Upgrade beanstalk solution stack (#13)

Add variables to support production database configuration Add more private subnets to enable broader pool of available instances for spot requests.
duracloud · May 25, 2023 · 453143d · 453143d
1 parent ca5de75
commit 453143d
Show file tree

Hide file tree

Showing 12 changed files with 83 additions and 13 deletions.
diff --git a/duracloud/main.tf b/duracloud/main.tf
@@ -171,7 +171,7 @@ resource "aws_elastic_beanstalk_application_version" "default" {
 resource "aws_elastic_beanstalk_configuration_template" "config" {
   name                = "duracloud-config"
   application         = aws_elastic_beanstalk_application.duracloud.name
-  solution_stack_name = "64bit Amazon Linux 2 v4.2.16 running Tomcat 8.5 Corretto 11"
+  solution_stack_name = "64bit Amazon Linux 2 v4.3.7 running Tomcat 8.5 Corretto 11"
 
   setting {
     namespace = "aws:ec2:vpc"

diff --git a/management-console/main.tf b/management-console/main.tf
@@ -172,7 +172,7 @@ resource "aws_elastic_beanstalk_application_version" "default" {
 resource "aws_elastic_beanstalk_configuration_template" "config" {
   name                = "mc-config"
   application         = aws_elastic_beanstalk_application.mc.name
-  solution_stack_name = "64bit Amazon Linux 2 v4.2.16 running Tomcat 8.5 Corretto 11"
+  solution_stack_name = "64bit Amazon Linux 2 v4.3.7 running Tomcat 8.5 Corretto 11"
 
   setting {
     namespace = "aws:ec2:vpc"

diff --git a/mill/audit-worker.tf b/mill/audit-worker.tf
@@ -21,7 +21,7 @@ resource "aws_launch_configuration" "audit_worker_launch_config" {
 resource "aws_autoscaling_group" "audit_worker_asg" {
   name                 = "${var.stack_name}-audit-worker-asg"
   launch_configuration = aws_launch_configuration.audit_worker_launch_config.name
-  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id]
+  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id, data.aws_subnet.duracloud_c.id, data.aws_subnet.duracloud_d.id]
   max_size             = 10
   min_size             = 1
 }

diff --git a/mill/bit-report-worker.tf b/mill/bit-report-worker.tf
@@ -21,7 +21,7 @@ resource "aws_launch_configuration" "bit_report_worker_launch_config" {
 resource "aws_autoscaling_group" "bit_report_worker_asg" {
   name                 = "${var.stack_name}-bit_report-worker-asg"
   launch_configuration = aws_launch_configuration.bit_report_worker_launch_config.name
-  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id]
+  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id, data.aws_subnet.duracloud_c.id, data.aws_subnet.duracloud_d.id]
   max_size             = 1
   min_size             = 0
 }

diff --git a/mill/bit-worker.tf b/mill/bit-worker.tf
@@ -21,7 +21,7 @@ resource "aws_launch_configuration" "bit_worker_launch_config" {
 resource "aws_autoscaling_group" "bit_worker_asg" {
   name                 = "${var.stack_name}-bit-worker-asg"
   launch_configuration = aws_launch_configuration.bit_worker_launch_config.name
-  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id]
+  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id, data.aws_subnet.duracloud_c.id, data.aws_subnet.duracloud_d.id]
   max_size             = 10
   min_size             = 0
 }

diff --git a/mill/high-priority-dup-worker.tf b/mill/high-priority-dup-worker.tf
@@ -21,7 +21,7 @@ resource "aws_launch_configuration" "high_priority_dup_worker_launch_config" {
 resource "aws_autoscaling_group" "high_priority_dup_worker_asg" {
   name                 = "${var.stack_name}-high_priority_dup-worker-asg"
   launch_configuration = aws_launch_configuration.high_priority_dup_worker_launch_config.name
-  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id]
+  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id, data.aws_subnet.duracloud_c.id, data.aws_subnet.duracloud_d.id]
   max_size             = 10
   min_size             = 0
 }

diff --git a/mill/low-priority-dup-worker.tf b/mill/low-priority-dup-worker.tf
@@ -21,7 +21,7 @@ resource "aws_launch_configuration" "low_priority_dup_worker_launch_config" {
 resource "aws_autoscaling_group" "low_priority_dup_worker_asg" {
   name                 = "${var.stack_name}-low_priority_dup-worker-asg"
   launch_configuration = aws_launch_configuration.low_priority_dup_worker_launch_config.name
-  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id]
+  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id, data.aws_subnet.duracloud_c.id, data.aws_subnet.duracloud_d.id]
   max_size             = 10
   min_size             = 0
 }

diff --git a/mill/main.tf b/mill/main.tf
@@ -132,6 +132,23 @@ data "aws_subnet" "duracloud_b" {
   }
 }
 
