truefoundry · dunefro · Nov 22, 2024 · Nov 22, 2024 · Nov 22, 2024
diff --git a/README.md b/README.md
@@ -48,6 +48,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_cluster_name"></a> [cluster\_name](#input\_cluster\_name) | Cluster name | `string` | n/a | yes |
 | <a name="input_cluster_oidc_url"></a> [cluster\_oidc\_url](#input\_cluster\_oidc\_url) | OIDC url for the cluster to create federated credential for | `string` | n/a | yes |
 | <a name="input_create_acr"></a> [create\_acr](#input\_create\_acr) | Create acr | `bool` | `false` | no |
 | <a name="input_create_blob_storage"></a> [create\_blob\_storage](#input\_create\_blob\_storage) | Create blob storage | `bool` | `false` | no |
@@ -62,17 +63,16 @@ No modules.
 | <a name="input_svcfoundry_namespace"></a> [svcfoundry\_namespace](#input\_svcfoundry\_namespace) | Name of the svcfoundry namespace | `string` | `"truefoundry"` | no |
 | <a name="input_svcfoundry_svc_acc"></a> [svcfoundry\_svc\_acc](#input\_svcfoundry\_svc\_acc) | Name of the svcfoundry service account | `string` | `"servicefoundry-server"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | AWS Tags common to all the resources created | `map(string)` | `{}` | no |
-| <a name="input_truefoundry_db_allocated_storage"></a> [truefoundry\_db\_allocated\_storage](#input\_truefoundry\_db\_allocated\_storage) | Storage for DB | `number` | n/a | yes |
+| <a name="input_truefoundry_db_allocated_storage"></a> [truefoundry\_db\_allocated\_storage](#input\_truefoundry\_db\_allocated\_storage) | Storage for DB | `number` | `32768` | no |
 | <a name="input_truefoundry_db_allowed_ip_range_end_ip_address"></a> [truefoundry\_db\_allowed\_ip\_range\_end\_ip\_address](#input\_truefoundry\_db\_allowed\_ip\_range\_end\_ip\_address) | IP range end address which is allowed to connect to DB | `string` | n/a | yes |
 | <a name="input_truefoundry_db_allowed_ip_range_start_ip_address"></a> [truefoundry\_db\_allowed\_ip\_range\_start\_ip\_address](#input\_truefoundry\_db\_allowed\_ip\_range\_start\_ip\_address) | IP range start address which is allowed to connect to DB | `string` | n/a | yes |
 | <a name="input_truefoundry_db_enable_override"></a> [truefoundry\_db\_enable\_override](#input\_truefoundry\_db\_enable\_override) | Truefoundry db name override to be enabled | `bool` | `false` | no |
-| <a name="input_truefoundry_db_instance_class"></a> [truefoundry\_db\_instance\_class](#input\_truefoundry\_db\_instance\_class) | Instance class for DB | `string` | n/a | yes |
-| <a name="input_truefoundry_db_override_name"></a> [truefoundry\_db\_override\_name](#input\_truefoundry\_db\_override\_name) | Truefoundry db name override | `string` | n/a | yes |
+| <a name="input_truefoundry_db_instance_class"></a> [truefoundry\_db\_instance\_class](#input\_truefoundry\_db\_instance\_class) | Instance class for DB | `string` | `"GP_Standard_D4ds_v5"` | no |
+| <a name="input_truefoundry_db_override_name"></a> [truefoundry\_db\_override\_name](#input\_truefoundry\_db\_override\_name) | Truefoundry db name override | `string` | `""` | no |
 | <a name="input_truefoundry_db_private_dns_zone_id"></a> [truefoundry\_db\_private\_dns\_zone\_id](#input\_truefoundry\_db\_private\_dns\_zone\_id) | Private DNS zone ID | `string` | n/a | yes |
 | <a name="input_truefoundry_db_require_ssl"></a> [truefoundry\_db\_require\_ssl](#input\_truefoundry\_db\_require\_ssl) | Require SSL for DB | `bool` | `false` | no |
 | <a name="input_truefoundry_db_subnet_cidr"></a> [truefoundry\_db\_subnet\_cidr](#input\_truefoundry\_db\_subnet\_cidr) | CIDR of the subnet which we should use for the db | `string` | n/a | yes |
 | <a name="input_truefoundry_db_vnet_name"></a> [truefoundry\_db\_vnet\_name](#input\_truefoundry\_db\_vnet\_name) | Name of the virtual network | `string` | n/a | yes |
-| <a name="input_unique_name"></a> [unique\_name](#input\_unique\_name) | Truefoundry deployment unique name | `string` | n/a | yes |
 
 ## Outputs
 

diff --git a/locals.tf b/locals.tf
@@ -1,8 +1,8 @@
 locals {
 
-  truefoundry_unique_name = substr(replace(var.unique_name, "-", ""), 0, 20)
-  svcfoundry_unique_name  = substr(replace("svc-${var.unique_name}", "-", ""), 0, 20)
-  mlfoundry_unique_name   = substr(replace("mlf-${var.unique_name}", "-", ""), 0, 20)
+  truefoundry_unique_name = substr(replace(var.cluster_name, "-", ""), 0, 20)
+  svcfoundry_unique_name  = substr(replace("svc-${var.cluster_name}", "-", ""), 0, 20)
+  mlfoundry_unique_name   = substr(replace("mlf-${var.cluster_name}", "-", ""), 0, 20)
 
