Skip to content

Commit

Permalink
Merge pull request #5983 from ministryofjustice/CC-2554/ccms-ebs-upgr…
Browse files Browse the repository at this point in the history
…ade-test

CC-2554: Added the 'ccms-ebs-upgrade-test' environment'.
  • Loading branch information
mmgovuk authored May 24, 2024
2 parents bf362f2 + 391f9d4 commit 6685b61
Show file tree
Hide file tree
Showing 5 changed files with 155 additions and 16 deletions.
119 changes: 119 additions & 0 deletions terraform/environments/ccms-ebs-upgrade/application_variables.json
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@
"lz_domain_name": "*.dev.legalservices.gov.uk",
"mp_aws_subnet_env": "10.200.0.0/20",
"ebs_default_iops": 12000,
"conc_no_instances": 1,
"webgate_no_instances": 2,
"webgate_default_iops": 3000,
"webgate_u01_size": 100,
Expand Down Expand Up @@ -97,6 +98,9 @@
"ebs_default_iops_test": 9000,
"dbf_device": "nvme5n1",
"dbf_path": "/CCMS/EBS/dbf",
"dbf01_snapshot_id": "",
"dbf02_snapshot_id": "",
"dbf03_snapshot_id": "",
"ebs_type_ebsdb_backup": "gp3",
"ebs_size_ebsconc_exhome": 100,
"ebs_size_ebsconc_u01": 200,
Expand All @@ -110,6 +114,121 @@
"instance_role_ebsconc": "conc",
"instance_role_ebsdb": "db",
"instance_role_webgate": "webgate"
},
"test": {
"short_env": "test",
"dns": "laa-test",
"ses_domain_identity": "uat.legalservices.gov.uk",
"instance-scheduling-accessgate": "skip-scheduling",
"instance-scheduling-ebsapps": "skip-scheduling",
"instance-scheduling-ebsconc": "skip-scheduling",
"instance-scheduling-ebsdb": "skip-scheduling",
"instance-scheduling-webgate": "skip-scheduling",
"ec2_oracle_instance_type_ebsdb_test": "x2iedn.8xlarge",
"ec2_oracle_instance_type_ebsdb": "m5d.4xlarge",
"ec2_oracle_instance_cores_ebsdb": "8",
"ec2_oracle_instance_threads_ebsdb": "2",
"ec2_oracle_instance_type_ebsconc": "m5d.4xlarge",
"ec2_oracle_instance_cores_ebsconc": "8",
"ec2_oracle_instance_threads_ebsconc": "2",
"ec2_oracle_instance_type_ebsapps": "m5d.2xlarge",
"ec2_oracle_instance_cores_ebsapps": "4",
"ec2_oracle_instance_threads_ebsapps": "2",
"ec2_oracle_instance_type_webgate": "m5d.large",
"ec2_oracle_instance_cores_webgate": "1",
"ec2_oracle_instance_threads_webgate": "2",
"ec2_oracle_instance_type_accessgate": "m5d.xlarge",
"ec2_oracle_instance_cores_accessgate": "2",
"ec2_oracle_instance_threads_accessgate": "2",
"ami_owner": "self",
"ec2_instance_type_ftp": "c5d.large",
"ftp_ami_id": "ami-09f731dab809ea9df",
"ec2_instance_type_clamav": "c5d.large",
"clamav_ami_id": "ami-02cb9c4732e6429dd",
"ebsdb_ami_id": "ami-014b2ba6362f16b1e",
"ebsconc_ami_id": "ami-0d4b266f7ae87bbfc",
"ebsapps_ami_id-1": "ami-0a5697caf962d9c33",
"ebsapps_ami_id-2": "ami-0a5697caf962d9c33",
"accessgate_ami_id-1": "ami-0aa28dfb61946e273",
"accessgate_ami_id-2": "ami-0e42994dea7fb4b17",
"webgate_ami_id-1": "ami-093ff7dd6a93cfbde",
"webgate_ami_id-2": "ami-046490c755aa93fc5",
"restored_db_image": "ami-0df5f31cae1c86635",
"orace_base_prereqs_ami_name": "Oracle79-prereqs-v2_0",
"orace_db_ami_name": "Oracle79-prereqs-v1_8",
"orace_db_dr_ami_name": "EBSDB-DR-test",
