Skip to content

Commit

Permalink
DSOS-2667: prepare syscon rebuild (#5380)
Browse files Browse the repository at this point in the history 
* DSOS-2667: prepare syscon rebuild

* add qa11r weblogic

* fix
  • Loading branch information
@drobinson-moj
drobinson-moj authored Mar 15, 2024
1 parent b0cf4ef commit 91f4aca
Showing 1 changed file with 153 additions and 114 deletions.
267 changes: 153 additions & 114 deletions terraform/environments/nomis/locals_development.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,38 @@ locals {
}

baseline_iam_policies = {
Ec2DevWeblogicPolicy = {
description = "Permissions required for dev Weblogic EC2s"
statements = [
{
effect = "Allow"
actions = [
"secretsmanager:GetSecretValue",
"secretsmanager:PutSecretValue",
]
resources = [
"arn:aws:secretsmanager:*:*:secret:/oracle/weblogic/dev/*",
"arn:aws:secretsmanager:*:*:secret:/oracle/database/dev/weblogic-*",
]
}
]
}
Ec2Qa11GWeblogicPolicy = {
description = "Permissions required for QA11G Weblogic EC2s"
statements = [
{
effect = "Allow"
actions = [
"secretsmanager:GetSecretValue",
"secretsmanager:PutSecretValue",
]
resources = [
"arn:aws:secretsmanager:*:*:secret:/oracle/weblogic/qa11g/*",
"arn:aws:secretsmanager:*:*:secret:/oracle/database/qa11g/weblogic-*",
]
}
]
}
Ec2Qa11RWeblogicPolicy = {
description = "Permissions required for QA11R Weblogic EC2s"
statements = [
Expand All @@ -73,6 +105,10 @@ locals {
}

baseline_secretsmanager_secrets = {
"/oracle/weblogic/dev" = local.weblogic_secretsmanager_secrets
"/oracle/database/dev" = local.database_nomis_secretsmanager_secrets
"/oracle/weblogic/qa11g" = local.weblogic_secretsmanager_secrets
"/oracle/database/qa11g" = local.database_nomis_secretsmanager_secrets
"/oracle/weblogic/qa11r" = local.weblogic_secretsmanager_secrets
"/oracle/database/qa11r" = local.database_nomis_secretsmanager_secrets
}
Expand Down Expand Up @@ -226,69 +262,25 @@ locals {
}))
})
})

qa11r-nomis-web-a = merge(local.weblogic_ec2, {
autoscaling_group = merge(local.weblogic_ec2.autoscaling_group, {
desired_capacity = 0
})
cloudwatch_metric_alarms = {}
config = merge(local.weblogic_ec2.config, {
ami_name = "nomis_rhel_6_10_weblogic_appserver_10_3_release_*"
instance_profile_policies = concat(local.weblogic_ec2.config.instance_profile_policies, [
"Ec2Qa11RWeblogicPolicy",
])
})
instance = merge(local.weblogic_ec2.instance, {
instance_type = "t2.large"
})
user_data_cloud_init = merge(local.weblogic_ec2.user_data_cloud_init, {
args = merge(local.weblogic_ec2.user_data_cloud_init.args, {
branch = "main"
})
})
tags = merge(local.weblogic_ec2.tags, {
nomis-environment = "qa11r"
oracle-db-hostname-a = "SDPDL0001.azure.noms.root"
oracle-db-hostname-b = "none"
oracle-db-name = "qa11r"
deployment = "blue"
})
})

qa11r-nomis-web-b = merge(local.weblogic_ec2, {
autoscaling_group = merge(local.weblogic_ec2.autoscaling_group, {
desired_capacity = 1
})
cloudwatch_metric_alarms = {}
config = merge(local.weblogic_ec2.config, {
ami_name = "nomis_rhel_6_10_weblogic_appserver_10_3_release_2023-03-15T17-18-22.178Z"
instance_profile_policies = concat(local.weblogic_ec2.config.instance_profile_policies, [
"Ec2Qa11RWeblogicPolicy",
])
})
instance = merge(local.weblogic_ec2.instance, {
instance_type = "t2.large"
})
user_data_cloud_init = merge(local.weblogic_ec2.user_data_cloud_init, {
args = merge(local.weblogic_ec2.user_data_cloud_init.args, {
branch = "main"
})
})
tags = merge(local.weblogic_ec2.tags, {
nomis-environment = "qa11r"
oracle-db-hostname-a = "SDPDL0001.azure.noms.root"
oracle-db-hostname-b = "none"
oracle-db-name = "qa11r"
deployment = "green"
})
})
}

baseline_ec2_instances = {

# SDPDL0001 Standard DS12 v2 (4 vcpus, 28 GiB memory) [18GiB free] [3 x 512] [r6i.xlarge 4/32]
# SDPWL0001 Standard D2 v2 (2 vcpus, 7 GiB memory) (RHEL6) [t2.large 2/8]
# SDPWL0002 Standard D2 v2 (2 vcpus, 7 GiB memory) (RHEL6) [t2.large]
# SDPWL0003 Standard D2 v2 (2 vcpus, 7 GiB memory) (RHEL6) [t2.large]
# SDPNL0001 Standard D2 v2 (2 vcpus, 7 GiB memory) (RHEL7) [t3.medium]

#dev-nomis-db-1-a = merge(local.database_ec2, {
# config = merge(local.database_ec2.config, {
# ami_name = "nomis_rhel_7_9_oracledb_11_2_release_2023-06-23T16-28-48.100Z"
# availability_zone = "${local.region}a"
# instance_profile_policies = concat(local.weblogic_ec2.config.instance_profile_policies, [
# "Ec2DevWeblogicPolicy",
# "Ec2Qa11GWeblogicPolicy",
# "Ec2Qa11RWeblogicPolicy",
# ])
# })
# ebs_volumes = merge(local.database_ec2.ebs_volumes, {
# "/dev/sdb" = { label = "app", size = 100 }
Expand All @@ -304,6 +296,80 @@ locals {
# oracle-sids = ""
# })
#})

# dev-nomis-web-a = merge(local.weblogic_ec2, {
# cloudwatch_metric_alarms = {}
# config = merge(local.weblogic_ec2.config, {
# ami_name = "nomis_rhel_6_10_weblogic_appserver_10_3_release_*"
# availability_zone = "${local.region}a"
# instance_profile_policies = concat(local.weblogic_ec2.config.instance_profile_policies, [
# "Ec2DevWeblogicPolicy",
# ])
# })
# instance = merge(local.weblogic_ec2.instance, {
# instance_type = "t2.large"
# })
# user_data_cloud_init = merge(local.weblogic_ec2.user_data_cloud_init, {
# args = merge(local.weblogic_ec2.user_data_cloud_init.args, {
# branch = "main"
# })
# })
# tags = merge(local.weblogic_ec2.tags, {
# nomis-environment = "dev"
# oracle-db-hostname-a = "SDPDL0001.azure.noms.root"
# oracle-db-hostname-b = "none"
# oracle-db-name = "dev"
# })
# })

# qa11g-nomis-web-b = merge(local.weblogic_ec2, {
# cloudwatch_metric_alarms = {}
# config = merge(local.weblogic_ec2.config, {
# ami_name = "nomis_rhel_6_10_weblogic_appserver_10_3_release_*"
# availability_zone = "${local.region}b"
# instance_profile_policies = concat(local.weblogic_ec2.config.instance_profile_policies, [
# "Ec2Qa11GWeblogicPolicy",
# ])
# })
# instance = merge(local.weblogic_ec2.instance, {
# instance_type = "t2.large"
# })
# user_data_cloud_init = merge(local.weblogic_ec2.user_data_cloud_init, {
# args = merge(local.weblogic_ec2.user_data_cloud_init.args, {
# branch = "main"
# })
# })
# tags = merge(local.weblogic_ec2.tags, {
# nomis-environment = "qa11g"
# oracle-db-hostname-a = "SDPDL0001.azure.noms.root"
# oracle-db-hostname-b = "none"
# oracle-db-name = "qa11g"
# })
# })

