redis: use cloud services for durability (#92)

* redis: use cloud services for durability

* fix digitalocean redis credentials

terraform/cluster/aws/outputs.tf

@@ -22,3 +22,7 @@ output "oidc_sub" {
   depends_on = [aws_eks_node_group.cluster]
   value      = local.oidc_sub
 }
+
+output "subnets" {
+  value = aws_subnet.private.*.id
+}

terraform/rack/aws/variables.tf

@@ -17,3 +17,7 @@ variable "oidc_sub" {
 variable "release" {
   type = string
 }
+
+variable "subnets" {
+  type = list
+}

terraform/rack/azure/main.tf

@@ -3,7 +3,7 @@ terraform {
 }
 
 provider "azurerm" {
-  varsion = "~> 1.37"
+  version = "~> 1.37"
 }
 
 provider "kubernetes" {
@@ -42,14 +42,14 @@ module "api" {
 }
 
 module "redis" {
-  source = "../../redis/k8s"
+  source = "../../redis/azure"
 
   providers = {
-    kubernetes = kubernetes
+    azurerm = azurerm
   }
 
-  name      = "redis"
-  namespace = module.k8s.namespace
+  name           = var.name
+  resource_group = var.resource_group
 }
 
 module "router" {
@@ -66,8 +66,10 @@ module "router" {
   release   = var.release
 
   env = {
-    CACHE      = "redis"
-    REDIS_ADDR = module.redis.addr
-    STORAGE    = "redis"
+    CACHE        = "redis"
+    REDIS_ADDR   = module.redis.addr
+    REDIS_AUTH   = module.redis.auth
+    REDIS_SECURE = "true"
+    STORAGE      = "redis"
   }
 }

terraform/rack/do/main.tf

@@ -43,14 +43,14 @@ module "api" {
 }
 
 module "redis" {
-  source = "../../redis/k8s"
+  source = "../../redis/do"
 
   providers = {
-    kubernetes = kubernetes
+    digitalocean = digitalocean
   }
 
-  name      = "redis"
-  namespace = module.k8s.namespace
+  name   = var.name
+  region = var.region
 }
 
 module "router" {
@@ -67,8 +67,10 @@ module "router" {
   release   = var.release
 
   env = {
-    CACHE      = "redis"
-    REDIS_ADDR = module.redis.addr
-    STORAGE    = "redis"
+    CACHE        = "redis"
+    REDIS_ADDR   = module.redis.addr
+    REDIS_AUTH   = module.redis.auth
+    REDIS_SECURE = "true"
+    STORAGE      = "redis"
   }
 }

terraform/rack/gcp/main.tf

@@ -36,14 +36,14 @@ module "api" {
 }
 
 module "redis" {
-  source = "../../redis/k8s"
+  source = "../../redis/gcp"
 
   providers = {
-    kubernetes = kubernetes
+    google = google
   }
 
-  name      = "redis"
-  namespace = module.k8s.namespace
+  name    = var.name
+  network = var.network
 }
 
 module "router" {

terraform/redis/aws/main.tf

@@ -0,0 +1,27 @@
+provider "aws" {
+  version = "~> 2.22"
+}
+
+resource "random_string" "suffix" {
+  length  = 6
+  special = false
+  upper   = false
+}
+
+resource "aws_elasticache_subnet_group" "redis" {
+  name       = "${var.name}-${random_string.suffix.result}-subnets"
+  subnet_ids = var.subnets
+}
+
+resource "aws_elasticache_replication_group" "redis" {
+  automatic_failover_enabled    = true
+  engine                        = "redis"
+  engine_version                = "4.0.10"
+  node_type                     = "cache.t2.micro"
+  number_cache_clusters         = 2
+  parameter_group_name          = "default.redis4.0"
+  port                          = 6379
+  replication_group_id          = "${var.name}-${random_string.suffix.result}"
+  replication_group_description = var.name
+  subnet_group_name             = aws_elasticache_subnet_group.redis.name
+}

terraform/redis/aws/outputs.tf

@@ -0,0 +1,16 @@
+output "addr" {
+  value = "${aws_elasticache_replication_group.redis.primary_endpoint_address}:${aws_elasticache_replication_group.redis.port}"
+}
+
+output "host" {
+  value = aws_elasticache_replication_group.redis.primary_endpoint_address
+}
+
+output "port" {
+  value = aws_elasticache_replication_group.redis.port
+}
+
+output "url" {
+  value = "redis://${aws_elasticache_replication_group.redis.primary_endpoint_address}:${aws_elasticache_replication_group.redis.port}"
+}
+

