首頁 探索 說明
註冊 登入
AFS
/
infrastructure-notes
2
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: 056aff9755
分支列表 標籤列表
infrastructure-...
/
RDS Notes.md

RDS Notes.md 2.4 KB
文件歷史 原始文件

RDS Notes

Moving to Encrypted RDS

Migrating the jira rds.

Install the terraform without termination protection.

cd ~/xdr-terraform-live/test/aws/legacy-mdr-test/210-rds-jira
TF_VAR_instance_termination_protection=false terragrunt-local apply

Record the output as you'll need it in the next group.

Then in the console:

  1. Go to the proper account, rds, databases.
  2. Select the new database, and select 'Actions->Delete'
    • Create a final snapshot, just in case you're a fool and deleting the wrong one. Put a date in the name.
  3. Announce start of jira downtime
  4. stop jira
  5. Select the production database and choose actions->take snapshot
    • Give it an identifier like jira-migration-source-<date>
  6. Once created, select it and choose 'actions->copy snapshot'
    • Give it an identifier like 'jira-migration-dest-'
    • Check 'copy tags'
    • Check 'enable encryption'
    • For the master key, choose "Enter a key ARN"
    • Paste the arn from terraform
  7. Select the new snapshot (migration-dest), and choose actions->upgrade snapshot
    • For new engine version, choose "11.8" (latest supported by jira)
  8. wait for update to complete (this will take some time)
  9. Choose actions->restore snapshot:
    • identifier: choose the same name of the instance you removed (e.g. jira2)
    • VPC: The VPC ID from the terraform
    • Subnet Group: subnet group from the terraform
    • VPC Security Groups: Remove 'default', add the output from the terraform (e.g. jira2_rds_sg)
    • Instance type: Burtable class, Type from terraform output
    • Storage type: SSD
    • Allocated Storage: output from terraform
    • Multi-AZ: "Do not create a standby instance"k
    • Database Authentication: Password Authentication
    • Additional Configuration
    • DB Parameter Group: jira2-...
    • Copy tags to snapshot checked (default)
    • Check the export logs
    • Click 'restore db'
  10. Wait for database to enter 'Available'
  11. CLick on the database, select Configuration, and copy the ARN arn:aws:rds:us-east-1:527700175026:db:jira2

    12. Rerun the terraform. It should result in 1 to change, and 0 to add or destroy.

    Update the dbconnection in jira:

    ssh prod-jira-server
sudo bash
cd /opt/jira-data/jira/
cp dbconfig.xml dbconfig.xml.20210129
# change the url with the output of `database_url` from terraform
# Do _not_ change the database-type. postgres72 is correct for versions >= 7.2
systemd start jira

    Test!