Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform

Deploying MySQL InnoDB
Cluster on OCI with Terraform
Oracle Developer Live
Frédéric Descamps
Community Manager
MySQL

Who am I ?
about.me/lefred
Copyright @ 2020 Oracle and/or its affiliates.2

@lefred
MySQL Evangelist
Managing MySQL since
3.20
devops believer
living in Belgium
h ps://lefred.be
Frédéric Descamps

Sign up
Oracle Cloud Free Trier

Breakout Lab Support
Today's Experts Standing By:
- Miguel - Dave
- Olivier - Ted
- Vi orio
Have a Question?
Direct your question via chat to one of our experts above or the instructor.
Breakout Rooms
If you are not able to get your question answered within the chat, we have
breakout rooms available for you.
We ask that if your question requires the use of a breakout room, that the time
within the breakout room remains brief to ensure experts can assist others in
need of help.

use only Germany Central (Frankfurt) !!
and use the same email you used to register
to this session
Prerequisites
Please create your OCI free account following all the instructions from the Livelabs:
h ps://oracle.github.io/learning-library/oci-library/oci-hol/odl-mysql-idc-terraform-hol-
master/workshops/freetier/

Free Trier: note on always free
To perform this lab, you need to use a new Free Trier account provided today. If you have
an old one, it might not work if you don't have the free credits.
If this is your case you won't be able to:
use more than 1 node in your cluster
use the NAT gateway and split the databases in a private subnet
And you will have to use VM.Standard.E2.1.Micro shape.

Infrastructure as Code
What is Terraform ?

What is Terraform ?
Terraform is a tool for building, changing, and versioning infrastructure safely and
e ciently. Terraform can manage existing and popular service providers as well as custom
in-house solutions.

Terraform & OCI
Oracle Cloud Infrastructure is supported by Terraform.
We provide many OCI quickstarts in github: h ps://github.com/oracle-quickstart/.

Terraform & OCI
Oracle Cloud Infrastructure is supported by Terraform.
We provide many OCI quickstarts in github: h ps://github.com/oracle-quickstart/.
Today we will use a contribution to the original MySQL one: h ps://github.com/lefred/oci-
mysql-idc.git

Architecture
What will we deploy ?

Architecture
MySQL 1
MySQL 3
VCN
10.0.0.0/16
Public Subnet
10.0.0.0/24
Private Subnet
10.0.1.0/24
Private Subnet
10.0.1.0/24
Group Replication
Fault Domain 1
Fault Domain2
Fault Domain3
MySQL 2
Bastion Host

Get ready
Se ing up your environment

an OCI account
Terraform
git
ssh client
on Windows, for git and ssh, you should use
h ps://github.com/git-for-windows/git/releases/latest
Se ing up your environment
You need:

Prerequisites &
Introduction

Prerequisites &
Introduction
ready ? update your feedback !

Update your feedback
At the end of each LAB, please update your feedback in the participants list:

Creating your API keys:
$ mkdir ~/.oci
$ openssl genrsa -out ~/.oci/oci_api_key.pem 2048
$ chmod go-rwx ~/.oci/oci_api_key.pem
$ openssl rsa -pubout -in ~/.oci/oci_api_key.pem -out ~/.oci/oci_api_key_public.pem
And for SSH don't provide passphrase:
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/fred/.ssh/id_rsa): id_rsa_oci
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in id_rsa_oci
Your public key has been saved in id_rsa_oci.pub
Prepare your OCI environment

Prepare your OCI environment (2)
Example for our Windows user friends:

Example for our Windows user friends - API keys:

Example for our Windows user friends - SSH keys:

In our example, the key is
~/.oci/oci_api_key_public.pem
Prepare your OCI environment - deploy your API key
You need to deploy your public API key on OCI:

LAB 1

Terraform is a unique binary you can download from
h ps://www.terraform.io/downloads.html
$ cd ~bin
$ wget
https://releases.hashicorp.com/terraform/0.13.4/terraform_0.13.4_linux_amd64.zip
$ unzip terraform_0.13.4_linux_amd64.zip
Archive: terraform_0.13.4_linux_amd64.zip
inflating: terraform
$ terraform --version
Terraform v0.13.4
Installing Terraform

Installing Terraform (2)
Example for our Windows user friends:

$ git clone https://github.com/lefred/oci-mysql-idc.git
Ge ing the git repo

Ge ing the git repo
Now we need to copy terraform.tfvars.template to edit it:
$ cd oci-mysql-idc
$ cp terraform.tfvars.template terraform.tfvars

Ge ing the git repo
Now we need to copy terraform.tfvars.template to edit it:
$ cd oci-mysql-idc
$ cp terraform.tfvars.template terraform.tfvars
This is maybe the most complex task of the deployment ;-)

terraform.tvars
tenancy_ocid = "<REPLACE_ME>"
user_ocid = "<REPLACE_ME>"
fingerprint= "RE:PL:AC:E_:ME:__:RE:PL:AC:E_:ME:__:XX:XX:XX:XX"
private_key_path = "<REPLACE_ME>.pem"
region = "<REPLACE_ME>"
compartment_ocid = "<REPLACE_ME>"
ssh_authorized_keys_path = "<REPLACE_ME>"
ssh_private_key_path = "<REPLACE_ME>"
clusteradmin_password = "<REPLACE_ME>"
cluster_name = "MyClusterInOCI"
number_of_nodes = "3"
node_shape = "VM.Standard.E2.1"

terraform.tvars

tenancy_oid

tenancy_oid (2)

terraform.tvars

user_ocid

terraform.tvars

Key & Fingerprint
The private_key_path value is the path of oci_api_key.pem:
private_key_path = "/home/fred/.oci/oci_api_key.pem"

Key & Fingerprint
The private_key_path value is the path of oci_api_key.pem:
private_key_path = "/home/fred/.oci/oci_api_key.pem"
And to get the Fingerprint:

terraform.tvars

us-gov-ashburn-1
us-gov-chicago-1
us-gov-phoenix-1
us-langley-1
us-luke-1
us-phoenix-1
us-sanjose-1
eu-amsterdam-1
eu-frankfurt-1
eu-zurich-1
me-jeddah-1
sa-saopaulo-1
uk-london-1
us-ashburn-1
ap-chuncheon-1
ap-hyderabad-1
ap-melbourne-1
ap-mumbai-1
ap-osaka-1
ap-seoul-1
ap-sydney-1
ap-tokyo-1
ca-montreal-1
ca-toronto-1
Region
The di erent regions (not all accessible) as on September 2020 are:

terraform.tvars

compartment_ocid
You may or not have setup di erent compartments. I usually use a sandbox for example.

compartment_ocid (2)

terraform.tvars

SSH Keys
You need to specify keys to connect in ssh to the compute instances (only via the bastion
host to the MySQL InnoDB Cluster nodes).

SSH Keys
Pay a ention to provide the full path and to verify that the private keys are those without
.pub !

SSH Keys
Pay a ention to provide the full path and to verify that the private keys are those without
.pub !
ssh_authorized_keys_path = "/home/fred/.ssh/id_rsa_oci.pub"
ssh_private_key_path = "/home/fred/.ssh/id_rsa_oci"

terraform.tvars

Cluster information
The dedicated user that we create is called clusteradmin and you can specify its password.
You can also specify and name for the cluster.
clusteradmin_password = "MyB1gPassw0rd!"

Cluster information
The dedicated user that we create is called clusteradmin and you can specify its password.
You can also specify and name for the cluster.
clusteradmin_password = "MyB1gPassw0rd!"
You can also specify the number of nodes that needs to be deployed in your cluster. 3 is
the recommended amount but for testing purpose when you develop your Terraform
recipes, you can reduce it.

terraform.tvars

More info on
h ps://docs.cloud.oracle.com/en-
us/iaas/Content/Compute/References/compute
Node Shape
This speci es the Compute Instance's Shape. Of course it depends on your limits.
You can nd the di erent shapes on OCI Dashboard:

Node Shape (2)
Using the Free Trier provided today, the node shape should be VM.Standard.E2.1

terraform.tvars
node_image_id="ocid1.image..."

