Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Refactor resource name definitions and Add Optional Helm Install Support #15

Open
wants to merge 7 commits into
base: main
Choose a base branch
from

Conversation

bobbyiliev
Copy link
Collaborator

@bobbyiliev bobbyiliev commented Dec 22, 2024

This PR includes a few major changes:

  1. Global Resource Prefix: this is a breaking change so we will have to adjust the CI and the existing docs:

    • Deprecated manual resource name definitions (cluster_name, environment, vpc_name, bucket_name, service_account_name, db_identifier).
    • Simplified configuration by allowing users to specify namespace and environment only, which will construct the names of all resources using the format ${namespace}-${environment}-${resource_name}.
  2. Optional Helm Installation for Materialize Operator:

    • Introduced support for enabling Helm installation using:
      install_materialize_operator = true
    • Added configuration for Materialize instances with optional instance-specific details, such as namespace, database credentials, and host. Example:
      materialize_instances = [
        {
          name              = "analytics"
          instance_id       = "12345678-1234-1234-1234-123456789012"
          namespace         = "materialize-environment"
          database_name     = "analytics_db"
          database_username = "materialize"
          database_password = var.database_password
          database_host     = module.materialize_infrastructure.database_endpoint
        },
        {
          name              = "production"
          instance_id       = "87654321-4321-4321-4321-210987654321"
          namespace         = "materialize-environment"
          database_name     = "production_db"
          database_username = "materialize"
          database_password = var.database_password
          database_host     = module.materialize_infrastructure.database_endpoint
        }
      ]

One thing to keep in mind is that the materialize_instances are using the kubernetes_manifest resource which has a couple of limitations:

  • It requires the Kubernetes cluster to be running, otherwise it will fail to connect during the plan stage
  • For CRDs it requires the operator to be installed in the cluster first, otherwise it will fail during the plan stage

The workaround for the above is to not define the materialize_instances initially, once the EKS cluster is ready along with the operator installed, then you can do a second run to setup the materialize_instances.

Fixes #14
Fixes #16

@bobbyiliev bobbyiliev requested review from pH14, kay-kim and def- December 22, 2024 17:43
@bobbyiliev bobbyiliev force-pushed the refactor-resource-name-definitions branch from 9ffd65f to d7c67fa Compare December 22, 2024 17:50
@bobbyiliev bobbyiliev changed the title Refactor resource name definitions Refactor resource name definitions and Add Optional Helm Install Support Dec 22, 2024
Comment on lines +22 to +23
# TODO: Publish the chart to a public repository, currently using a forked version of the chart
repository = "https://raw.githubusercontent.com/bobbyiliev/materialize/refs/heads/helm-chart-package/misc/helm-charts"
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The main next step here is to decide on how we would like to publish the Helm Chart.

Currently, the PR uses a temporary solution with a forked version of the Materialize Helm chart.

We need to decide on an appropriate public repository for publishing the Helm chart, this could totally live in the main repository, we would just need an extra flow to package and generate the index.yaml:

helm package operator
helm repo index .

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I vote for main repository because that's easiest for having compatibility and running e2e tests immediately when something in the terraform plugin changes.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this should be doable, in this case, we could use GitHub pages as suggested on the Helm website: https://helm.sh/docs/topics/chart_repository/#github-pages-example

spec = {
containers = [{
name = "init-db"
image = "postgres:latest"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is there value in pinning this to a version that matches RDS? or not worth the maintenance effort

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good idea! I will update it

value = format(
"postgres://%s:%s@%s/%s?sslmode=require",
each.value.database_username,
each.value.database_password,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this means the pw will appear in plaintext on the Job's definition. you could inject the database username / pw / host as env vars from the Secret (which should be in the same namespace) and construct the URL in the psql statement

}
}

resource "kubernetes_manifest" "db_init_job" {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if it works it works, but I'm a bit surprised we need to do this versus using the RDS provider to initialize the databases for us. this is more portable though!

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it would have been much more convenient, but it is not supported with the RDS terraform module.

You can only initialize a single db:

https://registry.terraform.io/modules/terraform-aws-modules/rds/aws/latest#input_db_name

materialize_instances = [
{
name = "analytics"
instance_id = "12345678-1234-1234-1234-123456789012"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ooc what are these for?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was using those in the bucket definitions: https://github.com/MaterializeInc/terraform-aws-materialize/pull/15/files/8edf57c29a39838a5158d788a3dfd04e28e84573#diff-885a9176a02d8454724784f56e5cb4e4c3be25ab53b298a7ff2a8cf4e316d7cbR76

But now thinking about this, it is quite unnecessary, we could just use the name instead.

@pH14
Copy link

pH14 commented Dec 27, 2024

Very cool! This is going to be so nice for getting set up 🌟

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add Optional Helm Install Support Introduce global resource prefix
3 participants