Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS backend terraform + Readme #330

Merged
merged 2 commits into from
Nov 22, 2024
Merged

AWS backend terraform + Readme #330

merged 2 commits into from
Nov 22, 2024

Conversation

phbnf
Copy link
Contributor

@phbnf phbnf commented Nov 21, 2024

Towards #312

This PR introduces Terraform for AWS storage backend. More work is underway for the other components, see #312.

Putting aside the fact that this runs on AWS (RDS + S3) rather than GCP (Spanner + GCS) , other differences are:

  • AWS doesn't really have a concept of human readable project IDs, project IDs are numbers, so I've introduced a human readable "prefix" used across resources instead
  • Terragrunt on GCP uses GCS precondition to lock state. That's not an option (yet?) on AWS, it uses a DynamoDB database

@phbnf phbnf added the enhancement New feature or request label Nov 21, 2024
@phbnf phbnf added this to the alpha milestone Nov 21, 2024
@phbnf phbnf requested a review from AlCutter November 21, 2024 13:57
AlCutter
AlCutter approved these changes Nov 21, 2024
View reviewed changes
deployment/modules/aws/storage/main.tf Show resolved Hide resolved
deployment/modules/aws/storage/main.tf
count = 1
identifier = "${local.name}-writer-${count.index}"
cluster_identifier = aws_rds_cluster.log_rds.id
instance_class = "db.r5.large"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Worth making this a variable? (maybe in the future/TODO?)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I'm not 100% sold yet on ~all the settings that we should use here, especially for the conformance test. My gut feeling is that we'll stick to Aurora, but maybe we'll move to serverless for conformance testing, but we could also use RDS without Aurora. One interesting data point for conformance testing, is that spinning up or turning down an Aurora instance takes ~5-10 minutes.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One interesting data point for conformance testing, is that spinning up or turning down an Aurora instance takes ~5-10 minutes

... wow!

Yeah, makes sense to keep all the configs as it for the moment then, can make them variables later once you've decided.

@phbnf phbnf merged commit d668ea3 into transparency-dev:main Nov 22, 2024
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlCutter AlCutter AlCutter approved these changes

Assignees

@AlCutter AlCutter

Labels
enhancement New feature or request
Projects
None yet
Milestone
alpha
Development

Successfully merging this pull request may close these issues.
2 participants
@phbnf @AlCutter