Introduce DocumentDB.
DocumentDB mongoDB.
- Aurora is an “AWS-implementation” of PostgreSQL/MYSQL…
- DocumentDB is the same for MongoDB (which is a NoSQL database)
- MongoDB is used to store, query, and index JSON data
- Similar “deployment concepts” as Aurora
- Fully Managed, highly available with replication across 3 AZ Aurora storage automatically grows in increments of 10GB, up to 64 TB.
- Automatically scales to workloads with millions of requests per seconds1
Provisioning DocumentDB by Terraform.
để provision DocumentDB chúng ta chủ yếu tìm hiểu 2 resources này:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster_instance
chúng ta sẽ tìm hiểu 1 số value cần thiết thông qua config bên dưới:
resource "aws_docdb_cluster" "default" { count = module.this.enabled ? 1 : 0 cluster_identifier = module.this.id master_username = var.master_username master_password = var.master_password != "" ? var.master_password : random_password.password[0].result backup_retention_period = var.retention_period preferred_backup_window = var.preferred_backup_window preferred_maintenance_window = var.preferred_maintenance_window final_snapshot_identifier = lower(module.this.id) skip_final_snapshot = var.skip_final_snapshot deletion_protection = var.deletion_protection apply_immediately = var.apply_immediately storage_encrypted = var.storage_encrypted storage_type = var.storage_type kms_key_id = var.kms_key_id port = var.db_port snapshot_identifier = var.snapshot_identifier vpc_security_group_ids = concat([join("", aws_security_group.default[*].id)], var.external_security_group_id_list) db_subnet_group_name = join("", aws_docdb_subnet_group.default[*].name) db_cluster_parameter_group_name = join("", aws_docdb_cluster_parameter_group.default[*].name) engine = var.engine engine_version = var.engine_version enabled_cloudwatch_logs_exports = var.enabled_cloudwatch_logs_exports tags = module.this.tags }
cluster_identifier: This is the name you give to your DocumentDB cluster for identification
backup_retention_period: (Optional) parameter in the context of configuring an AWS DocumentDB cluster (or other database services) is crucial for defining how long your backups are retained (stored) before being automatically deleted. Default 1
preferred_backup_window
: (Optional) specifies the daily time window during which automated backups are initiated, follows the format hh24:mi-hh24:mi
.
– For example, 03:00-06:00
indicates a backup window that starts at 3:00 AM UTC and ends at 6:00 AM UTC.
– Time in UTC Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00
preferred_maintenance_window: (Optional) The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30
skip_final_snapshot: (Optional) If set to true
, no final snapshot is taken when the cluster is deleted. This can be risky because you won’t have a backup of your last statefinal_snapshot_identifier
: (Optional) A final snapshot is taken for backup before deleting the cluster. This setting specifies the name for that snapshot, which is set to a lowercase version of the cluster identifier.
deletion_protection
: (Optional) If true
, the cluster cannot be deleted, which helps prevent accidental loss of data. By default, deletion protection is disabled
apply_immediately
: (Optional) Determines whether changes are applied immediately or during the next maintenance window. Default is false
.
storage_encrypted
: (Optional) When set to true
, your data at rest in the cluster is encrypted. The default is false
storage_type
: These settings configure the storage type. Valid values: standard
, iopt1
.kms_key_id
: (Optional) The ARN for the KMS encryption key. When specifying kms_key_id
, storage_encrypted
needs to be set to true.
port: (Optional) The port on which the DB accepts connectionssnapshot_identifier
: If specified, the cluster is created from this snapshot, effectively cloning or restoring from a backup.
Sau khi provisioning resource trên bạn sẽ được như dưới hình:
Sau khi chúng ta provisioning được con controller thì chúng ta tiếp tục provision các con instance:
resource "aws_docdb_cluster_instance" "default" { count = var.cluster_size identifier = "${var.cluster_name}-${count.index + 1}" cluster_identifier = join("", aws_docdb_cluster.default[*].id) apply_immediately = var.apply_immediately preferred_maintenance_window = var.preferred_maintenance_window instance_class = var.instance_type engine = var.engine_db auto_minor_version_upgrade = var.auto_minor_version_upgrade enable_performance_insights = var.enable_performance_insights ca_cert_identifier = var.ca_cert_identifier }
identifier: Defines a unique identifier (name) for each cluster instance
instance_class: The instance class to use. For more details, see https://docs.aws.amazon.com/documentdb/latest/developerguide/db-instance-classes.html#db-instance-class-specs
engine: The name of the database engine to be used for this DB cluster. Defaults to `docdb`
enable_performance_insights: (Optional) A value that indicates whether to enable Performance Insights for the DB Instance. Default false
. See docs about the details.
sau khi bạn tạo xong kết quả như bên dưới:
Có một chỗ này khi mình sài navicat:
với hướng dẫn của AWS thì chúng ta phải sài file .pem
mongodb://txxxxn:<insertYourPassword>@mongodb.cluster-xxxxxx.us-west-2.docdb.amazonaws.com:27017/?tls=true&tlsCAFile=global-bundle.pem&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false
Bạn có sài URL như thế này không cần file .pem
ssl=true là ok
mongodb://<username>:<pass_word>@mongodb.cluster-xxxxx.us-west-2.docdb.amazonaws.com:27017/?ssl=true&authSource=admin&tlsAllowInvalidCertificates=true&replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false
DocumentDB Terraform module
https://registry.terraform.io/modules/mrnim94/documentdb-mongodb/aws/latest
data "aws_vpc" "selected" { tags = { Name = "dev-mdcl-mdaas-engine" # Replace with your VPC's tag name } } data "aws_subnets" "private_networks" { filter { name = "vpc-id" values = [data.aws_vpc.selected.id] } filter { name = "tag:kubernetes.io/role/internal-elb" values = ["1"] } } module "documentdb-mongodb" { source = "mrnim94/documentdb-mongodb/aws" version = "0.0.8" vpc_id = data.aws_vpc.selected.id subnet_ids = data.aws_subnets.private_networks.ids cluster_name = "mongodb" engine_version = "5.0.0" cluster_family = "docdb5.0" allow_major_version_upgrade = true retention_period = 35 instance_type = "db.t3.medium" cluster_size = 1 allowed_cidr_blocks = [data.aws_vpc.selected.cidr_block,"10.195.8.0/21"] }