-
-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Database subnet creation (3 tier) #165
Comments
Couldn't you simply consume the module twice, one with |
I will give it a shot, I think I was running into an issue with the subnets when trying to consume twice. Thanks for the response. |
If it works, then let's document it. If it does not work, let's figure it out, make the modifications, and then we can document. 😄 |
So I gave it a shot and unless I am missing something seems the subnets are clashing. This is what I did for a quick test.
Seems the first subnet module runs fine but the data one does not. It generates errors such as:
|
I'm also facing above issue ⬆️ |
We are not going to support this use case by adding even more inputs, however we welcome documentation about how to achieve the desired results with the current module. @darkwizzarddude was on the right track, invoking this module twice. This point that was missed is that the module consumes as much of the VPC CIDR range as it can, so if you invoke it twice without doing something about that, you will get CIDR clashes. I haven't tested it, but something like this should work: module "vpc" {
source = "cloudposse/vpc/aws"
version = "1.1.0"
ipv4_primary_cidr_block = "10.70.0.0/16"
assign_generated_ipv6_cidr_block = false
context = module.this.context
}
module "subnets" {
source = "cloudposse/dynamic-subnets/aws"
version = "2.0.2"
availability_zones = ["us-east-2a", "us-east-2b"]
vpc_id = module.vpc.vpc_id
igw_id = [module.vpc.igw_id]
ipv4_enabled = true
ipv4_cidr_block = [cidrsubnet(module.vpc.vpc_cidr_block,1,0)]
nat_gateway_enabled = true
context = module.this.context
}
module "data_subnets" {
source = "cloudposse/dynamic-subnets/aws"
version = "2.0.2"
attributes = ["data"]
availability_zones = ["us-east-2a", "us-east-2b"]
vpc_id = module.vpc.vpc_id
ipv4_enabled = true
ipv4_cidr_block = [cidrsubnet(module.vpc.vpc_cidr_block,1,1)]
public_subnets_enabled = false
nat_gateway_enabled = false
context = module.this.context
} @azizzoaib786 Does that work for you? |
Have a question? Please checkout our Slack Community or visit our Slack Archive.
Describe the Feature
I do not think this will get approved and sure it has been asked before lol
Maybe an option to create a database layer? I feel it is pretty common and best practice in some situations. The third layer is a private subnet without the need for a nat. Maybe there is a way to do that in this module if so I can not figure it out :)
Expected Behavior
Allow for a third private subnet group to be created for databases or intranet.
Use Case
Databases need to be isolated from the application layer.
Describe Ideal Solution
Maybe something like
database_subnets_enabled = true
Alternatives Considered
Use cloud posse Multi-AZ but then some nuances with the outputs while using the vpc endpoints module occur also more work haha, use the AWS Terraform VPC Module which supports database subnet creation (don't want to though :( )
Additional Context
Just a thought feel free to decline and close.
The text was updated successfully, but these errors were encountered: