Skip to content

Latest commit

 

History

History
234 lines (194 loc) · 15.8 KB

README.md

File metadata and controls

234 lines (194 loc) · 15.8 KB

MySQL DB Terraform Module


This module simplifies deploying a MySQL database on Kubernetes with flexible configuration options, including storage class, volume sizes, and architecture. It supports backups, restores, and deploying exporters for Grafana metrics.

It can create namespaces and configure recovery windows for AWS Secrets Manager, Azure Key Vault, and GCP Secrets Manager. This module enables easy deployment of highly available MySQL databases on AWS EKS, Azure AKS, and GCP GKE with extensive customization options.

Supported Versions:

MysqlDB Helm Chart Version K8s supported version (EKS, AKS & GKE)
9.2.0 1.23,1.24,1.25,1.26,1.27

Usage Example

locals {
  name        = "mysql"
  region      = "us-east-2"
  environment = "prod"
  additional_tags = {
    Owner      = "organization_name"
    Expires    = "Never"
    Department = "Engineering"
  }
  create_namespace                   = true
  namespace                          = "mysql"
  store_password_to_secret_manager   = false
  mysqldb_custom_credentials_enabled = true
  mysqldb_custom_credentials_config = {
    root_user            = "root"
    root_password        = "RJDRIFsYC8ZS1WQuV0ps"
    custom_username      = "admin"
    custom_user_password = "NCPFUKEMd7rrWuvMAa73"
    replication_user     = "replicator"
    replication_password = "nvAHhm1uGQNYWVw6ZyAH"
    exporter_user        = "mysqld_exporter"
    exporter_password    = "ZawhvpueAehRdKFlbjaq"
  }
  custom_user_username = "custom"
}

module "aws" {
  source                             = "saturnops/mysql/kubernetes//modules/resources/aws"
  cluster_name                       = "prod-eks"
  environment                        = "prod"
  name                               = "mysql"
  namespace                          = local.namespace
  store_password_to_secret_manager   = true
  mysqldb_custom_credentials_enabled = true
  mysqldb_custom_credentials_config  = {
    root_user            = "root"
    root_password        = "RJDRIFsYC8ZS1WQuV0ps"
    custom_username      = "admin"
    custom_user_password = "NCPFUKEMd7rrWuvMAa73"
    replication_user     = "replicator"
    replication_password = "nvAHhm1uGQNYWVw6ZyAH"
    exporter_user        = "mysqld_exporter"
    exporter_password    = "ZawhvpueAehRdKFlbjaq"
  }
  custom_user_username               = mysqldb_custom_credentials_enabled ? "" : "custome_username"
}

module "mysql" {
  source           = "saturnops/mysql/kubernetes"
  create_namespace = local.create_namespace
  namespace        = local.namespace
  mysqldb_config = {
    name                             = "mysql"
    app_version                      = "8.0.29-debian-11-r9"
    environment                      = "prod"
    values_yaml                      = ""
    architecture                     = "replication"
    custom_database                  = "test_db"
    storage_class_name               = "gp2"
    custom_user_username             = local.mysqldb_custom_credentials_enabled ? "" : local.custom_user_username
    primary_db_volume_size           = "10Gi"
    secondary_db_volume_size         = "10Gi"
    secondary_db_replica_count       = 2
    store_password_to_secret_manager = true
  }
  mysqldb_custom_credentials_enabled = local.mysqldb_custom_credentials_enabled
  mysqldb_custom_credentials_config  = local.mysqldb_custom_credentials_config
  root_password                      = local.mysqldb_custom_credentials_enabled ? "" : module.aws.root_password
  metric_exporter_pasword            = local.mysqldb_custom_credentials_enabled ? "" : module.aws.metric_exporter_pasword
  mysqldb_replication_user_password  = local.mysqldb_custom_credentials_enabled ? "" : module.aws.mysqldb_replication_user_password
  custom_user_password               = local.mysqldb_custom_credentials_enabled ? "" : module.aws.custom_user_password
  bucket_provider_type               = "s3"
  iam_role_arn_backup                = module.aws.iam_role_arn_backup
  mysqldb_backup_enabled             = true
  mysqldb_backup_config = {
    mysql_database_name  = ""
    bucket_uri           = "s3://bucket_name"
    s3_bucket_region     = ""
    cron_for_full_backup = "*/5 * * * *"
  }
  mysqldb_restore_enabled = true
  iam_role_arn_restore    = module.aws.iam_role_arn_restore
  mysqldb_restore_config = {
    bucket_uri       = "s3://bucket_name/mysqldump_20230710_120501.zip"
    file_name        = "mysqldump_20230710_120501.zip"
    s3_bucket_region = ""
  }
  mysqldb_exporter_enabled = true
}

IAM Permissions

The required IAM permissions to create resources from this module can be found here

MySQL Backup and Restore

This module provides functionality to automate the backup and restore process for MySQL databases using AWS S3 buckets. It allows users to easily schedule backups, restore databases from backups stored in S3, and manage access permissions using AWS IAM roles. Features

Backup

  • Users can schedule full backups.
  • upports specifying individual database names for backup or backing up all databases except system databases.
  • Backups are stored in specified S3 buckets.

Restore

  • Users can restore MySQL databases from backups stored in S3 buckets.
  • Supports specifying the backup file to restore from and the target S3 bucket region.

IAM Role for Permissions

  • Users need to provide an IAM role for the module to access the specified S3 bucket and perform backup and restore operations.

