Redash Terraform Module
Content
Compatibility
| Software | OSS Version | Enterprise Version |
|---|---|---|
| Terraform | 0.13.1 or newer | |
| Consul | 1.8.3 or newer | 1.8.3 or newer |
| Vault | 1.5.2.1 or newer | 1.5.2.1 or newer |
| Nomad | 0.12.3 or newer | 0.12.3 or newer |
Usage
Requirements
Required modules
| Module | Version |
|---|---|
| terraform-nomad-postgres | 0.4.0 or newer |
| terraform-nomad-redis | 0.1.0 or newer |
Required software
All software is provided and run with docker. See the Makefile for inspiration.
Usage
The following command will run Redash in the example/redash_one_node folder.
make up-redash-one-nodeVerifying setup
You can verify that Redash ran successful by checking the Redash UI.
First create a proxy to connect with the Redash service:
make proxy-redashYou can now visit the UI on localhost:5000/.
Providers
Example usage
Example-code that shows how to use the module and, if applicable, its different use cases.
module "redash" {
source = "../.."
# nomad
nomad_datacenters = ["dc1"]
nomad_namespace = "default"
# redash
service = "redash"
host = "127.0.0.1"
port = 5000
container_image = "redash/redash:9.0.0-beta.b42121"
postgres_service = {
service_name = module.redash-postgres.service_name
port = module.redash-postgres.port
username = module.redash-postgres.username
password = module.redash-postgres.password
database_name = module.redash-postgres.database_name
}
postgres_vault_secret = {
use_vault_provider = true
vault_kv_policy_name = "kv-secret"
vault_kv_path = "secret/dev/postgres"
vault_kv_field_username = "username"
vault_kv_field_password = "password"
}
}
module "redis" {
source = "github.com/Skatteetaten/terraform-nomad-redis.git?ref=0.1.0"
# nomad
nomad_datacenters = ["dc1"]
nomad_namespace = "default"
# redis
service_name = "redis"
host = "127.0.0.1"
port = 6379
container_image = "redis:3-alpine"
}
module "postgres" {
source = "github.com/Skatteetaten/terraform-nomad-postgres.git?ref=0.4.1"
# nomad
nomad_datacenters = ["dc1"]
nomad_namespace = "default"
# postgres
service_name = "postgres"
container_image = "postgres:12-alpine"
container_port = 5432
vault_secret = {
use_vault_provider = false
vault_kv_policy_name = "kv-secret"
vault_kv_path = "secret/dev/postgres"
vault_kv_field_username = "username"
vault_kv_field_password = "password"
}
database = "metastore"
volume_destination = "/var/lib/postgresql/data"
use_host_volume = false
}Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| nomad_datacenters | Nomad data centers | list(string) | ["dc1"] | yes |
| nomad_namespace | [Enterprise] Nomad namespace | string | "default" | yes |
| service_name | Redash service name | string | "redash" | yes |
| host | Redash host | string | "127.0.0.1" | yes |
| port | Redash container port | number | 5000 | yes |
| container_image | Redash container image | string | "redash/redash:9.0.0-beta.b42121" | yes |
| resource | Resource allocations for cpu and memory | obj(number, number) | { cpu = 200, memory = 1024 } |
no |
| resource_proxy | Resource allocations for proxy | obj(number, number) | { cpu = 200, memory = 128 } |
no |
| use_canary | Uses canary deployment for Redash | bool | false | no |
| redash_config_properties | Custom redash configuration properties | list(string) | [" "] | no |
| container_environment_variables | Redash environment variables | list(string) | [" "] | no |
| redis_service | Redis data-object contains service_name and port. | obj(string, string) | { service = "redash-redis", port = 6379, host = "127.0.0.1" } |
no |
| postgres_service | Postgres data-object contains service, port, username, password and database name | obj(string, number, string, string, string) | { service = "redash-postgres", port = 5432, username = "username", password = "password", database_name = "metastore" } |
no |
| postgres_vault_secret | Set of properties to be able to fetch postgres secrets from vault | obj(bool, string, string, string, string) | { use_vault_provider = false, vault_kv_policy_name = "kv-secret", vault_kv_path = "secret/data/dev/postgres", vault_kv_field_username = "username", vault_kv_field_password = "password" } |
no |
| ldap_vault_secret | Set of properties to be able to fetch ldap secrets from vault | obj(bool, string, string, string, string) | { use_vault_provider = false, vault_kv_policy_name = "kv-secret", vault_kv_path = "secret/data/dev/ldap", vault_kv_field_username = "username", vault_kv_field_password = "password" } |
no |
| redash_admin_vault_secret | Set of properties to be able to fetch redash admin (root-user) secrets from vault | obj(bool, string, string, string, string) | { use_vault_provider = false, vault_kv_policy_name = "kv-secret", vault_kv_path = "secret/data/dev/redash", vault_kv_field_username = "admin_user", vault_kv_field_password = "admin_password" } |
no |
| datasource_upstreams | List of upstream services (list of object with service_name, port) | list | [" "] | no |
Outputs
| Name | Description | Type |
|---|---|---|
| redash_server_service | redash server service name | string |
| redash_worker_service | redash worker service name | string |
| redash_scheduler_service | redash scheduler service name | string |
License
This work is licensed under Apache 2 License. See LICENSE for full details.