"webgate_ami_name": "ebs-webgate-v2_0",
"accessgate_ami_name": "ebs-accessgate-v2_0",
"ec2_instance_type_mailrelay": "c4.large",
"mailrelay_ami_id": "ami-02654187c4eaddcc0",
"key_name": "",
"lz_aws_account_id_env": "140455166311",
"lz_aws_subnet_env": "10.204.0.0/14",
"lz_aws_workspace_nonprod_subnet_env": "10.200.0.0/20",
"lz_aws_workspace_prod_subnet_env": "10.200.16.0/20",
"lz_aws_workspace_nonprod_prod": "10.200.0.0/19",
"lz_aws_appstream_subnet_a_b": "10.200.32.0/23",
"cloud_platform_subnet": "172.20.0.0/16",
"lz_ftp_bucket_environment": "uat",
"lz_domain_name": "*.uat.legalservices.gov.uk",
"mp_aws_subnet_env": "10.200.0.0/20",
"ebs_default_iops": 12000,
"conc_no_instances": 0,
"webgate_no_instances": 2,
"webgate_default_iops": 3000,
"webgate_u01_size": 100,
"webgate_dns_prefix": "wgatetst",
"accessgate_no_instances": 2,
"accessgate_default_iops": 3000,
"accessgate_u01_size": 150,
"accessgate_dns_prefix": "agatetst",
"ebsapps_no_instances": 2,
"ebsapps_default_iops": 3000,
"ebsapps_exhome_size": 100,
"ebsapps_u01_size": 200,
"ebsapps_u03_size": 200,
"ebsapps_stage_size": 100,
"tg_apps_port": 8000,
"ebs_iops_ebsdb_swap": 3000,
"ebs_size_ebsdb_swap": 20,
"ebs_size_ebsdb_home": 100,
"ebs_size_ebsdb_temp": 100,
"ebs_size_ebsdb_exhome": 100,
"ebs_size_ebsdb_u01": 300,
"ebs_size_ebsdb_arch": 500,
"ebs_size_ebsdb_dbf": 11000,
"ebs_size_ebsdb_dbf_dr": 8000,
"ebs_iops_ebsdb_dbf01": 12000,
"ebs_size_ebsdb_dbf01": 4000,
"ebs_iops_ebsdb_dbf02": 12000,
"ebs_size_ebsdb_dbf02": 4000,
"ebs_iops_ebsdb_dbf03": 12000,
"ebs_size_ebsdb_dbf03": 3000,
"ebs_size_ebsdb_redoA": 100,
"ebs_size_ebsdb_redoB": 50,
"ebs_size_ebsdb_techst": 100,
"ebs_size_ebsdb_backup": 8000,
"ebs_size_ebsdb_diag": 50,
"ebs_size_ebsdb_appshare": 100,
"ebs_default_iops_test": 9000,
"dbf_device": "nvme5n1",
"dbf_path": "/CCMS/EBS/dbf",
"dbf01_snapshot_id": "snap-04ab84f4b1c4bc04e",
"dbf02_snapshot_id": "snap-01e6b7d595e24bea4",
"dbf03_snapshot_id": "snap-0dcd7f2e82fc77739",
"ebs_type_ebsdb_backup": "gp3",
"ebs_size_ebsconc_exhome": 100,
"ebs_size_ebsconc_u01": 200,
"ebs_size_ebsconc_u03": 200,
"ebs_size_ebsconc_home": 100,
"ebs_size_ebsconc_stage": 100,
"ebs_size_ebsconc_temp": 100,
"ebs_backup_snapshot_id": "snap-073cecf04f2638d61",
"instance_role_accessgate": "accessgate",
"instance_role_ebsapps": "apps",
"instance_role_ebsconc": "conc",
"instance_role_ebsdb": "db",
"instance_role_webgate": "webgate"
}
},
"webgate_ebs": {
Expand Down
45 changes: 30 additions & 15 deletions terraform/environments/ccms-ebs-upgrade/ec2-oracle_ebs_conc.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
resource "aws_instance" "ec2_oracle_conc" {
count = local.application_data.accounts[local.environment].conc_no_instances
instance_type = local.application_data.accounts[local.environment].ec2_oracle_instance_type_ebsconc
ami = local.application_data.accounts[local.environment].ebsconc_ami_id
key_name = local.application_data.accounts[local.environment].key_name
Expand Down Expand Up @@ -47,6 +48,7 @@ resource "aws_instance" "ec2_oracle_conc" {
}