   # truefoundry_db_port            = 5432
   truefoundry_db_master_username = "truefoundry_root"

diff --git a/postgres.tf b/postgres.tf
@@ -6,7 +6,7 @@ resource "random_password" "truefoundry_db_password" {
 
 resource "azurerm_subnet" "postgresql_flexible_subnet" {
   count                = var.create_db ? 1 : 0
-  name                 = replace("${var.unique_name}-postgres", "-", "")
+  name                 = replace("${var.cluster_name}-postgres", "-", "")
   resource_group_name  = var.resource_group_name
   virtual_network_name = var.truefoundry_db_vnet_name
   address_prefixes     = [var.truefoundry_db_subnet_cidr]
@@ -24,18 +24,19 @@ resource "azurerm_subnet" "postgresql_flexible_subnet" {
 
 resource "azurerm_postgresql_flexible_server" "postgresql_flexible" {
   count               = var.create_db ? 1 : 0
-  name                = var.truefoundry_db_enable_override ? var.truefoundry_db_override_name : "${var.unique_name}-psql"
+  name                = var.truefoundry_db_enable_override ? var.truefoundry_db_override_name : "${var.cluster_name}-psql"
   resource_group_name = var.resource_group_name
   location            = var.location
   version             = var.postgres_version
   authentication {
     password_auth_enabled = true
   }
-  administrator_login    = local.truefoundry_db_master_username
-  administrator_password = random_password.truefoundry_db_password.result
-  delegated_subnet_id    = azurerm_subnet.postgresql_flexible_subnet[0].id
-  private_dns_zone_id    = var.truefoundry_db_private_dns_zone_id
-  zone                   = "3"
+  administrator_login           = local.truefoundry_db_master_username
+  administrator_password        = random_password.truefoundry_db_password.result
+  public_network_access_enabled = false
+  delegated_subnet_id           = azurerm_subnet.postgresql_flexible_subnet[0].id
+  private_dns_zone_id           = var.truefoundry_db_private_dns_zone_id
+  zone                          = "3"
   high_availability {
     mode                      = "SameZone"
     standby_availability_zone = "3"

diff --git a/variables.tf b/variables.tf
@@ -1,21 +1,22 @@
-variable "unique_name" {
-  description = "Truefoundry deployment unique name"
-  type        = string
-  validation {
-    condition     = length(var.unique_name) <= 24
-    error_message = "Error: Unique name is too long."
-  }
-  validation {
-    condition     = length(var.unique_name) >= 3
-    error_message = "Error: Unique name is too short."
-  }
-}
+
+################################################################################
+# Common
+################################################################################
 
 variable "resource_group_name" {
   description = "Name of the resource group"
   type        = string
 }
 
+variable "cluster_name" {
+  description = "Cluster name"
+  type        = string
+  validation {
+    condition     = length(var.cluster_name) <= 24 || length(var.cluster_name) >= 3
+    error_message = "Error: 3 <= len(cluster_name) <= 24"
+  }
+}
+
 variable "location" {
   description = "Location of the resource group"
   type        = string
@@ -32,9 +33,9 @@ variable "cluster_oidc_url" {
   type        = string
 }
 
-##### Control Plane Components 
-
-#### Database
+################################################################################
+# Database
+################################################################################
 
 variable "create_db" {
   type        = bool
@@ -63,16 +64,19 @@ variable "truefoundry_db_enable_override" {
 variable "truefoundry_db_override_name" {
   type        = string
   description = "Truefoundry db name override"
+  default     = ""
 }
 
 variable "truefoundry_db_instance_class" {
   type        = string
   description = "Instance class for DB"
+  default     = "GP_Standard_D4ds_v5"
 }
 
 variable "truefoundry_db_allocated_storage" {
   type        = number
   description = "Storage for DB"
+  default     = 32768
 }
 
 variable "truefoundry_db_require_ssl" {
@@ -81,7 +85,6 @@ variable "truefoundry_db_require_ssl" {
   default     = false
 }
 
-#### Network
 variable "truefoundry_db_vnet_name" {
   description = "Name of the virtual network"
   type        = string
@@ -107,31 +110,39 @@ variable "truefoundry_db_allowed_ip_range_end_ip_address" {
   description = "IP range end address which is allowed to connect to DB"
 }
 
-#### Azure Container Repository
+################################################################################
+# Container Registry
+################################################################################
 
 variable "create_acr" {
   type        = bool
   description = "Create acr"
   default     = false
 }
 
-#### Azure KeyVault
+################################################################################
+# Key vault
+################################################################################
 
 variable "create_kv" {
   type        = bool
   description = "Create kv"
   default     = false
 }
 
-#### Azure Storage
+################################################################################
+# Storage account
+################################################################################
 
 variable "create_blob_storage" {
   type        = bool
   description = "Create blob storage"
   default     = false
 }
 
-###### mlfoundry
+################################################################################
+# Mlfoundry-server
+################################################################################
 
 variable "mlfoundry_svc_acc" {
   description = "Name of the mlfoundry service account"
@@ -145,7 +156,9 @@ variable "mlfoundry_namespace" {
   type        = string
 }
 
-###### svcfoundry
+################################################################################
+# Servicefoundry-server
+################################################################################
 
 variable "svcfoundry_svc_acc" {
   description = "Name of the svcfoundry service account"