02/02: cdn: Increase Terraform state retention period.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/02: cdn: Increase Terraform state retention period.

From:	Chris Marusich
Subject:	02/02: cdn: Increase Terraform state retention period.
Date:	Fri, 4 Jan 2019 03:06:40 -0500 (EST)

marusich pushed a commit to branch master
in repository maintenance.

commit f584a1f3a8f4bfa30aa818395f839481806345ff
Author: Chris Marusich <address@hidden>
Date:   Thu Jan 3 23:27:12 2019 -0800

    cdn: Increase Terraform state retention period.
    
    * cdn/terraform/main.tf (guix-terraform-state) <lifecycle_rule>:
    Update abort_incomplete_multipart_upload_days to 7 and
    noncurrent_version_expiration to 14 days.
---
 cdn/terraform/main.tf | 16 +++++-----------
 1 file changed, 5 insertions(+), 11 deletions(-)

diff --git a/cdn/terraform/main.tf b/cdn/terraform/main.tf
index 539139e..7b9c5e5 100644
--- a/cdn/terraform/main.tf
+++ b/cdn/terraform/main.tf
@@ -3,7 +3,6 @@
 terraform {
   # This backend will not work if you delete the corresponding bucket.
   backend "s3" {
-    # TODO: Add a Dynamo DB table for locking.
     bucket = "guix-terraform-state"
     key    = "state"
     # The backend documentation does not clarify if it respects the
@@ -278,12 +277,9 @@ resource "aws_s3_bucket" "guix-terraform-state" {
   bucket = "guix-terraform-state"
   # Access should be granted via IAM policies.
   acl = "private"
-  # This allows us to recover state if something ever goes wrong.  The
-  # cost of storing all versions of the state is negligible for the
-  # foreseeable future, but if it ever becomes a concern, we can
-  # (1) stop using the S3 backend, (2) suspend versioning, (3) delete
-  # old versions manually, or (4) add a "lifecycle policy" to expire
-  # non-current versions.  For details, see:
+  # This allows us to recover state if something ever goes wrong - as
+  # long as we do so within the time period specified by our lifecycle
+  # policy (see below).  For details, see:
   # https://docs.aws.amazon.com/AmazonS3/latest/dev/DeletingObjectVersions.html
   versioning {
     enabled = true
@@ -310,12 +306,10 @@ resource "aws_s3_bucket" "guix-terraform-state" {
     # It seems unlikely that Terraform would use multi-part uploads to
     # upload the state, since the state is small, but just in case,
     # let's automatically abort any stuck multi-part uploads.
-    # TODO: Increase this to 7 days after initial testing is over.
-    abort_incomplete_multipart_upload_days = 1
+    abort_incomplete_multipart_upload_days = 7
     # Clean up old non-current versions.
-    # TODO: Increase this to 14 days after initial testing is over.
     noncurrent_version_expiration {
-      days = 1
+      days = 14
     }
   }
   lifecycle {

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (846f1d1 -> f584a1f), Chris Marusich, 2019/01/04
- 01/02: cdn: Hard-code the region to us-east-1., Chris Marusich, 2019/01/04
- 02/02: cdn: Increase Terraform state retention period., Chris Marusich <=

Prev by Date: 01/02: cdn: Hard-code the region to us-east-1.
Next by Date: branch master updated (ac277bc -> b824dbe)
Previous by thread: 01/02: cdn: Hard-code the region to us-east-1.
Next by thread: branch master updated (ac277bc -> b824dbe)
Index(es):
- Date
- Thread