-
Notifications
You must be signed in to change notification settings - Fork 1
/
data-restore-pgsql-mpg.tf
162 lines (148 loc) · 5.62 KB
/
data-restore-pgsql-mpg.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
# Infrastructure for Yandex Cloud Managed Service for PostgreSQL cluster and Virtual Machine.
#
# RU: https://cloud.yandex.ru/docs/managed-postgresql/tutorials/data-migration
# EN: https://cloud.yandex.com/en/docs/managed-postgresql/tutorials/data-migration
# Specify the following settings:
locals {
# Source cluster settings:
source_db_name = "" # Set the source cluster database name. It is also used for the target cluster database.
# Managed Service for PostgreSQL cluster.
target_pgsql_version = "" # Set the PostgreSQL version. It must be the same as the version of the source cluster.
target_user = "" # Set the target cluster username.
target_password = "" # Set the target cluster password.
# (Optional) Virtual Machine.
vm_image_id = "" # Set a public image ID from https://cloud.yandex.com/en/docs/compute/operations/images-with-pre-installed-software/get-list.
vm_username = "" # Set a username for VM. Images with Ubuntu Linux use the username `ubuntu` by default.
vm_public_key = "" # Set a full path to SSH public key.
}
# Source cluster PostgreSQL extensions to be enabled in the Managed Service for PostgreSQL cluster:
variable "pg-extensions" {
description = "List of extensions for the Managed Service for PostgreSQL cluster"
type = set(string)
default = [
# Put the list of the source database PostgreSQL extensions.
# Example:
# "pg_qualstats",
# "dblink"
]
}
resource "yandex_vpc_network" "network" {
description = "Network for the Managed Service for PostgreSQL cluster and VM"
name = "network"
}
resource "yandex_vpc_subnet" "subnet-a" {
description = "Subnet in the ru-central1-a availability zone"
name = "subnet-a"
zone = "ru-central1-a"
network_id = yandex_vpc_network.network.id
v4_cidr_blocks = ["10.1.0.0/24"]
}
resource "yandex_vpc_security_group" "security-group-mpg" {
description = "Security group for the Managed Service for PostgreSQL cluster"
network_id = yandex_vpc_network.network.id
}
resource "yandex_vpc_security_group_rule" "rule-cluster" {
security_group_binding = yandex_vpc_security_group.security-group-mpg.id
direction = "ingress"
description = "Allow connections to the cluster from the Internet"
protocol = "TCP"
port = 6432
v4_cidr_blocks = ["0.0.0.0/0"]
}
# If you use VM for loading database dump and restoring data to the cluster, uncomment these lines.
#resource "yandex_vpc_security_group" "security-group-vm" {
# description = "Security group for VM"
# network_id = yandex_vpc_network.network.id
#}
#
#resource "yandex_vpc_security_group_rule" "rule-vm-in" {
# security_group_binding = yandex_vpc_security_group.security-group-vm.id
# direction = "ingress"
# description = "Allow SSH connections for VM from the Internet"
# protocol = "TCP"
# port = 22
# v4_cidr_blocks = ["0.0.0.0/0"]
#}
#
#resource "yandex_vpc_security_group_rule" "rule-vm-out" {
# security_group_binding = yandex_vpc_security_group.security-group-vm.id
# direction = "egress"
# description = "Allow outgoing connections to any required resource"
# protocol = "ANY"
# from_port = 0
# to_port = 65535
# v4_cidr_blocks = ["0.0.0.0/0"]
#}
resource "yandex_mdb_postgresql_cluster" "mpg-cluster" {
description = "Managed Service for PostgreSQL cluster"
name = "mpg-cluster"
environment = "PRODUCTION"
network_id = yandex_vpc_network.network.id
security_group_ids = [yandex_vpc_security_group.security-group-mpg.id]
config {
version = local.target_pgsql_version
resources {
resource_preset_id = "s2.micro" # 2 vCPU, 8 GB RAM
disk_type_id = "network-hdd"
disk_size = 10 # GB
}
}
host {
zone = "ru-central1-a"
subnet_id = yandex_vpc_subnet.subnet-a.id
assign_public_ip = true # Required for connection from the Internet, for a method without an intermediate VM.
}
}
# A PostgreSQL database of the Managed Service for PostgreSQL cluster.
resource "yandex_mdb_postgresql_database" "database" {
cluster_id = yandex_mdb_postgresql_cluster.mpg-cluster.id
name = local.target_db_name
# Set the names of PostgreSQL extensions with cycle.
dynamic "extension" {
for_each = var.pg-extensions
content {
name = extension.value
}
}
}
# A PostgreSQL user of the Managed Service for PostgreSQL cluster.
resource "yandex_mdb_postgresql_user" "user" {
cluster_id = yandex_mdb_postgresql_cluster.mpg-cluster.id
name = local.target_user
password = local.target_password
permission {
database_name = local.target_db_name
}
grants = ["ALL"]
}
# If you use VM for loading database dump and restoring data to the cluster, uncomment these lines.
#resource "yandex_compute_instance" "vm-linux" {
# description = "Virtual Machine in Yandex Compute Cloud"
# name = "vm-linux"
# platform_id = "standard-v3" # Intel Ice Lake
#
# resources {
# cores = 2
# memory = 2 # GB
# }
#
# boot_disk {
# initialize_params {
# image_id = local.vm_image_id
# }
# }
#
# network_interface {
# subnet_id = yandex_vpc_subnet.subnet-a.id
# nat = true # Required for connection from the Internet.
#
# security_group_ids = [
# yandex_vpc_security_group.security-group-mpg.id,
# yandex_vpc_security_group.security-group-vm.id
# ]
# }
#
# metadata = {
# ssh-keys = "${local.vm_username}:${file(local.vm_public_key)}" # Username and SSH public key full path.
# }
#}