Module Inputs

Backup Configuration

  • command using to do backup:
mysqldump -h$HOST -u$USER -p$PASSWORD --databases db_name > full-backup.sql
  • mysql_database_name: The name of the MySQL database to backup. Leave blank to backup all databases except system databases.
  • bucket_uri: The URI of the S3 bucket where backups will be stored.
  • s3_bucket_region: The region of the S3 bucket.
  • cron_for_full_backup: The cron expression for scheduling full backups.

Restore Configuration

  • mysqldb_restore_config: Configuration for restoring databases.bucket_uri: The URI of the S3 bucket containing the backup file.
  • file_name: The name of the backup file to restore.
  • s3_bucket_region: The region of the S3 bucket containing the backup file.

Important Notes

  1. In order to enable the exporter, it is required to deploy Prometheus/Grafana first.
  2. The exporter is a tool that extracts metrics data from an application or system and makes it available to be scraped by Prometheus.
  3. Prometheus is a monitoring system that collects metrics data from various sources, including exporters, and stores it in a time-series database.
  4. Grafana is a data visualization and dashboard tool that works with Prometheus and other data sources to display the collected metrics in a user-friendly way.
  5. To deploy Prometheus/Grafana, please follow the installation instructions for each tool in their respective documentation.
  6. Once Prometheus and Grafana are deployed, the exporter can be configured to scrape metrics data from your application or system and send it to Prometheus.
  7. Finally, you can use Grafana to create custom dashboards and visualize the metrics data collected by Prometheus.
  8. This module is compatible with EKS, AKS & GKE which is great news for users deploying the module on an AWS, Azure & GCP cloud. Review the module's documentation, meet specific configuration requirements, and test thoroughly after deployment to ensure everything works as expected.

Requirements

No requirements.

Providers

Name Version
helm n/a
kubernetes n/a

Modules

No modules.

Resources

Name Type
helm_release.mysqldb resource
helm_release.mysqldb_backup resource
helm_release.mysqldb_restore resource
kubernetes_namespace.mysqldb resource

Inputs

Name Description Type Default Required
app_version Version of the MySQL application that will be deployed. string "8.0.29-debian-11-r9" no
azure_container_name Azure container name string "" no
azure_storage_account_key Azure storage account key string "" no
azure_storage_account_name Azure storage account name string "" no
bucket_provider_type Choose what type of provider you want (s3, gcs) string "gcs" no
chart_version Version of the Mysql chart that will be used to deploy MySQL application. string "9.2.0" no
cluster_name Specifies the name of the EKS cluster to deploy the MySQL application on. string "" no
create_namespace Specify whether or not to create the namespace if it does not already exist. Set it to true to create the namespace. string true no
custom_user_password custom user password for MongoDB string "" no
iam_role_arn_backup IAM role ARN for backup (AWS) string "" no
iam_role_arn_restore IAM role ARN for restore (AWS) string "" no
metric_exporter_pasword Metric exporter password for MongoDB string "" no
mysqldb_backup_config configuration options for MySQL database backups. It includes properties such as the S3 bucket URI, the S3 bucket region, cron expression for full backups and the database name to take backup of particular database or if send empty it backup whole database any
{
"bucket_uri": "",
"cron_for_full_backup": "",
"mysql_database_name": "",
"s3_bucket_region": ""
}
no
mysqldb_backup_enabled Specifies whether to enable backups for MySQL database. bool false no
mysqldb_config Specify the configuration settings for MySQL, including the name, environment, storage options, replication settings, and custom YAML values. any
{
"architecture": "",
"custom_database": "",
"custom_user_username": "",
"environment": "",
"name": "",
"primary_db_volume_size": "",
"secondary_db_replica_count": 1,
"secondary_db_volume_size": "",
"storage_class_name": "",
"store_password_to_secret_manager": true,
"values_yaml": ""
}
no
mysqldb_custom_credentials_config Specify the configuration settings for MySQL to pass custom credentials during creation any
{
"custom_user_password": "",
"custom_username": "",
"exporter_password": "",
"exporter_user": "",
"replication_password": "",
"replication_user": "",
"root_password": "",
"root_user": ""
}
no
mysqldb_custom_credentials_enabled Specifies whether to enable custom credentials for MySQL database. bool false no
mysqldb_exporter_enabled Specify whether or not to deploy Mysql exporter to collect Mysql metrics for monitoring in Grafana. bool false no
mysqldb_replication_user_password Replicator password for MongoDB string "" no
mysqldb_restore_config Configuration options for restoring dump to the MySQL database. any
{
"bucket_uri": "",
"file_name": "",
"s3_bucket_region": ""
}
no
mysqldb_restore_enabled Specifies whether to enable restoring dump to the MySQL database. bool false no
namespace Name of the Kubernetes namespace where the MYSQL deployment will be deployed. string "mysqldb" no
project_id Google Cloud project ID string "" no
recovery_window_aws_secret Number of days that AWS Secrets Manager will wait before deleting a secret. This value can be set to 0 to force immediate deletion, or to a value between 7 and 30 days to allow for recovery. number 0 no
resource_group_location Azure region string "East US" no
resource_group_name Azure Resource Group name string "" no
root_password Root password for MongoDB string "" no
service_account_backup Service account for backup (GCP) string "" no
service_account_restore Service account for restore (GCP) string "" no

Outputs

Name Description
mysqldb_credential MySQL credentials used for accessing the MySQL database.
mysqldb_endpoints MySQL endpoints in the Kubernetes cluster.

Please give our GitHub repository a ⭐️ to show your support and increase its visibility.