RDS with Cloud Formation and AZ issues

10,296

Solution 1

Yes, even for a deployment entirely contained within a single Availability Zone [AZ], you must create an extra subnet in a different AZ and include it in your DB Subnet Group. The rationale for this requirement is to support high-availability Multi-AZ deployments, as noted in the Working with a DB Instance in a VPC section of the RDS User Guide:

For Multi-AZ deployments, defining a subnet for two or more Availability Zones in a region allows Amazon RDS to create a new standby in another Availability Zone should the need arise. You need to do this even for Single-AZ deployments, just in case you want to convert them to Multi-AZ deployments at some point.

As for not burdening your users with selecting another AZ just for this, there are ways to accomplish this. For example, you could select a secondary AZ automatically using the Fn::GetAZs and Fn::Select intrinsic functions. If you allow the user to select the primary AZ, you'll also need a Condition to ensure the secondary AZ doesn't equal the primary AZ selected.

Here's an example template snippet:

Parameters:
  PrimaryAZ:
    Type: AWS::EC2::AvailabilityZone::Name
    Description: Primary AZ
Conditions:
  IsFirstPrimaryAZ:
    Fn::Equals:
    - !Ref PrimaryAZ
    - Fn::Select [0, {Fn::GetAZs: ""}]
Resources:
  Subnet1:
    Type: "AWS::EC2::Subnet"
    Properties:
      AvailabilityZone: !Ref PrimaryAZ
      # ...
  Subnet2:
    Type: "AWS::EC2::Subnet"
    Properties:
      AvailabilityZone:
        Fn::If:
        - IsFirstPrimaryAZ
        - Fn::Select [1, {Fn::GetAZs: ""}]
        - Fn::Select [0, {Fn::GetAZs: ""}]
      # ...

Solution 2

Just to add more details about this problem. I solved my problem evaluating subnet group at RDS > subnet group. (Subnet group is a concept that exists only in RDS context. Not in VPC context)

In my case there was a subnet group created automatically first time I tried to create a RDS Mysql selecting my personalized VPC (not default VPC) but I think RDS script created a subnet group selecting the first 3 subnets from my VPC:

  • subnet1 region 1a,
  • subnet2 region 1a,
  • subnet3 region 1b

I created 3 private subnets to use with RDS:

  • subnet4 region 1a,
  • subnet5 region 1b,
  • subnet6 region 1c

    Its not possible to modify a subnet group then I created one and then select 3 subnets with the same acl and route configuration, each one in a different region (1a,1b,1c). Then I deleted that another misconfigured subnet group. Back to RDS dashboard click in Create RDS, choose all database details you want, select the desired VPS and you see the selected subnet group name . Problem Solved.

Solution 3

Yes. Just delete one of the subnets and create again the same with different Availability Zone.

Share:
10,296

Related videos on Youtube

Gleeb
Author by

Gleeb

Senior Back end developer at eXelate

Updated on September 14, 2022

Comments

  • Gleeb
    Gleeb over 1 year

    I am using cloud formation to create a setup containing an RDS instance.

    I am having some difficulties creating the RDS Instance on the account of the following error:

    DB Subnet Group doesn't meet availability zone coverage requirement. Please add subnets to cover at least 2 availability zones. Current coverage: 1

    The problem is that the entire setup is on a single AZ... what am i supposed to do? just create an extra subnet in a different AZ that has nothing in it just for the RDS?

    Maybe there is some way AWS can create that subnet automatically and leave me out of that mess. I don't want that extra subnet and I don't want to burden my users with selecting another AZ just for this.

    • Gleeb
      Gleeb over 8 years
      The answer is Yes, there is no other choice