From e1ce7d2750a44e695293a27f4edcddd3dfd0f403 Mon Sep 17 00:00:00 2001 From: Vladimirs Kovalovs Date: Wed, 4 Sep 2024 10:18:09 +0100 Subject: [PATCH] [TM-452] create new clean DB and kept old --- .../oas/application_variables.json | 2 +- terraform/environments/oas/modules/rds/rds.tf | 58 +++++++++++++++++-- .../environments/oas/modules/rds/variables.tf | 8 +-- terraform/environments/oas/rds.tf | 10 ++++ 4 files changed, 68 insertions(+), 10 deletions(-) diff --git a/terraform/environments/oas/application_variables.json b/terraform/environments/oas/application_variables.json index 33894944572..f69aeae486e 100644 --- a/terraform/environments/oas/application_variables.json +++ b/terraform/environments/oas/application_variables.json @@ -29,7 +29,7 @@ "username": "sysdba", "db_password_rotation_period": 28, "license_model": "bring-your-own-license", - "rds_snapshot_name": "man-oas-migration-laws-3462-new", + "rds_snapshot_name": "firstdbsetup", "lz_vpc_cidr": "10.202.0.0/20", "deletion_protection": "false", "dashboard_widget_period": 60, diff --git a/terraform/environments/oas/modules/rds/rds.tf b/terraform/environments/oas/modules/rds/rds.tf index b47c44dab96..6249dc0870a 100644 --- a/terraform/environments/oas/modules/rds/rds.tf +++ b/terraform/environments/oas/modules/rds/rds.tf @@ -93,9 +93,54 @@ resource "aws_secretsmanager_secret_version" "rds_password_secret_version" { ) } -# RDS database +# RDS database with snapshot resource "aws_db_instance" "appdb1" { + allocated_storage = var.allocated_storage + db_name = upper(var.application_name) + identifier = "${var.identifier_name}-with-snapshot" + engine = var.engine + engine_version = var.engine_version + instance_class = var.instance_class + allow_major_version_upgrade = var.allow_major_version_upgrade + auto_minor_version_upgrade = var.auto_minor_version_upgrade + storage_type = var.storage_type + backup_retention_period = var.backup_retention_period + backup_window = var.backup_window + maintenance_window = var.maintenance_window + character_set_name = var.character_set_name + availability_zone = var.availability_zone + multi_az = var.multi_az + username = var.username + password = random_password.rds_password.result + vpc_security_group_ids = [aws_security_group.laalz-secgroup.id, aws_security_group.vpc-secgroup.id] + skip_final_snapshot = false + final_snapshot_identifier = "${var.application_name}-${formatdate("DDMMMYYYYhhmm", timestamp())}-finalsnapshot" + parameter_group_name = aws_db_parameter_group.appdbparametergroup19.name + option_group_name = aws_db_option_group.appdboptiongroup19.name + db_subnet_group_name = aws_db_subnet_group.appdbsubnetgroup.name + license_model = var.license_model + deletion_protection = var.deletion_protection + copy_tags_to_snapshot = true + storage_encrypted = true + apply_immediately = true + snapshot_identifier = var.rds_snapshot_arn + kms_key_id = var.rds_kms_key_arn + tags = merge( + var.tags, + { "Name" = "${var.application_name}-${var.environment}-database-with-snapshot" }, + { "instance-scheduling" = "skip-scheduling" } + ) + + timeouts { + create = "60m" + delete = "2h" + } +} + +# RDS database without snapshot + +resource "aws_db_instance" "appdb2" { allocated_storage = var.allocated_storage db_name = upper(var.application_name) identifier = var.identifier_name @@ -124,11 +169,10 @@ resource "aws_db_instance" "appdb1" { copy_tags_to_snapshot = true storage_encrypted = true apply_immediately = true - # snapshot_identifier = var.rds_snapshot_arn - kms_key_id = var.rds_kms_key_arn + kms_key_id = var.rds_kms_key_arn tags = merge( var.tags, - { "Name" = "${var.application_name}-${var.environment}-database" }, + { "Name" = "${var.application_name}-${var.environment}-database-without-snapshot" }, { "instance-scheduling" = "skip-scheduling" } ) @@ -202,6 +246,10 @@ resource "aws_security_group" "vpc-secgroup" { } } -output "rds_endpoint" { +output "rds_endpoint_with_snapshot" { value = aws_db_instance.appdb1.address } + +output "rds_endpoint" { + value = aws_db_instance.appdb2.address +} diff --git a/terraform/environments/oas/modules/rds/variables.tf b/terraform/environments/oas/modules/rds/variables.tf index 81aeb2c7be1..a24e82dadd9 100644 --- a/terraform/environments/oas/modules/rds/variables.tf +++ b/terraform/environments/oas/modules/rds/variables.tf @@ -98,10 +98,10 @@ variable "license_model" { description = "Licence Type for the RDS" } -# variable "rds_snapshot_arn" { -# type = string -# description = "RDS snapshot ARN to build database from" -# } +variable "rds_snapshot_arn" { + type = string + description = "RDS snapshot ARN to build database from" +} variable "rds_kms_key_arn" { type = string diff --git a/terraform/environments/oas/rds.tf b/terraform/environments/oas/rds.tf index e3152ecc791..f0473d6cffe 100644 --- a/terraform/environments/oas/rds.tf +++ b/terraform/environments/oas/rds.tf @@ -27,6 +27,7 @@ module "rds" { managementcidr = local.application_data.accounts[local.environment].managementcidr lz_vpc_cidr = local.application_data.accounts[local.environment].lz_vpc_cidr deletion_protection = local.application_data.accounts[local.environment].deletion_protection + rds_snapshot_arn = format("arn:aws:rds:eu-west-2:%s:snapshot:%s", data.aws_caller_identity.current.account_id, local.application_data.accounts[local.environment].rds_snapshot_name) rds_kms_key_arn = data.aws_kms_key.rds_shared.arn vpc_shared_id = data.aws_vpc.shared.id vpc_shared_cidr = data.aws_vpc.shared.cidr_block @@ -45,4 +46,13 @@ resource "aws_route53_record" "oas-rds" { records = [module.rds.rds_endpoint] } +resource "aws_route53_record" "oas-rds-old" { + provider = aws.core-vpc + zone_id = data.aws_route53_zone.external.zone_id + name = "rds-old.${local.application_name}.${data.aws_route53_zone.external.name}" + type = "CNAME" + ttl = 60 + records = [module.rds.rds_endpoint_with_snapshot] +} +