expose vars from comet_rds into root

Author: burmek

comet-infrastructure/main.tf

@@ -53,9 +53,8 @@ module "comet_ec2" {
   count       = var.enable_ec2 ? 1 : 0
   environment = var.environment
 
-  vpc_id           = module.vpc.vpc_id
-  comet_ec2_subnet = module.vpc.public_subnets[count.index % length(module.vpc.public_subnets)]
-
+  vpc_id                   = module.vpc.vpc_id
+  comet_ec2_subnet         = module.vpc.public_subnets[count.index % length(module.vpc.public_subnets)]
   comet_ec2_ami            = var.comet_ec2_ami
   comet_ec2_instance_type  = var.comet_ec2_instance_type
   comet_ec2_instance_count = var.comet_ec2_instance_count
@@ -71,14 +70,12 @@ module "comet_ec2" {
 }
 
 module "comet_ec2_alb" {
-  source = "./modules/comet_ec2_alb"
-  count  = var.enable_ec2_alb ? 1 : 0
-
+  source      = "./modules/comet_ec2_alb"
+  count       = var.enable_ec2_alb ? 1 : 0
   environment = var.environment
 
-  vpc_id = module.vpc.vpc_id
-  public_subnets = module.vpc.public_subnets
-
+  vpc_id              = module.vpc.vpc_id
+  public_subnets      = module.vpc.public_subnets
   ssl_certificate_arn = var.enable_ec2_alb ? var.ssl_certificate_arn : null
 }
 
@@ -132,18 +129,26 @@ module "comet_rds" {
   ec2_enabled = var.enable_ec2
   eks_enabled = var.enable_eks
 
-  availability_zones  = local.azs
-  vpc_id              = module.vpc.vpc_id
-  vpc_private_subnets = module.vpc.private_subnets
-  rds_allow_ec2_sg    = var.enable_ec2 ? module.comet_ec2[0].comet_ec2_sg_id : null
-  rds_allow_eks_sg    = var.enable_eks ? module.comet_eks[0].nodegroup_sg_id : null
-  rds_root_password   = var.rds_root_password
+  availability_zones          = local.azs
+  vpc_id                      = module.vpc.vpc_id
+  rds_private_subnets         = module.vpc.private_subnets
+  rds_allow_ec2_sg            = var.enable_ec2 ? module.comet_ec2[0].comet_ec2_sg_id : null
+  rds_allow_eks_sg            = var.enable_eks ? module.comet_eks[0].nodegroup_sg_id : null
+  rds_engine                  = var.rds_engine
+  rds_engine_version          = var.rds_engine_version
+  rds_instance_type           = var.rds_instance_type
+  rds_instance_count          = var.rds_instance_count
+  rds_storage_encrypted       = var.rds_storage_encrypted
+  rds_iam_db_auth             = var.rds_iam_db_auth
+  rds_backup_retention_period = var.rds_backup_retention_period
+  rds_preferred_backup_window = var.rds_preferred_backup_window
+  rds_database_name           = var.rds_database_name
+  rds_root_password           = var.rds_root_password
 }
 
 module "comet_s3" {
-  source = "./modules/comet_s3"
-  count  = var.enable_s3 ? 1 : 0
-
+  source      = "./modules/comet_s3"
+  count       = var.enable_s3 ? 1 : 0
   environment = var.environment
 
   comet_s3_bucket  = var.s3_bucket_name

comet-infrastructure/modules/comet_rds/main.tf

@@ -2,126 +2,124 @@ locals {
   mysql_port = 3306
 
   tags = {
-    Terraform         = "true"
-    Environment       = var.environment
+    Terraform   = "true"
+    Environment = var.environment
   }
 }
 
 resource "aws_db_subnet_group" "comet-ml-rds-subnet" {
-  name = "cometml_rds_sgn_${var.environment}"
-  subnet_ids = var.vpc_private_subnets
-  tags = merge(local.tags, {
-    Name = "cometml-rds_sng-${var.environment}"
+  name       = "cometml-rds-sgn-${var.environment}"
+  subnet_ids = var.rds_private_subnets
+  tags       = merge(local.tags, {
+    Name = "cometml-rds-sng-${var.environment}"
   })
 }
 
 resource "aws_rds_cluster_instance" "comet-ml-rds-mysql" {
   count              = var.rds_instance_count
-  identifier         = "cometml-mysql-${var.environment}-${count.index}"
-  cluster_identifier = aws_rds_cluster.comet-ml-cluster.id
+  identifier         = "cometml-rds-${var.environment}-${count.index}"
+  cluster_identifier = aws_rds_cluster.cometml-db-cluster.id
   instance_class     = var.rds_instance_type
   engine             = var.rds_engine
   engine_version     = var.rds_engine_version
 }
 
