This is an experimental project, use on your own risk. This project is not covered by Percona Support
- Clone repo
- Configure AWS CLI - tutorial
- Switch to project directory
- Execute in console
make allor go through Makefile(in the root of project) manually - When cluster is set up, connect to one of the PXC instances
- Login to mysql with command
sudo mysql -uroot -pand enter passwordpassword - Check cluster status
show status like 'wsrep%'; - Connect to one of the Percona Server replica
- Check replication status using
SHOW SLAVE STATUS\Gon replica
- Create service account in Google Cloud Console and create key for it (for more info, visit https://cloud.google.com/docs/authentication/getting-started)
- Export
GOOGLE_APPLICATION_CREDENTIALSenvironment variable to point to the file with credentials (e.g.export GOOGLE_APPLICATION_CREDENTIALS=/path/to/credentials.json) - Execute
make all
File main.tf
# AWS provider configuration
provider "percona" {
region = "eu-north-1" # required
profile = "default" # optional
cloud = "aws" # required, supported values: "aws", "gcp"
ignore_errors_on_destroy = true # optional, default: false
disable_telemetry = true # optional, default: false
}
# GCP provider configuration
#provider "percona" {
# region = "europe-west1"
# zone = "europe-west1-c"
# project = "project-name"
# cloud = "gcp"
# ignore_errors_on_destroy = false
#}
resource "percona_ps" "ps" {
instance_type = "t3.micro" # required
key_pair_name = "sshKey1" # required
password = "password" # optional, default: "password"
replication_type = "async" # optional, default: "async", supported values: "async", "group-replication"
replication_password = "replicaPassword" # optional, default: "replicaPassword"
cluster_size = 2 # optional, default: 3
path_to_key_pair_storage = "/tmp/" # optional, default: "."
volume_type = "gp2" # optional, default: "gp2" for AWS, "pd-balanced" for GCP
volume_size = 20 # optional, default: 20
volume_iops = 4000 # optional
volume_throughput = 4000 # optional, AWS only
config_file_path = "./config.cnf" # optional, saves config file to /etc/mysql/mysql.conf.d/custom.cnf
version = "8.0.28" # optional, installs last version if not specified
myrocks_install = true # optional, default: false
vpc_name = "percona_vpc_1" # optional
vpc_id = "cGVyY29uYV92cGNfMQ==" # optional, AWS only
port = 3306 # optional, default: 3306
pmm_address = "http://admin:[email protected]" # optional
pmm_password = "password" # optional, password for internal `pmm` user in db
orchestrator_size = 3 # optional, default: 0
orchestrator_password = "password" # optional, default: "password"
}
resource "percona_pxc" "pxc" {
instance_type = "t3.micro" # required
key_pair_name = "sshKey2" # required
password = "password" # optional, default: "password"
cluster_size = 2 # optional, default: 3
path_to_key_pair_storage = "/tmp/" # optional, default: "."
volume_type = "gp2" # optional, default: "gp2" for AWS, "pd-balanced" for GCP
volume_size = 20 # optional, default: 20
volume_iops = 4000 # optional
volume_throughput = 4000 # optional, AWS only
config_file_path = "./config.cnf" # optional, saves config file to /etc/mysql/mysql.conf.d/custom.cnf
version = "8.0.28" # optional, installs last version if not specified
vpc_name = "percona_vpc_1" # optional
vpc_id = "cGVyY29uYV92cGNfMQ==" # optional, AWS only
port = 3306 # optional, default: 3306
galera_port = 4567 # optional, default: 4567
pmm_address = "http://admin:[email protected]" # optional
pmm_password = "password" # optional, password for internal `pmm` user in db
}
resource "percona_pmm" "pmm" {
instance_type = "t3.micro" # required
key_pair_name = "sshKey2" # required
path_to_key_pair_storage = "/tmp/" # optional, default: "."
