Skip to content

Commit

Permalink
feat(deployment): change terraform config
Browse files Browse the repository at this point in the history
  • Loading branch information
@EchoSkorJjj
EchoSkorJjj committed Apr 18, 2024
1 parent 7fbc28b commit 050734c
Show file tree
Hide file tree
Showing 5 changed files with 16 additions and 15 deletions.
2 changes: 1 addition & 1 deletion terraform/modules/acm/acm.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ resource "aws_acm_certificate_validation" "cert" {

resource "aws_acm_certificate" "alb_cert" {
provider = aws.us_east_1
domain_name = "alb.itsag2t2.com"
domain_name = "alb.eduhelper.info"
validation_method = "DNS"

lifecycle {
Expand Down
2 changes: 1 addition & 1 deletion terraform/modules/dev.auto.tfvars
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
project_name = "esd-eduhelper"
aws_region = "ap-southeast-1"
app_domain = ""
app_domain = "eduhelper.info"
environment = "production"
8 changes: 4 additions & 4 deletions terraform/modules/eks-node-group/eks-node-group.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ variable "environment" {}

variable "aws_vpc_id" {}

variable "logs_s3_bucket_arn" {}
variable "notes_s3_bucket_arn" {}

variable "eks_private_subnet_1_id" {}
variable "eks_private_subnet_2_id" {}
Expand Down Expand Up @@ -96,7 +96,7 @@ resource "aws_iam_policy" "s3_read_write_policy" {
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": "${var.logs_s3_bucket_arn}/*"
"Resource": "${var.notes_s3_bucket_arn}/*"
}
]
}
Expand Down Expand Up @@ -126,7 +126,7 @@ resource "aws_iam_role_policy_attachment" "Node_Group_AmazonSESEmailToCheckers"
role = aws_iam_role.node_group_role.name
}

resource "aws_iam_role_policy_attachment" "Node_Group_AmazonS3ReadWriteAccessToLogsBucket" {
resource "aws_iam_role_policy_attachment" "Node_Group_AmazonS3ReadWriteAccessToNotesBucket" {
policy_arn = aws_iam_policy.s3_read_write_policy.arn
role = aws_iam_role.node_group_role.name
}
Expand Down Expand Up @@ -165,7 +165,7 @@ resource "aws_eks_node_group" "eks_node_group" {
aws_iam_role_policy_attachment.Node_Group_AmazonEKS_CNI_Policy,
aws_iam_role_policy_attachment.Node_Group_AmazonEC2ContainerRegistryReadOnly,
aws_iam_role_policy_attachment.Node_Group_AmazonSESEmailToCheckers,
aws_iam_role_policy_attachment.Node_Group_AmazonS3ReadWriteAccessToLogsBucket,
aws_iam_role_policy_attachment.Node_Group_AmazonS3ReadWriteAccessToNotesBucket,
aws_iam_role_policy_attachment.Node_Group_Elasticsearch_Policy,
aws_iam_role_policy_attachment.Node_Group_MSK_Policy
]
Expand Down
17 changes: 9 additions & 8 deletions terraform/modules/elasticache-redis/elasticache-redis.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@ data "aws_secretsmanager_secret_version" "current_elasticache_credentials" {

resource "aws_elasticache_subnet_group" "redis_subnet_group" {
name = "${var.project_name}-redis-subnet-group-${var.environment}"
subnet_ids = [var.database_private_subnet_1_id, var.database_private_subnet_2_id]
# subnet_ids = [var.database_private_subnet_1_id, var.database_private_subnet_2_id]
subnet_ids = [var.database_private_subnet_1_id]

tags = {
Name = "${var.project_name}-redis-subnet-group-${var.environment}"
Expand All @@ -33,18 +34,18 @@ resource "aws_elasticache_replication_group" "redis_cluster_replication_group" {
description = "ElastiCache Redis replication group for ${var.project_name} in ${var.environment}"
node_type = "cache.t4g.medium"
port = 6379
parameter_group_name = "default.redis7.cluster.on"
automatic_failover_enabled = true
multi_az_enabled = true
parameter_group_name = "default.redis7"
automatic_failover_enabled = false
multi_az_enabled = false
engine_version = "7.1"
transit_encryption_enabled = true
auth_token = jsondecode(data.aws_secretsmanager_secret_version.current_elasticache_credentials.secret_string)["elasticache_auth_token"]

subnet_group_name = aws_elasticache_subnet_group.redis_subnet_group.name
security_group_ids = [aws_security_group.redis_sg.id]

# Primary + 1 replica
num_cache_clusters = 2
# Primary
num_cache_clusters = 1

tags = {
Name = "${var.project_name}-redis-replication-group-${var.environment}"
Expand Down Expand Up @@ -81,8 +82,8 @@ resource "aws_security_group" "redis_sg" {

resource "aws_route53_record" "redis_cluster_endpoint_cname" {
zone_id = var.app_domain_zone_id
name = "redis-cluster.itsag2t2.com"
name = "redis-cluster.eduhelper.info"
type = "CNAME"
ttl = "300"
records = [aws_elasticache_replication_group.redis_cluster_replication_group.configuration_endpoint_address]
records = [aws_elasticache_replication_group.redis_cluster_replication_group.primary_endpoint_address]
}
2 changes: 1 addition & 1 deletion terraform/modules/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ module "eks-node-group" {

aws_vpc_id = module.vpc.aws_vpc_id

logs_s3_bucket_arn = module.s3.logs_s3_bucket_arn
notes_s3_bucket_arn = module.s3.notes_s3_bucket_arn

eks_private_subnet_1_id = module.vpc.eks_private_subnet_1_id
eks_private_subnet_2_id = module.vpc.eks_private_subnet_2_id
Expand Down

0 comments on commit 050734c

Please sign in to comment.