 
-resource "aws_rds_cluster" "comet-ml-cluster" {
-  cluster_identifier   = "cometml-mysql-cluster-${var.environment}"
-  db_subnet_group_name = aws_db_subnet_group.comet-ml-rds-subnet.name
+resource "aws_rds_cluster" "cometml-db-cluster" {
+  cluster_identifier                  = "cometml-rds-cluster-${var.environment}"
+  db_subnet_group_name                = aws_db_subnet_group.comet-ml-rds-subnet.name
   availability_zones                  = var.availability_zones
-  database_name                       = "logger"
-  storage_encrypted                   = true
-  iam_database_authentication_enabled = true
+  database_name                       = var.rds_database_name
+  storage_encrypted                   = var.rds_storage_encrypted
+  iam_database_authentication_enabled = var.rds_iam_db_auth
   master_username                     = "root"
   master_password                     = var.rds_root_password
   engine                              = var.rds_engine
   engine_version                      = var.rds_engine_version
-  backup_retention_period             = 7
-  final_snapshot_identifier           = "comet-ml-rds-backup-${var.environment}"
-  preferred_backup_window             = "07:00-09:00"
+  backup_retention_period             = var.rds_backup_retention_period
+  final_snapshot_identifier           = "cometml-rds-backup-${var.environment}"
+  preferred_backup_window             = var.rds_preferred_backup_window
   vpc_security_group_ids              = [aws_security_group.mysql_sg.id]
-  db_cluster_parameter_group_name     = aws_rds_cluster_parameter_group.comet-ml-cluster-pg.name
+  db_cluster_parameter_group_name     = aws_rds_cluster_parameter_group.cometml-cluster-pg.name
 }
 
-resource "aws_rds_cluster_parameter_group" "comet-ml-cluster-pg" {
+resource "aws_rds_cluster_parameter_group" "cometml-cluster-pg" {
   name        = "cometml-rds-cluster-pg-${var.environment}"
   family      = "aurora-mysql5.7"
-  description = "Comet ML RDS cluster parameter group"
+  description = "CometML RDS cluster parameter group"
 
   parameter {
     apply_method = "pending-reboot"
-    name  = "character_set_server"
-    value = "utf8mb4"
+    name         = "character_set_server"
+    value        = "utf8mb4"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "character_set_connection"
-    value = "utf8mb4"
+    name         = "character_set_connection"
+    value        = "utf8mb4"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "character_set_database"
-    value = "utf8mb4"
+    name         = "character_set_database"
+    value        = "utf8mb4"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "character_set_results"
-    value = "utf8mb4"
+    name         = "character_set_results"
+    value        = "utf8mb4"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "collation_connection"
-    value = "utf8mb4_unicode_ci"
+    name         = "collation_connection"
+    value        = "utf8mb4_unicode_ci"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "collation_server"
-    value = "utf8mb4_unicode_ci"
+    name         = "collation_server"
+    value        = "utf8mb4_unicode_ci"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "innodb_flush_log_at_trx_commit"
-    value = "1"
+    name         = "innodb_flush_log_at_trx_commit"
+    value        = "1"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "innodb_lock_wait_timeout"
-    value = "120"
+    name         = "innodb_lock_wait_timeout"
+    value        = "120"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "max_allowed_packet"
-    value = "157286400"
+    name         = "max_allowed_packet"
+    value        = "157286400"
   }
   parameter {
     apply_method = "pending-reboot"
-    name  = "thread_stack"
-    value = "2000000"
+    name         = "thread_stack"
+    value        = "2000000"
   }
 }
 
 resource "aws_security_group" "mysql_sg" {
   name        = "${var.environment}_mysql_sg"
-  description = "Aurora MySQL RDS Security Group"
-  vpc_id = var.vpc_id
+  description = "CometML RDS cluster security group"
+  vpc_id      = var.vpc_id
 }
 
