Merge pull request #537 from lsst/tickets/DM-46039

DM-46039: Butler Registry DP02 Modules Update and Dev Deployment
lsst · Sep 17, 2024 · 2569b92 · 2569b92
2 parents 419dfbf + a35e6fe
commit 2569b92
Show file tree

Hide file tree

Showing 3 changed files with 268 additions and 59 deletions.
diff --git a/environment/deployments/science-platform/cloudsql/main.tf b/environment/deployments/science-platform/cloudsql/main.tf
@@ -1,3 +1,4 @@
+# Butler Registry Original.  Conditionally enabled with enable_butler_registry variable.  Remove after migration to Butler Registry DP02
 module "private-postgres" {
   source = "../../../../modules/cloudsql/postgres-private"
   authorized_networks = [
@@ -6,23 +7,59 @@ module "private-postgres" {
       "value" : "130.211.0.0/28"
     }
   ]
-  database_version    = var.butler_database_version
-  db_name             = var.butler_db_name
-  tier                = var.butler_tier
-  database_flags      = var.butler_database_flags
-  names               = ["service-account"]
-  project_roles       = ["${var.project_id}=>roles/cloudsql.client"]
-  project_id          = var.project_id
-  vpc_network         = var.network
-  ipv4_enabled        = var.butler_ipv4_enabled
-  require_ssl         = var.butler_require_ssl
-  deletion_protection = true
+  database_version                = var.butler_registry_database_version
+  db_name                         = var.butler_registry_db_name
+  tier                            = var.butler_registry_tier
+  database_flags                  = var.butler_registry_database_flags
+  maintenance_window_day          = var.butler_registry_db_maintenance_window_day
+  maintenance_window_hour         = var.butler_registry_db_maintenance_window_hour
+  maintenance_window_update_track = var.butler_registry_db_maintenance_window_update_track
+  names                           = ["service-account"]
+  project_roles                   = ["${var.project_id}=>roles/cloudsql.client"]
+  project_id                      = var.project_id
+  vpc_network                     = var.network
+  ipv4_enabled                    = var.butler_registry_ipv4_enabled
+  require_ssl                     = var.butler_registry_require_ssl
+  deletion_protection             = true
+
+  backup_configuration = {
+    enabled                        = var.butler_registry_backups_enabled
+    start_time                     = var.butler_registry_backups_start_time
+    location                       = "us-central1"
+    point_in_time_recovery_enabled = var.butler_registry_backups_point_in_time_recovery_enabled
+  }
+}
+
+# Butler Registry DP02
+module "db_butler_registry_dp02" {
+  source = "../../../../modules/cloudsql/postgres-private"
+  authorized_networks = [
+    {
+      "name" : "sample-gcp-health-checkers-range",
+      "value" : "130.211.0.0/28"
+    }
+  ]
+  database_version                = var.butler_registry_dp02_database_version
+  db_name                         = var.butler_registry_dp02_db_name
+  tier                            = var.butler_registry_dp02_tier
+  database_flags                  = var.butler_registry_dp02_database_flags
+  disk_size                       = var.butler_registry_dp02_disk_size
+  maintenance_window_day          = var.butler_registry_dp02_db_maintenance_window_day
+  maintenance_window_hour         = var.butler_registry_dp02_db_maintenance_window_hour
+  maintenance_window_update_track = var.butler_registry_dp02_db_maintenance_window_update_track
+  names                           = ["service-account"]
+  project_roles                   = ["${var.project_id}=>roles/cloudsql.client"]
+  project_id                      = var.project_id
+  vpc_network                     = var.network
+  ipv4_enabled                    = var.butler_registry_dp02_ipv4_enabled
+  require_ssl                     = var.butler_registry_dp02_require_ssl
+  deletion_protection             = true
 
   backup_configuration = {
-    enabled                        = var.backups_enabled
-    start_time                     = "09:00"
+    enabled                        = var.butler_registry_dp02_backups_enabled
+    start_time                     = var.butler_registry_dp02_backups_start_time
     location                       = "us-central1"
-    point_in_time_recovery_enabled = true
+    point_in_time_recovery_enabled = var.butler_registry_dp02_backups_point_in_time_recovery_enabled
   }
 }
 
@@ -73,27 +110,28 @@ data "google_compute_network" "network" {
   project = var.project_id
 }
 
