使用 terraform 创建数据库实例
creating db instance using terraform
我正在尝试创建 RDS,它只能在 Intranet(又名某些私有子网)中运行。对它的访问将只提供给应用程序。
我在单独的 terraform 文件中创建了 vpc 配置 link
该文件包含vpc配置,routes,nat等。
resource "aws_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags {
Environment = "Dev"
}
}
resource "aws_subnet" "intranet" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "10.0.1.0/24"
availability_zone = "eu-central-1a"
tags {
Name = "Intranet"
Environemnt = "Dev"
}
}
....
resource "aws_route_table_association" "intranet" {
subnet_id = "${aws_subnet.intranet.id}"
route_table_id = "${aws_route_table.intranet_routetable.id}"
}
对于我的 RDS 配置,我创建了一个具有相似内容的单独 terraform 文件
terraform {
backend "s3" {
bucket = "s3-terraform-state-backend"
region = "eu-central-1"
key = "common/terraform.tfstate"
}
}
provider "aws" {
region = "eu-central-1"
}
resource "aws_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags {
Environment = "Dev"
}
}
resource "aws_subnet" "intranet" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "10.0.1.0/24"
availability_zone = "eu-central-1a"
tags {
Name = "Intranet"
Environemnt = "Dev"
}
}
# should contain configuration for common components (rds, sqs etc.)
resource "aws_db_subnet_group" "db_subnet" {
name = "intranet"
subnet_ids = ["${aws_subnet.intranet.id}"]
}
resource "aws_db_instance" "core" {
name = "gj-core-db"
engine = "postgres"
allocated_storage = 10
storage_type = "gp2"
instance_class = "db.t2.micro"
db_subnet_group_name = "${aws_db_subnet_group.db_subnet.name}"
}
基本上我从另一个文件复制了 subnet 和 vpc 配置(因为我在这里也需要它)。文件本身在这里 link
当我尝试 apply 配置时出现错误
* aws_db_subnet_group.db_subnet: Error creating DB Subnet Group: DBSubnetGroupDoesNotCoverEnoughAZs: DB Subnet Group doesn't meet availability zone coverage requirement
. Please add subnets to cover at least 2 availability zones. Current coverage: 1
status code: 400, request id: 44e37b59-1db1-4519-847f-d35f5d150592
我只有一个子网。问题是什么?我应该创建更多子网吗?或者让这个 intranet 子网覆盖更多区域?
一个子网不能跨越多个可用区。您应该创建多个子网并将它们分配给您正在创建的子网组。这是为了保证HA。如果您配置多 AZ RDS 数据库实例并且您的主数据库发生故障,RDS 将确保您的数据库移动到不同的 AZ(具有相同的端点)。
对于子网组,AWS 强制要求每个子网组都应具有分布在多个可用区的子网。可以找到更多详细信息 here。
以下是 AWS 文档中的相关部分。
Each DB subnet group should have subnets in at least two Availability Zones in a given region. When creating a DB instance in VPC, you must select a DB subnet group. Amazon RDS uses that DB subnet group and your preferred Availability Zone to select a subnet and an IP address within that subnet to associate with your DB instance. If the primary DB instance of a Multi-AZ deployment fails, Amazon RDS can promote the corresponding standby and subsequently create a new standby using an IP address of the subnet in one of the other Availability Zones
我也陷入了同样的境地 problem/question,尽管接受的答案感觉正确,但我想增加它来回答@Davos 评论中的以下问题:
“如果您正在测试/开发并想要一个 single-AZ RDS,RDS 仍然需要一个子网组(并且所有子网组都有多个 AZ),即使它只使用一个 AZ?”
是的,确实如此。这似乎是一个准备,以防将来你想将 RDS 转换为 Multi-AZ。
可以找到更多详细信息here(检查“第 3 步”)
我正在尝试创建 RDS,它只能在 Intranet(又名某些私有子网)中运行。对它的访问将只提供给应用程序。
我在单独的 terraform 文件中创建了 vpc 配置 link
该文件包含vpc配置,routes,nat等。
resource "aws_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags {
Environment = "Dev"
}
}
resource "aws_subnet" "intranet" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "10.0.1.0/24"
availability_zone = "eu-central-1a"
tags {
Name = "Intranet"
Environemnt = "Dev"
}
}
....
resource "aws_route_table_association" "intranet" {
subnet_id = "${aws_subnet.intranet.id}"
route_table_id = "${aws_route_table.intranet_routetable.id}"
}
对于我的 RDS 配置,我创建了一个具有相似内容的单独 terraform 文件
terraform {
backend "s3" {
bucket = "s3-terraform-state-backend"
region = "eu-central-1"
key = "common/terraform.tfstate"
}
}
provider "aws" {
region = "eu-central-1"
}
resource "aws_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
tags {
Environment = "Dev"
}
}
resource "aws_subnet" "intranet" {
vpc_id = "${aws_vpc.vpc.id}"
cidr_block = "10.0.1.0/24"
availability_zone = "eu-central-1a"
tags {
Name = "Intranet"
Environemnt = "Dev"
}
}
# should contain configuration for common components (rds, sqs etc.)
resource "aws_db_subnet_group" "db_subnet" {
name = "intranet"
subnet_ids = ["${aws_subnet.intranet.id}"]
}
resource "aws_db_instance" "core" {
name = "gj-core-db"
engine = "postgres"
allocated_storage = 10
storage_type = "gp2"
instance_class = "db.t2.micro"
db_subnet_group_name = "${aws_db_subnet_group.db_subnet.name}"
}
基本上我从另一个文件复制了 subnet 和 vpc 配置(因为我在这里也需要它)。文件本身在这里 link
当我尝试 apply 配置时出现错误
* aws_db_subnet_group.db_subnet: Error creating DB Subnet Group: DBSubnetGroupDoesNotCoverEnoughAZs: DB Subnet Group doesn't meet availability zone coverage requirement
. Please add subnets to cover at least 2 availability zones. Current coverage: 1
status code: 400, request id: 44e37b59-1db1-4519-847f-d35f5d150592
我只有一个子网。问题是什么?我应该创建更多子网吗?或者让这个 intranet 子网覆盖更多区域?
一个子网不能跨越多个可用区。您应该创建多个子网并将它们分配给您正在创建的子网组。这是为了保证HA。如果您配置多 AZ RDS 数据库实例并且您的主数据库发生故障,RDS 将确保您的数据库移动到不同的 AZ(具有相同的端点)。
对于子网组,AWS 强制要求每个子网组都应具有分布在多个可用区的子网。可以找到更多详细信息 here。
以下是 AWS 文档中的相关部分。
Each DB subnet group should have subnets in at least two Availability Zones in a given region. When creating a DB instance in VPC, you must select a DB subnet group. Amazon RDS uses that DB subnet group and your preferred Availability Zone to select a subnet and an IP address within that subnet to associate with your DB instance. If the primary DB instance of a Multi-AZ deployment fails, Amazon RDS can promote the corresponding standby and subsequently create a new standby using an IP address of the subnet in one of the other Availability Zones
我也陷入了同样的境地 problem/question,尽管接受的答案感觉正确,但我想增加它来回答@Davos 评论中的以下问题:
“如果您正在测试/开发并想要一个 single-AZ RDS,RDS 仍然需要一个子网组(并且所有子网组都有多个 AZ),即使它只使用一个 AZ?”
是的,确实如此。这似乎是一个准备,以防将来你想将 RDS 转换为 Multi-AZ。
可以找到更多详细信息here(检查“第 3 步”)