resource "aws_ebs_volume" "conc_export_home" {
count = local.application_data.accounts[local.environment].conc_no_instances
lifecycle {
ignore_changes = [kms_key_id]
}
Expand All @@ -63,12 +65,14 @@ resource "aws_ebs_volume" "conc_export_home" {
}

resource "aws_volume_attachment" "conc_export_home_att" {
count = local.application_data.accounts[local.environment].conc_no_instances
device_name = "/dev/sdh"
volume_id = aws_ebs_volume.conc_export_home.id
instance_id = aws_instance.ec2_oracle_conc.id
volume_id = aws_ebs_volume.conc_export_home[count.index].id
instance_id = aws_instance.ec2_oracle_conc[count.index].id
}

resource "aws_ebs_volume" "conc_u01" {
count = local.application_data.accounts[local.environment].conc_no_instances
lifecycle {
ignore_changes = [kms_key_id]
}
Expand All @@ -85,12 +89,14 @@ resource "aws_ebs_volume" "conc_u01" {
}

resource "aws_volume_attachment" "conc_u01_att" {
count = local.application_data.accounts[local.environment].conc_no_instances
device_name = "/dev/sdi"
volume_id = aws_ebs_volume.conc_u01.id
instance_id = aws_instance.ec2_oracle_conc.id
volume_id = aws_ebs_volume.conc_u01[count.index].id
instance_id = aws_instance.ec2_oracle_conc[count.index].id
}

resource "aws_ebs_volume" "conc_u03" {
count = local.application_data.accounts[local.environment].conc_no_instances
lifecycle {
ignore_changes = [kms_key_id]
}
Expand All @@ -107,12 +113,14 @@ resource "aws_ebs_volume" "conc_u03" {
}

resource "aws_volume_attachment" "conc_u03_att" {
count = local.application_data.accounts[local.environment].conc_no_instances
device_name = "/dev/sdj"
volume_id = aws_ebs_volume.conc_u03.id
instance_id = aws_instance.ec2_oracle_conc.id
volume_id = aws_ebs_volume.conc_u03[count.index].id
instance_id = aws_instance.ec2_oracle_conc[count.index].id
}

resource "aws_ebs_volume" "conc_home" {
count = local.application_data.accounts[local.environment].conc_no_instances
lifecycle {
ignore_changes = [kms_key_id]
}
Expand All @@ -129,12 +137,14 @@ resource "aws_ebs_volume" "conc_home" {
}

resource "aws_volume_attachment" "conc_home_att" {
count = local.application_data.accounts[local.environment].conc_no_instances
device_name = "/dev/sdk"
volume_id = aws_ebs_volume.conc_home.id
instance_id = aws_instance.ec2_oracle_conc.id
volume_id = aws_ebs_volume.conc_home[count.index].id
instance_id = aws_instance.ec2_oracle_conc[count.index].id
}

resource "aws_ebs_volume" "conc_stage" {
count = local.application_data.accounts[local.environment].conc_no_instances
lifecycle {
ignore_changes = [kms_key_id]
}
Expand All @@ -151,12 +161,14 @@ resource "aws_ebs_volume" "conc_stage" {
}

resource "aws_volume_attachment" "conc_stage_att" {
count = local.application_data.accounts[local.environment].conc_no_instances
device_name = "/dev/sdl"
volume_id = aws_ebs_volume.conc_stage.id
instance_id = aws_instance.ec2_oracle_conc.id
volume_id = aws_ebs_volume.conc_stage[count.index].id
instance_id = aws_instance.ec2_oracle_conc[count.index].id
}

resource "aws_ebs_volume" "conc_temp" {
count = local.application_data.accounts[local.environment].conc_no_instances
lifecycle {
ignore_changes = [kms_key_id]
}
Expand All @@ -173,30 +185,33 @@ resource "aws_ebs_volume" "conc_temp" {
}

resource "aws_volume_attachment" "conc_temp_att" {
count = local.application_data.accounts[local.environment].conc_no_instances
device_name = "/dev/sdm"
volume_id = aws_ebs_volume.conc_temp.id
instance_id = aws_instance.ec2_oracle_conc.id
volume_id = aws_ebs_volume.conc_temp[count.index].id
instance_id = aws_instance.ec2_oracle_conc[count.index].id
}