terraform/redis/aws/variables.tf

@@ -0,0 +1,7 @@
+variable "name" {
+  type = string
+}
+
+variable "subnets" {
+  type = list
+}

terraform/redis/azure/main.tf

@@ -0,0 +1,23 @@
+provider "azurerm" {
+  version = "~> 1.37"
+}
+
+data "azurerm_resource_group" "rack" {
+  name = var.resource_group
+}
+
+resource "random_string" "suffix" {
+  length  = 6
+  special = false
+  upper   = false
+}
+
+resource "azurerm_redis_cache" "redis" {
+  name = "${var.name}-${random_string.suffix.result}"
+
+  capacity            = 0
+  family              = "C"
+  location            = data.azurerm_resource_group.rack.location
+  resource_group_name = data.azurerm_resource_group.rack.name
+  sku_name            = "Standard"
+}

terraform/redis/azure/outputs.tf

@@ -0,0 +1,19 @@
+output "addr" {
+  value = "${azurerm_redis_cache.redis.hostname}:${azurerm_redis_cache.redis.ssl_port}"
+}
+
+output "auth" {
+  value = azurerm_redis_cache.redis.primary_access_key
+}
+
+output "host" {
+  value = azurerm_redis_cache.redis.hostname
+}
+
+output "port" {
+  value = azurerm_redis_cache.redis.ssl_port
+}
+
+output "url" {
+  value = "redisis://${azurerm_redis_cache.redis.primary_access_key}@${azurerm_redis_cache.redis.hostname}:${azurerm_redis_cache.redis.ssl_port}"
+}

terraform/redis/azure/variables.tf

@@ -0,0 +1,7 @@
+variable "name" {
+  type = string
+}
+
+variable "resource_group" {
+  type = string
+}

terraform/redis/do/main.tf

@@ -0,0 +1,21 @@
+provider "digitalocean" {
+  version = "~> 1.11"
+}
+
+resource "random_string" "suffix" {
+  length  = 6
+  special = false
+  upper   = false
+}
+
+resource "digitalocean_database_cluster" "redis" {
+  name       = "${var.name}-${random_string.suffix.result}"
+  engine     = "redis"
+  node_count = 1
+  size       = "db-s-1vcpu-1gb"
+  region     = var.region
+
+  lifecycle {
+    ignore_changes = [version]
+  }
+}

terraform/redis/do/outputs.tf

@@ -0,0 +1,20 @@
+output "addr" {
+  value = "${digitalocean_database_cluster.redis.private_host}:${digitalocean_database_cluster.redis.port}"
+}
+
+output "auth" {
+  value = digitalocean_database_cluster.redis.password
+}
+
+output "host" {
+  value = digitalocean_database_cluster.redis.private_host
+}
+
+output "port" {
+  value = digitalocean_database_cluster.redis.port
+}
+
+output "url" {
+  value = digitalocean_database_cluster.redis.private_uri
+}
+

terraform/redis/do/variables.tf

@@ -0,0 +1,7 @@
+variable "name" {
+  type = string
+}
+
+variable "region" {
+  type = string
+}

terraform/redis/gcp/main.tf

@@ -0,0 +1,11 @@
+provider "google" {
+  version = "~> 3.5.0"
+}
+
+resource "google_redis_instance" "redis" {
+  name = "${var.name}-router"
+
+  authorized_network = var.network
+  memory_size_gb     = 1
+  tier               = "STANDARD_HA"
+}

terraform/redis/gcp/outputs.tf

@@ -0,0 +1,15 @@
+output "addr" {
+  value = "${google_redis_instance.redis.host}:${google_redis_instance.redis.port}"
+}
+
+output "host" {
+  value = google_redis_instance.redis.host
+}
+
+output "port" {
+  value = google_redis_instance.redis.port
+}
+
+output "url" {
+  value = "redis://${google_redis_instance.redis.host}:${google_redis_instance.redis.port}"
+}

terraform/redis/gcp/variables.tf

@@ -0,0 +1,7 @@
+variable "name" {
+  type = string
+}
+
+variable "network" {
+  type = string
+}

terraform/system/aws/main.tf

@@ -73,4 +73,5 @@ module "rack" {
   oidc_arn = module.cluster.oidc_arn
   oidc_sub = module.cluster.oidc_sub
   release  = local.release
+  subnets  = module.cluster.subnets
 }