From 701bd319b1696b2f47c42de4944f4b5653eb0707 Mon Sep 17 00:00:00 2001 From: dspeck1 Date: Thu, 12 Sep 2024 11:33:14 -0500 Subject: [PATCH] Removes existing butler registry that not in use and replaces with butler dp02 registry. Changes structure to support multiple butler registries in the future and to seperate the variables for the science platform database. --- .../science-platform/cloudsql/main.tf | 50 ++++---- .../science-platform/cloudsql/variables.tf | 109 ++++++++++++++---- .../science-platform/env/dev-cloudsql.tfvars | 33 ++++-- 3 files changed, 135 insertions(+), 57 deletions(-) diff --git a/environment/deployments/science-platform/cloudsql/main.tf b/environment/deployments/science-platform/cloudsql/main.tf index a3a3f251..5435cbd8 100644 --- a/environment/deployments/science-platform/cloudsql/main.tf +++ b/environment/deployments/science-platform/cloudsql/main.tf @@ -1,4 +1,5 @@ -module "private-postgres" { +# Butler Registry DP02 +module "db_butler_registry_dp02" { source = "../../../../modules/cloudsql/postgres-private" authorized_networks = [ { @@ -6,23 +7,27 @@ module "private-postgres" { "value" : "130.211.0.0/28" } ] - database_version = var.butler_database_version - db_name = var.butler_db_name - tier = var.butler_tier - database_flags = var.butler_database_flags - names = ["service-account"] - project_roles = ["${var.project_id}=>roles/cloudsql.client"] - project_id = var.project_id - vpc_network = var.network - ipv4_enabled = var.butler_ipv4_enabled - require_ssl = var.butler_require_ssl - deletion_protection = true + database_version = var.butler_registry_dp02_database_version + db_name = var.butler_registry_dp02_db_name + tier = var.butler_registry_dp02_tier + database_flags = var.butler_registry_dp02_database_flags + disk_size = var.butler_registry_dp02_disk_size + maintenance_window_day = var.butler_registry_dp02_db_maintenance_window_day + maintenance_window_hour = var.butler_registry_dp02_db_maintenance_window_hour + maintenance_window_update_track = var.butler_registry_dp02_db_maintenance_window_update_track + names = ["service-account"] + project_roles = ["${var.project_id}=>roles/cloudsql.client"] + project_id = var.project_id + vpc_network = var.network + ipv4_enabled = var.butler_registry_dp02_ipv4_enabled + require_ssl = var.butler_registry_dp02_require_ssl + deletion_protection = true backup_configuration = { - enabled = var.backups_enabled - start_time = "09:00" + enabled = var.butler_registry_dp02_backups_enabled + start_time = var.butler_registry_dp02_backups_start_time location = "us-central1" - point_in_time_recovery_enabled = true + point_in_time_recovery_enabled = var.butler_registry_dp02_backups_point_in_time_recovery_enabled } } @@ -73,27 +78,28 @@ data "google_compute_network" "network" { project = var.project_id } +# Science Platform Database module "db_science_platform" { source = "../../../../modules/cloudsql/postgres-sql" authorized_networks = [] - database_version = var.database_version + database_version = var.science_platform_database_version db_name = "${var.application_name}-${var.environment}" deletion_protection = true enable_default_db = false enable_default_user = false - maintenance_window_day = var.db_maintenance_window_day - maintenance_window_hour = var.db_maintenance_window_hour - maintenance_window_update_track = var.db_maintenance_window_update_track + maintenance_window_day = var.science_platform_db_maintenance_window_day + maintenance_window_hour = var.science_platform_db_maintenance_window_hour + maintenance_window_update_track = var.science_platform_db_maintenance_window_update_track project_id = var.project_id random_instance_name = true ipv4_enabled = false private_network = data.google_compute_network.network.self_link - tier = var.database_tier + tier = var.science_platform_database_tier backup_configuration = { - enabled = var.backups_enabled - start_time = "09:00" + enabled = var.science_platform_backups_enabled + start_time = var.science_platform_backups_start_time location = "us-central1" point_in_time_recovery_enabled = false } diff --git a/environment/deployments/science-platform/cloudsql/variables.tf b/environment/deployments/science-platform/cloudsql/variables.tf index d808d6f9..eb0326bf 100644 --- a/environment/deployments/science-platform/cloudsql/variables.tf +++ b/environment/deployments/science-platform/cloudsql/variables.tf @@ -19,24 +19,38 @@ variable "network" { default = "custom-vpc" } -variable "butler_db_name" { +variable "butler_service_account" { + description = "Service account used for Butler GCS access" + type = string + default = "butler-gcs-butler-gcs-data-sa@data-curation-prod-fbdb.iam.gserviceaccount.com" +} + +variable "maximum_cutouts_age" { + description = "Age of objects in days before deletion from the temporary cutouts bucket" + type = number + default = 30 +} + +// Butler Registry DP02 Database variables + +variable "butler_registry_dp02_db_name" { description = "The name of the SQL Database instance" default = "example-postgresql-public" } -variable "butler_database_version" { +variable "butler_registry_dp02_database_version" { description = "The database version to use for the Butler registry" type = string - default = "POSTGRES_12" + default = "POSTGRES_16" } -variable "butler_tier" { +variable "butler_registry_dp02_tier" { description = "The tier for the master instance." type = string default = "db-f1-micro" } -variable "butler_database_flags" { +variable "butler_registry_dp02_database_flags" { description = "List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags)" type = list(object({ name = string @@ -45,62 +59,111 @@ variable "butler_database_flags" { default = [] } -variable "butler_require_ssl" { +variable "butler_registry_dp02_disk_size" { + description = "The disk size for the instance" + type = number +} + +variable "butler_registry_dp02_disk_type" { + description = "The disk type for the master instance." + type = string + default = "PD_SSD" +} + +variable "butler_registry_dp02_require_ssl" { description = "True if the instance should require SSL/TLS for users connecting over IP. Note: SSL/TLS is needed to provide security when you connect to Cloud SQL using IP addresses. If you are connecting to your instance only by using the Cloud SQL Proxy or the Java Socket Library, you do not need to configure your instance to use SSL/TLS." type = bool default = true } -variable "butler_ipv4_enabled" { +variable "butler_registry_dp02_ipv4_enabled" { type = bool description = "True if enabling public IP on database" default = false } -variable "database_tier" { +variable "butler_registry_dp02_database_tier" { description = "The tier for general database" type = string default = "db-g1-small" } -variable "database_version" { - description = "The database version to use for the general database" +variable "butler_registry_dp02_db_maintenance_window_day" { + type = number + description = "The day of week (1-7) for the master instance maintenance." + default = 1 +} + +variable "butler_registry_dp02_db_maintenance_window_hour" { + type = number + description = "The hour of day (0-23) maintenance window for the master instance maintenance." + default = 23 +} + +variable "butler_registry_dp02_db_maintenance_window_update_track" { + type = string + description = "The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`." + default = "stable" +} + +variable "butler_registry_dp02_backups_enabled" { + type = bool + description = "True if backup configuration is enabled" + default = false +} + +variable "butler_registry_dp02_backups_start_time" { + type = string + description = "Start time for backups" + default = "09:00" +} + +variable "butler_registry_dp02_backups_point_in_time_recovery_enabled" { + type = bool + description = "Enable Point in Time Recovery for backups" + default = true +} + +// Science Platform Database variables + +variable "science_platform_database_version" { + description = "The database version to use for the Science Platform" type = string default = "POSTGRES_13" } -variable "db_maintenance_window_day" { +variable "science_platform_database_tier" { + description = "The tier for general database" + type = string + default = "db-g1-small" +} + +variable "science_platform_db_maintenance_window_day" { type = number description = "The day of week (1-7) for the master instance maintenance." default = 1 } -variable "db_maintenance_window_hour" { +variable "science_platform_db_maintenance_window_hour" { type = number description = "The hour of day (0-23) maintenance window for the master instance maintenance." default = 23 } -variable "db_maintenance_window_update_track" { +variable "science_platform_db_maintenance_window_update_track" { type = string description = "The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`." default = "stable" } -variable "backups_enabled" { +variable "science_platform_backups_enabled" { type = bool description = "True if backup configuration is enabled" default = false } -variable "butler_service_account" { - description = "Service account used for Butler GCS access" +variable "science_platform_backups_start_time" { type = string - default = "butler-gcs-butler-gcs-data-sa@data-curation-prod-fbdb.iam.gserviceaccount.com" -} - -variable "maximum_cutouts_age" { - description = "Age of objects in days before deletion from the temporary cutouts bucket" - type = number - default = 30 + description = "Start time for backups" + default = "09:00" } diff --git a/environment/deployments/science-platform/env/dev-cloudsql.tfvars b/environment/deployments/science-platform/env/dev-cloudsql.tfvars index e14aa6fb..f64742d5 100644 --- a/environment/deployments/science-platform/env/dev-cloudsql.tfvars +++ b/environment/deployments/science-platform/env/dev-cloudsql.tfvars @@ -3,20 +3,29 @@ environment = "dev" application_name = "science-platform" project_id = "science-platform-dev-7696" -# Butler database -butler_db_name = "butler-registry-dev" -butler_require_ssl = false -butler_database_flags = [ +# Butler Registry DP02 Database +butler_db_name = "butler-registry-dp02-dev" +butler_registry_dpo02_database_version = "POSTGRES_16" +butler_registry_dp02_tier = "db-n1-standard-2" +butler_registry_dp02_require_ssl = false +butler_registry_dp02_disk_size = 700 +butler_registry_dp02_database_flags = [ + { name = "max_connections", value = "400" }, { name = "password_encryption", value = "scram-sha-256" } ] -butler_database_version = "POSTGRES_13" -butler_ipv4_enabled = true +butler_registry_dp02_ipv4_enabled = true +butler_registry_dp02_db_maintenance_window_day = 1 +butler_registry_dp02_db_maintenance_window_hour = 23 +butler_registry_dp02_db_maintenance_window_update_track = "stable" +butler_registry_dp02_backups_enabled = false +butler_registry_dp02_backups_point_in_time_recovery_enabled = false -# General database -db_maintenance_window_day = 1 -db_maintenance_window_hour = 22 -db_maintenance_window_update_track = "canary" -backups_enabled = true +# Science Platform Database + +science_platform_maintenance_window_day = 1 +science_platform_db_maintenance_window_hour = 22 +science_platform_db_maintenance_window_update_track = "canary" +science_platform_backups_enabled = true # Increase this number to force Terraform to update the dev environment. -# Serial: 14 +# Serial: 16