qa11r-nomis-web-a = merge(local.weblogic_ec2, {
cloudwatch_metric_alarms = {}
config = merge(local.weblogic_ec2.config, {
availability_zone = "${local.region}a"
instance_profile_policies = concat(local.weblogic_ec2.config.instance_profile_policies, [
"Ec2Qa11RWeblogicPolicy",
])
})
instance = merge(local.weblogic_ec2.instance, {
instance_type = "t2.large"
})
user_data_cloud_init = merge(local.weblogic_ec2.user_data_cloud_init, {
args = merge(local.weblogic_ec2.user_data_cloud_init.args, {
branch = "main"
})
})
tags = merge(local.weblogic_ec2.tags, {
nomis-environment = "qa11r"
oracle-db-hostname-a = "SDPDL0001.azure.noms.root"
oracle-db-hostname-b = "none"
oracle-db-name = "qa11r"
})
})
}

baseline_lbs = {
Expand All @@ -321,69 +387,42 @@ locals {

http7777 = merge(local.weblogic_lb_listeners.http7777, {
rules = {
qa11r-nomis-web-a = {
priority = 300
actions = [{
type = "forward"
target_group_name = "qa11r-nomis-web-a-http-7777"
}]
conditions = [{
host_header = {
values = [
"qa11r-nomis-web-a.development.nomis.service.justice.gov.uk",
]
}
}]
}
qa11r-nomis-web-b = {
priority = 400
actions = [{
type = "forward"
target_group_name = "qa11r-nomis-web-b-http-7777"
}]
conditions = [{
host_header = {
values = [
"qa11r-nomis-web-b.development.nomis.service.justice.gov.uk",
"c-qa11r.development.nomis.service.justice.gov.uk",
]
}
}]
}
# qa11r-nomis-web-a = {
# priority = 300
# actions = [{
# type = "forward"
# target_group_name = "qa11r-nomis-web-a-http-7777"
#  }]
# conditions = [{
# host_header = {
#  values = [
# "qa11r-nomis-web-a.development.nomis.service.justice.gov.uk",
# "c-qa11r.development.nomis.service.justice.gov.uk",
#  ]
# }
# }]
# }
}
})

https = merge(local.weblogic_lb_listeners.https, {
rules = {
qa11r-nomis-web-a-http-7777 = {
priority = 300
actions = [{
type = "forward"
target_group_name = "qa11r-nomis-web-a-http-7777"
}]
conditions = [{
host_header = {
values = [
"qa11r-nomis-web-a.development.nomis.service.justice.gov.uk",
]
}
}]
}
qa11r-nomis-web-b-http-7777 = {
priority = 450
actions = [{
type = "forward"
target_group_name = "qa11r-nomis-web-b-http-7777"
}]
conditions = [{
host_header = {
values = [
"qa11r-nomis-web-b.development.nomis.service.justice.gov.uk",
"c-qa11r.development.nomis.service.justice.gov.uk",
]
}
}]
}
# qa11r-nomis-web-a-http-7777 = {
#  priority = 300
# actions = [{
#   type = "forward"
# target_group_name = "qa11r-nomis-web-a-http-7777"
#  }]
# conditions = [{
# host_header = {
# values = [
# "qa11r-nomis-web-a.development.nomis.service.justice.gov.uk",
# "c-qa11r.development.nomis.service.justice.gov.uk",
# ]
#  }
# }]
# }
# }
}
})
}
Expand Down

0 comments on commit 91f4aca

Please sign in to comment.