Upgrade aws-rds broker DB versions #1187
Comments
siennathesane
added
the
unprioritized
karareinsel
removed
the
unprioritized
|
Have until 2/14/2020 until this increases in urgency. Address in this sprint or next sprint (sprint 20.2.7). |
siennathesane
added
the
operations
|
OK, so I didn't read the original message closely enough, and assumed that this applied to all postgres RDS instances created by the aws-rds broker. Instead, this is only for the So the good news is that new dedicated psql instances are created with whatever the latest AWS version is. The bad news is that is looks like our shared RDS instance is likely going to be automatically upgraded out from under us at any moment:
|
|
Why would someone choose How many folks do we have there? Would it be easier to get people to move away from this? |
|
are the non-shared instances available in sandboxes? |
|
I can confirm that we are allowing the creation of non-shared databases in the sandbox spaces. If you think it's fine to tell users to move to dedicated instances (and shut down the creation of new shared ones), then that's probably easier. |
|
@eddietejeda it might make sense to move folks off this, but it wouldn't get us out of this upgrade. |
|
If not needed, let's get deprecate. |
|
I think that's something special with gsa sandboxes after more looking - the sandbox-gsa org has |
|
Consideration: If sandboxes are using their own DB, would the DB be deleted once sandbox trial period is over? |
|
@bengerman13 is mostly correct: we definitely need to put this fire out before we can do anything else, and removing the shared plans will take 180 days. However, the plan of action is to upgrade everything to Postgres 9.5, which doesn't EOL for another year. That's the smallest change we're forced to make, and should disrupt our current users the least. But we still need to get to an actually current version of PgSQL (11), which means we'll have to run two shared RDS instances (one at 11, and one at 9.5). We'll need to modify the plans and possibly broker code to work between them. At that point, I'd rather just kill the shared plan altogether. So I suggest we continue upgrading the shared plans to 9.5, and start the shared-psql (and shared-mysql?) deprecation process at the same time. |
@eddietejeda yes they will, when you delete a space in CF, you can opt into force deleting their child resources (aka databases). |
|
This is merged as part of cloud-gov/aws-broker#55, and has gone through the pipeline to prod. |
|
Customer during office hours pointed out Postgres was showing version 9.4.20. Confirmed with https://github.com/18F/aws-broker/blob/fb644c38f51104fe0b1b72d7e3e0c896fec39922/ci/pipeline.yml#L442-L491 |
|
Confirmed that shared in dev is at 9.5.15. |
|
I've hit a known issue in upgrading RDS via terraform going back to 2017, and continuing to as recently as Jan 8, 2020:
The upshot is that some manual work is required alongside the terraform run. I'm going to want to ensure we understand exactly what the flow is before proceeding. One comment implied we could reboot the RDS instance and re-apply. |
|
The maintenance window has been moved to Tuesday, March 10th, due to an incident that was in play on Tuesday, March 3rd. |
In order to deploy supported PostgreSQL versions, the aws-rds broker needs to deploy supported versions.
This is the notification we received from a customer
It aligns with the PostgreSQL version support: https://www.postgresql.org/support/versioning/
Prep:
Shared DBs:
Internal DBs:
During the maintenance window at 10:30 am PT on March 10th:
Security considerations
Will eventually pull in all updates and CVEs from major upgrades.
The text was updated successfully, but these errors were encountered: