Skip to content

Commit

Permalink
DSOS-2195: update backup plans (#3513)
Browse files Browse the repository at this point in the history 
* add backup to CSR

* opt out of mod platform backup plan

* update backup for NCR

* add backup to NDH

* update planetfm backup plans

* add backup to oasys

* fmt

* whitespace

* add CSR test backup
  • Loading branch information
@drobinson-moj
drobinson-moj authored Sep 29, 2023
1 parent ebb215e commit 18b99b3
Show file tree
Hide file tree
Showing 12 changed files with 60 additions and 5 deletions.
1 change: 1 addition & 0 deletions terraform/environments/corporate-staff-rostering/locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ locals {

baseline_presets_options = {
enable_application_environment_wildcard_cert = false
enable_backup_plan_daily_and_weekly = true
enable_business_unit_kms_cmks = true
enable_image_builder = true
enable_ec2_cloud_watch_agent = true
Expand Down
12 changes: 12 additions & 0 deletions terraform/environments/corporate-staff-rostering/locals_preproduction.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ locals {
metadata_options_http_tokens = "optional" # the Oracle installer cannot accommodate a token
monitoring = true
vpc_security_group_ids = ["data-db"]
tags = {
backup-plan = "daily-and-weekly"
}
})

user_data_cloud_init = {
Expand Down Expand Up @@ -88,6 +91,9 @@ locals {
disable_api_termination = true
monitoring = true
vpc_security_group_ids = ["migration-web-sg", "domain-controller"]
tags = {
backup-plan = "daily-and-weekly"
}
})
ebs_volumes = {
"/dev/sda1" = { type = "gp3", size = 128 }
Expand All @@ -113,6 +119,9 @@ locals {
disable_api_termination = true
monitoring = true
vpc_security_group_ids = ["migration-web-sg", "domain-controller"]
tags = {
backup-plan = "daily-and-weekly"
}
})
ebs_volumes = {
"/dev/sda1" = { type = "gp3", size = 200 }
Expand All @@ -138,6 +147,9 @@ locals {
disable_api_termination = true
monitoring = true
vpc_security_group_ids = ["migration-web-sg", "domain-controller"]
tags = {
backup-plan = "daily-and-weekly"
}
})
ebs_volumes = {
"/dev/sda1" = { type = "gp3", size = 200 }
Expand Down
4 changes: 4 additions & 0 deletions terraform/environments/corporate-staff-rostering/locals_production.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,9 @@ locals {
metadata_options_http_tokens = "optional" # the Oracle installer cannot accommodate a token
monitoring = true
vpc_security_group_ids = ["data-db"]
tags = {
backup-plan = "daily-and-weekly"
}
})

user_data_cloud_init = {
Expand Down Expand Up @@ -71,6 +74,7 @@ locals {
os-type = "Linux"
component = "data"
server-type = "csr-db"
backup = "false" # opt out of mod platform default backup plan
}
}
}
Expand Down
9 changes: 9 additions & 0 deletions terraform/environments/corporate-staff-rostering/locals_test.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ locals {
metadata_options_http_tokens = "optional" # the Oracle installer cannot accommodate a token
monitoring = true
vpc_security_group_ids = ["data-db"]
tags = {
backup-plan = "daily-and-weekly"
}
})

user_data_cloud_init = {
Expand Down Expand Up @@ -112,6 +115,9 @@ locals {

instance = merge(module.baseline_presets.ec2_instance.instance.default, {
vpc_security_group_ids = ["migration-app-sg"]
tags = {
backup-plan = "daily-and-weekly"
}
})
ebs_volumes = {
"/dev/sda1" = { type = "gp3", size = 256 }
Expand All @@ -137,6 +143,9 @@ locals {

instance = merge(module.baseline_presets.ec2_instance.instance.default, {
vpc_security_group_ids = ["migration-app-sg"]
tags = {
backup-plan = "daily-and-weekly"
}
})
ebs_volumes = {
"/dev/sda1" = { type = "gp3", size = 256 }
Expand Down
1 change: 1 addition & 0 deletions terraform/environments/hmpps-oem/locals_oem.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ locals {

tags = {
ami = "hmpps_ol_8_5_oracledb_19c" # not including as hardening role seems to cause an issue
backup = "false" # opt out of mod platform default backup plan
component = "data"
instance-scheduling = "skip-scheduling"
server-type = "hmpps-oem"
Expand Down
1 change: 1 addition & 0 deletions terraform/environments/nomis-combined-reporting/locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ locals {
}
baseline_preset_options = {
enable_application_environment_wildcard_cert = false
enable_backup_plan_daily_and_weekly = true
enable_business_unit_kms_cmks = true
enable_image_builder = true
enable_ec2_cloud_watch_agent = true
Expand Down
7 changes: 6 additions & 1 deletion terraform/environments/nomis-combined-reporting/locals_bip.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,6 +102,10 @@ locals {
instance = merge(module.baseline_presets.ec2_instance.instance.default, {
instance_type = "t3.large"
vpc_security_group_ids = ["private"]

tags = {
backup-plan = "daily-and-weekly"
}
})

user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_and_ansible
Expand All @@ -123,10 +127,11 @@ locals {
tags = {
description = "ncr bip webtier component"
ami = "base_rhel_8_5"
backup = "false" # opt out of mod platform default backup plan
os-type = "Linux"
server-type = "ncr-bip"
component = "web"
}
}

