Mysql
Example: mysql resource based on Azure Database for MySQL
Configuration
This example configures a mysql Resource Definition using Azure Database for MySQL.
The created definition can be used in your Score file using:
resources:
...
db:
type: mysql
Infrastructure setup
graph TD;
subgraph Resource Group
db["Azure Database for MySQL"]
subgraph Workload Virtual Network
private["Private IP"]
subgraph AKS Cluster
workload-pod[Workload Pod]
end
end
workload-pod --> private
db -- private endpoint --> private
end
Orchestrator setup
graph TD;
workload_1 --> db_1["db_1, resource_type: mysql"]
workload_1 --> shared_db_1["shared.db_1", resource_type: mysql]
workload_2 --> shared_db_1
Terraform docs
Requirements
| Name | Version |
|---|---|
| terraform | >= 1.3.0 |
| azuread | ~> 2.47 |
| azurerm | ~> 3.91 |
| humanitec | ~> 1.0 |
Providers
| Name | Version |
|---|---|
| azuread | ~> 2.47 |
| azurerm | ~> 3.91 |
| humanitec | ~> 1.0 |
Modules
| Name | Source | Version |
|---|---|---|
| mysql | ../../humanitec-resource-defs/mysql/basic | n/a |
Resources
| Name | Type |
|---|---|
| azuread_application.humanitec_provisioner | resource |
| azuread_service_principal.humanitec_provisioner | resource |
| azuread_service_principal_password.humanitec_provisioner | resource |
| azurerm_role_assignment.resource_group | resource |
| humanitec_application.example | resource |
| humanitec_resource_account.humanitec_provisioner | resource |
| humanitec_resource_definition_criteria.mysql | resource |
| azurerm_resource_group.main | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| administrator_login | The Administrator login for the MySQL Server. | string |
n/a | yes |
| administrator_login_password | The Password associated with the administrator_login for the MySQL Server. | string |
n/a | yes |
| resource_group_name | Specifies the Name of the Resource Group within which this database will reside. | string |
n/a | yes |
| subnet_name | The name of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint. | string |
n/a | yes |
| subscription_id | The Subscription ID which should be used. | string |
n/a | yes |
| virtual_network_name | The name of the virtual network where Private Endpoint will be allocated. | string |
n/a | yes |
| virtual_network_resource_group_name | Specifies the Name of the Resource Group within which the Private Endpoint should exist. | string |
n/a | yes |
| name | Name of the example application. | string |
"hum-rp-mysql-example" |
no |
| prefix | Prefix of the created resources | string |
"hum-rp-mysql-ex-" |
no |
| resource_packs_azure_rev | Azure Resource Pack git branch. | string |
"refs/heads/main" |
no |
| resource_packs_azure_url | Azure Resource Pack git url. | string |
"https://github.com/humanitec-architecture/resource-packs-azure.git" |
no |
main.tf
(view on GitHub)
:
# Service principal used by Humanitec to provision resources
data "azurerm_resource_group" "main" {
name = var.resource_group_name
}
resource "azuread_application" "humanitec_provisioner" {
display_name = var.name
}
resource "azuread_service_principal" "humanitec_provisioner" {
client_id = azuread_application.humanitec_provisioner.client_id
}
resource "azuread_service_principal_password" "humanitec_provisioner" {
service_principal_id = azuread_service_principal.humanitec_provisioner.object_id
}
resource "azurerm_role_assignment" "resource_group" {
scope = data.azurerm_resource_group.main.id
role_definition_name = "Contributor"
principal_id = azuread_service_principal.humanitec_provisioner.object_id
}
resource "humanitec_resource_account" "humanitec_provisioner" {
id = var.name
name = var.name
type = "azure"
credentials = jsonencode({
"appId" : azuread_service_principal.humanitec_provisioner.client_id,
"displayName" : azuread_application.humanitec_provisioner.display_name,
"password" : azuread_service_principal_password.humanitec_provisioner.value,
"tenant" : azuread_service_principal.humanitec_provisioner.application_tenant_id
})
depends_on = [
