时间戳

首页 > 解决方案 > Terraform AWS Elasticache 全局复制组辅助集群设置自动故障转移为 True

terraform - Terraform AWS Elasticache 全局复制组辅助集群设置自动故障转移为 True

问题描述

我正在尝试预置 AWS Elasitcache 全局复制组。这分两个阶段进行。在第一阶段,主要区域 aws_elasticache_replication_group 和全局 aws_elasticache_global_replication_group 被配置。在第二阶段,次要区域 aws_elasticache_replication_group 使用 global_replication_group_id 属性配置并附加到全局数据存储。次要区域已配置并附加到全局复制组。但是,默认情况下,第二个集群将自动故障转移设置为 true。默认情况下,根据文档,这应该是错误的。Terraform 计划显示自动故障转移为 false,但是当运行 terraform apply 时,自动故障转移设置为 true。所以现在如果我重新运行 terraform apply,

number_of _cache_clusters 在主要和次要中都设置为 2。我尝试在二级集群中只使用一个集群,结果相同。

module.elasticache_redis_global.aws_elasticache_replication_group.redis_cache_cluster_sec:正在修改... [id=sp360commercial-pdx-dev-test4-redis]

231Error: error updates ElastiCache Replication Group (sp360commercial-pdx-dev-test4-redis): error requesting modify: InvalidParameterValue: Cluster [sp360commercial-pdx-dev-test4-redis] is part of a global cluster [ldgnf-sp360commercial-iad- dev-test4-global]。请求被拒绝。

232状态码:400,请求ID:b15e578b-7906-412f-aef8-1d038c9fbb81

233 on .../.../.../modules/aws/elasticache-global/redis.tf 第 1 行,资源“aws_elasticache_replication_group”“redis_cache_cluster_sec”:

234 1:资源“aws_elasticache_replication_group”“redis_cache_cluster_sec”{

236清理基于文件的变量

如果我在辅助集群配置中将自动故障转移显式设置为 true,则会收到一条错误消息,指出自动故障转移属性与全局复制组 ID 属性冲突

错误:ConflictsWith

173 on .../.../.../modules/aws/elasticache-global/redis.tf 第 4 行,在资源“aws_elasticache_replication_group”“redis_cache_cluster_sec”中:

174 4:global_replication_group_id = “${local.globalstore_prefix}-global”</p>

175“global_replication_group_id”:与 automatic_failover_enabled 冲突

176Terraform 应用被跳过,因为 DISRUPTERRA_DRY_RUN 设置为 true。

Terraform 版本 v0.12.24 AWS 提供商版本 3.37.0

我也尝试使用 Terraform 版本 v0.12.31 和 AWS 提供商 3.58,但他的问题存在。我使用 config.yml 文件作为此代码的输入。以下是文件内容。这将在被 terraform 资源使用之前由 shell 脚本转换为 json 文件

storage:
  elasticache:
    instances:
      test4:
        nodeType: cache.r5.large
        applyImmediately: true
        numShards: 1
        numReplicas: 2
        atRestEncryption: true
        transitEncryption: true
        multiAz: true
        globalDatastore:
          primaryRegion: us-east-1
          secondaryRegion: us-west-2

主集群和全局集群

resource "aws_elasticache_global_replication_group" "redis_global_datastore" {
  count = 1
  global_replication_group_id_suffix = "${local.cluster_prefix}-global"
  primary_replication_group_id       = aws_elasticache_replication_group.redis_cache_cluster.id
}

resource "aws_elasticache_replication_group" "redis_cache_cluster" {
  replication_group_id          = "${local.cluster_prefix}-redis"
  replication_group_description = "Provisioned using Terraform"
  number_cache_clusters         = 2
  node_type                     = lookup(local.config, "nodeType", "cache.t2.micro")
  port                          = 6379
  engine_version                = lookup(local.config, "engineVersion", "5.0.6")
  parameter_group_name          = contains(keys(local.config), "parameters") ? aws_elasticache_parameter_group.parameter_group[0].name : local.default_parameter_group
  subnet_group_name             = aws_elasticache_subnet_group.subnet_group.name
  security_group_ids            = [aws_security_group.redis_sg.id]
  maintenance_window            = lookup(local.config, "maintenanceWindow", "sun:02:00-sun:04:00")
  automatic_failover_enabled    = lookup(local.config, "numReplicas", 1) > 1 || lookup(local.config, "numShards", 1) > 1 ? true : false
  apply_immediately             = lookup(local.config, "applyImmediately", true)
  at_rest_encryption_enabled    = lookup(local.config, "atRestEncryption", false)
  transit_encryption_enabled    = lookup(local.config, "transitEncryption", false)
  auth_token                    = var.auth_token
  multi_az_enabled              = lookup(local.config, "multiAz", false)

  dynamic "cluster_mode" {
    for_each = lookup(local.config, "numShards", 1) > 1 ? [true] : []
    content {
      replicas_per_node_group = lookup(local.config, "numReplicas", 1)
      num_node_groups         = lookup(local.config, "numShards", 2)
    }
  }
  lifecycle {
    prevent_destroy = true
    ignore_changes = [parameter_group_name]
  }
}

辅助集群

resource "aws_elasticache_replication_group" "redis_cache_cluster_sec" {
  replication_group_id          = "${local.cluster_prefix}-redis"
  replication_group_description = "Provisioned using Terraform"
  global_replication_group_id   = "${local.globalstore_prefix}-global"
  auth_token                    = var.auth_token
  subnet_group_name             = aws_elasticache_subnet_group.subnet_group.name
  security_group_ids            = [aws_security_group.redis_sg.id]
}

标签: terraformterraform-provider-awsamazon-elasticacheterraform0.12+

解决方案

这对我有用(窃取你为我自己的实现所拥有的东西:P)

resource "aws_elasticache_replication_group" "redis_cache_cluster_sec" {
  count = var.existing_global_replication_group_id != "" ? 1 : 0
  replication_group_id          = var.cluster_name
  replication_group_description = "Secondary cluster provisioned by Terraform"
  global_replication_group_id   = var.existing_global_replication_group_id
  number_cache_clusters         = var.number_cache_clusters
  subnet_group_name             = aws_elasticache_subnet_group.subnet_group.name
  security_group_ids            = var.security_group_ids
  automatic_failover_enabled    = true
  dynamic "cluster_mode" {
    for_each = var.num_node_groups > 1 ? [true] : []
    content {
      replicas_per_node_group = var.replicas_per_node_group
      num_node_groups         = null
    }
  }
}

推荐阅读