feat(TPG>=5.12)!: Add option to create and failover a replica instanc…

…e in Postgresql and MsSQL sub-module (#582)
terraform-google-modules · Mar 8, 2024 · 141e54a · 141e54a
1 parent fe974d2
commit 141e54a
Show file tree

Hide file tree

Showing 29 changed files with 1,550 additions and 144 deletions.
diff --git a/README.md b/README.md
@@ -10,22 +10,19 @@ This module consists of the following submodules:
 See more details in each module's README.
 
 ## Compatibility
-This module is meant for use with Terraform 0.13+ and tested using Terraform 1.0+.
-If you find incompatibilities using Terraform `>=0.13`, please open an issue.
-
-If you haven't [upgraded](https://www.terraform.io/upgrade-guides/0-13.html) and need a Terraform
-0.12.x-compatible version of this module, the last released version
-intended for Terraform 0.12.x is [v5.0.0](https://registry.terraform.io/modules/GoogleCloudPlatform/sql-db/google/5.0.0).
+This module is meant for use with Terraform 1.3+ and tested using Terraform 1.6+.
+If you find incompatibilities using Terraform `>=1.13`, please open an issue.
 
 ## Upgrading
 
-The current version is 13.X. The following guides are available to assist with upgrades:
+The current version is 20.X. The following guides are available to assist with upgrades:
 
 - [1.X -> 2.0](./docs/upgrading_to_sql_db_2.0.0.md)
 - [2.X -> 3.0](./docs/upgrading_to_sql_db_3.0.0.md)
 - [3.X -> 4.0](./docs/upgrading_to_sql_db_4.0.0.md)
 - [10.X -> 11.0](./docs/upgrading_to_sql_db_11.0.0.md)
 - [11.X -> 12.0](./docs/upgrading_to_sql_db_12.0.0.md)
+- [19.X -> 20.0](./docs/upgrading_to_sql_db_20.0.0.md)
 
 ## Root module
 
@@ -36,11 +33,8 @@ The root module has been deprecated. Please switch to using one of the submodule
 ### Installation Dependencies
 
 - [Terraform](https://www.terraform.io/downloads.html) >= 1.3.0
-- [terraform-provider-google](https://github.com/terraform-providers/terraform-provider-google) plugin >= v4.45.0
-
-The following dependency must be available for SQL Server module:
-
-- [Terraform Provider Beta for GCP](https://github.com/terraform-providers/terraform-provider-google-beta) plugin >= v4.45.0
+- [terraform-provider-google](https://github.com/terraform-providers/terraform-provider-google) plugin v5.12+
+- [Terraform Provider Beta for GCP](https://github.com/terraform-providers/terraform-provider-google-beta) plugin v5.12+
 
 ### Configure a Service Account
 
@@ -85,7 +79,7 @@ For MySQL :
 ```
 module "sql-db" {
   source  = "GoogleCloudPlatform/sql-db/google//modules/mysql"
-  version = "8.0.0"
+  version = "~> 20.0"
 }
 ```
 
@@ -94,7 +88,7 @@ or for PostgreSQL :
 ```
 module "sql-db" {
   source  = "GoogleCloudPlatform/sql-db/google//modules/postgresql"
-  version = "8.0.0"
+  version = "~> 20.0"
 }
 ```
 
@@ -103,7 +97,7 @@ or for MSSQL Server :
 ```
 module "sql-db" {
   source  = "GoogleCloudPlatform/sql-db/google//modules/mssql"
-  version = "8.0.0"
+  version = "~> 20.0"
 }
 ```
 

diff --git a/build/int.cloudbuild.yaml b/build/int.cloudbuild.yaml
@@ -39,6 +39,36 @@ steps:
     name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
     args: ['/bin/bash', '-c', 'cft test run all --stage init --verbose']
 
+  - id: apply postgresql-cross-region-failover
+    waitFor: ["init-all", "wait for api activation"]
+    name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+    args: ['/bin/bash', '-c', 'cft test run TestPostgreSqlCrossRegionFailover --stage apply --verbose']
+  - id: verify postgresql-cross-region-failover
+    waitFor:
+      - apply postgresql-cross-region-failover
+    name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+    args: ['/bin/bash', '-c', 'cft test run TestPostgreSqlCrossRegionFailover --stage verify --verbose']
+  - id: teardown postgresql-cross-region-failover
+    waitFor:
+      - verify postgresql-cross-region-failover
+    name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+    args: ['/bin/bash', '-c', 'cft test run TestPostgreSqlCrossRegionFailover --stage teardown --verbose']
+
+  - id: apply mssql-failover-replica
+    waitFor: ["init-all", "wait for api activation"]
+    name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+    args: ['/bin/bash', '-c', 'cft test run TestMsSqlFailoverReplica --stage apply --verbose']
+  - id: verify mssql-failover-replica
+    waitFor:
+      - apply mssql-failover-replica
+    name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+    args: ['/bin/bash', '-c', 'cft test run TestMsSqlFailoverReplica --stage verify --verbose']
+  - id: teardown mssql-failover-replica
+    waitFor:
+      - verify mssql-failover-replica
+    name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
+    args: ['/bin/bash', '-c', 'cft test run TestMsSqlFailoverReplica --stage teardown --verbose']
+
   - id: apply mssql-ha-local
     waitFor: ["init-all", "wait for api activation"]
     name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'

diff --git a/docs/upgrading_to_sql_db_20.0.0.md b/docs/upgrading_to_sql_db_20.0.0.md
@@ -0,0 +1,10 @@
+# Upgrading to SQL DB 20.0.0
+
+The 20.0.0 release of SQL DB is a backward incompatible release.
+
+This update requires upgrading the minimum provider version `5.12` and minimum Terraform version `1.3`
+
+
+In `mysql` and `postgresql` sub-module output `instance_server_ca_cert` and `replicas_instance_server_ca_certs` are also marked as `sensitive`
+
+In `mysql` and `postgresql` sub-module default value for `zone` is changed from `"us-central1-a"` to `null`
diff --git a/examples/mssql-failover-replica/README.md b/examples/mssql-failover-replica/README.md
@@ -0,0 +1,104 @@
+# CloudSql MS SQL Server database Example with failover replication
+
+This example shows how create private MS SQL Server database with cross region failover replica using the Terraform module. You can promote failover replica without losing state file sync.
+
+- Set `enable_default_db` and `enable_default_user` to `null`
+- Dont set `additional_databases`, `user_name`, `user_password` and `additional_users`
+- `availability_type` in all replica should be set to `ZONAL`
+
+## Run Terraform
+
+```
+terraform init
+terraform plan
+terraform apply
+```
+
+## Failover to Instance 2
+
+Promote instance 2 as primary and change instance 1 as failover replica
+
+1) remove  `master_instance_name` from instance 2 and Execute `terraform apply`
+
+```diff
+module "mssql2" {
+  source  = "terraform-google-modules/sql-db/google//modules/mssql"
+  version = "~> 20.0"
+
+-  master_instance_name = module.mssql1.instance_name
+
+...
+}
+```
+
+2) Remove instance 1 by removing instance 1 code and Execute `terraform apply`
+
+```diff
+- module "mssql1" {
+-   source  = "terraform-google-modules/sql-db/google//modules/mssql"
+-   version = "~> 20.0"
+-   region = local.region_1
+-   name                 = "tf-mssql-public-1"
+-   random_instance_name = true
+-   project_id           = var.project_id
+- ...
+- }
+- output "instance_name1" {
+-   description = "The name for Cloud SQL instance"
+-   value       = module.mssql1.instance_name
+- }
+- output "mssql_connection" {
+-   value       = module.mssql1.instance_connection_name
+-   description = "The connection name of the master instance to be used in connection strings"
+- }
+- output "public_ip_address" {
+-   value       = module.mssql1.instance_first_ip_address
+-   description = "Public ip address"
+- }
+```
+
+3) Create instance 1 as failover replica by adding instance 1 code with following additional line and Execute `terraform apply`
+
+```diff
+module "mssql1" {
+  source  = "terraform-google-modules/sql-db/google//modules/mssql"
+  version = "~> 20.0"
+
++ master_instance_name = module.mssql2.instance_name
+
+...
+
+}
+```
+
+
+## Cleanup
+
+To remove all resources created by terraform:
+
+```bash
+terraform destroy
+```
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| network\_name | The ID of the network in which to provision resources. | `string` | `"test-mssql-failover"` | no |
+| project\_id | The project to run tests against | `string` | n/a | yes |
+| sql\_server\_audit\_config | SQL server audit config settings. | `map(string)` | `{}` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| instance\_name1 | The name for Cloud SQL instance |
+| instance\_name2 | The name for Cloud SQL instance 2 |
+| master\_instance\_name2 | n/a |
+| mssql\_connection | The connection name of the master instance to be used in connection strings |
+| project\_id | n/a |
+| public\_ip\_address | Public ip address |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
diff --git a/examples/mssql-failover-replica/main.tf b/examples/mssql-failover-replica/main.tf
@@ -0,0 +1,87 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+locals {
+  region_1 = "us-central1"
+  region_2 = "us-east1"
+}
+
+# Instance 1
+
+module "mssql1" {
+  source  = "terraform-google-modules/sql-db/google//modules/mssql"
+  version = "~> 20.0"
+
+  region = local.region_1
+
+  name                 = "tf-mssql-public-1"
+  random_instance_name = true
+  project_id           = var.project_id
+
+  database_version = "SQLSERVER_2022_ENTERPRISE"
+
+  deletion_protection = false
+
+  tier = "db-custom-10-65536"
+
+  ip_configuration = {
+    ipv4_enabled    = false
+    private_network = google_compute_network.default.self_link
+  }
+
+  sql_server_audit_config = var.sql_server_audit_config
+  enable_default_db       = false
+  enable_default_user     = false
+
+  depends_on = [
+    google_service_networking_connection.vpc_connection,
+  ]
+}
+
+# instance 2
+
+module "mssql2" {
+  source  = "terraform-google-modules/sql-db/google//modules/mssql"
+  version = "~> 20.0"
+
+  master_instance_name = module.mssql1.instance_name
+
+  region = local.region_2
+
+  name                 = "tf-mssql-public-2"
+  random_instance_name = true
+  project_id           = var.project_id
+
+  database_version = "SQLSERVER_2022_ENTERPRISE"
+
+  deletion_protection = false
+
+  tier = "db-custom-10-65536"
+
+  ip_configuration = {
+    ipv4_enabled    = false
+    private_network = google_compute_network.default.self_link
+  }
+
+  sql_server_audit_config = var.sql_server_audit_config
+  enable_default_db       = false
+  enable_default_user     = false
+
+  depends_on = [
+    google_service_networking_connection.vpc_connection,
+  ]
+}
diff --git a/examples/mssql-failover-replica/network.tf b/examples/mssql-failover-replica/network.tf
@@ -0,0 +1,68 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+
+# Create Network with a subnetwork and private service access for both netapp.servicenetworking.goog and servicenetworking.googleapis.com
+
+resource "google_compute_network" "default" {
+  name                    = var.network_name
+  project                 = var.project_id
+  auto_create_subnetworks = false
+  description             = "test network"
+}
+
+resource "google_compute_subnetwork" "subnetwork1" {
+  name                     = "subnet-${local.region_1}-mssql"
+  ip_cidr_range            = "10.0.0.0/24"
+  region                   = local.region_1
+  project                  = var.project_id
+  network                  = google_compute_network.default.self_link
+  private_ip_google_access = true
+}
+
+resource "google_compute_subnetwork" "subnetwork_2" {
+  name                     = "subnet-${local.region_2}-mssql"
+  ip_cidr_range            = "10.0.1.0/24"
+  region                   = local.region_2
+  project                  = var.project_id
+  network                  = google_compute_network.default.self_link
+  private_ip_google_access = true
+}
+
+
+resource "google_compute_global_address" "private_ip_alloc" {
+  project       = var.project_id
+  name          = "psa-mssql"
+  address_type  = "INTERNAL"
+  purpose       = "VPC_PEERING"
+  address       = "10.10.0.0"
+  prefix_length = 16
+  network       = google_compute_network.default.id
+}
+
+resource "google_service_networking_connection" "vpc_connection" {
+  network = google_compute_network.default.id
+  service = "servicenetworking.googleapis.com"
+  reserved_peering_ranges = [
+    google_compute_global_address.private_ip_alloc.name,
+  ]
+  deletion_policy = "ABANDON"
+
+  depends_on = [
+    google_compute_subnetwork.subnetwork1,
+    google_compute_subnetwork.subnetwork_2
+  ]
+}