Skip to content

Commit

Permalink
removed fims-plus temp resources (#876)
Browse files Browse the repository at this point in the history 
Co-authored-by: Andrea Grillo <[email protected]>
  • Loading branch information
@michaeldisaro @Krusty93
michaeldisaro and Krusty93 authored Feb 19, 2024
1 parent 8a25baf commit fc47e2b
Show file tree
Hide file tree
Showing 7 changed files with 1 addition and 327 deletions.
253 changes: 0 additions & 253 deletions src/domains/citizen-auth-app/04_fims.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,259 +79,6 @@ data "azurerm_nat_gateway" "nat_gateway" {
resource_group_name = "io-p-rg-common"
}

module "fims_plus_snet" {
count = var.fims_enabled ? 1 : 0
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v4.1.15"
name = "fims-plus"
address_prefixes = var.cidr_subnet_fims_plus
resource_group_name = data.azurerm_virtual_network.vnet_common.resource_group_name
virtual_network_name = data.azurerm_virtual_network.vnet_common.name
private_endpoint_network_policies_enabled = true

service_endpoints = [
"Microsoft.Web",
]

delegation = {
name = "default"
service_delegation = {
name = "Microsoft.Web/serverFarms"
actions = ["Microsoft.Network/virtualNetworks/subnets/action"]
}
}
}

resource "azurerm_subnet_nat_gateway_association" "fims_plus_snet" {
count = var.fims_enabled ? 1 : 0
nat_gateway_id = data.azurerm_nat_gateway.nat_gateway.id
subnet_id = module.fims_plus_snet[0].id
}



module "appservice_fims_plus" {
count = var.fims_enabled ? 1 : 0
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service?ref=v4.1.15"

# App service plan
plan_type = "internal"
plan_name = format("%s-plan-fims-plus", local.project)
plan_reserved = true # Mandatory for Linux plan
plan_kind = "Linux"
plan_sku_tier = var.fims_plan_sku_tier
plan_sku_size = var.fims_plan_sku_size

# App service
name = format("%s-app-fims-plus", local.project)
resource_group_name = azurerm_resource_group.fims_rg[0].name
location = azurerm_resource_group.fims_rg[0].location

always_on = true
linux_fx_version = "NODE|18-lts"
app_command_line = local.fims.app_command_line
health_check_path = "/api/info"

app_settings = local.fims.app_settings_common

allowed_subnets = [
data.azurerm_subnet.appgateway_snet.id,
data.azurerm_subnet.apim_v2_snet.id,
]

allowed_ips = concat(
[],
)

subnet_id = module.fims_plus_snet[0].id
vnet_integration = true

tags = var.tags
}

module "appservice_fims_plus_slot_staging" {
count = var.fims_enabled ? 1 : 0
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service_slot?ref=v4.1.15"

# App service plan
app_service_plan_id = module.appservice_fims_plus[0].plan_id
app_service_id = module.appservice_fims_plus[0].id
app_service_name = module.appservice_fims_plus[0].name

# App service
name = "staging"
resource_group_name = azurerm_resource_group.fims_rg[0].name
location = azurerm_resource_group.fims_rg[0].location

always_on = true
linux_fx_version = "NODE|18-lts"
app_command_line = local.fims.app_command_line
health_check_path = "/api/info"

app_settings = local.fims.app_settings_common

allowed_subnets = [
data.azurerm_subnet.azdoa_snet[0].id,
data.azurerm_subnet.appgateway_snet.id,
data.azurerm_subnet.apim_v2_snet.id,
]

allowed_ips = concat(
[],
)

subnet_id = module.fims_plus_snet[0].id
vnet_integration = true

tags = var.tags
}

resource "azurerm_monitor_autoscale_setting" "appservice_fims_plus" {
count = var.fims_enabled ? 1 : 0
name = format("%s-autoscale", module.appservice_fims_plus[0].name)
resource_group_name = azurerm_resource_group.fims_rg[0].name
location = azurerm_resource_group.fims_rg[0].location
target_resource_id = module.appservice_fims_plus[0].plan_id

profile {
name = "default"

capacity {
default = var.fims_autoscale_default
minimum = var.fims_autoscale_minimum
maximum = var.fims_autoscale_maximum
}

rule {
metric_trigger {
metric_name = "Requests"
metric_resource_id = module.appservice_fims_plus[0].id
metric_namespace = "microsoft.web/sites"
time_grain = "PT1M"
statistic = "Average"
time_window = "PT5M"
time_aggregation = "Average"
operator = "GreaterThan"
threshold = 4000
divide_by_instance_count = false
}

scale_action {
direction = "Increase"
type = "ChangeCount"
value = "2"
cooldown = "PT5M"
}
}

rule {
metric_trigger {
metric_name = "CpuPercentage"
metric_resource_id = module.appservice_fims_plus[0].plan_id
metric_namespace = "microsoft.web/serverfarms"
time_grain = "PT1M"
statistic = "Average"
time_window = "PT5M"
time_aggregation = "Average"
operator = "GreaterThan"
threshold = 50
divide_by_instance_count = false
}