 resource "aws_vpc_security_group_ingress_rule" "mysql_port_inbound_ec2" {
-  count = var.ec2_enabled ? 1 : 0
-  security_group_id = aws_security_group.mysql_sg.id
-
-  from_port   = local.mysql_port
-  to_port     = local.mysql_port
-  ip_protocol    = "tcp"
+  count                        = var.ec2_enabled ? 1 : 0
+  security_group_id            = aws_security_group.mysql_sg.id
+  from_port                    = local.mysql_port
+  to_port                      = local.mysql_port
+  ip_protocol                  = "tcp"
   referenced_security_group_id = var.rds_allow_ec2_sg
 }
 
 resource "aws_vpc_security_group_ingress_rule" "mysql_port_inbound_eks" {
-  count = var.eks_enabled ? 1 : 0
-  security_group_id = aws_security_group.mysql_sg.id
-
-  from_port   = local.mysql_port
-  to_port     = local.mysql_port
-  ip_protocol    = "tcp"
+  count                        = var.eks_enabled ? 1 : 0
+  security_group_id            = aws_security_group.mysql_sg.id
+  from_port                    = local.mysql_port
+  to_port                      = local.mysql_port
+  ip_protocol                  = "tcp"
   referenced_security_group_id = var.rds_allow_eks_sg
 }

comet-infrastructure/modules/comet_rds/outputs.tf

@@ -1,4 +1,4 @@
 output "mysql_host" {
   description = "MySQL endpoint"
-  value       = aws_rds_cluster.comet-ml-cluster.endpoint
+  value       = aws_rds_cluster.cometml-db-cluster.endpoint
 }

comet-infrastructure/modules/comet_rds/variables.tf

@@ -4,63 +4,79 @@ variable "environment" {
   default     = "dev"
 }
 
-variable "rds_root_password" {
-  description = "Root password for RDS database"
+variable "availability_zones" {
+  description = "List of availability zones from VPC"
+  type        = list(string)
+}
+
+variable "vpc_id" {
+  description = "ID of the VPC that will contain the provisioned resources"
   type        = string
 }
 
-variable "rds_instance_type" {
-  description = "Instance type for RDS database"
+variable "rds_private_subnets" {
+  description = "IDs of private subnets within the VPC"
+  type        = list(string)
+}
+
+variable "rds_allow_ec2_sg" {
+  description = "Security group associated with EC2 compute, if provisioned"
   type        = string
-  default     = "db.r5.xlarge"
 }
 
-variable "rds_instance_count" {
-  description = "Number of RDS instances in the database cluster"
-  type        = number
-  default     = 2
+variable "rds_allow_eks_sg" {
+  description = "Security group associated with EKS compute, if provisioned"
+  type        = string
 }
 
 variable "rds_engine" {
   description = "Engine type for RDS database"
   type        = string
-  default     = "aurora-mysql"
 }
 
 variable "rds_engine_version" {
   description = "Engine version number for RDS database"
   type        = string
-  default     = "5.7.mysql_aurora.2.07.2"
 }
 
-variable "vpc_id" {
-  description = "ID of the VPC that will contain the provisioned resources"
+variable "rds_instance_type" {
+  description = "Instance type for RDS database"
   type        = string
-  default     = ""
 }
 
-variable "vpc_private_subnets" {
-  description = "IDs of private subnets within the VPC"
-  type        = list(string)
-  default     = []
+variable "rds_instance_count" {
+  description = "Number of RDS instances in the database cluster"
+  type        = number
 }
 
-variable "availability_zones" {
-  description = "List of availability zones from VPC"
-  type        = list(string)
-  default     = []
+variable "rds_storage_encrypted" {
+  description = "Enables encryption for RDS storage"
+  type        = bool
 }
 
-variable "rds_allow_ec2_sg" {
-  description = "Security group associated with EC2 compute, if provisioned"
+variable "rds_iam_db_auth" {
+  description = "Enables IAM auth for the database in RDS"
+  type        = bool
+}
+
+variable "rds_backup_retention_period" {
+  description = "Days specified for RDS snapshotretention period"
+  type        = number
+}
+
+variable "rds_preferred_backup_window" {
+  description = "Backup window for RDS"
   type        = string
-  default     = ""
 }
 
-variable "rds_allow_eks_sg" {
-  description = "Security group associated with EKS compute, if provisioned"
+variable "rds_database_name" {
+  description = "Name for the application database in RDS"
+  type        = string
+}
+
+variable "rds_root_password" {
+  description = "Root password for RDS database"
   type        = string
-  default     = ""
 }
 
 variable "ec2_enabled" {