Skip to content

Latest commit

 

History

History
416 lines (354 loc) · 17.2 KB

README.md

File metadata and controls

416 lines (354 loc) · 17.2 KB

Terraform Module Database

Terraform module to create Digitalocean database service resource on Digitalocean.

Latest Release tfsec Licence


We eat, drink, sleep and most importantly love DevOps. We are working towards strategies for standardizing architecture while ensuring security for the infrastructure. We are strong believer of the philosophy Bigger problems are always solved by breaking them into smaller manageable problems. Resonating with microservices architecture, it is considered best-practice to run database, cluster, storage in smaller connected yet manageable pieces within the infrastructure.

This module is basically combination of Terraform open source and includes automatation tests and examples. It also helps to create and improve your infrastructure with minimalistic code instead of maintaining the whole infrastructure code yourself.

We have fifty plus terraform modules. A few of them are comepleted and are available for open source usage while a few others are in progress.

Prerequisites

This module has a few dependencies:

Examples

IMPORTANT: Since the master branch used in source varies based on new modifications, we suggest that you use the release versions here.

Here are examples of how you can use this module in your inventory structure:

basic example

    module "mysql" {
    source                       = "terraform-do-modules/database/digitalocean"
    version                      = "1.0.0"
    name                         = "app"
    environment                  = "test"
    region                       = "blr1"
    cluster_engine               = "redis"
    cluster_version              = "6"
    cluster_size                 = "db-s-1vcpu-1gb"
    cluster_node_count           = 1
    cluster_private_network_uuid = module.vpc.id
    redis_eviction_policy        = "volatile_lru"
    cluster_maintenance = {
      maintenance_hour = "02:00:00"
      maintenance_day  = "saturday"
    }
    create_firewall = false
    firewall_rules = [
      {
        type  = "ip_addr"
        value = "192.168.1.1"
      }
    ]
  }

complete example

    module "mysql" {
    source                       = "terraform-do-modules/database/digitalocean"
    version                      = "1.0.0"
    name                         = "app"
    environment                  = "test"
    region                       = "blr1"
    cluster_engine               = "mysql"
    cluster_version              = "8"
    cluster_size                 = "db-s-1vcpu-1gb"
    cluster_node_count           = 1
    cluster_private_network_uuid = module.vpc.id
    mysql_sql_mode               = "ANSI,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,STRICT_ALL_TABLES,ALLOW_INVALID_DATES"
    cluster_maintenance = {
      maintenance_hour = "02:00:00"
      maintenance_day  = "saturday"
    }
    databases = ["testdb"]

    users = [
      {
        name              = "test",
        mysql_auth_plugin = "mysql_native_password"
      }
    ]

    create_firewall = false
    firewall_rules = [
      {
        type  = "ip_addr"
        value = "0.0.0.0"
      }
    ]
  }

mongodb example

    module "mongodb" {
    source                       = "terraform-do-modules/database/digitalocean"
    version                      = "1.0.0"
    name                         = "app"
    environment                  = "test"
    region                       = "blr1"
    cluster_engine               = "mongodb"
    cluster_version              = "6"
    cluster_size                 = "db-s-1vcpu-1gb"
    cluster_node_count           = 1
    cluster_private_network_uuid = module.vpc.id
    cluster_maintenance = {
      maintenance_hour = "02:00:00"
      maintenance_day  = "saturday"
    }
    databases = ["testdb"]
    users = [
      {
        name = "test"
      }
    ]

    create_firewall = false
    firewall_rules = [
      {
        type  = "ip_addr"
        value = "0.0.0.0"
      }
    ]
  }

mysql example

    module "mysql" {
    source                       = "terraform-do-modules/database/digitalocean"
    version                      = "1.0.0"
    name                         = "app"
    environment                  = "test"
    region                       = "blr1"
    cluster_engine               = "mysql"
    cluster_version              = "8"
    cluster_size                 = "db-s-1vcpu-1gb"
    cluster_node_count           = 1
    cluster_private_network_uuid = module.vpc.id
    mysql_sql_mode               = "ANSI,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,STRICT_ALL_TABLES,ALLOW_INVALID_DATES"
    cluster_maintenance = {
      maintenance_hour = "02:00:00"
      maintenance_day  = "saturday"
    }
    databases = ["testdb"]

    users = [
      {
        name              = "test",
        mysql_auth_plugin = "mysql_native_password"
      }
    ]

    create_firewall = false
    firewall_rules = [
      {
        type  = "ip_addr"
        value = "0.0.0.0"
      }
    ]
  }

postgresql example

    module "postgresql" {
    source                       = "terraform-do-modules/database/digitalocean"
    version                      = "1.0.0"
    name                         = "app"
    environment                  = "test"
    region                       = "blr1"
    cluster_engine               = "pg"
    cluster_version              = "15"
    cluster_size                 = "db-s-1vcpu-1gb"
    cluster_node_count           = 1
    cluster_private_network_uuid = module.vpc.id
    cluster_maintenance = {
      maintenance_hour = "02:00:00"
      maintenance_day  = "saturday"
    }
    databases = ["testdb"]
    users = [
      {
        name = "test"
      }
    ]

    create_pools = true
    pools = [
      {
        name    = "test",
        mode    = "transaction",
        size    = 10,
        db_name = "testdb",
        user    = "test"
      }
    ]

    create_firewall = false
    firewall_rules = [
      {
        type  = "ip_addr"
        value = "0.0.0.0"
      }
    ]
  }

redis example

    module "redis" {
    source                       = "terraform-do-modules/database/digitalocean"
    version                      = "1.0.0"
    name                         = "app"
    environment                  = "test"
    region                       = "blr1"
    cluster_engine               = "redis"
    cluster_version              = "6"
    cluster_size                 = "db-s-1vcpu-1gb"
    cluster_node_count           = 1
    cluster_private_network_uuid = module.vpc.id
    redis_eviction_policy        = "volatile_lru"
    cluster_maintenance = {
      maintenance_hour = "02:00:00"
      maintenance_day  = "saturday"
    }
    create_firewall = false
    firewall_rules = [
      {
        type  = "ip_addr"
        value = "192.168.1.1"
      }
    ]
  }

database replica example

    module "redis" {
    source                       = "terraform-do-modules/database/digitalocean"
    version                      = "1.0.0"
    name                         = "app"
    environment                  = "test"
    region                       = "blr1"
    cluster_engine               = "mysql"
    cluster_version              = "8"
    cluster_size                 = "db-s-1vcpu-1gb"
    cluster_node_count           = 1
    cluster_private_network_uuid = module.vpc.id
    mysql_sql_mode               = "ANSI,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,STRICT_ALL_TABLES,ALLOW_INVALID_DATES"
    cluster_maintenance = {
      maintenance_hour = "02:00:00"
      maintenance_day  = "saturday"
    }
    databases = ["testdb", "testdbt"]

    users = [
      {
        name              = "test1",
        mysql_auth_plugin = "mysql_native_password"
      }
    ]

    ## database replica
    replica_enable = true

    create_firewall = false
    firewall_rules = [
      {
        type  = "ip_addr"
        value = "0.0.0.0"
      }
    ]
  }