scale_action {
direction = "Increase"
type = "ChangeCount"
value = "2"
cooldown = "PT5M"
}
}

rule {
metric_trigger {
metric_name = "Requests"
metric_resource_id = module.appservice_fims_plus[0].id
metric_namespace = "microsoft.web/sites"
time_grain = "PT1M"
statistic = "Average"
time_window = "PT5M"
time_aggregation = "Average"
operator = "LessThan"
threshold = 1000
divide_by_instance_count = false
}

scale_action {
direction = "Decrease"
type = "ChangeCount"
value = "1"
cooldown = "PT1H"
}
}

rule {
metric_trigger {
metric_name = "CpuPercentage"
metric_resource_id = module.appservice_fims_plus[0].plan_id
metric_namespace = "microsoft.web/serverfarms"
time_grain = "PT1M"
statistic = "Average"
time_window = "PT5M"
time_aggregation = "Average"
operator = "LessThan"
threshold = 10
divide_by_instance_count = false
}

scale_action {
direction = "Decrease"
type = "ChangeCount"
value = "1"
cooldown = "PT1H"
}
}
}
}

resource "azurerm_monitor_metric_alert" "too_many_http_5xx" {
count = var.fims_enabled ? 1 : 0

enabled = false

name = "[IO-COMMONS | FIMS] Too many 5xx"
resource_group_name = azurerm_resource_group.fims_rg[0].name
scopes = [module.appservice_fims_plus[0].id]

description = "Whenever the total http server errors exceeds a dynamic threashold."
severity = 0
window_size = "PT5M"
frequency = "PT5M"
auto_mitigate = false

# Metric info
# https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/metrics-supported#microsoftwebsites
dynamic_criteria {
metric_namespace = "Microsoft.Web/sites"
metric_name = "Http5xx"
aggregation = "Total"
operator = "GreaterThan"
alert_sensitivity = "Low"
evaluation_total_count = 4
evaluation_failure_count = 4
skip_metric_validation = false

}

action {
action_group_id = data.azurerm_monitor_action_group.error_action_group.id
webhook_properties = null
}

tags = var.tags
}

######################
# OLD FIMS TO REMOVE #
######################

module "fims_snet" {
count = var.fims_enabled ? 1 : 0
source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v4.1.15"
Expand Down
7 changes: 1 addition & 6 deletions src/domains/citizen-auth-app/99_variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -229,11 +229,6 @@ variable "cidr_subnet_fims" {
description = "App service FIMS address space."
}

variable "cidr_subnet_fims_plus" {
type = list(string)
description = "App service FIMS+ address space."
}


variable "fims_plan_sku_tier" {
type = string
Expand Down Expand Up @@ -263,4 +258,4 @@ variable "fims_autoscale_default" {
type = number
description = "The number of instances that are available for scaling if metrics are not available for evaluation."
default = 1
}
}
7 changes: 0 additions & 7 deletions src/domains/citizen-auth-app/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,8 @@
| Name | Source | Version |
|------|--------|---------|
| <a name="module_appservice_fims"></a> [appservice\_fims](#module\_appservice\_fims) | git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service | v4.1.15 |
| <a name="module_appservice_fims_plus"></a> [appservice\_fims\_plus](#module\_appservice\_fims\_plus) | git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service | v4.1.15 |
| <a name="module_appservice_fims_plus_slot_staging"></a> [appservice\_fims\_plus\_slot\_staging](#module\_appservice\_fims\_plus\_slot\_staging) | git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service_slot | v4.1.15 |
| <a name="module_appservice_fims_slot_staging"></a> [appservice\_fims\_slot\_staging](#module\_appservice\_fims\_slot\_staging) | git::https://github.com/pagopa/terraform-azurerm-v3.git//app_service_slot | v4.1.15 |
| <a name="module_fast_login_snet"></a> [fast\_login\_snet](#module\_fast\_login\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v6.19.1 |
| <a name="module_fims_plus_snet"></a> [fims\_plus\_snet](#module\_fims\_plus\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v4.1.15 |
| <a name="module_fims_snet"></a> [fims\_snet](#module\_fims\_snet) | git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet | v4.1.15 |
| <a name="module_function_fast_login"></a> [function\_fast\_login](#module\_function\_fast\_login) | git::https://github.com/pagopa/terraform-azurerm-v3.git//function_app | v6.19.1 |
| <a name="module_function_fast_login_staging_slot"></a> [function\_fast\_login\_staging\_slot](#module\_function\_fast\_login\_staging\_slot) | git::https://github.com/pagopa/terraform-azurerm-v3.git//function_app_slot | v6.19.1 |
Expand All @@ -32,16 +29,13 @@
| Name | Type |
|------|------|
| [azurerm_monitor_autoscale_setting.appservice_fims](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_autoscale_setting) | resource |
| [azurerm_monitor_autoscale_setting.appservice_fims_plus](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_autoscale_setting) | resource |
| [azurerm_monitor_autoscale_setting.function_fast_login](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_autoscale_setting) | resource |
| [azurerm_monitor_autoscale_setting.function_lollipop](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_autoscale_setting) | resource |
| [azurerm_monitor_metric_alert.too_many_http_5xx](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
| [azurerm_monitor_scheduled_query_rules_alert_v2.alert_function_lollipop_HandlePubKeyRevoke_failure](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_scheduled_query_rules_alert_v2) | resource |
| [azurerm_private_dns_a_record.ingress](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_dns_a_record) | resource |
| [azurerm_resource_group.fast_login_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_resource_group.fims_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_resource_group.lollipop_rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource |
| [azurerm_subnet_nat_gateway_association.fims_plus_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_nat_gateway_association) | resource |
| [azurerm_subnet_nat_gateway_association.fims_snet](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/subnet_nat_gateway_association) | resource |
| [azuread_group.adgroup_admin](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |
| [azuread_group.adgroup_developers](https://registry.terraform.io/providers/hashicorp/azuread/latest/docs/data-sources/group) | data source |
Expand Down Expand Up @@ -97,7 +91,6 @@
|------|-------------|------|---------|:--------:|
| <a name="input_application_insights_name"></a> [application\_insights\_name](#input\_application\_insights\_name) | Specifies the name of the Application Insights. | `string` | n/a | yes |
| <a name="input_cidr_subnet_fims"></a> [cidr\_subnet\_fims](#input\_cidr\_subnet\_fims) | App service FIMS address space. | `list(string)` | n/a | yes |
| <a name="input_cidr_subnet_fims_plus"></a> [cidr\_subnet\_fims\_plus](#input\_cidr\_subnet\_fims\_plus) | App service FIMS+ address space. | `list(string)` | n/a | yes |
| <a name="input_cidr_subnet_fnfastlogin"></a> [cidr\_subnet\_fnfastlogin](#input\_cidr\_subnet\_fnfastlogin) | Function Lollipop address space. | `list(string)` | n/a | yes |
| <a name="input_cidr_subnet_fnlollipop"></a> [cidr\_subnet\_fnlollipop](#input\_cidr\_subnet\_fnlollipop) | Function Lollipop address space. | `list(string)` | n/a | yes |
| <a name="input_domain"></a> [domain](#input\_domain) | n/a | `string` | n/a | yes |
Expand Down
1 change: 0 additions & 1 deletion src/domains/citizen-auth-app/env/weu-beta/terraform.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,4 +45,3 @@ ingress_load_balancer_ip = "10.10.0.254"
cidr_subnet_fnlollipop = ["127.0.0.1/32"]
cidr_subnet_fnfastlogin = ["127.0.0.2/32"]
cidr_subnet_fims = ["127.0.0.3/32"]
cidr_subnet_fims_plus = ["127.0.0.4/32"]
1 change: 0 additions & 1 deletion src/domains/citizen-auth-app/env/weu-prod01/terraform.tfvars
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ function_fastlogin_autoscale_default = 10

# FIMS App Service
cidr_subnet_fims = ["10.0.18.0/26"]
cidr_subnet_fims_plus = ["10.0.18.64/26"]
fims_plan_sku_tier = "PremiumV3"
fims_plan_sku_size = "P1v3"
fims_autoscale_minimum = 1
Expand Down
56 changes: 0 additions & 56 deletions src/domains/citizen-auth-common/05_database.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -310,59 +310,3 @@ resource "azurerm_cosmosdb_sql_container" "fims_session" {
}
}
}

############################
# FIMS MONGO (TO REMOVE)
############################
module "cosmosdb_account_mongodb_fims" {
source = "git::https://github.com/pagopa/terraform-azurerm-v3//cosmosdb_account?ref=v4.1.5"

name = "io-p-fims-mongodb-account"
domain = upper(var.domain)
location = azurerm_resource_group.data_rg.location
resource_group_name = azurerm_resource_group.data_rg.name
offer_type = "Standard"
enable_free_tier = false
kind = "MongoDB"
capabilities = ["EnableMongo"]
mongo_server_version = "4.2"

public_network_access_enabled = false
private_endpoint_enabled = true
subnet_id = data.azurerm_subnet.private_endpoints_subnet.id
private_dns_zone_ids = [data.azurerm_private_dns_zone.privatelink_mongo_cosmos_azure_com.id]
is_virtual_network_filter_enabled = false

main_geo_location_location = azurerm_resource_group.data_rg.location
main_geo_location_zone_redundant = false
additional_geo_locations = [{
location = "northeurope"
failover_priority = 1
zone_redundant = false
}]
consistency_policy = {
consistency_level = "Session"
max_interval_in_seconds = null
max_staleness_prefix = null
}

tags = var.tags
}

resource "azurerm_cosmosdb_mongo_database" "db_fims" {
name = "mongodb_fims"
resource_group_name = azurerm_resource_group.data_rg.name
account_name = module.cosmosdb_account_mongodb_fims.name

autoscale_settings {
max_throughput = 5000
}
}

# mongodb connection string for fims provider
data "azurerm_key_vault_secret" "mongodb_connection_string_fims" {
name = "io-p-fims-mongodb-account-connection-string"
key_vault_id = module.key_vault.id
}


Loading

0 comments on commit fc47e2b

Please sign in to comment.