# AppShare created for EBSDB and attached also on Conc instance

resource "aws_volume_attachment" "appshare_conc_att" {
count = local.application_data.accounts[local.environment].conc_no_instances
depends_on = [
aws_ebs_volume.appshare
]
device_name = "/dev/sdq"
volume_id = aws_ebs_volume.appshare.id
instance_id = aws_instance.ec2_oracle_conc.id
instance_id = aws_instance.ec2_oracle_conc[count.index].id
}

module "cw-conc-ec2" {
source = "./modules/cw-ec2"
count = local.application_data.accounts[local.environment].conc_no_instances

short_env = local.application_data.accounts[local.environment].short_env
name = "ec2-ebs"
name = "ec2-conc"
topic = aws_sns_topic.cw_alerts.arn
instanceId = aws_instance.ec2_oracle_ebs.id
instanceId = aws_instance.ec2_oracle_conc[count.index].id
imageId = local.application_data.accounts[local.environment].ebsconc_ami_id
instanceType = local.application_data.accounts[local.environment].ec2_oracle_instance_type_ebsconc
fileSystem = "xfs" # Linux root filesystem
Expand Down
3 changes: 3 additions & 0 deletions terraform/environments/ccms-ebs-upgrade/ec2-oracle_ebs_db.tf
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,7 @@ resource "aws_ebs_volume" "dbf01" {
ignore_changes = [kms_key_id]
}
availability_zone = "eu-west-2a"
snapshot_id = length(local.application_data.accounts[local.environment].dbf01_snapshot_id) > 0 ? local.application_data.accounts[local.environment].dbf01_snapshot_id : null
size = local.application_data.accounts[local.environment].ebs_size_ebsdb_dbf01
type = "io2"
iops = local.application_data.accounts[local.environment].ebs_iops_ebsdb_dbf01
Expand All @@ -190,6 +191,7 @@ resource "aws_ebs_volume" "dbf02" {
ignore_changes = [kms_key_id]
}
availability_zone = "eu-west-2a"
snapshot_id = length(local.application_data.accounts[local.environment].dbf02_snapshot_id) > 0 ? local.application_data.accounts[local.environment].dbf02_snapshot_id : null
size = local.application_data.accounts[local.environment].ebs_size_ebsdb_dbf02
type = "io2"
iops = local.application_data.accounts[local.environment].ebs_iops_ebsdb_dbf02
Expand All @@ -215,6 +217,7 @@ resource "aws_ebs_volume" "dbf03" {
ignore_changes = [kms_key_id]
}
availability_zone = "eu-west-2a"
snapshot_id = length(local.application_data.accounts[local.environment].dbf03_snapshot_id) > 0 ? local.application_data.accounts[local.environment].dbf03_snapshot_id : null
size = local.application_data.accounts[local.environment].ebs_size_ebsdb_dbf03
type = "io2"
iops = local.application_data.accounts[local.environment].ebs_iops_ebsdb_dbf03
Expand Down
3 changes: 2 additions & 1 deletion terraform/environments/ccms-ebs-upgrade/r53.tf
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,12 @@ resource "aws_route53_record" "ebsdb" {
# EBS Conc
resource "aws_route53_record" "ebsconc" {
provider = aws.core-vpc
count = local.application_data.accounts[local.environment].conc_no_instances
zone_id = data.aws_route53_zone.external.zone_id
name = "ccms-ebs-conc-upgrade.${var.networking[0].business-unit}-${local.environment}.modernisation-platform.service.justice.gov.uk"
type = "A"
ttl = 300
records = [aws_instance.ec2_oracle_conc.private_ip]
records = [aws_instance.ec2_oracle_conc[count.index].private_ip]
}

# EBS Apps
Expand Down
1 change: 1 addition & 0 deletions terraform/environments/ccms-ebs-upgrade/sns.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
resource "aws_secretsmanager_secret" "support_email_account" {
name = "support_email_account"
description = "email address of the support account for cw alerts"
recovery_window_in_days = local.is-production ? 30 : 0
}

# Use a default dummy address just for creation. Will require to be populated manually.
Expand Down

0 comments on commit 6685b61

Please sign in to comment.