+# Science Platform Database
 module "db_science_platform" {
   source = "../../../../modules/cloudsql/postgres-sql"
 
   authorized_networks             = []
-  database_version                = var.database_version
+  database_version                = var.science_platform_database_version
   db_name                         = "${var.application_name}-${var.environment}"
   deletion_protection             = true
   enable_default_db               = false
   enable_default_user             = false
-  maintenance_window_day          = var.db_maintenance_window_day
-  maintenance_window_hour         = var.db_maintenance_window_hour
-  maintenance_window_update_track = var.db_maintenance_window_update_track
+  maintenance_window_day          = var.science_platform_db_maintenance_window_day
+  maintenance_window_hour         = var.science_platform_db_maintenance_window_hour
+  maintenance_window_update_track = var.science_platform_db_maintenance_window_update_track
   project_id                      = var.project_id
   random_instance_name            = true
   ipv4_enabled                    = false
   private_network                 = data.google_compute_network.network.self_link
-  tier                            = var.database_tier
+  tier                            = var.science_platform_database_tier
 
   backup_configuration = {
-    enabled                        = var.backups_enabled
-    start_time                     = "09:00"
+    enabled                        = var.science_platform_backups_enabled
+    start_time                     = var.science_platform_backups_start_time
     location                       = "us-central1"
     point_in_time_recovery_enabled = false
   }

diff --git a/environment/deployments/science-platform/cloudsql/variables.tf b/environment/deployments/science-platform/cloudsql/variables.tf
@@ -19,24 +19,37 @@ variable "network" {
   default     = "custom-vpc"
 }
 
-variable "butler_db_name" {
+variable "butler_service_account" {
+  description = "Service account used for Butler GCS access"
+  type        = string
+  default     = "butler-gcs-butler-gcs-data-sa@data-curation-prod-fbdb.iam.gserviceaccount.com"
+}
+
+variable "maximum_cutouts_age" {
+  description = "Age of objects in days before deletion from the temporary cutouts bucket"
+  type        = number
+  default     = 30
+}
+
+// Butler Registry Originally Deployed with Google Cloud
+
+variable "butler_registry_db_name" {
   description = "The name of the SQL Database instance"
-  default     = "example-postgresql-public"
 }
 
-variable "butler_database_version" {
+variable "butler_registry_database_version" {
   description = "The database version to use for the Butler registry"
   type        = string
-  default     = "POSTGRES_12"
+  default     = "POSTGRES_16"
 }
 
-variable "butler_tier" {
-  description = "The tier for the master instance."
+variable "butler_registry_tier" {
+  description = "The tier for the instance."
   type        = string
   default     = "db-f1-micro"
 }
 
-variable "butler_database_flags" {
+variable "butler_registry_database_flags" {
   description = "List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags)"
   type = list(object({
     name  = string
@@ -45,62 +58,198 @@ variable "butler_database_flags" {
   default = []
 }
 
-variable "butler_require_ssl" {
+variable "butler_registry_disk_type" {
+  description = "The disk type for the master instance."
+  type        = string
+  default     = "PD_SSD"
+}
+
+variable "butler_registry_require_ssl" {
   description = "True if the instance should require SSL/TLS for users connecting over IP. Note: SSL/TLS is needed to provide security when you connect to Cloud SQL using IP addresses. If you are connecting to your instance only by using the Cloud SQL Proxy or the Java Socket Library, you do not need to configure your instance to use SSL/TLS."
   type        = bool
   default     = true
 }
 
-variable "butler_ipv4_enabled" {
+variable "butler_registry_ipv4_enabled" {
   type        = bool
   description = "True if enabling public IP on database"
   default     = false
 }
 
-variable "database_tier" {
+variable "butler_registry_database_tier" {
   description = "The tier for general database"
   type        = string
   default     = "db-g1-small"
 }
 
-variable "database_version" {
-  description = "The database version to use for the general database"
-  type        = string
-  default     = "POSTGRES_13"
-}
-
-variable "db_maintenance_window_day" {
+variable "butler_registry_db_maintenance_window_day" {
   type        = number
   description = "The day of week (1-7) for the master instance maintenance."
   default     = 1
 }
 
-variable "db_maintenance_window_hour" {
+variable "butler_registry_db_maintenance_window_hour" {
   type        = number
   description = "The hour of day (0-23) maintenance window for the master instance maintenance."
   default     = 23
 }
 
-variable "db_maintenance_window_update_track" {
+variable "butler_registry_db_maintenance_window_update_track" {
   type        = string
   description = "The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`."
   default     = "stable"
 }
 
-variable "backups_enabled" {
+variable "butler_registry_backups_enabled" {
   type        = bool
   description = "True if backup configuration is enabled"
   default     = false
 }
 
