在這個AWS 資料庫博客中,他們斷言
您可以在單可用區資料庫 (DB) 實體或多可用區資料庫實體中設定 Amazon RDS,以滿足高可用性要求
你可以
...修改現有的單可用區實體以成為多可用區部署。
此外,
...您可以創建多可用區只讀副本,將其與單可用區資料庫實體同步,然后將其提升為主資料庫實體,以最大限度地減少轉換程序中的延遲。
此外,在官方AWS VPC 模塊的v1.32 中,多次參考了single_nat_gateway的用法,特別是
如果 single_nat_gateway = true,則所有私有子網都將通過此單個 NAT 網關路由其 Internet 流量。
在官方 RDS 模塊中,multi_az默認顯示為false( link )。
盡管如此,我收到以下錯誤
?
│ Error: DBSubnetGroupDoesNotCoverEnoughAZs: The DB subnet group doesn't meet Availability Zone (AZ) coverage requirement. Current AZ coverage: us-west-2a. Add subnets to cover at least 2 AZs.
│ status code: 400, request id: *****
│
│ with module.rds.module.db_subnet_group.aws_db_subnet_group.this[0],
│ on .terraform/modules/rds/modules/db_subnet_group/main.tf line 8, in resource "aws_db_subnet_group" "this":
│ 8: resource "aws_db_subnet_group" "this" {
嘗試terraform apply此main.tf配置時:
module "rds" {
source = "terraform-aws-modules/rds/aws"
version = "~> 3.4.0"
identifier = "${var.env}-${var.user}-${local.db_name}"
engine = var.postgres.engine
engine_version = var.postgres.engine_version
family = var.postgres.family
major_engine_version = var.postgres.major_engine_version
instance_class = var.postgres.instance_class
allocated_storage = var.postgres.allocated_storage
max_allocated_storage = var.postgres.max_allocated_storage
storage_encrypted = var.postgres.storage_encrypted
password = random_password.password.result
port = var.postgres.port
multi_az = false
subnet_ids = [data.aws_subnet.priv1.id]
vpc_security_group_ids = [module.db_security_group.security_group_id]
maintenance_window = var.postgres.maintenance_window
backup_window = var.postgres.backup_window
enabled_cloudwatch_logs_exports = var.postgres.enabled_cloudwatch_logs_exports
backup_retention_period = var.postgres.backup_retention_period
skip_final_snapshot = var.postgres.skip_final_snapshot
deletion_protection = var.postgres.deletion_protection
performance_insights_enabled = var.postgres.performance_insights_enabled
performance_insights_retention_period = var.postgres.performance_insights_retention_period
create_monitoring_role = var.postgres.create_monitoring_role
monitoring_role_name = "${var.env}-${var.user}-${var.postgres.monitoring_role_name}"
monitoring_interval = var.postgres.monitoring_interval
snapshot_identifier = var.postgres.snapshot_identifier
iam_database_authentication_enabled = var.postgres.iam_auth
apply_immediately = true
tags = {
Name = "${var.env}-${var.user}-rds"
Terraform = "true"
Environment = var.env
Created = timestamp()
}
}
postgres在 my 中定義了這個變數terraform.tfvars:
postgres = {
db_name = "postgres-db"
# All available versions: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts
engine = "postgres"
engine_version = "11.12"
family = "postgres11" # DB parameter group
major_engine_version = "11" # DB option group
instance_class = "db.t2.micro"
allocated_storage = 100
max_allocated_storage = 200
storage_encrypted = false
port = 5432
multi_az = false
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
enabled_cloudwatch_logs_exports = ["postgresql", "upgrade"]
backup_retention_period = 0
skip_final_snapshot = true
deletion_protection = false
performance_insights_enabled = false
performance_insights_retention_period = 7
create_monitoring_role = true
monitoring_role_name = "monitoring_role"
monitoring_interval = 60
snapshot_identifier = "arn:aws:rds:us-west-2:999999999999:snapshot:rds-ss"
iam_auth = true
}
關于 SO 的類似問題似乎都有關于您必須提供多個可用區的主題的答案,這意味著至少有兩個子網,如果您手動將它們創建為私有子網,那么每個子網都需要自己的 NAT 網關。這似乎是不必要的昂貴和限制,尤其是對于開發和測驗環境。
如何使用這些組件部署單 az RDS Postgres 實體?
uj5u.com熱心網友回復:
一個資料庫子網組必須有多個子網。這是您無法繞過的 RDS 要求。即使您只部署一個實體,如果整個可用區出現故障,Amazon RDS 也會在您指定的其他可用區之一中自動啟動一個新實體。這是您通過 Amazon RDS 自動獲得的托管資料庫服務之一。
因此,即使您正在部署單 az 實體,也必須在資料庫子網組中指定多個可用區。
轉載請註明出處,本文鏈接:https://www.uj5u.com/net/408899.html
標籤: