Use aws_elasticache_replication_group resource

Instead of using the more primitive `aws_elasticache_cluster` resource, create a
Redis ElastiCache replication group with the `aws_elasticache_replication_group`
resource. This comes with a hot-standby and support for automatic failover.

Also, follow the pattern set forth by the RDS module:

- Remove all resources other than cache cluster and CloudWatch alarms
- Add empty security group resource and emit its ID as an output

Author: Hector Castro

README.md

@@ -5,44 +5,62 @@ A Terraform module to create an Amazon Web Services (AWS) Redis ElastiCache clus
 ## Usage
 
 ```hcl
-resource "aws_security_group" "redis" {
-  vpc_id = "${vpc.foo.id}"
+resource "aws_sns_topic" "global" {
+  ...
+}
 
-  tags {
-    Name = "sgCacheCluster"
-  }
+resource "aws_elasticache_subnet_group" "redis" {
+  ...
 }
 
-module "redis_elasticache" {
-  source = "github.com/azavea/terraform-aws-redis-elasticache"
+resource "aws_elasticache_parameter_group" "redis" {
+  ...
+}
 
-  vpc_id = "vpc-20f74844"
+module "cache" {
+  source = "github.com/azavea/terraform-aws-redis-elasticache"
 
-  cache_name = "cache"
-  engine_version = "2.8.22"
-  instance_type = "cache.t2.micro"
-  maintenance_window = "sun:05:00-sun:06:00"
+  vpc_id                     = "vpc-20f74844"
+  cache_identifier           = "cache"
+  automatic_failover_enabled = "false"
+  desired_clusters           = "1"
+  instance_type              = "cache.t2.micro"
+  engine_version             = "3.2.4"
+  parameter_group            = "${aws_elasticache_parameter_group.redis.name}"
+  subnet_group               = "${aws_elasticache_subnet_group.redis.name}"
+  maintenance_window         = "sun:02:30-sun:03:30"
+  notification_topic_arn     = "${aws_sns_topic.global.arn}"
 
-  private_subnet_ids = ["subnet-4a887f3c","subnet-76dae35d"]
-  security_group_ids = ["${aws_security_group.redis.id}"]
+  alarm_cpu_threshold    = "75"
+  alarm_memory_threshold = "10000000"
+  alarm_actions          = ["${aws_sns_topic.global.arn}"]
 
-  alarm_action = "arn:aws:sns..."
+  project     = "Unknown"
+  environment = "Unknown"
 }
 ```
 
 ## Variables
 
 - `vpc_id` - ID of VPC meant to house the cache
-- `cache_name` - Name used as ElastiCache cluster ID
-- `engine_version` - Cache engine version (default: `2.8.22`)
+- `project` - Name of the project making use of the cluster (default: `Unknown`)
+- `environment` - Name of environment the cluster is targeted for (default: `Unknown`)
+- `cache_identifier` - Name used as ElastiCache cluster ID
+- `automatic_failover_enabled` - Flag to determine if automatic failover should be enabled
+- `desired_clusters` - Number of cache clusters in replication group
 - `instance_type` - Instance type for cache instance (default: `cache.t2.micro`)
-- `maintenance_window` - 60 minute time window to reserve for maintenance
-  (default: `sun:05:00-sun:06:00`)
-- `private_subnet_ids` - Comma delimited list of private subnet IDs
-- `alarm_action` - ARN to be notified via CloudWatch
+- `engine_version` - Cache engine version (default: `3.2.4`)
+- `parameter_group` - Cache parameter group name (default: `redis3.2`)
+- `subnet_group` - Cache subnet group name
+- `maintenance_window` - Time window to reserve for maintenance
+- `notification_topic_arn` - ARN to notify when cache events occur
+- `alarm_cpu_threshold` - CPU alarm threshold as a percentage (default: `75`)
+- `alarm_memory_threshold` - Free memory alarm threshold in bytes (default: `10000000`)
+- `alarm_actions` - ARN to be notified via CloudWatch when alarm thresholds are triggered
 
 ## Outputs
 
-- `hostname` - Public DNS name of cache node
-- `port` - Port of cache instance
-- `endpoint` - Public DNS name and port separated by a `:`
+- `id` - The replication group ID
+- `cache_security_group_id` - Security group ID of the cache cluster
+- `port` - Port of replication group leader
+- `endpoint` - Public DNS name of replication group leader

main.tf

@@ -1,71 +1,81 @@
 #
-# ElastiCache resources
+# Security group resources
 #
-
-resource "aws_elasticache_cluster" "redis" {
-  cluster_id           = "${var.cache_name}"
-  engine               = "redis"
-  engine_version       = "${var.engine_version}"
-  maintenance_window   = "${var.maintenance_window}"
-  node_type            = "${var.instance_type}"
-  num_cache_nodes      = "1"
-  parameter_group_name = "default.redis2.8"
-  port                 = "6379"
-  subnet_group_name    = "${aws_elasticache_subnet_group.default.name}"
-  security_group_ids   = "${var.security_group_ids}"
+resource "aws_security_group" "redis" {
+  vpc_id = "${var.vpc_id}"
 
   tags {
-    Name = "${var.cache_name}"
+    Name        = "sgCacheCluster"
+    Project     = "${var.project}"
+    Environment = "${var.environment}"
   }
 }
 