Inputs

Name Description Type Default Required
backup_restore The day and the start hour of the maintenance window policy map(string) null no
cluster_engine Database engine used by the cluster (ex. pg for PostreSQL, mysql for MySQL, redis for Redis, or mongodb for MongoDB) string "" no
cluster_maintenance The day and the start hour of the maintenance window policy map(string) null no
cluster_node_count Number of nodes that will be included in the cluster number 1 no
cluster_private_network_uuid The ID of the VPC where the database cluster will be located string null no
cluster_size Database Droplet size associated with the cluster (ex. db-s-1vcpu-1gb) string "db-s-1vcpu-1gb" no
cluster_version The version of the cluster string "" no
create_firewall Controls if firewall should be created bool false no
create_pools Controls if pools should be created bool false no
databases A list of databases in the cluster list(string) [] no
enabled Flag to control the resources creation. bool true no
environment Environment (e.g. prod, dev, staging). string "" no
firewall_rules List of firewall rules associated with the cluster list(map(string)) [] no
label_order Label order, e.g. name,application. list(any)
[
"name",
"environment"
]
no
managedby ManagedBy, eg 'terraform-do-modules' or 'hello@clouddrove.com' string "terraform-do-modules" no
mysql_sql_mode A comma separated string specifying the SQL modes for a MySQL cluster. string null no
name Name (e.g. app or cluster). string "" no
pools A list of connection pools in the cluster list(map(string)) null no
project_id The ID of the project that the database cluster is assigned to. If excluded when creating a new database cluster, it will be assigned to your default project. string null no
redis_eviction_policy A string specifying the eviction policy for a Redis cluster. Valid values are: noeviction, allkeys_lru, allkeys_random, volatile_lru, volatile_random, or volatile_ttl string null no
region DigitalOcean region where the cluster will reside string null no
replica_enable Flag to control the resources creation. bool false no
replica_region DigitalOcean region where the replica will reside string null no
replica_size Database Droplet size associated with the replica (ex. db-s-1vcpu-1gb). Note that when resizing an existing replica, its size can only be increased. Decreasing its size is not supported. string "db-s-1vcpu-1gb" no
storage_size_mib Defines the disk size, in MiB, allocated to the cluster string null no
users A list of users in the cluster list(map(string)) null no

Outputs

Name Description
connection_pool_host The hostname used to connect to the database connection pool
connection_pool_id The ID of the database connection pool
connection_pool_password Password for the connection pool's user
connection_pool_port Network port that the database connection pool is listening on
connection_pool_private_host Same as pool host, but only accessible from resources within the account and in the same region
connection_pool_private_uri Same as pool uri, but only accessible from resources within the account and in the same region
connection_pool_uri The full URI for connecting to the database connection pool
database_cluster_default_database Name of the cluster's default database
database_cluster_default_password Password for the cluster's default user
database_cluster_default_user Username for the cluster's default user
database_cluster_host The hostname of the database cluster
database_cluster_id The id of the database cluster
database_cluster_port Network port that the database cluster is listening on
database_cluster_private_host Same as host, but only accessible from resources within the account and in the same region
database_cluster_uri The full URI for connecting to the database cluster
database_cluster_urn The uniform resource name of the database cluster
database_firewall_id A unique identifier for the firewall
database_firewall_rule A map with rule's uuid, type, value and created_at params
database_replica_firewall_rule A map with rule's uuid, type, value and created_at params
db_name The name for the database
replica_cluster_default_database Name of the replica's default database.
replica_cluster_default_password Password for the replica cluster's default user
replica_cluster_default_user Username for the replica cluster's default user
replica_cluster_port Network port that the database replica is listening on.
replica_cluster_private_host Same as host, but only accessible from resources within the account and in the same region.
replica_cluster_uri The full URI for connecting to the database replica.
replica_host_name The ID of the database replica created by Terraform.
replica_id The ID of the database replica created by Terraform.
user_password Password for the database user
user_role Role for the database user

Testing

In this module testing is performed with terratest and it creates a small piece of infrastructure, matches the output like ARN, ID and Tags name etc and destroy infrastructure in your AWS account. This testing is written in GO, so you need a GO environment in your system.

You need to run the following command in the testing folder:

  go test -run Test

Feedback

If you come accross a bug or have any feedback, please log it in our issue tracker, or feel free to drop us an email at hello@clouddrove.com.

If you have found it worth your time, go ahead and give us a ★ on our GitHub!

About us

At CloudDrove, we offer expert guidance, implementation support and services to help organisations accelerate their journey to the cloud. Our services include docker and container orchestration, cloud migration and adoption, infrastructure automation, application modernisation and remediation, and performance engineering.

We are The Cloud Experts!


We ❤️ Open Source and you can check out our other modules to get help with your new Cloud ideas.