Change to aurora serverless v2

consensusnetworks · Jul 5, 2023 · 6c43511 · 6c43511
1 parent 852bd9b
commit 6c43511
Show file tree

Hide file tree

Showing 6 changed files with 45 additions and 23 deletions.
diff --git a/infrastructure/cdk/src/index.ts b/infrastructure/cdk/src/index.ts
@@ -13,11 +13,11 @@ const config = new Config()
 const { env, stage } = config
 const app = new cdk.App()
 const { hostedZone, certificate } = new DnsStack(app, config.getFullStackName('dns'), { env })
-const { cluster, vpc } = new NetworkStack(app, config.getFullStackName('network'), { env })
+const { vpc } = new NetworkStack(app, config.getFullStackName('network'), { env })
 if (stage !== 'prod') {
     /** Create development-only stacks */
     new AnalyticsStack(app, config.getFullStackName('analytics'), { env })
-    new UsersStack(app, config.getFullStackName('users'), { env, certificate, cluster, hostedZone, vpc })
+    new UsersStack(app, config.getFullStackName('users'), { env, certificate, hostedZone, vpc })
     new WebStack(app, config.getFullStackName('web'), { env, certificate, hostedZone })
 } else {
     /** Create production-only stacks */

diff --git a/infrastructure/cdk/src/interfaces/StackProps.ts b/infrastructure/cdk/src/interfaces/StackProps.ts
@@ -30,8 +30,6 @@ export interface NodesStackProps extends cdk.StackProps {
 export interface UsersStackProps extends cdk.StackProps {
     /** Stage-specific certificate */
     certificate?: certmgr.Certificate
-    /** Stage-specific ECS cluster */
-    cluster: ecs.Cluster
     /** Project-wide route53 hosted zone */
     hostedZone: route53.HostedZone
     /** Stage-specific VPC */

diff --git a/infrastructure/cdk/src/providers/network.ts b/infrastructure/cdk/src/providers/network.ts
@@ -14,20 +14,15 @@ export class NetworkStack extends cdk.Stack {
   public readonly name = pascalCase('network')
   /** Stage-specific Ec2 VPC */
   public readonly vpc: ec2.Vpc
-  /** Stage-specific ECS cluster */
-  public readonly cluster: ecs.Cluster
 
   constructor(scope: Construct, id: string, props: NetworkStackProps) {
     super(scope, id, props)
 
     const config = new Config()
 
-    /** Create a stage-specific Ec2 VPC and ECS cluster */
+    /** Create a stage-specific VPC */
     this.vpc = new ec2.Vpc(this, config.getFullStackResourceName(this.name, 'vpc'), {
       natGateways: 0
     })
-    this.cluster = new ecs.Cluster(this, config.getFullStackResourceName(this.name, 'cluster'), { 
-      vpc: this.vpc
-    })
   }
 }
diff --git a/infrastructure/cdk/src/providers/users.ts b/infrastructure/cdk/src/providers/users.ts
@@ -8,7 +8,7 @@ import * as rds from 'aws-cdk-lib/aws-rds'
 import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager'
 import { UsersStackProps } from '../interfaces/StackProps'
 import { Config } from './config'
-import { kebabCase, snakeCase } from '@casimir/helpers'
+import { kebabCase } from '@casimir/helpers'
 
 /**
  * Users API stack
@@ -26,7 +26,7 @@ export class UsersStack extends cdk.Stack {
 
         const config = new Config()
         const { project, stage, rootDomain, subdomains } = config
-        const { certificate, cluster, hostedZone, vpc } = props
+        const { certificate, hostedZone, vpc } = props
 
         /** Build users service image */
         const imageAsset = new ecrAssets.DockerImageAsset(this, config.getFullStackResourceName(this.name, 'image'), {
@@ -36,6 +36,11 @@ export class UsersStack extends cdk.Stack {
             ignoreMode: cdk.IgnoreMode.GIT
         })
 
