brunch

You can make anything
by writing

C.S.Lewis

by Master Seo Aug 06. 2023

4. GCP-테라폼-Cloud SQL

<1> 환경설정

<2> Cloud SQL



<1> 환경설정


1

gcloud auth list


2

gcloud config list project




<2> Cloud SQL



1

cat main.tf


$ more *.tf

::::::::::::::

main.tf

::::::::::::::

 provider "google" {

  version = "~> 2.13"

}

provider "google-beta" {

  version = "~> 2.13"

}

provider "random" {

  version = "~> 2.2"

}

resource "random_id" "name" {

  byte_length = 2

}

resource "google_sql_database_instance" "master" {

  name                 = "example-mysql-${random_id.name.hex}"

  project              = var.project

  region               = var.region

  database_version     = var.database_version

  master_instance_name = var.master_instance_name

  settings {

    tier                        = var.tier

    activation_policy           = var.activation_policy

    authorized_gae_applications = var.authorized_gae_applications

    disk_autoresize             = var.disk_autoresize

    dynamic "backup_configuration" {

      for_each = [var.backup_configuration]

      content {

        binary_log_enabled = lookup(backup_configuration.value, "binary_log_enabled", null)

        enabled            = lookup(backup_configuration.value, "enabled", null)

        start_time         = lookup(backup_configuration.value, "start_time", null)

      }

    }

    dynamic "ip_configuration" {

      for_each = [var.ip_configuration]

      content {

        ipv4_enabled    = lookup(ip_configuration.value, "ipv4_enabled", true)

        private_network = lookup(ip_configuration.value, "private_network", null)

        require_ssl     = lookup(ip_configuration.value, "require_ssl", null)

        dynamic "authorized_networks" {

          for_each = lookup(ip_configuration.value, "authorized_networks", [])

          content {

            expiration_time = lookup(authorized_networks.value, "expiration_time", null)

            name            = lookup(authorized_networks.value, "name", null)

            value           = lookup(authorized_networks.value, "value", null)

          }

        }

      }

    }

    dynamic "location_preference" {

      for_each = [var.location_preference]

      content {

        follow_gae_application = lookup(location_preference.value, "follow_gae_application", null)

        zone                   = lookup(location_preference.value, "zone", null)

      }

    }

    dynamic "maintenance_window" {

      for_each = [var.maintenance_window]

      content {

        day          = lookup(maintenance_window.value, "day", null)

        hour         = lookup(maintenance_window.value, "hour", null)

        update_track = lookup(maintenance_window.value, "update_track", null)

      }

    }

    disk_size        = var.disk_size

    disk_type        = var.disk_type

    pricing_plan     = var.pricing_plan

    replication_type = var.replication_type

    availability_type = var.availability_type

  }

  dynamic "replica_configuration" {

    for_each = [var.replica_configuration]

    content {

      ca_certificate            = lookup(replica_configuration.value, "ca_certificate", null)

      client_certificate        = lookup(replica_configuration.value, "client_certificate", null)

      client_key                = lookup(replica_configuration.value, "client_key", null)

      connect_retry_interval    = lookup(replica_configuration.value, "connect_retry_interval", null)

      dump_file_path            = lookup(replica_configuration.value, "dump_file_path", null)

      failover_target           = lookup(replica_configuration.value, "failover_target", null)

      master_heartbeat_period   = lookup(replica_configuration.value, "master_heartbeat_period", null)

      password                  = lookup(replica_configuration.value, "password", null)

      ssl_cipher                = lookup(replica_configuration.value, "ssl_cipher", null)

      username                  = lookup(replica_configuration.value, "username", null)

      verify_server_certificate = lookup(replica_configuration.value, "verify_server_certificate", null)

    }

  }

  timeouts {

    create = "60m"

    delete = "2h"

  }

}

resource "google_sql_database" "default" {

  count     = var.master_instance_name == "" ? 1 : 0

  name      = var.db_name

  project   = var.project

  instance  = google_sql_database_instance.master.name

  charset   = var.db_charset

  collation = var.db_collation

}

resource "random_id" "user-password" {

  byte_length = 8

}

resource "google_sql_user" "default" {

  count    = var.master_instance_name == "" ? 1 : 0

  name     = var.user_name

  project  = var.project

  instance = google_sql_database_instance.master.name

  host     = var.user_host

  password = var.user_password == "" ? random_id.user-password.hex : var.user_password

