https://pulumi.com logo
Powered by
#aws
Title
d

dazzling-sundown-39670

06/02/2020, 7:06 AM
Is adding user/db to a aurora cluster possible?
What I'm trying to do:
Copy code
import * as pulumi from '@pulumi/pulumi';
import * as mysql from '@pulumi/mysql';
import * as aws from '@pulumi/aws';
import { vpc, sg, pulumiTags } from './vpc';

const config = new pulumi.Config();
const mysqlUser = config.require('mysqlUsername');
const mysqlPassword = config.requireSecret('mysqlPassword');
const instanceClass = config.requireSecret('mysqlInstanceClass');

const subnetGroup = new aws.rds.SubnetGroup('magento2-subnet', {
  subnetIds: vpc.privateSubnetIds.then(),
});
const currentRegion = pulumi.output(aws.getRegion());

const defaultCluster = new aws.rds.Cluster('default', {
  availabilityZones: [
    pulumi.interpolate`${currentRegion.name}a`,
    pulumi.interpolate`${currentRegion.name}b`,
  ],
  backupRetentionPeriod: 5,
  clusterIdentifier: 'aurora-cluster-demo',
  masterUsername: mysqlUser,
  masterPassword: mysqlPassword,
  preferredBackupWindow: '07:00-09:00',
  deletionProtection: false,
  vpcSecurityGroupIds: [sg.id],
  dbSubnetGroupName: subnetGroup.name,
  tags: pulumiTags,
});

const instance = new aws.rds.ClusterInstance(`cluster_instances-1`, {
  clusterIdentifier: defaultCluster.id,
  identifier: `aurora-cluster-demo-1`,
  instanceClass,
  publiclyAccessible: true,
  tags: pulumiTags,
});

const mysqlProvider = new mysql.Provider('mysql', {
  endpoint: defaultCluster.endpoint,
  username: defaultCluster.masterUsername,
  password: defaultCluster.masterPassword.apply((p) => p!.toString()),
});

const database = new mysql.Database(
  'magento2-db',
  {
    name: 'MAGENTO',
  },
  {
    provider: mysqlProvider,
  },
);

const user = new mysql.User(
  'magento2',
  {
    user: 'magento2',
    host: '%',
    plaintextPassword: 'magento2-secret',
  },
  {
    provider: mysqlProvider,
  },
);

new mysql.Grant(
  'magento2',
  {
    user: user.user,
    host: user.host.apply((h) => h!.toString()),
    database: database.name,
    privileges: ['SELECT', 'UPDATE'],
  },
  {
    provider: mysqlProvider,
  },
);
g

gentle-diamond-70147

06/02/2020, 2:57 PM
This should be possible as far as I know. Are you getting an error?
d

dazzling-sundown-39670

06/02/2020, 4:18 PM
@gentle-diamond-70147 this one:
Copy code
mysql:index:Database (magento2-db):
    error: Could not connect to server: dial tcp 15.236.150.22:3306: connect: operation timed out
g

gentle-diamond-70147

06/02/2020, 4:32 PM
That seems like a network connectivity error. Wherever your Pulumi application is running from will need to have appropriate network access (routes and open security group rules) to connect to the database directly. It's possible the RDS database just took too long to provision and Pulumi gave up trying or you need to open up security group rules so that the Pulumi client can connect to it.
d

dazzling-sundown-39670

06/02/2020, 6:33 PM
Thanks. I created the cluster before adding that so it's definitely up. I also have this:
Copy code
awsx.ec2.SecurityGroupRule.ingress(
  'ingress-access',
  sg,
  new awsx.ec2.AnyIPv4Location(),
  new awsx.ec2.AllTcpPorts(),
  'allow all ports',
);
but I'm not sure on the routing. I will check if I can find that out. Thank you!
Powered by