zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/modules/cloud-config-container/mysql
History
Ludovico Magnocavallo 6941313c7d
Factories refactor (#1843) 
* factories refactor doc

* Adds file schema and filesystem organization

* Update 20231106-factories.md

* move factories out of blueprints and create new factories  README

* align factory in billing-account module

* align factory in dataplex-datascan module

* align factory in billing-account module

* align factory in net-firewall-policy module

* align factory in dns-response-policy module

* align factory in net-vpc-firewall module

* align factory in net-vpc module

* align factory variable names in FAST

* remove decentralized firewall blueprint

* bump terraform version

* bump module versions

* update top-level READMEs

* move project factory to modules

* fix variable names and tests

* tfdoc

* remove changelog link

* add project factory to top-level README

* fix cludrun eventarc diff

* fix README

* fix cludrun eventarc diff

---------

Co-authored-by: Simone Ruffilli <sruffilli@google.com>
 		2024-02-26 10:16:52 +00:00
..
.gitignore Refactor the onprem module (#55) 2020-04-06 16:27:13 +02:00
README.md Enforce terraform fmt in examples 2022-12-18 14:00:19 +01:00
cloud-config.yaml versions.tf maintenance + copyright notice bump (#1782) 2023-10-20 18:17:47 +02:00
main.tf Replace Docker's `gcplogs` driver with the GCP COS logging agent (#977) 2022-11-15 13:19:52 +01:00
outputs.tf Copyright bump (#410) 2022-01-01 15:52:31 +01:00
variables.tf Replace Docker's `gcplogs` driver with the GCP COS logging agent (#977) 2022-11-15 13:19:52 +01:00
versions.tf Factories refactor (#1843) 2024-02-26 10:16:52 +00:00

README.md

Containerized MySQL on Container Optimized OS

This module manages a cloud-config configuration that starts a containerized MySQL service on Container Optimized OS, using the official image.

The resulting cloud-config can be customized in a number of ways:

  • a custom MySQL configuration can be set using the mysql_config variable
  • the container image can be changed via the image variable
  • a data disk can be specified via the mysql_data_disk variable, the configuration will optionally format and mount it for container use
  • a KMS encrypted root password can be passed to the container image, and decrypted at runtime on the instance using the attributes in the kms_config variable
  • a completely custom cloud-config can be passed in via the cloud_config variable, and additional template variables can be passed in via config_variables

The default instance configuration inserts a sngle iptables rule to allow traffic on the default MySQL port.

Logging and monitoring are enabled via the Google Cloud Logging agent configured for the instance via the google-logging-enabled metadata property, and the Node Problem Detector service started by default on boot.

The module renders the generated cloud config in the cloud_config output, to be used in instances or instance templates via the user-data metadata.

For convenience during development or for simple use cases, the module can optionally manage a single instance via the test_instance variable. Please note that an f1-micro instance is too small to run MySQL. If the instance is not needed the instance*tf files can be safely removed. Refer to the top-level README for more details on the included instance.

Examples

Default MySQL configuration

This example will create a cloud-config that uses the container's default configuration, and a plaintext password for the MySQL root user.

module "cos-mysql" {
  source         = "./fabric/modules/cloud-config-container/mysql"
  mysql_password = "foo"
}

module "vm" {
  source     = "./fabric/modules/compute-vm"
  project_id = "my-project"
  zone       = "europe-west8-b"
  name       = "cos-mysql"
  network_interfaces = [{
    network    = "default"
    subnetwork = "gce"
  }]
  metadata = {
    user-data              = module.cos-mysql.cloud_config
    google-logging-enabled = true
  }
  boot_disk = {
    image = "projects/cos-cloud/global/images/family/cos-stable"
    type  = "pd-ssd"
    size  = 10
  }
  tags = ["mysql", "ssh"]
}
# tftest modules=1 resources=1

Custom MySQL configuration and KMS encrypted password

This example will create a cloud-config that uses a custom MySQL configuration, and passes in an encrypted password and the KMS attributes required to decrypt it. Please note that the instance service account needs the roles/cloudkms.cryptoKeyDecrypter on the specified KMS key.

module "cos-mysql" {
  source         = "./fabric/modules/cloud-config-container/mysql"
  mysql_config   = "./my.cnf"
  mysql_password = "CiQAsd7WY=="
  kms_config = {
    project_id = "my-project"
    keyring    = "test-cos"
    location   = "europe-west1"
    key        = "mysql"
  }
}
# tftest modules=0 resources=0

Variables

name description type required default
mysql_password MySQL root password. If an encrypted password is set, use the kms_config variable to specify KMS configuration. string
cloud_config Cloud config template path. If null default will be used. string null
config_variables Additional variables used to render the cloud-config template. map(any) {}
image MySQL container image. string "mysql:5.7"
kms_config Optional KMS configuration to decrypt passed-in password. Leave null if a plaintext password is used. object({…}) null
mysql_config MySQL configuration file content, if null container default will be used. string null
mysql_data_disk MySQL data disk name in /dev/disk/by-id/ including the google- prefix. If null the boot disk will be used for data. string null

Outputs

name description sensitive
cloud_config Rendered cloud-config file to be passed as user-data instance metadata.