}
}
15 changes: 13 additions & 2 deletions terraform/environments/nomis-data-hub/locals_test.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@ locals {
})
instance = merge(module.baseline_presets.ec2_instance.instance.default, {
vpc_security_group_ids = ["private"]
tags = {
backup-plan = "daily-and-weekly"
}
})
ebs_volumes = {
"/dev/sda1" = { type = "gp3", size = 100 }
Expand All @@ -28,7 +31,11 @@ locals {
config = merge(module.baseline_presets.ec2_instance.config.default, {
ami_name = "nomis_data_hub_rhel_7_9_app_release_2023-05-02T00-00-47.783Z"
})
instance = merge(module.baseline_presets.ec2_instance.instance.default, {})
instance = merge(module.baseline_presets.ec2_instance.instance.default, {
tags = {
backup-plan = "daily-and-weekly"
}
})
user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_and_ansible
tags = {
description = "Standalone EC2 for testing RHEL7.9 NDH App"
Expand All @@ -42,7 +49,11 @@ locals {
config = merge(module.baseline_presets.ec2_instance.config.default, {
ami_name = "nomis_data_hub_rhel_7_9_ems_test_2023-04-02T00-00-21.281Z"
})
instance = merge(module.baseline_presets.ec2_instance.instance.default, {})
instance = merge(module.baseline_presets.ec2_instance.instance.default, {
tags = {
backup-plan = "daily-and-weekly"
}
})
user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_and_ansible
tags = {
description = "Standalone EC2 for testing RHEL7.9 NDH ems"
Expand Down
11 changes: 10 additions & 1 deletion terraform/environments/oasys/locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,11 @@ locals {
ami_owner = "self"
availability_zone = "${local.region}a"
})
instance = module.baseline_presets.ec2_instance.instance.default_db
instance = merge(module.baseline_presets.ec2_instance.instance.default_db, {
tags = {
backup-plan = "daily-and-weekly"
}
})
autoscaling_schedules = {}
autoscaling_group = module.baseline_presets.ec2_autoscaling_group.default
user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags
Expand Down Expand Up @@ -177,6 +181,7 @@ locals {
# Example target group setup below
lb_target_groups = {}
tags = {
backup = "false" # opt out of mod platform default backup plan
component = "data"
oracle-sids = "OASPROD BIPINFRA"
os-type = "Linux"
Expand Down Expand Up @@ -209,13 +214,17 @@ locals {
instance_type = "t3.xlarge"
monitoring = true
vpc_security_group_ids = ["bip"]
tags = {
backup-plan = "daily-and-weekly"
}
})
cloudwatch_metric_alarms = {}
user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags
autoscaling_schedules = module.baseline_presets.ec2_autoscaling_schedules.working_hours
autoscaling_group = module.baseline_presets.ec2_autoscaling_group.default
lb_target_groups = {}
tags = {
backup = "false" # opt out of mod platform default backup plan
component = "bip"
description = "${local.environment} ${local.application_name} bip"
os-type = "Linux"
Expand Down
2 changes: 1 addition & 1 deletion terraform/environments/oasys/locals_preproduction.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ locals {

baseline_ec2_autoscaling_groups = {
"pp-${local.application_name}-db-a" = merge(local.database_a, {
user_data_cloud_init = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags, {
user_data_cloud_init = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags, {
args = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags.args, {
branch = "main"
})
Expand Down
1 change: 1 addition & 0 deletions terraform/environments/oasys/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ module "baseline_presets" {
cloudwatch_log_groups = null
cloudwatch_metric_alarms_default_actions = ["dso_pagerduty"]
enable_application_environment_wildcard_cert = true
enable_backup_plan_daily_and_weekly = true
enable_business_unit_kms_cmks = true
enable_image_builder = true
enable_ec2_cloud_watch_agent = true
Expand Down
1 change: 1 addition & 0 deletions terraform/environments/planetfm/locals.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ locals {

baseline_presets_options = {
enable_application_environment_wildcard_cert = false
enable_backup_plan_daily_and_weekly = true
enable_business_unit_kms_cmks = true
enable_image_builder = true
enable_ec2_cloud_watch_agent = true
Expand Down

0 comments on commit 18b99b3

Please sign in to comment.