}





::::::::::::::

outputs.tf

::::::::::::::

output "instance_name" {

  description = "The name of the database instance"

  value       = google_sql_database_instance.master.name

}

output "instance_address" {

  description = "The IPv4 address of the master database instnace"

  value       = google_sql_database_instance.master.ip_address.0.ip_address

}

output "instance_address_time_to_retire" {

  description = "The time the master instance IP address will be retired. RFC 3339 format."

  value       = google_sql_database_instance.master.ip_address.0.time_to_retire

}

output "self_link" {

  description = "Self link to the master instance"

  value       = google_sql_database_instance.master.self_link

}

output "generated_user_password" {

  description = "The auto generated default user password if no input password was provided"

  value       = random_id.user-password.hex

  sensitive   = true

}




::::::::::::::

variables.tf

::::::::::::::

variable "project" {

  description = "The project to deploy to, if not set the default provider project is used."

  default     = ""

}

variable "region" {

  description = "Region for cloud resources"

  default     = "us-central1"

}

variable "database_version" {

  description = "The version of of the database. For example, `MYSQL_5_6` or `POSTGRES_9_6`."

  default     = "MYSQL_5_6"

}

variable "master_instance_name" {

  description = "The name of the master instance to replicate"

  default     = ""

}

variable "tier" {

  description = "The machine tier (First Generation) or type (Second Generation). See this page for supported tiers and pricing: https://cloud.google.com/sql/pricing"

  default     = "db-f1-micro"

}

variable "db_name" {

  description = "Name of the default database to create"

  default     = "default"

}

variable "db_charset" {

  description = "The charset for the default database"

  default     = ""

}

variable "db_collation" {

  description = "The collation for the default database. Example for MySQL databases: 'utf8_general_ci', and Postgres: 'en_US.UTF8'"

  default     = ""

}

variable "user_name" {

  description = "The name of the default user"

  default     = "default"

}

variable "user_host" {

  description = "The host for the default user"

  default     = "%"

}

variable "user_password" {

  description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable."

  default     = ""

}

variable "activation_policy" {

  description = "This specifies when the instance should be active. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`."

  default     = "ALWAYS"

}

variable "authorized_gae_applications" {

  description = "A list of Google App Engine (GAE) project names that are allowed to access this instance."

  default     = []

}

variable "disk_autoresize" {

  description = "Second Generation only. Configuration to increase storage size automatically."

  default     = true

}

variable "disk_size" {

  description = "Second generation only. The size of data disk, in GB. Size of a running instance cannot be reduced but can be increased."

  default     = 10

}

variable "disk_type" {

  description = "Second generation only. The type of data disk: `PD_SSD` or `PD_HDD`."

  default     = "PD_SSD"

}

variable "pricing_plan" {

  description = "First generation only. Pricing plan for this instance, can be one of `PER_USE` or `PACKAGE`."

  default     = "PER_USE"

}

variable "replication_type" {

  description = "Replication type for this instance, can be one of `ASYNCHRONOUS` or `SYNCHRONOUS`."

  default     = "SYNCHRONOUS"

}

variable "database_flags" {

  description = "List of Cloud SQL flags that are applied to the database server"

  default     = []

}

variable "backup_configuration" {

  description = "The backup_configuration settings subblock for the database setings"

  default     = {}

}

variable "ip_configuration" {

  description = "The ip_configuration settings subblock"

  default     = {}

}

variable "location_preference" {

  description = "The location_preference settings subblock"

  default     = {}

}

variable "maintenance_window" {

  description = "The maintenance_window settings subblock"

  default     = {}

}

variable "replica_configuration" {

  description = "The optional replica_configuration block for the database instance"

  default     = {}

}

variable "availability_type" {

  description = "This specifies whether a PostgreSQL instance should be set up for high availability (REGIONAL) or single zone (ZONAL)."

  default     = "ZONAL"

}



terraform init

terraform plan -out=tfplan

terraform apply tfplan






전체보기

https://brunch.co.kr/@topasvga/3394

감사합니다.




매거진의 이전글 3. GCP-테라폼-Modular LB
브런치는 최신 브라우저에 최적화 되어있습니다. IE chrome safari