chore Upgrade to Postgres 16.1 (test+prod)

[bheesham]

chore Upgrade to Postgres 16.1 (test+prod)

Dev is already ahead of the game by being on 16.2:

; kubectl --context iam-dev exec -it dino-park-packs-pg-deployment-56b7dd5b49-gd688 -- postgres --version
postgres (PostgreSQL) 16.2 (Debian 16.2-1.pgdg120+2)

@gcoxmoz pointed out

pg_upgrade supports upgrades from 9.2.X and later to the current major release of PostgreSQL, including snapshot and beta releases.

See: https://www.postgresql.org/docs/16/pgupgrade.html

Jira: IAM-1502

---

Terraform plan for test

Terraform will perform the following actions:

  # aws_db_instance.dino_park_packs_db will be updated in-place
  ~ resource "aws_db_instance" "dino_park_packs_db" {
      + apply_immediately                     = false
      ~ engine_version                        = "11.22" -> "16.1"
        id                                    = "db-643FGGRBLGIEMCH53HFF22CZFI"
        tags                                  = {}
        # (69 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Terraform plan for prod

  # aws_db_instance.dino_park_packs_db_16_2 will be created
  + resource "aws_db_instance" "dino_park_packs_db_16_2" {
      + address                               = (known after apply)
      + allocated_storage                     = 10
      + allow_major_version_upgrade           = true
      + apply_immediately                     = false
      + arn                                   = (known after apply)
      + auto_minor_version_upgrade            = true
      + availability_zone                     = (known after apply)
      + backup_retention_period               = 15
      + backup_target                         = (known after apply)
      + backup_window                         = "02:00-02:59"
      + ca_cert_identifier                    = (known after apply)
      + character_set_name                    = (known after apply)
      + copy_tags_to_snapshot                 = true
      + db_name                               = (known after apply)
      + db_subnet_group_name                  = "dino-park-packs-db-prod-us-west-2"
      + dedicated_log_volume                  = false
      + delete_automated_backups              = true
      + domain_fqdn                           = (known after apply)
      + endpoint                              = (known after apply)
      + engine                                = "postgres"
      + engine_lifecycle_support              = (known after apply)
      + engine_version                        = "16.2"
      + engine_version_actual                 = (known after apply)
      + hosted_zone_id                        = (known after apply)
      + id                                    = (known after apply)
      + identifier                            = "dino-park-packs-db-prod-us-west-2-16-2"
      + identifier_prefix                     = (known after apply)
      + instance_class                        = "db.t3.micro"
      + iops                                  = (known after apply)
      + kms_key_id                            = (known after apply)
      + latest_restorable_time                = (known after apply)
      + license_model                         = (known after apply)
      + listener_endpoint                     = (known after apply)
      + maintenance_window                    = "sat:03:00-sat:05:00"
      + master_user_secret                    = (known after apply)
      + master_user_secret_kms_key_id         = (known after apply)
      + max_allocated_storage                 = 100
      + monitoring_interval                   = 0
      + monitoring_role_arn                   = (known after apply)
      + multi_az                              = (known after apply)
      + nchar_character_set_name              = (known after apply)
      + network_type                          = (known after apply)
      + option_group_name                     = (known after apply)
      + parameter_group_name                  = (known after apply)
      + performance_insights_enabled          = false
      + performance_insights_kms_key_id       = (known after apply)
      + performance_insights_retention_period = (known after apply)
      + port                                  = (known after apply)
      + publicly_accessible                   = false
      + replica_mode                          = (known after apply)
      + replicas                              = (known after apply)
      + resource_id                           = (known after apply)
      + skip_final_snapshot                   = false
      + snapshot_identifier                   = "rds:dino-park-packs-db-prod-us-west-2-2024-12-13-02-07"
      + status                                = (known after apply)
      + storage_throughput                    = (known after apply)
      + storage_type                          = "gp2"
      + tags_all                              = (known after apply)
      + timezone                              = (known after apply)
      + username                              = "dinopark"
      + vpc_security_group_ids                = [
          + "sg-02b750ace18018caa",
        ]
    }

Plan: 1 to add, 0 to change, 0 to destroy.

[dividehex]

🍀 Approved

[bheesham]

This was applied to test successfully.

@dividehex was able to hit the test endpoint to verify it still works. I'll be logging in during the maintenance window to apply this to production.

[bheesham]

I've changed the strategy I'm planning on using to upgrade production. We'll use a manual blue/green deployment, so there will be minimal effect on peoplemo. I'll get the secrets prepped for rolling forwards and backwards (in the event that something's weird).

[bheesham]

Date of deployment: 2024-12-18, after hours (PST).

Edit 2024-12-17: deployment was pushed back by a day.