Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| resource "aws_security_group" "unreal_ddc_load_balancer_access_security_group_region_1" { | ||
| #checkov:skip=CKV2_AWS_5: Security group is attached to a resource | ||
| name = "cgd-load-balancer-sg" | ||
| description = "Access unreal ddc load balancer" | ||
| region = var.regions[0] | ||
| vpc_id = module.unreal_cloud_ddc_vpc_region_1.vpc_id | ||
|
|
||
| tags = local.tags | ||
| } |
Check warning
Code scanning / checkov
Ensure that Security Groups are attached to another resource Warning
| resource "aws_security_group" "unreal_ddc_load_balancer_access_security_group_region_2" { | ||
| #checkov:skip=CKV2_AWS_5: Security group is attached to a resource | ||
| name = "cgd-load-balancer-sg" | ||
| description = "Access unreal ddc load balancer" | ||
| vpc_id = module.unreal_cloud_ddc_vpc_region_2.vpc_id | ||
| region = var.regions[1] | ||
|
|
||
| tags = local.tags | ||
| } |
Check warning
Code scanning / checkov
Ensure that Security Groups are attached to another resource Warning
| resource "aws_vpc" "unreal_cloud_ddc_vpc" { | ||
| #checkov:skip=CKV2_AWS_11:flow logs are out of scope for sample architecture. | ||
| region = var.region | ||
| cidr_block = var.vpc_cidr | ||
| enable_dns_hostnames = true | ||
|
|
||
| tags = merge(var.additional_tags, | ||
| { | ||
| Name = "unreal-cloud-ddc-vpc" | ||
| } | ||
| ) | ||
| } |
Check warning
Code scanning / checkov
Ensure VPC flow logging is enabled in all VPCs Warning
| resource "aws_vpc" "unreal_cloud_ddc_vpc" { | ||
| #checkov:skip=CKV2_AWS_11:flow logs are out of scope for sample architecture. | ||
| region = var.region | ||
| cidr_block = var.vpc_cidr | ||
| enable_dns_hostnames = true | ||
|
|
||
| tags = merge(var.additional_tags, | ||
| { | ||
| Name = "unreal-cloud-ddc-vpc" | ||
| } | ||
| ) | ||
| } |
Check warning
Code scanning / checkov
Ensure VPC flow logging is enabled in all VPCs Warning
| resource "aws_eip" "nat_gateway_eip" { | ||
| depends_on = [aws_internet_gateway.igw] | ||
| region = var.region | ||
| #checkov:skip=CKV2_AWS_19:EIP associated with NAT Gateway through association ID | ||
| tags = merge(var.additional_tags, | ||
| { | ||
| Name = "unreal-cloud-ddc-nat-eip" | ||
| } | ||
| ) | ||
| } |
Check warning
Code scanning / checkov
Ensure that all EIP addresses allocated to a VPC are attached to EC2 instances Warning
| resource "aws_eip" "nat_gateway_eip" { | ||
| depends_on = [aws_internet_gateway.igw] | ||
| region = var.region | ||
| #checkov:skip=CKV2_AWS_19:EIP associated with NAT Gateway through association ID | ||
| tags = merge(var.additional_tags, | ||
| { | ||
| Name = "unreal-cloud-ddc-nat-eip" | ||
| } | ||
| ) | ||
| } |
Check warning
Code scanning / checkov
Ensure that all EIP addresses allocated to a VPC are attached to EC2 instances Warning
cwwalb
changed the title
cwwalb
changed the title
cwwalb
force-pushed
the
cwwalb/unreal-ddc-multi-region
branch
5 times, most recently
from
af31819 to
0817639
Compare
gabebatista
left a comment
gabebatista
left a comment
There was a problem hiding this comment.