# Otherwise the account looses permissions before the resources are deleted
azurerm_role_assignment.resource_group
]
}
# Example application and resource definition criteria
resource "humanitec_application" "example" {
id = var.name
name = var.name
}
module "mysql" {
source = "github.com/humanitec-architecture/resource-packs-azure//humanitec-resource-defs/mysql/basic"
prefix = var.prefix
resource_packs_azure_url = var.resource_packs_azure_url
resource_packs_azure_rev = var.resource_packs_azure_rev
append_logs_to_error = true
driver_account = humanitec_resource_account.humanitec_provisioner.id
subscription_id = var.subscription_id
resource_group_name = var.resource_group_name
administrator_login = var.administrator_login
administrator_login_password = var.administrator_login_password
virtual_network_name = var.virtual_network_name
virtual_network_resource_group_name = var.virtual_network_resource_group_name
subnet_name = var.subnet_name
}
resource "humanitec_resource_definition_criteria" "mysql" {
resource_definition_id = module.mysql.id
app_id = humanitec_application.example.id
}
providers.tf
(view on GitHub)
:
terraform {
required_providers {
azuread = {
source = "hashicorp/azuread"
version = "~> 2.47"
}
azurerm = {
source = "hashicorp/azurerm"
version = "~> 3.91"
}
humanitec = {
source = "humanitec/humanitec"
version = "~> 1.0"
}
}
required_version = ">= 1.3.0"
}
provider "humanitec" {
}
provider "azuread" {
}
provider "azurerm" {
features {}
subscription_id = var.subscription_id
}
terraform.tfvars.example
(view on GitHub)
:
# The Administrator login for the MySQL Server.
administrator_login = ""
# The Password associated with the administrator_login for the MySQL Server.
administrator_login_password = ""
# Name of the example application.
name = "hum-rp-mysql-example"
# Prefix of the created resources
prefix = "hum-rp-mysql-ex-"
# Specifies the Name of the Resource Group within which this database will reside.
resource_group_name = ""
# Azure Resource Pack git branch.
resource_packs_azure_rev = "refs/heads/main"
# Azure Resource Pack git url.
resource_packs_azure_url = "https://github.com/humanitec-architecture/resource-packs-azure.git"
# The name of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint.
subnet_name = ""
# The Subscription ID which should be used.
subscription_id = ""
# The name of the virtual network where Private Endpoint will be allocated.
virtual_network_name = ""
# Specifies the Name of the Resource Group within which the Private Endpoint should exist.
virtual_network_resource_group_name = ""
variables.tf
(view on GitHub)
:
variable "prefix" {
description = "Prefix of the created resources"
type = string
default = "hum-rp-mysql-ex-"
}
variable "name" {
description = "Name of the example application."
type = string
default = "hum-rp-mysql-example"
}
variable "resource_packs_azure_url" {
description = "Azure Resource Pack git url."
type = string
default = "https://github.com/humanitec-architecture/resource-packs-azure.git"
}
variable "resource_packs_azure_rev" {
description = "Azure Resource Pack git branch."
type = string
default = "refs/heads/main"
}
variable "subscription_id" {
description = "The Subscription ID which should be used."
type = string
}
variable "resource_group_name" {
description = "Specifies the Name of the Resource Group within which this database will reside."
type = string
}
variable "administrator_login" {
description = "The Administrator login for the MySQL Server."
type = string
}
variable "administrator_login_password" {
description = "The Password associated with the administrator_login for the MySQL Server."
type = string
}
variable "virtual_network_name" {
description = "The name of the virtual network where Private Endpoint will be allocated."
type = string
}
variable "virtual_network_resource_group_name" {
description = "Specifies the Name of the Resource Group within which the Private Endpoint should exist."
type = string
}
variable "subnet_name" {
description = "The name of the Subnet from which Private IP Addresses will be allocated for this Private Endpoint."
type = string
}