Skip to content
This repository has been archived by the owner on Jan 30, 2024. It is now read-only.

Commit

Permalink
Configure account_api_db_admin machine class
Browse files Browse the repository at this point in the history
This creates a dedicated database admin machine for the Account
API, following the content_data_api_db_admin convention. This is
in order to facilitate the implementation of [RFC-143][], which
concludes that every GOV.UK relational database should have its
own RDS instance.

[RFC-143]: https://github.com/alphagov/govuk-rfcs/blob/main/rfc-143-split-database-instances.md
  • Loading branch information
ChrisBAshton committed Dec 14, 2021
1 parent cac2aa8 commit 10871f2
Show file tree
Hide file tree
Showing 6 changed files with 112 additions and 0 deletions.
25 changes: 25 additions & 0 deletions hieradata_aws/class/integration/account_api_db_admin.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
govuk_env_sync::tasks:
"pull_account_api_production_daily":
ensure: "present"
hour: "0"
minute: "0"
action: "pull"
dbms: "postgresql"
storagebackend: "s3"
database: "account-api_production"
database_hostname: "account-api-postgresql"
temppath: "/tmp/account_api_production"
url: "govuk-production-database-backups"
path: "account-api-postgresql"
# "push_account_api_production_daily":
# ensure: "present"
# hour: "5"
# minute: "0"
# action: "push"
# dbms: "postgresql"
# storagebackend: "s3"
# database: "account-api_production"
# database_hostname: "account-api-postgresql"
# temppath: "/tmp/account_api_production"
# url: "govuk-integration-database-backups"
# path: "account-api-postgresql"
13 changes: 13 additions & 0 deletions hieradata_aws/class/production/account_api_db_admin.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
# govuk_env_sync::tasks:
# "push_account_api_production_daily":
# ensure: "present"
# hour: "23"
# minute: "0"
# action: "push"
# dbms: "postgresql"
# storagebackend: "s3"
# database: "account-api_production"
# database_hostname: "account-api-postgresql"
# temppath: "/tmp/account_api_production"
# url: "govuk-production-database-backups"
# path: "account-api-postgresql"
25 changes: 25 additions & 0 deletions hieradata_aws/class/staging/account_api_db_admin.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
govuk_env_sync::tasks:
"pull_account_api_production_daily":
ensure: "present"
hour: "0"
minute: "0"
action: "pull"
dbms: "postgresql"
storagebackend: "s3"
database: "account-api_production"
database_hostname: "account-api-postgresql"
temppath: "/tmp/account_api_production"
url: "govuk-production-database-backups"
path: "account-api-postgresql"
# "push_account_api_production_daily":
# ensure: "present"
# hour: "5"
# minute: "0"
# action: "push"
# dbms: "postgresql"
# storagebackend: "s3"
# database: "account-api_production"
# database_hostname: "account-api-postgresql"
# temppath: "/tmp/account_api_production"
# url: "govuk-staging-database-backups"
# path: "account-api-postgresql"
3 changes: 3 additions & 0 deletions hieradata_aws/common.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -782,6 +782,8 @@ govuk::apps::transition::redis_port: "%{hiera('sidekiq_port')}"
govuk::apps::travel_advice_publisher::redis_host: "%{hiera('sidekiq_host')}"
govuk::apps::travel_advice_publisher::redis_port: "%{hiera('sidekiq_port')}"

# TODO: switch to "account-api-postgresql" and uncomment the 'push'
# `govuk_env_sync::tasks` tasks when we're ready to switch to the dedicated RDS instance
govuk::apps::account_api::db_hostname: "postgresql-primary"
govuk::apps::account_api::db::backend_ip_range: "%{hiera('environment_ip_prefix')}.3.0/24"
govuk::apps::account_api::db::allow_auth_from_lb: true
Expand Down Expand Up @@ -857,6 +859,7 @@ govuk::node::s_base::log_remote: false
govuk::node::s_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"
govuk::node::s_db_admin::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}"

govuk::node::s_account_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"
govuk::node::s_content_data_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"

govuk::node::s_gatling::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"
Expand Down
45 changes: 45 additions & 0 deletions modules/govuk/manifests/node/s_account_api_db_admin.pp
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# == Class: govuk_node::s_account_api_db_admin
#
# This machine class is used to administer the Account API
# PostgreSQL RDS instances.
#
# === Parameters
#
# [*postgres_host*]
# Hostname of the RDS database to use.
# Default: undef
#
# [*postgres_user*]
# The PostgreSQL user to use for admisistering the database.
# Default: undef
#
# [*postgres_password*]
# The password corresponding to the above `postgres_user`.
# Default: undef
#
# [*postgres_port*]
# The port with which to connect to the `postgres_host`.
# Default: '5432'
#
class govuk::node::s_account_api_db_admin(
$postgres_host = undef,
$postgres_user = undef,
$postgres_password = undef,
$postgres_port = '5432',
$apt_mirror_hostname,
) {
include govuk_env_sync
include ::govuk::node::s_base

# include the common config/tooling required for our app-specific DB admin class
class { '::govuk::nodes::postgresql_db_admin':
postgres_host => $postgres_host,
postgres_user => $postgres_user,
postgres_password => $postgres_password,
postgres_port => $postgres_port,
apt_mirror_hostname => $apt_mirror_hostname,
} ->

# include all PostgreSQL classes that create databases and users
class { '::govuk::apps::account_api::db': }
}
1 change: 1 addition & 0 deletions spec/fixtures/hieradata/common.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ govuk::deploy::sync::auth_token: "example-auth-token"

govuk::node::s_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"
govuk::node::s_db_admin::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}"
govuk::node::s_account_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"
govuk::node::s_content_data_api_db_admin::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"
govuk::node::s_graphite::apt_mirror_hostname: "%{hiera('apt_mirror_hostname')}"
govuk::node::s_graphite::apt_mirror_gpg_key_fingerprint: "%{hiera('apt_mirror_fingerprint')}"
Expand Down

0 comments on commit 10871f2

Please sign in to comment.