Oracle Linux 8.2-2020.07.28-0 is for example:
eu-
frankfurt-
1
ocid1.image.oc1.eu-frankfurt-
1.aaaaaaaau6ypymprt22fhkenua6fbz2mhy62kdbn6zskrv3fy7fdrq c4ka
us-
ashburn-
1
ocid1.image.oc1.iad.aaaaaaaa7loygdwzmew3hud3bqjyzamzqnz3krpiuhjb3z3u5s3hmmtar6mq
node_image_id - (optional)
This is the ocid of the compute instance you will use. For this demo, we will use the same
on all nodes. The image depends of your region.
You can nd the list of images on h ps://docs.cloud.oracle.com/en-us/iaas/images/

Oracle Linux 8.2-2020.07.28-0 is for example:
eu-
frankfurt-
1
ocid1.image.oc1.eu-frankfurt-
1.aaaaaaaau6ypymprt22fhkenua6fbz2mhy62kdbn6zskrv3fy7fdrq c4ka
us-
ashburn-
1
ocid1.image.oc1.iad.aaaaaaaa7loygdwzmew3hud3bqjyzamzqnz3krpiuhjb3z3u5s3hmmtar6mq
node_image_id - (optional)
This is the ocid of the compute instance you will use. For this demo, we will use the same
on all nodes. The image depends of your region.
You can nd the list of images on h ps://docs.cloud.oracle.com/en-us/iaas/images/
If you don't specify any, Oracle Linux 8 images in your region
will be used.

LAB 2

Terraform in action
It's time to deploy !

Terraform
Now that everything is setup, we need to init our environment:
$ terraform init

Terraform - plan
Let's see if everything is correct and what the system will deploy in OCI using the plan
command:
$ terraform plan

Terraform - deployment
Let's deploy our infrastructure with apply:
$ terraform apply

Terraform - deployment (2)
While the deployment is happening, you can verify in OCI Dashboard, the creation of the
compute instances:

Terraform - deployment (3)

LAB 3

Let's verify
MySQL InnoDB Cluster

Connection to the Bastion Host
To connect to the bastion host, we use ssh with the user opc on the public IP (use yours!)
and the ssh key we created:

MySQL InnoDB Cluster
Let's connect to the cluster using MySQL Shell

MySQL InnoDB Cluster - Status

MySQL InnoDB Cluster - Router

MySQL InnoDB Cluster - Router
For security reason, we didn't open the MySQL Router ports on the public IP.

LAB 4

House keeping, you only pay what you
consume !
Cleaning up !

Terraform - terminating our environment
It's also very easy to terminate everything using the destroy command:
$ terraform destroy

LAB 5

OCI Resource Manager
... and now for smart & lazy people ;-)

OCI Resource Manager
It's also possible to deploy without pain, the same architecture using OCI Resource and
Stacks !

OCI Resource Manager - stack creation
Let's create our stack:

OCI Resource Manager - stack creation (2)
Now we can download the stack package on h ps://github.com/lefred/oci-mysql-
idc/releases/tag/1.1.0

Just drop the zip le here:

Fill some variables:

Let's start with only 1 MySQL InnoDB Cluster node:

OCI Resource Manager - stack creation review
We can review the variables and create it:

OCI Resource Manager - jobs
The rst job we will run it the plan to see what will be the required modi cations:

OCI Resource Manager - jobs (2)
If all went well, we will see it as succeeded:

OCI Resource Manager - apply job
As the plan succeeded, we can apply our code for this infrastructure:

OCI Resource Manager - apply job (2)
It's possible to follow the process in "real time" in the logs:

The Terraform output
is a bit di erent as
everything was
handled by the stack.
All required SSH keys
were also created:
OCI Resource Manager - apply job (3)

OCI Resource Manager - compute instances
Of course the compute instances were created:

Connection
We need to copy the SSH private key from the jobs output in a le if we want to connect to
the bastion host. We also need to change the ownership of it:
$ vi priv.key
<-- paste the content in the file and save it -->
$ chmod 600 priv.key
$ ssh -i priv.key opc@130.61.xx.xx
[opc@mysqlshellbastion ~]$

LAB 6

Thank you !

Q&A

Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform

Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform

Similar to Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform (20)

More from Frederic Descamps

More from Frederic Descamps (10)

Recently uploaded

Recently uploaded (20)

Oracle Developer Live: Deploying MySQL InnoDB Cluster on OCI with Terraform