5.0 KiB
Containerized MySQL on Container Optimized OS
This module manages a cloud-config configuration that starts a containerized MySQL service on Container Optimized OS, using the official image.
The resulting cloud-config can be customized in a number of ways:
- a custom MySQL configuration can be set using the
mysql_configvariable - the container image can be changed via the
imagevariable - a data disk can be specified via the
mysql_data_diskvariable, the configuration will optionally format and mount it for container use - a KMS encrypted root password can be passed to the container image, and decrypted at runtime on the instance using the attributes in the
kms_configvariable - a completely custom
cloud-configcan be passed in via thecloud_configvariable, and additional template variables can be passed in viaconfig_variables
The default instance configuration inserts a sngle iptables rule to allow traffic on the default MySQL port.
Logging and monitoring are enabled via the Google Cloud Logging agent configured for the instance via the google-logging-enabled metadata property, and the Node Problem Detector service started by default on boot.
The module renders the generated cloud config in the cloud_config output, to be used in instances or instance templates via the user-data metadata.
For convenience during development or for simple use cases, the module can optionally manage a single instance via the test_instance variable. Please note that an f1-micro instance is too small to run MySQL. If the instance is not needed the instance*tf files can be safely removed. Refer to the top-level README for more details on the included instance.
Examples
Default MySQL configuration
This example will create a cloud-config that uses the container's default configuration, and a plaintext password for the MySQL root user.
module "cos-mysql" {
source = "./fabric/modules/cloud-config-container/mysql"
mysql_password = "foo"
}
module "vm" {
source = "./fabric/modules/compute-vm"
project_id = "my-project"
zone = "europe-west8-b"
name = "cos-mysql"
network_interfaces = [{
network = "default"
subnetwork = "gce"
}]
metadata = {
user-data = module.cos-mysql.cloud_config
google-logging-enabled = true
}
boot_disk = {
image = "projects/cos-cloud/global/images/family/cos-stable"
type = "pd-ssd"
size = 10
}
tags = ["mysql", "ssh"]
}
# tftest modules=1 resources=1
Custom MySQL configuration and KMS encrypted password
This example will create a cloud-config that uses a custom MySQL configuration, and passes in an encrypted password and the KMS attributes required to decrypt it. Please note that the instance service account needs the roles/cloudkms.cryptoKeyDecrypter on the specified KMS key.
module "cos-mysql" {
source = "./fabric/modules/cloud-config-container/mysql"
mysql_config = "./my.cnf"
mysql_password = "CiQAsd7WY=="
kms_config = {
project_id = "my-project"
keyring = "test-cos"
location = "europe-west1"
key = "mysql"
}
}
# tftest modules=0 resources=0
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| mysql_password | MySQL root password. If an encrypted password is set, use the kms_config variable to specify KMS configuration. | string |
✓ | |
| cloud_config | Cloud config template path. If null default will be used. | string |
null |
|
| config_variables | Additional variables used to render the cloud-config template. | map(any) |
{} |
|
| image | MySQL container image. | string |
"mysql:5.7" |
|
| kms_config | Optional KMS configuration to decrypt passed-in password. Leave null if a plaintext password is used. | object({…}) |
null |
|
| mysql_config | MySQL configuration file content, if null container default will be used. | string |
null |
|
| mysql_data_disk | MySQL data disk name in /dev/disk/by-id/ including the google- prefix. If null the boot disk will be used for data. | string |
null |
Outputs
| name | description | sensitive |
|---|---|---|
| cloud_config | Rendered cloud-config file to be passed as user-data instance metadata. |