/terraform-yc-mysql

Primary LanguageHCLMIT LicenseMIT

Yandex Cloud Managed MySQL Cluster

Features

  • Create a Managed MySQL cluster with predefined number of DB hosts
  • Create a list of users and databases with permissions
  • Easy to use in other resources via outputs

MySQL cluster definition

At first you need to create VPC network with three subnets!

MySQL module requires a following input variables:

  • VPC network id
  • VPC network subnets ids
  • MySQL hosts definitions - a list of maps with DB host name, zone name and subnet id.
  • Databases - a list of databases with database name
  • Users - a list users with a list of grants to databases.

Notes:

  1. users variable defines a list of separate db users with a permissions list, which indicates to a list of databases and grants for each of them. Default grant is the "ALL_PRIVILEGES". The user may also have global_permissions without any database permissions.
  2. Database mysql_config parameter might be null, in this case default values will be used.

Example

See examples section

Configure Terraform for Yandex Cloud

  • Install YC CLI
  • Add environment variables for terraform auth in Yandex.Cloud
export YC_TOKEN=$(yc iam create-token)
export YC_CLOUD_ID=$(yc config get cloud-id)
export YC_FOLDER_ID=$(yc config get folder-id)
export TF_VAR_network_id=_vpc id here_

Requirements

Name Version
terraform >= 1.0.0
random > 3.3
yandex > 0.8

Providers

Name Version
random 3.5.1
yandex 0.89.0

Modules

No modules.

Resources

Name Type
random_password.password resource
yandex_mdb_mysql_cluster.this resource
yandex_mdb_mysql_database.database resource
yandex_mdb_mysql_user.user resource
yandex_client_config.client data source

Inputs

Name Description Type Default Required
access_policy Access policy from other services to the MySQL cluster.
object({
data_lens = optional(bool, null)
web_sql = optional(bool, null)
data_transfer = optional(bool, null)
})
{} no
backup_retain_period_days (Optional) The period in days during which backups are stored. number null no
backup_window_start (Optional) Time to start the daily backup, in the UTC timezone.
object({
hours = string
minutes = optional(string, "00")
})
null no
databases A list of MySQL databases.

Required values:
- name - The name of the database.
list(object({
name = string
}))
[] no
deletion_protection Inhibits deletion of the cluster. bool false no
description MySQL cluster description string "Managed MySQL cluster" no
disk_size Disk size for hosts number 20 no
disk_type Disk type for hosts string "network-ssd" no
environment Environment type: PRODUCTION or PRESTABLE string "PRODUCTION" no
folder_id Folder id that contains the MySQL cluster string null no
hosts_definition A list of MySQL hosts.
list(object({
name = optional(string, null)
zone = string
subnet_id = optional(string, null)
assign_public_ip = optional(bool, false)
replication_source_name = optional(string, null)
priority = optional(number, null)
backup_priority = optional(number, null)
}))
[] no
labels A set of label pairs to assing to the MySQL cluster. map(any) {} no
maintenance_window (Optional) Maintenance policy of the MySQL cluster.
- type - (Required) Type of maintenance window. Can be either ANYTIME or WEEKLY. A day and hour of window need to be specified with weekly window.
- day - (Optional) Day of the week (in DDD format). Allowed values: "MON", "TUE", "WED", "THU", "FRI", "SAT", "SUN"
- hour - (Optional) Hour of the day in UTC (in HH format). Allowed value is between 0 and 23.
object({
type = string
day = optional(string, null)
hour = optional(string, null)
})
{
"type": "ANYTIME"
}
no
mysql_config A map of MySQL cluster configuration.
Details info in a 'MySQL cluster settings' of official documentation.
Link: https://registry.terraform.io/providers/yandex-cloud/yandex/latest/docs/resources/mdb_mysql_cluster#mysql-config
map(any) null no
mysql_version MySQL version string "8.0" no
name Name of MySQL cluster string "mysql-cluster" no
network_id MySQL cluster network id string n/a yes
performance_diagnostics (Optional) MySQL cluster performance diagnostics settings.
object({
enabled = optional(bool, null)
sessions_sampling_interval = optional(number, 60)
statements_sampling_interval = optional(number, 600)
})
{} no
resource_preset_id Preset for hosts string "s2.micro" no
restore_parameters The cluster will be created from the specified backup.
NOTES:
- backup_id must be specified to create a new MySQL cluster from a backup.
- Time format is 'yyyy-mm-ddThh:mi:ss', where T is a delimeter, e.g. "2022-02-22T11:33:44".
object({
backup_id = string
time = optional(string, null)
})
null no
security_groups_ids_list A list of security group IDs to which the MySQL cluster belongs list(string) [] no
users This is a list for additional MySQL users with own permissions.

Required values:
- name - The name of the user.
- password - (Optional) The user's password. If it's omitted a random password will be generated
- authentication_plugin - (Optional) User authn method. The default value could be set
via the 'mysql_config.default_authentication_plugin' variable.
- global_permissions - (Optional) A list of the user's global_permissions. Default empty.
- connection_limits - (Optional) The object with user connection limits
{ max_questions_per_hour, max_updates_per_hour, max_connections_per_hour,
max_user_connections }. Default unlimited.
- permissions - (Optional) A list of objects { databases_name, grants[] } for an access.
'roles' is a optional list of permissions, the default values is ["ALL"]
list(object({
name = string
password = optional(string, null)
authentication_plugin = optional(string, null)
global_permissions = optional(list(string), [])
connection_limits = optional(object({
max_questions_per_hour = optional(number, -1)
max_updates_per_hour = optional(number, -1)
max_connections_per_hour = optional(number, -1)
max_user_connections = optional(number, -1)
}), null)
permissions = optional(list(object({
database_name = string
roles = optional(list(string), ["ALL"])
})), [])
}))
[] no

Outputs

Name Description
cluster_fqdns_list MySQL cluster nodes FQDN list
cluster_host_names_list MySQL cluster host name
cluster_id MySQL cluster ID
cluster_name MySQL cluster name
connection_step_1 1 step - Install certificate
connection_step_2 How connect to MySQL cluster?

1. Install certificate

mkdir --parents ~/.mysql && \
curl -fsL 'https://storage.yandexcloud.net/cloud-certs/CA.pem' -o ~/.mysql/root.crt && \
chmod 0600 ~/.mysql/root.crt

2. Run connection string from the output value, for example

mysql --host=rc1a-ud9hj90vwqkw05js.mdb.yandexcloud.net \
--port=3306 \
--ssl-ca=~/.mysql/root.crt \
--ssl-mode=VERIFY_IDENTITY \
--user=test1-owner \
--password \
test1
databases A list of databases names.
users_data A list of users with passwords.