projects / arvados.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 88864c4)
21832: Adds 'use_rds' TF var to create additional VPC resources.
authorLucas Di Pentima <lucas.dipentima@curii.com>
Fri, 7 Jun 2024 19:15:17 +0000 (16:15 -0300)
committerLucas Di Pentima <lucas.dipentima@curii.com>
Thu, 13 Jun 2024 18:14:42 +0000 (15:14 -0300)
Even though an RDS instance supposedly can be set up as single-AZ,
it requires to be related to a DB Subnet Group resource, which in turn
requires at least 2 subnets from different AZs.
So, when enabling 'use_rds' this code creates a new subnet on a different
AZ from the one that private_subnet is in.
It also supports specifying a custom additional subnet id.

Arvados-DCO-1.1-Signed-off-by: Lucas Di Pentima <lucas.dipentima@curii.com>

tools/salt-install/terraform/aws/vpc/locals.tf patch | blob | history
tools/salt-install/terraform/aws/vpc/main.tf patch | blob | history
tools/salt-install/terraform/aws/vpc/outputs.tf patch | blob | history
tools/salt-install/terraform/aws/vpc/terraform.tfvars patch | blob | history
tools/salt-install/terraform/aws/vpc/variables.tf patch | blob | history

diff --git a/tools/salt-install/terraform/aws/vpc/locals.tf b/tools/salt-install/terraform/aws/vpc/locals.tf
index 7f433950fe99764d25f6490a198f79ef1747cf23..46bc2d170be6267713d499b37ef46c8d2a9f9863 100644 (file)
--- a/tools/salt-install/terraform/aws/vpc/locals.tf
+++ b/tools/salt-install/terraform/aws/vpc/locals.tf
@@ -20,6 +20,7 @@ locals {
 
   private_subnet_id = one(aws_subnet.private_subnet[*]) != null ? one(aws_subnet.private_subnet[*]).id : var.private_subnet_id
   public_subnet_id = one(aws_subnet.public_subnet[*]) != null ? one(aws_subnet.public_subnet[*]).id : var.public_subnet_id
+  additional_rds_subnet_id = one(aws_subnet.additional_rds_subnet[*]) != null ? one(aws_subnet.additional_rds_subnet[*]).id : var.additional_rds_subnet_id
 
   public_hosts = var.private_only ? [] : var.user_facing_hosts
   private_hosts = concat(
@@ -38,4 +39,5 @@ locals {
       }
     ]
   ])
+  use_rds = var.use_rds
 }
diff --git a/tools/salt-install/terraform/aws/vpc/main.tf b/tools/salt-install/terraform/aws/vpc/main.tf
index da98f1ac8357af95ba6bed2f8aa61027ed8a5783..dbd17e062cda922214528a46a6f9615ba2039c05 100644 (file)
--- a/tools/salt-install/terraform/aws/vpc/main.tf
+++ b/tools/salt-install/terraform/aws/vpc/main.tf
@@ -62,6 +62,23 @@ resource "aws_subnet" "private_subnet" {
   }
 }
 
+#
+# Additional subnet on a different AZ is required if RDS is enabled
+#
+resource "aws_subnet" "additional_rds_subnet" {
+  count = (var.additional_rds_subnet_id == "" && local.use_rds) ? 1 : 0
+  vpc_id = local.arvados_vpc_id
+  availability_zone = data.aws_availability_zones.available.names[1]
+  cidr_block = "10.1.3.0/24"
+
+  lifecycle {
+    precondition {
+      condition = (var.vpc_id == "")
+      error_message = "additional_rds_subnet_id should be set if vpc_id is also set"
+    }
+  }
+}
+
 #
 # VPC S3 access
 #
diff --git a/tools/salt-install/terraform/aws/vpc/outputs.tf b/tools/salt-install/terraform/aws/vpc/outputs.tf
index 9424193b52e99d61278f218b77ab06df81f29eae..dc2c8faebd65820716c7eba3108acd809f0a41d8 100644 (file)
--- a/tools/salt-install/terraform/aws/vpc/outputs.tf
+++ b/tools/salt-install/terraform/aws/vpc/outputs.tf
@@ -21,6 +21,10 @@ output "arvados_sg_id" {
   value = local.arvados_sg_id
 }
 
+output "additional_rds_subnet_id" {
+  value = local.use_rds ? local.additional_rds_subnet_id : ""
+}
+
 output "eip_id" {
   value = { for k, v in aws_eip.arvados_eip: k => v.id }
 }
@@ -82,3 +86,7 @@ output "domain_name" {
 output "custom_tags" {
   value = var.custom_tags
 }
+
+output "use_rds" {
+  value = var.use_rds
+}
diff --git a/tools/salt-install/terraform/aws/vpc/terraform.tfvars b/tools/salt-install/terraform/aws/vpc/terraform.tfvars
index 867034624429e49fb2646f18fccefaf072b95fd0..b2aab6233845e7dd850c6d46e129fbfd3b15888c 100644 (file)
--- a/tools/salt-install/terraform/aws/vpc/terraform.tfvars
+++ b/tools/salt-install/terraform/aws/vpc/terraform.tfvars
@@ -13,10 +13,15 @@
 # Optional networking options. Set existing resources to be used instead of
 # creating new ones.
 # NOTE: We only support fully managed or fully custom networking, not a mix of both.
+#
 # vpc_id = "vpc-aaaa"
 # sg_id = "sg-bbbb"
 # public_subnet_id = "subnet-cccc"
 # private_subnet_id = "subnet-dddd"
+#
+# RDS related parameters:
+# use_rds = true
+# additional_rds_subnet_id = "subnet-eeee"
 
 # Optional custom tags to add to every resource. Default: {}
 # custom_tags = {
diff --git a/tools/salt-install/terraform/aws/vpc/variables.tf b/tools/salt-install/terraform/aws/vpc/variables.tf
index c8d366a199dc435aa078fc13583a40c1df764e62..6721ffefa21d276deedd8f396eb5f7609863b1de 100644 (file)
--- a/tools/salt-install/terraform/aws/vpc/variables.tf
+++ b/tools/salt-install/terraform/aws/vpc/variables.tf
@@ -79,6 +79,12 @@ variable "sg_id" {
   default = ""
 }
 
+variable "additional_rds_subnet_id" {
+  description = "Use existing subnet for RDS instead of creating one for the cluster"
+  type = string
+  default = ""
+}
+
 variable "private_subnet_id" {
   description = "Use existing private subnet instead of creating one for the cluster"
   type = string
@@ -95,4 +101,10 @@ variable "custom_tags" {
   description = "Apply customized tags to every resource on the cluster"
   type = map(string)
   default = {}
+}
+
+variable "use_rds" {
+  description = "Enable this to create an RDS instance as the cluster's database service"
+  type = bool
+  default = false
 }
\ No newline at end of file