Automatically add/remove new cluster to/from existing RDS security group
Hi,
We have an MySQL server running under Amazon RDS, and the cluster must be able to access this server. RDS has its own set of security groups which are distinct from the EC2 security groups:
http://docs.amazonwebservices.com/AWSToolkitVS/latest/UserGuide/tkv-amazon-rds-security-groups.html
In order for star cluster to be able to access the MySQL server we need to add the _at_sc-smallcluster ec2 security group manually to the RDS security group. When the cluster is terminated, starcluster's shutdown code attempts to delete the _at_sc-smallcluster security group, which fails if you forget to [manually] remove that group from the RDS permissions. Subsequent attempts to restart the smallcluster fail until you manually remove @sc-smallcluster from the RDS group, and then manually delete the @sc-smallcluster security group.
The MySQL server is a production system, and admin access is limited, so we are looking for some kind of workaround.
We thought to create a second, permanent EC2 security group with permanent RDS permissions which the star cluster instances would be a part of. But there doesn't seem to be a way to specify a second security group for starcluster; those instances only ever belong to _at_sc-smallcluster.
Is there some other way to achieve what we want, or something that we've missed?
Thanks,
--
Don
Received on Tue Jun 19 2012 - 14:07:49 EDT
This archive was generated by
hypermail 2.3.0.