SOLVED || Issue with RDS stack when updating a single stack using AWS-CDK Typescript
Question
Due to the time it takes to create and destroy a vpc and rds instance with aws-cdk, we separated them into individual stacks.
Vpc Rds ( depends on vpc ) Application ( depends on Rds )
At first there was an issue with DB Instance naming. Once this was fixed i started to work on the pipeline for the application stack.
When i try to deploy my application stack it will run through the dependencies and check. Vpc has no changes so that runs through quite quick no updates needed. The same should be said for the Rds stack but its trying to update the stack on every deploy. which if nothing has changed, surely it should behave like the Vpc stack and understand no changes so skip to the next stack.
With CloudFormation we can skip or block any unwanted updates by applying a policy to the stack. This is still in development from what i can see.
https://github.com/aws/aws-cdk/issues/3414 https://github.com/aws/aws-cdk-rfcs/issues/72
There is an example to use setPolicy but that is creating a new cloudformation and im not too sure how i would implement that.
const app = new cdk.App();
const vpc = new VpcStack(app, "vpc", { env, appEnvironment: "staging" });
const rds = new RdsStack(app, "rds", {
env,
vpc: vpc.vpc,
appEnvironment: "staging",
masterPassword: dbPassword,
});
rds.addDependency(vpc);
const appStack = new AppStack(app, "app", {
env,
// configure the environments you want to setup. The default is production &
// staging, but for testing we'll just do staging.
appEnvironments: ["staging"],
environmentProps: {
// per environment options go here
staging: {
vpc: vpc.vpc,
db: {
instance: rds.dbInstance,
securityGroup: rds.securityGroup,
username: rds.username,
password: dbPassword,
},
ebOptions: {
ec2KeyName: "App",
},
},
},
});
appStack.addDependency(rds);
const pipeStack = new PipelineStack(app, "pipeline", {
appEnvironment: "staging"
});
pipeStack.addDependency(appStack);
app.synth();
EDIT
cdk diff output
cdk diff
Stack vpcStaging
There were no differences
Stack rdsStaging
Resources
[~] AWS::RDS::DBInstance instance instanceB**** replace
├─ [~] DBName (requires replacement)
│ ├─ [-] rds_staging
│ └─ [+] DBRds
├─ [~] DeletionPolicy
│ ├─ [-] Delete
│ └─ [+] Retain
└─ [~] UpdateReplacePolicy
├─ [-] Delete
└─ [+] Retain
Stack application
Template
[-] Description Description: Elasticbeanstalk setup for application
Security Group Changes
┌───┬─────────────────────────────────────────────┬─────┬─────────────────────────────────────────────┬─────────────────────────────────────────────┐
│ │ Group │ Dir │ Protocol │ Peer │
├───┼─────────────────────────────────────────────┼─────┼─────────────────────────────────────────────┼─────────────────────────────────────────────┤
│ - │ {"Fn::ImportValue":"rdsStaging:ExportsOutput │ In │ TCP {"Fn::ImportValue":"rdsStaging:ExportsOu │ ${prodsecurityGroupD*****.GroupId} │
│ │ FnGetAttsecurityGroup88888GroupId***** │ │ tputFnGetAttinstance*****EndpointPort***** │ │
│ │ 1"} │ │ *****"} │ │
├───┼─────────────────────────────────────────────┼─────┼─────────────────────────────────────────────┼─────────────────────────────────────────────┤
│ + │ ${staging/securityGroup.GroupId} │ Out │ Everything │ Everyone (IPv4) │
├───┼─────────────────────────────────────────────┼─────┼─────────────────────────────────────────────┼─────────────────────────────────────────────┤
│ + │ {"Fn::ImportValue":"rdsStaging:ExportsOutput │ In │ TCP {"Fn::ImportValue":"rdsStaging:ExportsOu │ ${staging/securityGroup.GroupId} │
│ │ FnGetAttsecurityGroup*****GroupId***** │ │ tputFnGetAttinstance*****EndpointPort***** │ │
│ │ 1"} │ │ *****"} │ │
└───┴─────────────────────────────────────────────┴─────┴─────────────────────────────────────────────┴─────────────────────────────────────────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)
Resources
[-] AWS::EC2::SecurityGroup stagingsecurityGroup****** destroy
[-] AWS::EC2::SecurityGroupIngress stagingsecurityGrouprdsStagingsecurityGroup*****IndirectPortto***** destroy
[-] AWS::ElasticBeanstalk::Environment staging***** destroy
[+] AWS::EC2::SecurityGroup staging/securityGroup stagingsecurityGroup*****
[+] AWS::EC2::SecurityGroupIngress staging/securityGroup/rdsStagingsecurityGroup*****:{IndirectPort} to stagingsecurityGrouprdsStagingsecurityGroup*****IndirectPortto*****
[+] AWS::ElasticBeanstalk::Environment staging/staging staging*****
1 answers
solution1
0 2020-04-22 18:15:58
It depends how you are creating the RDS stack? the diff shows the DBName has changed and that's what requires replacement.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.