-variable "butler_service_account" {
-  description = "Service account used for Butler GCS access"
+variable "butler_registry_backups_start_time" {
   type        = string
-  default     = "butler-gcs-butler-gcs-data-sa@data-curation-prod-fbdb.iam.gserviceaccount.com"
+  description = "Start time for backups"
+  default     = "09:00"
 }
 
-variable "maximum_cutouts_age" {
-  description = "Age of objects in days before deletion from the temporary cutouts bucket"
+variable "butler_registry_backups_point_in_time_recovery_enabled" {
+  type        = bool
+  description = "Enable Point in Time Recovery for backups"
+  default     = true
+}
+
+// Butler Registry DP02 Database variables
+
+variable "butler_registry_dp02_db_name" {
+  description = "The name of the SQL Database instance"
+}
+
+variable "butler_registry_dp02_database_version" {
+  description = "The database version to use for the Butler registry"
+  type        = string
+  default     = "POSTGRES_16"
+}
+
+variable "butler_registry_dp02_tier" {
+  description = "The tier for the master instance."
+  type        = string
+  default     = "db-f1-micro"
+}
+
+variable "butler_registry_dp02_database_flags" {
+  description = "List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags)"
+  type = list(object({
+    name  = string
+    value = string
+  }))
+  default = []
+}
+
+variable "butler_registry_dp02_disk_size" {
+  description = "The disk size for the instance in GB.  This value is ignored after initial provisioning with a terraform lifecycle policy in Google module.  This is needed because of auto storage increase is enabled."
   type        = number
-  default     = 30
+}
+
+variable "butler_registry_dp02_disk_type" {
+  description = "The disk type for the instance."
+  type        = string
+  default     = "PD_SSD"
+}
+
+variable "butler_registry_dp02_require_ssl" {
+  description = "True if the instance should require SSL/TLS for users connecting over IP. Note: SSL/TLS is needed to provide security when you connect to Cloud SQL using IP addresses. If you are connecting to your instance only by using the Cloud SQL Proxy or the Java Socket Library, you do not need to configure your instance to use SSL/TLS."
+  type        = bool
+  default     = true
+}
+
+variable "butler_registry_dp02_ipv4_enabled" {
+  type        = bool
+  description = "True if enabling public IP on database"
+  default     = false
+}
+
+variable "butler_registry_dp02_database_tier" {
+  description = "The tier for general database"
+  type        = string
+  default     = "db-g1-small"
+}
+
+variable "butler_registry_dp02_db_maintenance_window_day" {
+  type        = number
+  description = "The day of week (1-7) for the instance maintenance."
+  default     = 1
+}
+
+variable "butler_registry_dp02_db_maintenance_window_hour" {
+  type        = number
+  description = "The hour of day (0-23) maintenance window for the instance maintenance."
+  default     = 23
+}
+
+variable "butler_registry_dp02_db_maintenance_window_update_track" {
+  type        = string
+  description = "The update track of maintenance window for the instance maintenance. Can be either `canary` or `stable`."
+  default     = "stable"
+}
+
+variable "butler_registry_dp02_backups_enabled" {
+  type        = bool
+  description = "True if backup configuration is enabled"
+  default     = false
+}
+
+variable "butler_registry_dp02_backups_start_time" {
+  type        = string
+  description = "Start time for backups"
+  default     = "09:00"
+}
+
+variable "butler_registry_dp02_backups_point_in_time_recovery_enabled" {
+  type        = bool
+  description = "Enable Point in Time Recovery for backups"
+  default     = true
+}
+
+// Science Platform Database variables
+
+variable "science_platform_database_version" {
+  description = "The database version to use for the Science Platform"
+  type        = string
+  default     = "POSTGRES_13"
+}
+
+variable "science_platform_database_tier" {
+  description = "The tier for general database"
+  type        = string
+  default     = "db-g1-small"
+}
+
+variable "science_platform_db_maintenance_window_day" {
+  type        = number
+  description = "The day of week (1-7) for the instance maintenance."
+  default     = 1
+}
+
+variable "science_platform_db_maintenance_window_hour" {
+  type        = number
+  description = "The hour of day (0-23) maintenance window for the instance maintenance."
+  default     = 23
+}
+
+variable "science_platform_db_maintenance_window_update_track" {
+  type        = string
+  description = "The update track of maintenance window for the instance maintenance. Can be either `canary` or `stable`."
+  default     = "stable"
+}
+
+variable "science_platform_backups_enabled" {
+  type        = bool
+  description = "True if backup configuration is enabled"
+  default     = false
+}
+
+variable "science_platform_backups_start_time" {
+  type        = string
+  description = "Start time for backups"
+  default     = "09:00"
 }