volume_type = "gp2" # optional, default: "gp2" for AWS, "pd-balanced" for GCP
volume_size = 20 # optional, default: 20
volume_iops = 4000 # optional
volume_throughput = 4000 # optional, AWS only
vpc_name = "percona_vpc_1" # optional
vpc_id = "cGVyY29uYV92cGNfMQ==" # optional, AWS only
rds_username = "postgres" # optional, default: ""
rds_password = "password" # optional, default: ""
}
resource "percona_pmm_rds" "pmm_rds" {
pmm_address = "http://admin:admin@localhost" # required
rds_id = "database-1" # required
rds_username = "postgres" # required
rds_password = "password" # required
rds_pmm_user_password = "password" # optional, default: "password"
}
File version.tf
terraform {
required_providers {
percona = {
version = "~> 0.9.10"
source = "terraform-percona.com/terraform-percona/percona"
}
}
}
For AWS
AWS managed policy: AmazonEC2ContainerServiceAutoscaleRole
//AmazonEC2ContainerServiceAutoscaleRole
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecs:DescribeServices",
"ecs:UpdateService"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"cloudwatch:DescribeAlarms",
"cloudwatch:PutMetricAlarm"
],
"Resource": [
"*"
]
}
]
}Custom AWS Policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:CreateDhcpOptions",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:DeleteSubnet",
"ec2:DescribeInstances",
"ec2:MonitorInstances",
"ec2:CreateKeyPair",
"ec2:AttachInternetGateway",
"ec2:UpdateSecurityGroupRuleDescriptionsIngress",
"ec2:AssociateRouteTable",
"ec2:DeleteRouteTable",
"ec2:StartInstances",
"ec2:RevokeSecurityGroupEgress",
"ec2:CreateRoute",
"ec2:CreateInternetGateway",
"ec2:DescribeVolumes",
"ec2:DeleteInternetGateway",
"ec2:DescribeReservedInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeRouteTables",
"ec2:DetachVolume",
"ec2:UpdateSecurityGroupRuleDescriptionsEgress",
"ec2:DescribeReservedInstancesOfferings",
"ec2:CreateRouteTable",
"ec2:RunInstances",
"ec2:ModifySecurityGroupRules",
"ec2:StopInstances",
"ec2:CreateVolume",
"ec2:RevokeSecurityGroupIngress",
"ec2:DescribeSecurityGroupRules",
"ec2:DeleteDhcpOptions",
"ec2:DescribeInstanceTypes",
"ec2:DeleteVpc",
"ec2:AssociateAddress",
"ec2:CreateSubnet",
"ec2:DescribeSubnets",
"ec2:DeleteKeyPair",
"ec2:AttachVolume",
"ec2:DisassociateAddress",
"ec2:DescribeAddresses",
"ec2:PurchaseReservedInstancesOffering",
"ec2:DescribeInstanceAttribute",
"ec2:CreateVpc",
"ec2:DescribeDhcpOptions",
"ec2:DescribeAvailabilityZones",
"ec2:CreateSecurityGroup",
"ec2:ModifyVpcAttribute",
"ec2:ModifyReservedInstances",
"ec2:DescribeInstanceStatus",
"ec2:RebootInstances",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AssociateDhcpOptions",
"ec2:TerminateInstances",
"ec2:DescribeIamInstanceProfileAssociations",
"ec2:DescribeTags",
"ec2:DeleteRoute",
"ec2:AllocateAddress",
"ec2:DescribeSecurityGroups",
"ec2:DescribeImages",
"ec2:DescribeVpcs",
"ec2:DeleteSecurityGroup",
"ec2:CreateNetworkInterface",
"ec2:DescribeInternetGateways",
"ec2:DescribeVpcAttribute",
"ec2:DeleteNetworkInterface",
"ec2:DeleteSecurityGroup",
"ec2:ModifyNetworkInterfaceAttribute"
],
"Resource": "*"
}
]
}Instance types, in some regions some may be available and in others they may not.