Truly impressive work! I left some comments in there regarding hardcoding value but didnt highlight every instance of it because I figured it would get annoying. Also note that the questions I left aren't passive aggressive suggestions, I just want to understand why you made the decisions you made. Lastly, Im leaving these comments but haven't had the chance to deploy this yet. I will do so next week. Great job overall!
modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/variables.tf
Outdated
Show resolved
Hide resolved
samples/unreal-cloud-ddc-multi-region/assets/unreal_cloud_ddc_multi_region_base.yaml
Outdated
Show resolved
Hide resolved
cwwalb
force-pushed
the
cwwalb/unreal-ddc-multi-region
branch
8 times, most recently
from
a2081f1 to
5120c62
Compare
cwwalb
force-pushed
the
cwwalb/unreal-ddc-multi-region
branch
3 times, most recently
from
53b5a11 to
50e3bf1
Compare
cwwalb
force-pushed
the
cwwalb/unreal-ddc-multi-region
branch
3 times, most recently
from
1c16813 to
fed7968
Compare
ghost
left a comment
ghost
left a comment
There was a problem hiding this comment.
Approving with comments. Please provide answers. Also, ensure that a few of the other folks are able to run through a deployment with you... Perhaps @awsbilal and @joshral7459 can provide sanity checks here?
modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/locals.tf
Outdated
Show resolved
Hide resolved
modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/variables.tf
Outdated
Show resolved
Hide resolved
modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-intra-cluster/data.tf
Outdated
Show resolved
Hide resolved
novekm
left a comment
novekm
left a comment
There was a problem hiding this comment.
Looks pretty good! just a few things to address. In the readme, I'd add a strong disclaimer outlining minimum permissions needed for the GitHub token and mention that without those the ECR repo won't be created (since no access to the necessary Epic Games unreal cloud ddc repo). Also the other minor changes.
Doing another destroy/apply to see if that resolves the deploy issue I ran into
modules/unreal/unreal-cloud-ddc/unreal-cloud-ddc-infra/variables.tf
Outdated
Show resolved
Hide resolved
github-project-automation
bot
moved this to In progress
in Cloud Game Development Toolkit
awsbilal
left a comment
awsbilal
left a comment
There was a problem hiding this comment.
After some small tweaks like already noted by others, it deploys and tests successfully.
LGTM
cwwalb
force-pushed
the
cwwalb/unreal-ddc-multi-region
branch
3 times, most recently
from
d2eb80b to
4a31098
Compare
awsbilal
left a comment
awsbilal
left a comment
There was a problem hiding this comment.
Deploys without a hitch, and tests passed. LGTM
awsbilal
left a comment
awsbilal
left a comment
There was a problem hiding this comment.
Deploys without a hitch, and tests passed. LGTM
awsbilal
left a comment
awsbilal
left a comment
There was a problem hiding this comment.
Deploys without a hitch, and tests passed. LGTM
…region deployment compatability
- 2 region Unreal Cloud DDC deployment - Updated unreal-cloud-ddc-infra and unreal-cloud-ddc-intra-cluster modules to be compatible with multi region deployment of AWS resources
cwwalb
force-pushed
the
cwwalb/unreal-ddc-multi-region
branch
from
ffea11b to
09a9fdb
Compare
4 participants
Issue number:
closes #487
Summary
This includes a new sample for a multi-region Unreal Cloud DDC deployment with ScyllaDB monitoring.
Changes
The unreal_cloud_ddc_infra and unreal_cloud_ddc_intra_cluster modules were updated to support the terraform/aws 6.2.0 provider to enable specifying regions for resources. The multi region sample was also created.
User experience
This sample deploys Unreal Cloud DDC across 2 regions which are defined in
var.regionsvariable. In this sample, the user will define one region as the primary region by settingvar.is_primarytotrue. In the primary region, we create a unreal-cloud-ddc-bearer-token` that is replicated into the secondary region. Then, a peering connection is created to connect the private subnets of each VPC. There are 2 main stacks that are being deployed. The first is the unreal cloud ddc stack which will deploy a fully configured unreal cloud ddc deployment. The unreal cloud ddc deployment can be accessed using http through a Route53 record. The second stack is the scylla monitoring stack which is critical to understanding the state of the ScyllaDB nodes during initialization and for monitoring the performance of the unreal cloud ddc deployment. This can be accessed via https through a Route 53 record as well. Both Route53 records mentioned above is listed as an output of the sample deployment.Checklist
If your change doesn't seem to apply, please leave them unchecked.
Is this a breaking change?
NoAcknowledgment
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Disclaimer: We value your time and bandwidth. As such, any pull requests created might not be successful.