+        /** Create a stage-specific ECS cluster */
+        const cluster = new ecs.Cluster(this, config.getFullStackResourceName(this.name, 'cluster'), {
+            vpc
+        })
+
         /** Create a load-balanced users service */
         const usersService = new ecsPatterns.ApplicationLoadBalancedFargateService(this, config.getFullStackResourceName(this.name, 'fargate'), {
             assignPublicIp: true,
@@ -75,18 +80,42 @@ export class UsersStack extends cdk.Stack {
         /** Grant users service access to DB credentials */
         dbCredentials.grantRead(usersService.taskDefinition.taskRole)
 
+        /** Create a DB security group */
+        const dbSecurityGroup = new ec2.SecurityGroup(this, config.getFullStackResourceName(this.name, 'db-security-group'), {
+            vpc,
+            allowAllOutbound: true
+        })
+
+        /** Allow inbound traffic to DB security group */
+        dbSecurityGroup.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(5432))
+
         /** Create a DB cluster */
-        new rds.ServerlessCluster(this, config.getFullStackResourceName(this.name, 'db-cluster'), {
-            enableDataApi: true,
+        const dbCluster = new rds.DatabaseCluster(this, config.getFullStackResourceName(this.name, 'db-cluster'), {
             engine: rds.DatabaseClusterEngine.auroraPostgres({
-                version: rds.AuroraPostgresEngineVersion.VER_13_9
+                version: rds.AuroraPostgresEngineVersion.VER_15_2
             }),
             credentials: rds.Credentials.fromSecret(dbCredentials),
-            securityGroups: [usersService.service.connections.securityGroups[0]],
-            vpc,
-            vpcSubnets: vpc.selectSubnets({
-                subnetType: ec2.SubnetType.PUBLIC
-            })
+            instances: 1,
+            instanceProps: {
+                instanceType: new ec2.InstanceType('serverless'),
+                publiclyAccessible: true,
+                vpc,
+                vpcSubnets: {
+                    subnetType: ec2.SubnetType.PUBLIC
+                }
+            }
+        })
+
+        /** Add DB cluster autoscaling */
+        cdk.Aspects.of(dbCluster).add({
+            visit(node) {
+                if (node instanceof rds.CfnDBCluster) {
+                    node.serverlessV2ScalingConfiguration = {
+                        minCapacity: 0.5,
+                        maxCapacity: 1
+                    }
+                }
+            }
         })
     }
 }
diff --git a/infrastructure/cdk/test/all.test.ts b/infrastructure/cdk/test/all.test.ts
@@ -15,9 +15,9 @@ test('All stacks created', () => {
   const app = new cdk.App()
 
   const { hostedZone, certificate } = new DnsStack(app, config.getFullStackName('dns'), { env })
-  const { cluster, vpc } = new NetworkStack(app, config.getFullStackName('network'), { env })
+  const { vpc } = new NetworkStack(app, config.getFullStackName('network'), { env })
   const analyticsStack = new AnalyticsStack(app, config.getFullStackName('analytics'), { env })
-  const usersStack = new UsersStack(app, config.getFullStackName('users'), { env, certificate, cluster, hostedZone, vpc })
+  const usersStack = new UsersStack(app, config.getFullStackName('users'), { env, certificate, hostedZone, vpc })
   const nodesStack = new NodesStack(app, config.getFullStackName('nodes'), { env, hostedZone })
   const landingStack = new LandingStack(app, config.getFullStackName('landing'), { env, certificate, hostedZone })
   const webStack = new WebStack(app, config.getFullStackName('web'), { env, certificate, hostedZone })

diff --git a/services/users/scripts/docker-compose.yaml b/services/users/scripts/docker-compose.yaml
@@ -2,7 +2,7 @@ version: '3'
 
 services:
   postgres:
-    image: postgres:13.9
+    image: postgres:latest
     container_name: postgres
     healthcheck:
       test: pg_isready -U postgres -d users