+data "aws_subnet" "duracloud_c" {
+  vpc_id = data.aws_vpc.duracloud.id
+  tags = {
+    Name = "${var.stack_name}-subnet-c"
+  }
+}
+
+data "aws_subnet" "duracloud_d" {
+  vpc_id = data.aws_vpc.duracloud.id
+
+  tags = {
+    Name = "${var.stack_name}-subnet-d"
+  }
+}
+
+
+
 resource "aws_security_group" "mill_instance" {
 
   vpc_id = data.aws_vpc.duracloud.id

diff --git a/mill/sentinel.tf b/mill/sentinel.tf
@@ -19,7 +19,7 @@ resource "aws_launch_configuration" "sentinel_launch_config" {
 resource "aws_autoscaling_group" "sentinel_asg" {
   name                 = "${var.stack_name}-sentinel-asg"
   launch_configuration = aws_launch_configuration.sentinel_launch_config.name
-  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id]
+  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id, data.aws_subnet.duracloud_c.id, data.aws_subnet.duracloud_d.id]
   max_size             = 1
   min_size             = 1
 }
diff --git a/mill/storage-stats-worker.tf b/mill/storage-stats-worker.tf
@@ -21,7 +21,7 @@ resource "aws_launch_configuration" "storage_stats_worker_launch_config" {
 resource "aws_autoscaling_group" "storage_stats_worker_asg" {
   name                 = "${var.stack_name}-storage_stats-worker-asg"
   launch_configuration = aws_launch_configuration.storage_stats_worker_launch_config.name
-  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id]
+  vpc_zone_identifier  = [data.aws_subnet.duracloud_a.id, data.aws_subnet.duracloud_c.id, data.aws_subnet.duracloud_d.id]
   max_size             = 1
   min_size             = 0
 }

diff --git a/shared/main.tf b/shared/main.tf
@@ -157,6 +157,28 @@ resource "aws_subnet" "duracloud_subnet_b" {
   }
 }
 
+resource "aws_subnet" "duracloud_subnet_c" {
+
+  vpc_id            = aws_vpc.duracloud.id
+  cidr_block        = "10.0.4.0/24"
+  availability_zone = "${data.aws_region.current.name}c"
+
+  tags = {
+    Name = "${var.stack_name}-subnet-c"
+  }
+}
+
+resource "aws_subnet" "duracloud_subnet_d" {
+
+  vpc_id            = aws_vpc.duracloud.id
+  cidr_block        = "10.0.5.0/24"
+  availability_zone = "${data.aws_region.current.name}d"
+
+  tags = {
+    Name = "${var.stack_name}-subnet-d"
+  }
+}
+
 resource "aws_route_table" "duracloud_nat" {
 
   vpc_id = aws_vpc.duracloud.id
@@ -184,12 +206,26 @@ resource "aws_route_table_association" "duracloud_nat_b" {
   route_table_id = aws_route_table.duracloud_nat.id
 }
 
-resource "aws_route_table_association" "duracloud" {
-
+resource "aws_route_table_association" "duracloud_a" {
   subnet_id      = aws_subnet.duracloud_subnet_a.id
   route_table_id = aws_route_table.duracloud.id
 }
 
+resource "aws_route_table_association" "duracloud_b" {
+  subnet_id      = aws_subnet.duracloud_subnet_b.id
+  route_table_id = aws_route_table.duracloud.id
+}
+
+resource "aws_route_table_association" "duracloud_c" {
+  subnet_id      = aws_subnet.duracloud_subnet_c.id
+  route_table_id = aws_route_table.duracloud.id
+}
+
+resource "aws_route_table_association" "duracloud_d" {
+  subnet_id      = aws_subnet.duracloud_subnet_d.id
+  route_table_id = aws_route_table.duracloud.id
+}
+
 resource "aws_route" "route2igc" {
   route_table_id         = aws_route_table.duracloud_nat.id
   destination_cidr_block = "0.0.0.0/0"
@@ -253,7 +289,7 @@ resource "aws_security_group" "duracloud_database" {
   name   = "${var.stack_name}-duracloud-db-sg"
 
   ingress {
-    cidr_blocks = ["10.0.0.0/24", "10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24", ]
+    cidr_blocks = ["10.0.0.0/24", "10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24", "10.0.4.0/24", "10.0.5.0/24"]
     from_port   = 3306
     to_port     = 3306
     protocol    = "tcp"
@@ -279,7 +315,7 @@ resource "aws_security_group" "duracloud_database" {
 resource "aws_db_instance" "duracloud" {
   db_name                   = "duracloud"
   identifier                = "${var.stack_name}-db-instance"
-  allocated_storage         = 20
+  allocated_storage         = var.db_allocated_storage
   storage_type              = "gp2"
   engine                    = "mysql"
   engine_version            = "8.0"
@@ -290,6 +326,8 @@ resource "aws_db_instance" "duracloud" {
   db_subnet_group_name      = aws_db_subnet_group.duracloud_db_subnet_group.name
   vpc_security_group_ids    = [aws_security_group.duracloud_database.id]
   skip_final_snapshot       = "true"
+  deletion_protection       = var.db_deletion_protection_enabled
+  multi_az                  = var.db_multi_az_enabled
   final_snapshot_identifier = "final-duracloud-${var.stack_name}"
 
   tags = {

diff --git a/shared/variables.tf b/shared/variables.tf
@@ -7,6 +7,21 @@ variable "db_instance_class" {
   default     = "db.t2.micro"
 }
 
+variable "db_allocated_storage" {
+  description = "The amount of storage allocated in gigabytes."
+  default     = 20
+}
+
+variable "db_deletion_protection_enabled" {
+  description = "If true, deletion protection is enabled."
+  default     = false
+}
+
+variable "db_multi_az_enabled" {
+  description = "If true, enable multi A-Z for this database"
+  default     = false
+}
+
 variable "db_username" {
   description = "database username"
   default     = "duracloud"