Keycloak

Форк
0
/
deploy-aurora-multi-az.adoc 
62 строки · 3.3 Кб
1
<#import "/templates/guide.adoc" as tmpl>
2
<#import "/templates/links.adoc" as links>
3

4
<@tmpl.guide
5
title="Deploy AWS Aurora in multiple availability zones"
6
summary="Building block for a database"
7
tileVisible="false" >
8

9
This topic describes how to deploy an Aurora regional deployment of a PostgreSQL instance across multiple availability zones to tolerate one or more availability zone failures in a given AWS region.
10

11
This deployment is intended to be used with the setup described in the <@links.ha id="concepts-active-passive-sync"/> {section}.
12
Use this deployment with the other building blocks outlined in the <@links.ha id="bblocks-active-passive-sync"/> {section}.
13

14
include::partials/blueprint-disclaimer.adoc[]
15

16
== Architecture
17

18
Aurora database clusters consist of multiple Aurora database instances, with one instance designated as the primary writer and all others as backup readers.
19
To ensure high availability in the event of availability zone failures, Aurora allows database instances to be deployed across multiple zones in a single AWS region.
20
In the event of a failure on the availability zone that is hosting the Primary database instance, Aurora automatically heals itself and promotes a reader instance from a non-failed availability zone to be the new writer instance.
21

22
.Aurora Multiple Availability Zone Deployment
23
image::high-availability/aurora-multi-az.dio.svg[]
24

25
See the https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_AuroraOverview.html[AWS Aurora documentation] for more details on the semantics provided by Aurora databases.
26

27
This documentation follows AWS best practices and creates a private Aurora database that is not exposed to the Internet.
28
To access the database from a ROSA cluster, <<establish-peering-connections-with-rosa-clusters,establish a peering connection between the database and the ROSA cluster>>.
29

30
== Procedure
31

32
The following procedure contains two sections:
33

34
* Creation of an Aurora Multi-AZ database cluster with the name "keycloak-aurora" in eu-west-1.
35
* Creation of a peering connection between the ROSA cluster(s) and the Aurora VPC to allow applications deployed on the ROSA clusters to establish connections with the database.
36

37
=== Create Aurora database Cluster
38

39
include::partials/aurora/aurora-multiaz-create-procedure.adoc[]
40

41
[#establish-peering-connections-with-rosa-clusters]
42
=== Establish Peering Connections with ROSA clusters
43

44
Perform these steps once for each ROSA cluster that contains a {project_name} deployment.
45

46
include::partials/aurora/aurora-create-peering-connections.adoc[]
47

48
== Verifying the connection
49

50
include::partials/aurora/aurora-verify-peering-connections.adoc[]
51

52
== Deploying {project_name}
53

54
Now that an Aurora database has been established and linked with all of your ROSA clusters, the next step is to deploy {project_name} as described in the <@links.ha id="deploy-keycloak-kubernetes" /> {section} with the JDBC url configured to use the Aurora database writer endpoint.
55
To do this, create a `{project_name}` CR with the following adjustments:
56

57
. Update `spec.db.url` to be `jdbc:aws-wrapper:postgresql://$HOST:5432/keycloak` where `$HOST` is the
58
<<aurora-writer-url, Aurora writer endpoint URL>>.
59

60
. Ensure that the Secrets referenced by `spec.db.usernameSecret` and `spec.db.passwordSecret` contain usernames and passwords defined when creating Aurora.
61

62
</@tmpl.guide>
63

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.