use azure flexible servers as that supports pg 13+

pluralsh · Jan 5, 2024 · a85c6eb · a85c6eb
1 parent 4517244
commit a85c6eb
Show file tree

Hide file tree

Showing 5 changed files with 55 additions and 35 deletions.
diff --git a/templates/setup/console.tf b/templates/setup/console.tf
@@ -25,7 +25,7 @@ data "local_sensitive_file" "flux" {
 resource "helm_release" "flux" {
   name             = "flux"
   namespace        = "flux"
-  chart            = "flux"
+  chart            = "flux2"
   repository       = "https://fluxcd-community.github.io/helm-charts"
   version          = "2.12.2"
   create_namespace = true

diff --git a/terraform/clouds/azure/locals.tf b/terraform/clouds/azure/locals.tf
@@ -5,5 +5,5 @@ locals {
     name     = var.create_resource_group ? azurerm_resource_group.main[0].name : var.resource_group_name
     location = var.location
   }
-  db_url = format("postgresql://console:%s@%s:5432/console", random_password.password.result, try(azurerm_private_endpoint.pg[0].private_service_connection[0].private_ip_address, ""))
+  db_url = format("postgresql://console:%s@%s:5432/console", random_password.password.result, try(azurerm_postgresql_flexible_server.postgres.fqdn, ""))
 }
diff --git a/terraform/clouds/azure/network.tf b/terraform/clouds/azure/network.tf
@@ -11,4 +11,21 @@ resource "azurerm_subnet" "network" {
   resource_group_name                            = local.resource_group.name
   virtual_network_name                           = azurerm_virtual_network.network.name
   enforce_private_link_endpoint_network_policies = true
+}
+
+resource "azurerm_subnet" "postgres" {
+  name                 = "${var.network_name}-pg"
+  resource_group_name  = local.resource_group.name
+  virtual_network_name = azurerm_virtual_network.network.name
+  address_prefixes     = var.postgres_cidrs
+  service_endpoints    = ["Microsoft.Storage"]
+  delegation {
+    name = "fs"
+    service_delegation {
+      name = "Microsoft.DBforPostgreSQL/flexibleServers"
+      actions = [
+        "Microsoft.Network/virtualNetworks/subnets/join/action",
+      ]
+    }
+  }
 }
diff --git a/terraform/clouds/azure/postgres.tf b/terraform/clouds/azure/postgres.tf
@@ -6,41 +6,29 @@ resource "random_password" "password" {
   special     = false
 }
 
-module "postgresql" {
-  count = var.create_db ? 1 : 0
-  source = "Azure/postgresql/azurerm"
-
+resource "azurerm_private_dns_zone" "postgres" {
+  name                = "plural.postgres.database.azure.com"
   resource_group_name = local.resource_group.name
-  location            = local.resource_group.location
-
-  server_name                   = local.db_name
-  sku_name                      = var.db_sku
-  storage_mb                    = 5120
-  auto_grow_enabled             = true
-  backup_retention_days         = 7
-  geo_redundant_backup_enabled  = false
-  administrator_login           = "console"
-  administrator_password        = random_password.password.result
-  server_version                = "11"
-  ssl_enforcement_enabled       = true
-  public_network_access_enabled = false
-  db_names                      = ["console"]
-  db_charset                    = "UTF8"
-  db_collation                  = "English_United States.1252"
 }
 
-resource "azurerm_private_endpoint" "pg" {
-  count = var.create_db ? 1 : 0
+resource "azurerm_private_dns_zone_virtual_network_link" "postgres" {
+  name                  = "plural.postgres.com"
+  private_dns_zone_name = azurerm_private_dns_zone.postgres.name
+  virtual_network_id    = azurerm_virtual_network.network.id
+  resource_group_name   = local.resource_group.name
+}
 
-  name                = "${local.resource_group.name}-${local.db_name}"
-  location            = local.resource_group.location
-  resource_group_name = local.resource_group.name
-  subnet_id           = azurerm_subnet.network.id
+resource "azurerm_postgresql_flexible_server" "postgres" {
+  name                   = var.db_name
+  resource_group_name    = local.resource_group.name
+  location               = local.resource_group.location
+  version                = "13"
+  delegated_subnet_id    = azurerm_subnet.network.id
+  private_dns_zone_id    = azurerm_private_dns_zone.postgres.id
+  administrator_login    = "console"
+  administrator_password = random_password.password
+  zone                   = "1"
 
-  private_service_connection {
-    name                           = "${local.resource_group.name}-${local.db_name}"
-    private_connection_resource_id = module.postgresql[0].server_id
-    subresource_names              = ["postgresqlServer"]
-    is_manual_connection           = false
-  }
+  storage_mb = var.postgres_disk
+  sku_name   = var.postgres_sku
 }
diff --git a/terraform/clouds/azure/variables.tf b/terraform/clouds/azure/variables.tf
@@ -5,7 +5,7 @@ variable "cluster_name" {
 
 variable "db_name" {
   type = string
-  default = ""
+  default = "plural"
 }
 
 variable "create_db" {
@@ -48,6 +48,21 @@ variable "subnet_cidrs" {
   default = ["10.52.0.0/20"]
 }
 
+variable "postgres_cidrs" {
+  type = list(string)
+  default = ["10.0.2.0/24"]
+}
+
+variable "postgres_disk" {
+  type = number
+  default = 32768
+}
+
+variable "postgres_sku" {
+  type = string
+  default = "GP_Standard_D4s_v3"
+}
+
 variable "db_sku" {
   default = "GP_Gen5_2"
 }