48 lines
2.1 KiB
Markdown
48 lines
2.1 KiB
Markdown
---
|
||
title: "Learning Sessions Cloud Transformation Programme-Deploying RDS via Terraform"
|
||
type: source
|
||
tags: [Terraform, RDS, IaC, CTP]
|
||
date: 2026-04-14
|
||
---
|
||
|
||
## Source File
|
||
- [[raw/Cloud & DevOps/Public-Cloud-Learning-Sessions/03_Terraform/learning-sessions-cloud-transformation-programme-deploying-rds-via-terraform.md]]
|
||
|
||
## Summary
|
||
- 核心主题:通过 Terraform 部署 Amazon RDS,推广基础设施即代码(IaC)方法
|
||
- 问题域:RDS 部署方式选择(控制台 vs IaC)、模块化基础设施管理
|
||
- 方法/机制:使用 Terragrunt(Terraform 包装器)进行模块化部署,SRE 核心模块和 Gruntwork 模块
|
||
- 结论/价值:IaC 提供速度、灵活性、一致性、灾难恢复、文档化和自动化优势
|
||
|
||
## Key Claims
|
||
- IaC 相比控制台部署更适合任何规模的 RDS — 代码即文档
|
||
- 推荐使用 Gruntwork RDS 服务而非裸机 RDS 模块(预建 KMS 加密和 CloudWatch 告警功能)
|
||
- SRE 核心模块功能不如 Gruntwork 服务完善
|
||
- 使用 Terragrunt 保持代码整洁,避免变量重复
|
||
- 生产环境应使用标记版本而非 master 分支以保证稳定性
|
||
|
||
## Key Quotes
|
||
> "We use Terragrunt, which is basically it's a wrapper around Terraform, and it allows you to keep your code clean and you're not repeating your variables all the time." — Greg, DBRE Team
|
||
|
||
## Key Concepts
|
||
- [[IaC]]:基础设施即代码,通过声明式配置管理云资源
|
||
- [[Terragrunt]]:Terraform 的包装工具,提供模块化、变量共享和环境隔离
|
||
- [[RDS]]:Amazon 关系数据库服务
|
||
- [[CloudWatch]]:AWS 云监控服务,用于仪表板和告警
|
||
- [[KMS]]:AWS 密钥管理服务,用于数据加密
|
||
|
||
## Key Entities
|
||
- [[Greg]]:DBRE 团队成员,演讲者
|
||
- [[Gruntwork]]:提供预建基础设施模块的公司
|
||
- [[AWS]]:云服务提供商
|
||
- [[Cloud Transformation Programme]]:云转型项目(CTP)
|
||
|
||
## Connections
|
||
- [[Terragrunt]] ← uses ← [[Terraform]]
|
||
- [[RDS]] ← deployed_by ← [[Terragrunt]]
|
||
- [[RDS]] ← monitored_by ← [[CloudWatch]]
|
||
- [[RDS]] ← encrypted_by ← [[KMS]]
|
||
- [[Gruntwork]] ← provides ← [[RDS-Module]]
|
||
|
||
## Contradictions
|
||
- 无 |