-resource "aws_elasticache_subnet_group" "default" {
-  name        = "${var.cache_name}-subnet-group"
-  description = "Private subnets for the ElastiCache instances"
-  subnet_ids  = "${var.private_subnet_ids}"
+#
+# ElastiCache resources
+#
+resource "aws_elasticache_replication_group" "redis" {
+  replication_group_id          = "${lower(var.cache_identifier)}"
+  replication_group_description = "Replication group for Redis"
+  automatic_failover_enabled    = "${var.automatic_failover_enabled}"
+  number_cache_clusters         = "${var.desired_clusters}"
+  node_type                     = "${var.instance_type}"
+  engine_version                = "${var.engine_version}"
+  parameter_group_name          = "${var.parameter_group}"
+  subnet_group_name             = "${var.subnet_group}"
+  security_group_ids            = ["${aws_security_group.redis.id}"]
+  maintenance_window            = "${var.maintenance_window}"
+  notification_topic_arn        = "${var.notification_topic_arn}"
+  port                          = "6379"
+
+  tags {
+    Name        = "CacheReplicationGroup"
+    Project     = "${var.project}"
+    Environment = "${var.environment}"
+  }
 }
 
 #
 # CloudWatch resources
 #
-resource "aws_cloudwatch_metric_alarm" "cpu" {
-  alarm_name          = "alarmCacheClusterCPUUtilization-${var.cache_name}"
-  alarm_description   = "Cache cluster CPU utilization"
+resource "aws_cloudwatch_metric_alarm" "cache_cpu" {
+  count = "${var.desired_clusters}"
+
+  alarm_name          = "alarm${var.environment}CacheCluster00${count.index + 1}CPUUtilization"
+  alarm_description   = "Redis cluster CPU utilization"
   comparison_operator = "GreaterThanThreshold"
   evaluation_periods  = "1"
   metric_name         = "CPUUtilization"
   namespace           = "AWS/ElastiCache"
   period              = "300"
   statistic           = "Average"
-  threshold           = "75"
+
+  threshold = "${var.alarm_cpu_threshold}"
 
   dimensions {
-    CacheClusterName = "${var.cache_name}"
+    CacheClusterId = "${aws_elasticache_replication_group.redis.id}-00${count.index + 1}"
   }
 
-  # for some reason trying to pass a list here causes the error `  * aws_cloudwatch_metric_alarm.cpu: alarm_actions: should be a list` in terraform 0.7.5
-  # passing lists elsewhere works fine
-  alarm_actions = ["${var.alarm_action}"]
+  alarm_actions = ["${var.alarm_actions}"]
 }
 
-resource "aws_cloudwatch_metric_alarm" "memory_free" {
-  alarm_name          = "alarmCacheClusterFreeableMemory-${var.cache_name}"
-  alarm_description   = "Cache cluster freeable memory"
+resource "aws_cloudwatch_metric_alarm" "cache_memory" {
+  count = "${var.desired_clusters}"
+
+  alarm_name          = "alarm${var.environment}CacheCluster00${count.index + 1}FreeableMemory"
+  alarm_description   = "Redis cluster freeable memory"
   comparison_operator = "LessThanThreshold"
   evaluation_periods  = "1"
   metric_name         = "FreeableMemory"
   namespace           = "AWS/ElastiCache"
   period              = "60"
   statistic           = "Average"
 
-  # 10MB in bytes
-  threshold = "10000000"
+  threshold = "${var.alarm_memory_threshold}"
 
   dimensions {
-    CacheClusterName = "${var.cache_name}"
+    CacheClusterId = "${aws_elasticache_replication_group.redis.id}-00${count.index + 1}"
   }
 
-  # for some reason trying to pass a list here causes the error `  * aws_cloudwatch_metric_alarm.cpu: alarm_actions: should be a list` in terraform 0.7.5
-  # passing lists elsewhere works fine
-  alarm_actions = ["${var.alarm_action}"]
+  alarm_actions = ["${var.alarm_actions}"]
 }

outputs.tf

@@ -1,11 +1,15 @@
-output "hostname" {
-  value = "${aws_elasticache_cluster.redis.cache_nodes.0.address}"
+output "id" {
+  value = "${aws_elasticache_replication_group.redis.id}"
+}
+
+output "cache_security_group_id" {
+  value = "${aws_security_group.redis.id}"
 }
 
 output "port" {
-  value = "${aws_elasticache_cluster.redis.cache_nodes.0.port}"
+  value = "6379"
 }
 
 output "endpoint" {
-  value = "${join(":", aws_elasticache_cluster.redis.cache_nodes.0.address, aws_elasticache_cluster.redis.cache_nodes.0.port)}"
+  value = "${aws_elasticache_replication_group.redis.primary_endpoint_address}"
 }

variables.tf

@@ -1,29 +1,50 @@
-variable "vpc_id" {
+variable "project" {
+  default = "Unknown"
 }
 
-variable "cache_name" {
+variable "environment" {
+  default = "Unknown"
 }
 
-variable "engine_version" {
-  default = "2.8.22"
+variable "vpc_id" {}
+
+variable "cache_identifier" {}
+
+variable "parameter_group" {
+  default = "redis3.2"
+}
+
+variable "subnet_group" {}
+
+variable "maintenance_window" {}
+
+variable "desired_clusters" {
+  default = "1"
 }
 
 variable "instance_type" {
   default = "cache.t2.micro"
 }
 
-variable "maintenance_window" {
-  # SUN 01:00AM-02:00AM ET
-  default = "sun:05:00-sun:06:00"
+variable "engine_version" {
+  default = "3.2.4"
 }
 
-variable "private_subnet_ids" {
-  type = "list"
+variable "automatic_failover_enabled" {
+  default = false
+}
+
+variable "notification_topic_arn" {}
+
+variable "alarm_cpu_threshold" {
+  default = "75"
 }
 
-variable "alarm_action" {
+variable "alarm_memory_threshold" {
+  # 10MB
+  default = "10000000"
 }
 
-variable "security_group_ids" {
+variable "alarm_actions" {
   type = "list"
 }