-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Update redis reserved ip range and Add deletion protection to database #92
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nfoucha
suggested changes
Dec 12, 2023
nfoucha
reviewed
Dec 12, 2023
jsbroks
approved these changes
Dec 15, 2023
yogeshg
approved these changes
Dec 15, 2023
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tx for the detailed notes on testing and context.
tier = var.tier | ||
availability_type = var.availability_type | ||
user_labels = var.labels | ||
deletion_protection_enabled = var.deletion_protection |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
<3
nfoucha
approved these changes
Dec 15, 2023
jsbroks
pushed a commit
that referenced
this pull request
Dec 15, 2023
## [1.22.0](v1.21.0...v1.22.0) (2023-12-15) ### Features * Update redis reserved ip range and Add deletion protection to database ([#92](#92)) ([c5ec027](c5ec027))
This PR is included in version 1.22.0 🎉 |
gls4
pushed a commit
that referenced
this pull request
Feb 9, 2024
…atabase (#92) * feat: Update redis reserved ip range * update * parameterize redis reserved ip range * Adds instance deletion protection on cloud sql * terraform-docs: automated action * fix fmt * update --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
gls4
pushed a commit
that referenced
this pull request
Feb 9, 2024
## [1.22.0](v1.21.0...v1.22.0) (2023-12-15) ### Features * Update redis reserved ip range and Add deletion protection to database ([#92](#92)) ([c5ec027](c5ec027))
gls4
pushed a commit
that referenced
this pull request
Feb 21, 2024
* feat: Add support for t-shirt-sized deployments * terraform-docs: automated action * feat: Update redis reserved ip range and Add deletion protection to database (#92) * feat: Update redis reserved ip range * update * parameterize redis reserved ip range * Adds instance deletion protection on cloud sql * terraform-docs: automated action * fix fmt * update --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> * chore(release): version 1.22.0 [skip ci] ## [1.22.0](v1.21.0...v1.22.0) (2023-12-15) ### Features * Update redis reserved ip range and Add deletion protection to database ([#92](#92)) ([c5ec027](c5ec027)) * set size default to "small" * add output variables * format * terraform-docs: automated action --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: venky-wandb <[email protected]> Co-authored-by: semantic-release-bot <[email protected]> Co-authored-by: George Scott <[email protected]>
adityachoudhari26
added a commit
that referenced
this pull request
Mar 4, 2024
* add new infra alongside existing infra * terraform-docs: automated action * weave install false while rwo being implemented * add boolean flag * terraform-docs: automated action * better var name * terraform-docs: automated action * weave install true test * add wandb_replicas logic for gke app * terraform-docs: automated action * add license and extraenvs * correct caCertPath for redis * minimal spec * re-add bucket, mysql, and redis * add other wandb env * add all but extra envs * add extraEnv * unneeded comma * redis cert path follows helm charts * add depends on * correct controller image tag * add envs * rebase * chore(release): version 1.23.0 [skip ci] ## [1.23.0](v1.22.0...v1.23.0) (2024-02-21) ### Features * Add support for t-shirt-sized deployments ([#91](#91)) ([5432961](5432961)), closes [#92](#92) * fix: Backwards compatibility for t-shirt-sized deployments (#101) * fix: Backwards compatibility for t-shirt-sized deployments * empty * empty * chore(release): version 1.23.1 [skip ci] ### [1.23.1](v1.23.0...v1.23.1) (2024-02-21) ### Bug Fixes * Backwards compatibility for t-shirt-sized deployments ([#101](#101)) ([f812f81](f812f81)) * fix: Backwards compatibility fix to avoid changes in nodegroups. (#102) * fix: backwards compatibility fix to avoid changes in nodegroups. * terraform-docs: automated action * update example --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: George Scott <[email protected]> * chore(release): version 1.23.2 [skip ci] ### [1.23.2](v1.23.1...v1.23.2) (2024-02-22) ### Bug Fixes * Backwards compatibility fix to avoid changes in nodegroups. ([#102](#102)) ([c331853](c331853)) * rebase * rebase * rebase * terraform-docs: automated action * pull out ssl certificate id * specify which https for putput * remove issuer create tag from ingress * add inverse gorilla glue logic --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: semantic-release-bot <[email protected]> Co-authored-by: Yogesh Garg <[email protected]> Co-authored-by: George Scott <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Situation:
![Screen Shot 2023-12-11 at 3 46 05 PM](https://private-user-images.githubusercontent.com/92930965/289702240-9f92c662-7aa7-47f6-a709-7db2c594eef4.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAxODAwMTIsIm5iZiI6MTcyMDE3OTcxMiwicGF0aCI6Ii85MjkzMDk2NS8yODk3MDIyNDAtOWY5MmM2NjItN2FhNy00N2Y2LWE3MDktN2RiMmM1OTRlZWY0LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzA1VDExNDE1MlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTc0MDk3ODEwM2Y1NmExMWMzZjgyZDM2ZmQxOTg5OWExMTU1NzNiNDczMmY1MjUyZjQzNjVkY2E0YTdiMWM1NTgmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.SnGYmcX86r3eKzNuT6_8xgxVb_-sRySDCBwK88EyK9A)
When trying to install REDIS, it tries to establish a private services access connection with a shared VPC network. When creating this for Tower, somehow the reserved IP we have set for Redis appears to be in use.
Solution:
![Screen Shot 2023-12-11 at 3 44 56 PM](https://private-user-images.githubusercontent.com/92930965/289703502-b90d1cae-5eef-4b67-99e0-cd78a878536b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAxODAwMTIsIm5iZiI6MTcyMDE3OTcxMiwicGF0aCI6Ii85MjkzMDk2NS8yODk3MDM1MDItYjkwZDFjYWUtNWVlZi00YjY3LTk5ZTAtY2Q3OGE4Nzg1MzZiLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzA1VDExNDE1MlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWFjZDRlYjE5MzQ4Y2NiMDNhZjUyYjkwODU4MjA0NGZkYzkwZmY0NTJkZjNmMTUyMDMxNWM3OGVhY2IxZDUwYTYmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.lFs9djg5xT_uBEzVcCFQMx-WoCtfJ8Hq7_btz3GOKnQ)
In order to get around that, I had to create the REDIS on a different reserved IP range than the hard-coded one we use. So this PR makes it a configurable parameter. Test to show this works
Situation 2:
None of our GCP databases have deletion protection enabled because there are two different variables to control the deletion protection. More on the thread here
Solution:
![Screen Shot 2023-12-11 at 3 58 12 PM](https://private-user-images.githubusercontent.com/92930965/289703764-3f5673b3-89d6-4644-9d05-aff730b8c37d.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjAxODAwMTIsIm5iZiI6MTcyMDE3OTcxMiwicGF0aCI6Ii85MjkzMDk2NS8yODk3MDM3NjQtM2Y1NjczYjMtODlkNi00NjQ0LTlkMDUtYWZmNzMwYjhjMzdkLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MDUlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzA1VDExNDE1MlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTQ0ZDg5YTA3ZDE5ODViMzQ2NjVhNTA0MTYzMDVmZDU1MDRlZDljMzhkYjc1MzZmYjljMmZkM2E1MzFiMDcxMTMmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.7d2VGrjJsNheCbqcMycrULybccoHU9cNt6axH9HQOGI)
Enable deletion protection at all levels (GCP, gcloud, CLI etc.) and not just at terraform deletion level. Test to show this works