description = "The day of week (1-7) for the failover replica instance maintenance." - type = number - default = 1 -} - -variable "failover_replica_maintenance_window_hour" { - description = "The hour of day (0-23) maintenance window for the failover replica instance maintenance." - type = number - default = 23 -} - -variable "failover_replica_maintenance_window_update_track" { - description = "The update track of maintenance window for the failover replica instance maintenance. Can be either `canary` or `stable`." - type = string - default = "canary" -} - -variable "failover_replica_user_labels" { - type = map(string) - default = {} - description = "The key/value labels for the failover replica instance." -} - -variable "failover_replica_ip_configuration" { - description = "The ip configuration for the failover replica instances." - type = object({ - authorized_networks = list(map(string)) - ipv4_enabled = bool - private_network = string - require_ssl = bool - }) - default = { - authorized_networks = [] - ipv4_enabled = true - private_network = null - require_ssl = null - } -} - variable "db_name" { description = "The name of the default database to create" type = string diff --git a/modules/mysql/versions.tf b/modules/mysql/versions.tf index 161d1b9d..0d1e6b64 100644 --- a/modules/mysql/versions.tf +++ b/modules/mysql/versions.tf @@ -17,7 +17,7 @@ terraform { required_version = "~> 0.12.6" required_providers { - google = "~> 3.5" + google = "~> 3.22" null = "~> 2.1" random = "~> 2.2" } diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md index e91db655..65bd4966 100644 --- a/modules/postgresql/README.md +++ b/modules/postgresql/README.md @@ -8,7 +8,6 @@ | activation\_policy | The activation policy for the master instance.Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `"ALWAYS"` | no | | additional\_databases | A list of databases to be created in your cluster | object | `` | no | | additional\_users | A list of users to be created in your cluster | object | `` | no | -| authorized\_gae\_applications | The authorized gae applications for the Cloud SQL instances | list(string) | `` | no | | availability\_type | The availability type for the master instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. | string | `"ZONAL"` | no | | backup\_configuration | The backup_configuration settings subblock for the database setings | object | `` | no | | create\_timeout | The optional timout that is applied to limit long database creates. | string | `"10m"` | no | @@ -31,25 +30,8 @@ | pricing\_plan | The pricing plan for the master instance. | string | `"PER_USE"` | no | | project\_id | The project ID to manage the Cloud SQL resources | string | n/a | yes | | random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | bool | `"false"` | no | -| read\_replica\_activation\_policy | The activation policy for the read replica instances.Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `"ALWAYS"` | no | -| read\_replica\_availability\_type | The availability type for the read replica instances.This is only used to set up high availability for the PostgreSQL instances. Can be either `ZONAL` or `REGIONAL`. | string | `"ZONAL"` | no | -| read\_replica\_configuration | The replica configuration for use in all read replica instances. | object | `` | no | -| read\_replica\_crash\_safe\_replication | The crash safe replication is to indicates when crash-safe replication flags are enabled. | bool | `"true"` | no | -| read\_replica\_database\_flags | The database flags for the read replica instances. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | object | `` | no | -| read\_replica\_disk\_autoresize | Configuration to increase storage size. | bool | `"true"` | no | -| read\_replica\_disk\_size | The disk size for the read replica instances. | number | `"10"` | no | -| read\_replica\_disk\_type | The disk type for the read replica instances. | string | `"PD_SSD"` | no | -| read\_replica\_ip\_configuration | The ip configuration for the read instances. | object | `` | no | -| read\_replica\_maintenance\_window\_day | The day of week (1-7) for the read replica instances maintenance. | number | `"1"` | no | -| read\_replica\_maintenance\_window\_hour | The hour of day (0-23) maintenance window for the read replica instances maintenance. | number | `"23"` | no | -| read\_replica\_maintenance\_window\_update\_track | The update track of maintenance window for the read replica instances maintenance.Can be either `canary` or `stable`. | string | `"canary"` | no | | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | string | `""` | no | -| read\_replica\_pricing\_plan | The pricing plan for the read replica instances. | string | `"PER_USE"` | no | -| read\_replica\_replication\_type | The replication type for read replica instances. Can be one of ASYNCHRONOUS or SYNCHRONOUS. | string | `"SYNCHRONOUS"` | no | -| read\_replica\_size | The size of read replicas | number | `"0"` | no | -| read\_replica\_tier | The tier for the read replica instances. | string | `""` | no | -| read\_replica\_user\_labels | The key/value labels for the read replica instances. | map(string) | `` | no | -| read\_replica\_zones | The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas. | string | `""` | no | +| read\_replicas | List of read replicas to create | object | `` | no | | region | The region of the Cloud SQL resources | string | `"us-central1"` | no | | tier | The tier for the master instance. | string | `"db-f1-micro"` | no | | update\_timeout | The optional timout that is applied to limit long database updates. | string | `"10m"` | no | @@ -74,7 +56,7 @@ | public\_ip\_address | The first public (PRIMARY) IPv4 address assigned for the master instance | | read\_replica\_instance\_names | The instance names for the read replica instances | | replicas\_instance\_connection\_names | The connection names of the replica instances to be used in connection strings | -| replicas\_instance\_ip\_addresses | The IPv4 addresses assigned for the replica instances | +| replicas\_instance\_first\_ip\_addresses | The first IPv4 addresses of the addresses assigned for the replica instances | | replicas\_instance\_self\_links | The URIs of the replica instances | | replicas\_instance\_server\_ca\_certs | The CA certificates information used to connect to the replica instances via SSL | | replicas\_instance\_service\_account\_email\_addresses | The service account email addresses assigned to the replica instances | diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index d74b9281..a1a692e7 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -15,6 +15,8 @@ */ locals { + master_instance_name = var.random_instance_name ? "${var.name}-${random_id.suffix[0].hex}" : var.name + ip_configuration_enabled = length(keys(var.ip_configuration)) > 0 ? true : false ip_configurations = { @@ -35,16 +37,16 @@ resource "random_id" "suffix" { resource "google_sql_database_instance" "default" { provider = google-beta project = var.project_id - name = var.random_instance_name ? "${var.name}-${random_id.suffix[0].hex}" : var.name + name = local.master_instance_name database_version = var.database_version region = var.region encryption_key_name = var.encryption_key_name settings { - tier = var.tier - activation_policy = var.activation_policy - availability_type = var.availability_type - authorized_gae_applications = var.authorized_gae_applications + tier = var.tier + activation_policy = var.activation_policy + availability_type = var.availability_type + dynamic "backup_configuration" { for_each = [var.backup_configuration] content { diff --git a/modules/postgresql/outputs.tf b/modules/postgresql/outputs.tf index 8a10c3ab..506e161c 100644 --- a/modules/postgresql/outputs.tf +++ b/modules/postgresql/outputs.tf @@ -61,33 +61,33 @@ output "instance_service_account_email_address" { } // Replicas -output "replicas_instance_ip_addresses" { - value = google_sql_database_instance.replicas[*].ip_address - description = "The IPv4 addresses assigned for the replica instances" +output "replicas_instance_first_ip_addresses" { + value = concat([for r in google_sql_database_instance.replicas : r.ip_address], [""]) + description = "The first IPv4 addresses of the addresses assigned for the replica instances" } output "replicas_instance_connection_names" { - value = google_sql_database_instance.replicas[*].connection_name + value = concat([for r in google_sql_database_instance.replicas : r.connection_name], [""]) description = "The connection names of the replica instances to be used in connection strings" } output "replicas_instance_self_links" { - value = google_sql_database_instance.replicas[*].self_link + value = concat([for r in google_sql_database_instance.replicas : r.self_link], [""]) description = "The URIs of the replica instances" } output "replicas_instance_server_ca_certs" { - value = google_sql_database_instance.replicas[*].server_ca_cert + value = concat([for r in google_sql_database_instance.replicas : r.server_ca_cert], [""]) description = "The CA certificates information used to connect to the replica instances via SSL" } output "replicas_instance_service_account_email_addresses" { - value = google_sql_database_instance.replicas[*].service_account_email_address + value = concat([for r in google_sql_database_instance.replicas : r.service_account_email_address], [""]) description = "The service account email addresses assigned to the replica instances" } output "read_replica_instance_names" { - value = google_sql_database_instance.replicas[*].name + value = concat([for r in google_sql_database_instance.replicas : r.name], [""]) description = "The instance names for the read replica instances" } diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf index c4c58d0b..aafe0224 100644 --- a/modules/postgresql/read_replica.tf +++ b/modules/postgresql/read_replica.tf @@ -15,58 +15,29 @@ */ locals { - primary_zone = var.zone - read_replica_zones = compact(split(",", var.read_replica_zones)) - - zone_mapping = { - enabled = local.read_replica_zones - disabled = local.primary_zone - } - - zones_enabled = length(local.read_replica_zones) > 0 - mod_by = local.zones_enabled ? length(local.read_replica_zones) : 1 - - zones = local.zone_mapping[local.zones_enabled ? "enabled" : "disabled"] - - read_replica_ip_configuration_enabled = length(keys(var.read_replica_ip_configuration)) > 0 ? true : false - - read_replica_ip_configurations = { - enabled = var.read_replica_ip_configuration - disabled = {} + replicas = { + for x in var.read_replicas : x.name => x } } resource "google_sql_database_instance" "replicas" { - count = var.read_replica_size + for_each = local.replicas project = var.project_id - name = "${var.name}-replica${var.read_replica_name_suffix}${count.index}" + name = "${local.master_instance_name}-replica${var.read_replica_name_suffix}${each.value.name}" database_version = var.database_version - region = var.region + region = join("-", slice(split("-", lookup(each.value, "zone", var.zone)), 0, 2)) master_instance_name = google_sql_database_instance.default.name - dynamic "replica_configuration" { - for_each = [var.read_replica_configuration] - content { - ca_certificate = lookup(replica_configuration.value, "ca_certificate", null) - client_certificate = lookup(replica_configuration.value, "client_certificate", null) - client_key = lookup(replica_configuration.value, "client_key", null) - connect_retry_interval = lookup(replica_configuration.value, "connect_retry_interval", null) - dump_file_path = lookup(replica_configuration.value, "dump_file_path", null) - failover_target = false - master_heartbeat_period = lookup(replica_configuration.value, "master_heartbeat_period", null) - password = lookup(replica_configuration.value, "password", null) - ssl_cipher = lookup(replica_configuration.value, "ssl_cipher", null) - username = lookup(replica_configuration.value, "username", null) - verify_server_certificate = lookup(replica_configuration.value, "verify_server_certificate", null) - } + + replica_configuration { + failover_target = false } settings { - tier = var.read_replica_tier - activation_policy = var.read_replica_activation_policy - authorized_gae_applications = var.authorized_gae_applications - availability_type = var.read_replica_availability_type + tier = lookup(each.value, "tier", var.tier) + activation_policy = "ALWAYS" + dynamic "ip_configuration" { - for_each = [local.read_replica_ip_configurations[local.read_replica_ip_configuration_enabled ? "enabled" : "disabled"]] + for_each = [lookup(each.value, "ip_configuration", {})] content { ipv4_enabled = lookup(ip_configuration.value, "ipv4_enabled", null) private_network = lookup(ip_configuration.value, "private_network", null) @@ -83,15 +54,14 @@ resource "google_sql_database_instance" "replicas" { } } - crash_safe_replication = var.read_replica_crash_safe_replication - disk_autoresize = var.read_replica_disk_autoresize - disk_size = var.read_replica_disk_size - disk_type = var.read_replica_disk_type - pricing_plan = var.read_replica_pricing_plan - replication_type = var.read_replica_replication_type - user_labels = var.read_replica_user_labels + disk_autoresize = lookup(each.value, "disk_autoresize", var.disk_autoresize) + disk_size = lookup(each.value, "disk_size", var.disk_size) + disk_type = lookup(each.value, "disk_type", var.disk_type) + pricing_plan = "PER_USE" + user_labels = lookup(each.value, "user_labels", var.user_labels) + dynamic "database_flags" { - for_each = var.read_replica_database_flags + for_each = lookup(each.value, "database_flags", []) content { name = lookup(database_flags.value, "name", null) value = lookup(database_flags.value, "value", null) @@ -99,26 +69,20 @@ resource "google_sql_database_instance" "replicas" { } location_preference { - zone = length(local.zones) == 0 ? "" : "${var.region}-${local.zones[count.index % local.mod_by]}" + zone = lookup(each.value, "zone", var.zone) } - maintenance_window { - day = var.read_replica_maintenance_window_day - hour = var.read_replica_maintenance_window_hour - update_track = var.read_replica_maintenance_window_update_track - } } depends_on = [google_sql_database_instance.default] - lifecycle { ignore_changes = [ - settings[0].disk_size + settings[0].disk_size, + settings[0].maintenance_window, ] } - timeouts { create = var.create_timeout update = var.update_timeout diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index 891ad14c..a333ac49 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -134,12 +134,6 @@ variable "backup_configuration" { } } -variable "authorized_gae_applications" { - description = "The authorized gae applications for the Cloud SQL instances" - type = list(string) - default = [] -} - variable "ip_configuration" { description = "The ip configuration for the master instances." type = object({ @@ -156,137 +150,35 @@ variable "ip_configuration" { } } -variable "read_replica_size" { - description = "The size of read replicas" - type = number - default = 0 -} - -variable "read_replica_name_suffix" { - description = "The optional suffix to add to the read instance name" - type = string - default = "" -} - -variable "read_replica_tier" { - description = "The tier for the read replica instances." - type = string - default = "" -} - -variable "read_replica_zones" { - description = "The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas." - type = string - default = "" -} - -variable "read_replica_activation_policy" { - description = "The activation policy for the read replica instances.Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`." - type = string - default = "ALWAYS" -} - -variable "read_replica_availability_type" { - description = "The availability type for the read replica instances.This is only used to set up high availability for the PostgreSQL instances. Can be either `ZONAL` or `REGIONAL`." - type = string - default = "ZONAL" -} - -variable "read_replica_crash_safe_replication" { - description = "The crash safe replication is to indicates when crash-safe replication flags are enabled." - type = bool - default = true -} - -variable "read_replica_disk_autoresize" { - description = "Configuration to increase storage size." - type = bool - default = true -} - -variable "read_replica_disk_size" { - description = "The disk size for the read replica instances." - type = number - default = 10 -} - -variable "read_replica_disk_type" { - description = "The disk type for the read replica instances." - type = string - default = "PD_SSD" -} - -variable "read_replica_pricing_plan" { - description = "The pricing plan for the read replica instances." - type = string - default = "PER_USE" -} - -variable "read_replica_maintenance_window_day" { - description = "The day of week (1-7) for the read replica instances maintenance." - type = number - default = 1 -} - -variable "read_replica_maintenance_window_hour" { - description = "The hour of day (0-23) maintenance window for the read replica instances maintenance." - type = number - default = 23 -} - -variable "read_replica_maintenance_window_update_track" { - description = "The update track of maintenance window for the read replica instances maintenance.Can be either `canary` or `stable`." - type = string - default = "canary" -} - -variable "read_replica_database_flags" { - description = "The database flags for the read replica instances. See [more details](https://cloud.google.com/sql/docs/mysql/flags)" +// Read Replicas +variable "read_replicas" { + description = "List of read replicas to create" type = list(object({ - name = string - value = string + name = string + tier = string + zone = string + disk_type = string + disk_autoresize = bool + disk_size = string + user_labels = map(string) + database_flags = list(object({ + name = string + value = string + })) + ip_configuration = object({ + authorized_networks = list(map(string)) + ipv4_enabled = bool + private_network = string + require_ssl = bool + }) })) default = [] } -variable "read_replica_configuration" { - description = "The replica configuration for use in all read replica instances." - type = object({ - connect_retry_interval = number - dump_file_path = string - }) - default = { - connect_retry_interval = null - dump_file_path = null - } -} - -variable "read_replica_user_labels" { - description = "The key/value labels for the read replica instances." - type = map(string) - default = {} -} - -variable "read_replica_replication_type" { - description = "The replication type for read replica instances. Can be one of ASYNCHRONOUS or SYNCHRONOUS." +variable "read_replica_name_suffix" { + description = "The optional suffix to add to the read instance name" type = string - default = "SYNCHRONOUS" -} - -variable "read_replica_ip_configuration" { - description = "The ip configuration for the read instances." - type = object({ - authorized_networks = list(map(string)) - ipv4_enabled = bool - private_network = string - require_ssl = bool - }) - default = { - authorized_networks = [] - ipv4_enabled = true - private_network = null - require_ssl = null - } + default = "" } variable "db_name" { diff --git a/modules/safer_mysql/README.md b/modules/safer_mysql/README.md index dd611cd3..5f1ec311 100644 --- a/modules/safer_mysql/README.md +++ b/modules/safer_mysql/README.md @@ -181,23 +181,6 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p | disk\_autoresize | Configuration to increase storage size | bool | `"true"` | no | | disk\_size | The disk size for the master instance | number | `"10"` | no | | disk\_type | The disk type for the master instance. | string | `"PD_SSD"` | no | -| failover\_replica | Specify true if the failover instance is required | bool | `"false"` | no | -| failover\_replica\_activation\_policy | The activation policy for the failover replica instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `"ALWAYS"` | no | -| failover\_replica\_configuration | The replica configuration for the failover replica instance. In order to create a failover instance, need to specify this argument. | object | `` | no | -| failover\_replica\_crash\_safe\_replication | The crash safe replication is to indicates when crash-safe replication flags are enabled. | bool | `"true"` | no | -| failover\_replica\_database\_flags | The database flags for the failover replica instance. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | object | `` | no | -| failover\_replica\_disk\_autoresize | Configuration to increase storage size. | bool | `"true"` | no | -| failover\_replica\_disk\_size | The disk size for the failover replica instance. | number | `"10"` | no | -| failover\_replica\_disk\_type | The disk type for the failover replica instance. | string | `"PD_SSD"` | no | -| failover\_replica\_maintenance\_window\_day | The day of week (1-7) for the failover replica instance maintenance. | number | `"1"` | no | -| failover\_replica\_maintenance\_window\_hour | The hour of day (0-23) maintenance window for the failover replica instance maintenance. | number | `"23"` | no | -| failover\_replica\_maintenance\_window\_update\_track | The update track of maintenance window for the failover replica instance maintenance. Can be either `canary` or `stable`. | string | `"canary"` | no | -| failover\_replica\_name\_suffix | The optional suffix to add to the failover instance name | string | `""` | no | -| failover\_replica\_pricing\_plan | The pricing plan for the failover replica instance. | string | `"PER_USE"` | no | -| failover\_replica\_replication\_type | The replication type for the failover replica instance. Can be one of ASYNCHRONOUS or SYNCHRONOUS. | string | `"SYNCHRONOUS"` | no | -| failover\_replica\_tier | The tier for the failover replica instance. | string | `""` | no | -| failover\_replica\_user\_labels | The key/value labels for the failover replica instance. | map(string) | `` | no | -| failover\_replica\_zone | The zone for the failover replica instance, it should be something like: `a`, `c`. | string | `""` | no | | maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | number | `"1"` | no | | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | number | `"23"` | no | | maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | string | `"stable"` | no | @@ -206,23 +189,8 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p | pricing\_plan | The pricing plan for the master instance. | string | `"PER_USE"` | no | | project\_id | The project ID to manage the Cloud SQL resources | string | n/a | yes | | random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | bool | `"false"` | no | -| read\_replica\_activation\_policy | The activation policy for the read replica instances. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | string | `"ALWAYS"` | no | -| read\_replica\_configuration | The replica configuration for use in all read replica instances. | object | `` | no | -| read\_replica\_crash\_safe\_replication | The crash safe replication is to indicates when crash-safe replication flags are enabled. | bool | `"true"` | no | -| read\_replica\_database\_flags | The database flags for the read replica instances. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | object | `` | no | -| read\_replica\_disk\_autoresize | Configuration to increase storage size. | bool | `"true"` | no | -| read\_replica\_disk\_size | The disk size for the read replica instances. | number | `"10"` | no | -| read\_replica\_disk\_type | The disk type for the read replica instances. | string | `"PD_SSD"` | no | -| read\_replica\_maintenance\_window\_day | The day of week (1-7) for the read replica instances maintenance. | number | `"1"` | no | -| read\_replica\_maintenance\_window\_hour | The hour of day (0-23) maintenance window for the read replica instances maintenance. | number | `"23"` | no | -| read\_replica\_maintenance\_window\_update\_track | The update track of maintenance window for the read replica instances maintenance. Can be either `canary` or `stable`. | string | `"canary"` | no | | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | string | `""` | no | -| read\_replica\_pricing\_plan | The pricing plan for the read replica instances. | string | `"PER_USE"` | no | -| read\_replica\_replication\_type | The replication type for read replica instances. Can be one of ASYNCHRONOUS or SYNCHRONOUS. | string | `"SYNCHRONOUS"` | no | -| read\_replica\_size | The size of read replicas | number | `"0"` | no | -| read\_replica\_tier | The tier for the read replica instances. | string | `""` | no | -| read\_replica\_user\_labels | The key/value labels for the read replica instances. | map(string) | `` | no | -| read\_replica\_zones | The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas. | string | `""` | no | +| read\_replicas | List of read replicas to create | object | `` | no | | region | The region of the Cloud SQL resources | string | n/a | yes | | tier | The tier for the master instance. | string | `"db-n1-standard-1"` | no | | update\_timeout | The optional timout that is applied to limit long database updates. | string | `"15m"` | no | @@ -236,10 +204,6 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p | Name | Description | |------|-------------| -| failover-replica\_instance\_connection\_name | The connection name of the failover-replica instance to be used in connection strings | -| failover-replica\_instance\_name | The instance name for the failover replica instance | -| failover-replica\_instance\_self\_link | The URI of the failover-replica instance | -| failover-replica\_instance\_service\_account\_email\_address | The service account email addresses assigned to the failover-replica instance | | generated\_user\_password | The auto generated default user password if not input password was provided | | instance\_connection\_name | The connection name of the master instance to be used in connection strings | | instance\_ip\_address | The IPv4 address assigned for the master instance | diff --git a/modules/safer_mysql/main.tf b/modules/safer_mysql/main.tf index 207a2bdf..7595671a 100644 --- a/modules/safer_mysql/main.tf +++ b/modules/safer_mysql/main.tf @@ -66,57 +66,9 @@ module "safer_mysql" { additional_users = var.additional_users // Read replica + read_replica_name_suffix = var.read_replica_name_suffix + read_replicas = var.read_replicas - read_replica_configuration = var.read_replica_configuration - read_replica_name_suffix = var.read_replica_name_suffix - read_replica_size = var.read_replica_size - read_replica_tier = var.read_replica_tier - read_replica_zones = var.read_replica_zones - read_replica_activation_policy = var.read_replica_activation_policy - read_replica_crash_safe_replication = var.read_replica_crash_safe_replication - read_replica_disk_autoresize = var.read_replica_disk_autoresize - read_replica_disk_size = var.read_replica_disk_size - read_replica_disk_type = var.read_replica_disk_type - read_replica_pricing_plan = var.read_replica_pricing_plan - read_replica_replication_type = var.read_replica_replication_type - read_replica_database_flags = var.read_replica_database_flags - read_replica_maintenance_window_day = var.read_replica_maintenance_window_day - read_replica_maintenance_window_hour = var.read_replica_maintenance_window_hour - read_replica_maintenance_window_update_track = var.read_replica_maintenance_window_update_track - read_replica_user_labels = var.read_replica_user_labels - read_replica_ip_configuration = { - // If the main instance needs a public IP, we'll associate one at the replica too. - ipv4_enabled = var.assign_public_ip - authorized_networks = [] - private_network = var.vpc_network - require_ssl = true - } - - - // Failover replica - failover_replica = var.failover_replica - failover_replica_name_suffix = var.failover_replica_name_suffix - failover_replica_configuration = var.failover_replica_configuration - failover_replica_tier = var.failover_replica_tier - failover_replica_zone = var.failover_replica_zone - failover_replica_activation_policy = var.failover_replica_activation_policy - failover_replica_crash_safe_replication = var.failover_replica_crash_safe_replication - failover_replica_disk_autoresize = var.failover_replica_disk_autoresize - failover_replica_disk_size = var.failover_replica_disk_size - failover_replica_disk_type = var.failover_replica_disk_type - failover_replica_pricing_plan = var.failover_replica_pricing_plan - failover_replica_replication_type = var.failover_replica_replication_type - failover_replica_database_flags = var.failover_replica_database_flags - failover_replica_maintenance_window_day = var.failover_replica_maintenance_window_day - failover_replica_maintenance_window_hour = var.failover_replica_maintenance_window_hour - failover_replica_maintenance_window_update_track = var.failover_replica_maintenance_window_update_track - failover_replica_user_labels = var.failover_replica_user_labels - failover_replica_ip_configuration = { - ipv4_enabled = var.assign_public_ip - authorized_networks = [] - private_network = var.vpc_network - require_ssl = true - } create_timeout = var.create_timeout update_timeout = var.update_timeout delete_timeout = var.delete_timeout diff --git a/modules/safer_mysql/outputs.tf b/modules/safer_mysql/outputs.tf index 065e1e2e..819f48ec 100644 --- a/modules/safer_mysql/outputs.tf +++ b/modules/safer_mysql/outputs.tf @@ -57,27 +57,6 @@ output "read_replica_instance_names" { description = "The instance names for the read replica instances" } -// Failover Replicas -output "failover-replica_instance_connection_name" { - value = module.safer_mysql.failover-replica_instance_connection_name - description = "The connection name of the failover-replica instance to be used in connection strings" -} - -output "failover-replica_instance_self_link" { - value = module.safer_mysql.failover-replica_instance_self_link - description = "The URI of the failover-replica instance" -} - -output "failover-replica_instance_service_account_email_address" { - value = module.safer_mysql.failover-replica_instance_service_account_email_address - description = "The service account email addresses assigned to the failover-replica instance" -} - -output "failover-replica_instance_name" { - value = module.safer_mysql.failover-replica_instance_name - description = "The instance name for the failover replica instance" -} - output "generated_user_password" { description = "The auto generated default user password if not input password was provided" value = module.safer_mysql.generated_user_password diff --git a/modules/safer_mysql/variables.tf b/modules/safer_mysql/variables.tf index 8a8f4fa1..024449fd 100644 --- a/modules/safer_mysql/variables.tf +++ b/modules/safer_mysql/variables.tf @@ -156,267 +156,36 @@ variable "assign_public_ip" { } // Read Replicas - -variable "read_replica_configuration" { - description = "The replica configuration for use in all read replica instances." - type = object({ - connect_retry_interval = number - dump_file_path = string - ca_certificate = string - client_certificate = string - client_key = string - failover_target = bool - master_heartbeat_period = number - password = string - ssl_cipher = string - username = string - verify_server_certificate = bool - }) - default = { - connect_retry_interval = null - dump_file_path = null - ca_certificate = null - client_certificate = null - client_key = null - failover_target = null - master_heartbeat_period = null - password = null - ssl_cipher = null - username = null - verify_server_certificate = null - } -} - variable "read_replica_name_suffix" { description = "The optional suffix to add to the read instance name" type = string default = "" } -variable "read_replica_size" { - description = "The size of read replicas" - type = number - default = 0 -} - -variable "read_replica_tier" { - description = "The tier for the read replica instances." - type = string - default = "" -} - -variable "read_replica_zones" { - description = "The zones for the read replica instancess, it should be something like: `a,b,c`. Given zones are used rotationally for creating read replicas." - type = string - default = "" -} - -variable "read_replica_activation_policy" { - description = "The activation policy for the read replica instances. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`." - type = string - default = "ALWAYS" -} - -variable "read_replica_crash_safe_replication" { - description = "The crash safe replication is to indicates when crash-safe replication flags are enabled." - type = bool - default = true -} - -variable "read_replica_disk_autoresize" { - description = "Configuration to increase storage size." - type = bool - default = true -} - -variable "read_replica_disk_size" { - description = "The disk size for the read replica instances." - type = number - default = 10 -} - -variable "read_replica_disk_type" { - description = "The disk type for the read replica instances." - type = string - default = "PD_SSD" -} - -variable "read_replica_pricing_plan" { - description = "The pricing plan for the read replica instances." - type = string - default = "PER_USE" -} - -variable "read_replica_replication_type" { - description = "The replication type for read replica instances. Can be one of ASYNCHRONOUS or SYNCHRONOUS." - type = string - default = "SYNCHRONOUS" -} - -variable "read_replica_database_flags" { - description = "The database flags for the read replica instances. See [more details](https://cloud.google.com/sql/docs/mysql/flags)" - type = list(object({ - name = string - value = string - })) - default = [] -} - -variable "read_replica_maintenance_window_day" { - description = "The day of week (1-7) for the read replica instances maintenance." - type = number - default = 1 -} - -variable "read_replica_maintenance_window_hour" { - description = "The hour of day (0-23) maintenance window for the read replica instances maintenance." - type = number - default = 23 -} - -variable "read_replica_maintenance_window_update_track" { - description = "The update track of maintenance window for the read replica instances maintenance. Can be either `canary` or `stable`." - type = string - default = "canary" -} - -variable "read_replica_user_labels" { - type = map(string) - default = {} - description = "The key/value labels for the read replica instances." -} - -// Failover replica - -variable "failover_replica" { - description = "Specify true if the failover instance is required" - type = bool - default = false -} - -variable "failover_replica_name_suffix" { - description = "The optional suffix to add to the failover instance name" - type = string - default = "" -} - -variable "failover_replica_configuration" { - description = "The replica configuration for the failover replica instance. In order to create a failover instance, need to specify this argument." - type = object({ - connect_retry_interval = number - dump_file_path = string - ca_certificate = string - client_certificate = string - client_key = string - failover_target = bool - master_heartbeat_period = number - password = string - ssl_cipher = string - username = string - verify_server_certificate = bool - }) - default = { - connect_retry_interval = null - dump_file_path = null - ca_certificate = null - client_certificate = null - client_key = null - failover_target = null - master_heartbeat_period = null - password = null - ssl_cipher = null - username = null - verify_server_certificate = null - } -} - -variable "failover_replica_tier" { - description = "The tier for the failover replica instance." - type = string - default = "" -} - -variable "failover_replica_zone" { - description = "The zone for the failover replica instance, it should be something like: `a`, `c`." - type = string - default = "" -} - -variable "failover_replica_activation_policy" { - description = "The activation policy for the failover replica instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`." - type = string - default = "ALWAYS" -} - -variable "failover_replica_crash_safe_replication" { - description = "The crash safe replication is to indicates when crash-safe replication flags are enabled." - type = bool - default = true -} - -variable "failover_replica_disk_autoresize" { - description = "Configuration to increase storage size." - type = bool - default = true -} - -variable "failover_replica_disk_size" { - description = "The disk size for the failover replica instance." - type = number - default = 10 -} - -variable "failover_replica_disk_type" { - description = "The disk type for the failover replica instance." - type = string - default = "PD_SSD" -} - -variable "failover_replica_pricing_plan" { - description = "The pricing plan for the failover replica instance." - type = string - default = "PER_USE" -} - -variable "failover_replica_replication_type" { - description = "The replication type for the failover replica instance. Can be one of ASYNCHRONOUS or SYNCHRONOUS." - type = string - default = "SYNCHRONOUS" -} - -variable "failover_replica_database_flags" { - description = "The database flags for the failover replica instance. See [more details](https://cloud.google.com/sql/docs/mysql/flags)" +variable "read_replicas" { + description = "List of read replicas to create" type = list(object({ - name = string - value = string + name = string + tier = string + zone = string + disk_type = string + disk_autoresize = bool + disk_size = string + user_labels = map(string) + database_flags = list(object({ + name = string + value = string + })) + ip_configuration = object({ + authorized_networks = list(map(string)) + ipv4_enabled = bool + private_network = string + require_ssl = bool + }) })) default = [] } -variable "failover_replica_maintenance_window_day" { - description = "The day of week (1-7) for the failover replica instance maintenance." - type = number - default = 1 -} - -variable "failover_replica_maintenance_window_hour" { - description = "The hour of day (0-23) maintenance window for the failover replica instance maintenance." - type = number - default = 23 -} - -variable "failover_replica_maintenance_window_update_track" { - description = "The update track of maintenance window for the failover replica instance maintenance. Can be either `canary` or `stable`." - type = string - default = "canary" -} - -variable "failover_replica_user_labels" { - type = map(string) - default = {} - description = "The key/value labels for the failover replica instance." -} - variable "db_name" { description = "The name of the default database to create" type = string diff --git a/test/integration/mysql-ha/controls/mysql.rb b/test/integration/mysql-ha/controls/mysql.rb index 83bc3deb..1e32a9fa 100644 --- a/test/integration/mysql-ha/controls/mysql.rb +++ b/test/integration/mysql-ha/controls/mysql.rb @@ -78,7 +78,6 @@ let(:ip_configuration) { settings[:ip_configuration] } let(:database_flags) { settings[:database_flags] } let(:location_preference) { settings[:location_preference] } - let(:maintenance_window) { settings[:maintenance_window] } let(:user_labels) { settings[:user_labels] } its(:backend_type) { should eq 'SECOND_GEN' } @@ -91,7 +90,6 @@ it { expect(ip_configuration).to include(authorized_networks: [{kind: 'sql#aclEntry', name: "#{project_id}-cidr", value: authorized_network}], ipv4_enabled: true, require_ssl: false) } it { expect(database_flags).to include(name: "long_query_time", value: "1") } it { expect(location_preference).to include(kind: "sql#locationPreference", zone: "us-central1-#{zone}") } - it { expect(maintenance_window).to include(kind: "sql#maintenanceWindow", day: 1, hour: 22, update_track: "stable") } it { expect(user_labels).to include(bar: "baz") } end end diff --git a/test/integration/postgresql-ha/controls/pg.rb b/test/integration/postgresql-ha/controls/pg.rb index e1ea63c4..655afec9 100644 --- a/test/integration/postgresql-ha/controls/pg.rb +++ b/test/integration/postgresql-ha/controls/pg.rb @@ -78,7 +78,6 @@ let(:ip_configuration) { settings[:ip_configuration] } let(:database_flags) { settings[:database_flags] } let(:location_preference) { settings[:location_preference] } - let(:maintenance_window) { settings[:maintenance_window] } let(:user_labels) { settings[:user_labels] } its(:backend_type) { should eq 'SECOND_GEN' } @@ -91,7 +90,6 @@ it { expect(ip_configuration).to include(authorized_networks: [{kind: 'sql#aclEntry', name: "#{project_id}-cidr", value: authorized_network}], ipv4_enabled: true, require_ssl: false) } it { expect(database_flags).to include(name: "autovacuum", value: "off") } it { expect(location_preference).to include(kind: "sql#locationPreference", zone: "us-central1-#{zone}") } - it { expect(maintenance_window).to include(kind: "sql#maintenanceWindow", day: 1, hour: 22, update_track: "stable") } it { expect(user_labels).to include(bar: "baz") } end end From fccb9d39822995862598f3ea8bfe8a65b121c870 Mon Sep 17 00:00:00 2001 From: Pascal Bourdier Date: Fri, 5 Jun 2020 15:34:00 +0200 Subject: [PATCH 2/2] chore: fix typo in doc for postgres examples (#120) --- examples/postgresql-ha/main.tf | 2 +- examples/postgresql-public/main.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/postgresql-ha/main.tf b/examples/postgresql-ha/main.tf index 9fedb551..30cbd2ee 100644 --- a/examples/postgresql-ha/main.tf +++ b/examples/postgresql-ha/main.tf @@ -34,7 +34,7 @@ locals { /* Random instance name needed because: "You cannot reuse an instance name for up to a week after you have deleted an instance." - See https://cloud.google.com/sql/docs/mysql/delete-instance for details. + See https://cloud.google.com/sql/docs/postgres/delete-instance for details. */ instance_name = "${var.pg_ha_name}-${random_id.instance_name_suffix.hex}" diff --git a/examples/postgresql-public/main.tf b/examples/postgresql-public/main.tf index d92f72f7..e7ab8549 100644 --- a/examples/postgresql-public/main.tf +++ b/examples/postgresql-public/main.tf @@ -39,7 +39,7 @@ locals { /* Random instance name needed because: "You cannot reuse an instance name for up to a week after you have deleted an instance." - See https://cloud.google.com/sql/docs/mysql/delete-instance for details. + See https://cloud.google.com/sql/docs/postgres/delete-instance for details. */ instance_name = "${var.db_name}-${random_id.name.hex}" }