From 3e9343141b7e44b21b88ce110b0d403a9b7a85bd Mon Sep 17 00:00:00 2001
From: "james.richardson" <james.richardson@alexanderthamm.com>
Date: Thu, 17 Aug 2023 20:06:25 +0200
Subject: [PATCH] feat: implement compute environment for aws batch

---
 terraform/compute/main.tf      | 68 ++++++++++++++++++++++++++++++++++
 terraform/compute/variables.tf | 12 ++++++
 terraform/main.tf              | 26 ++-----------
 terraform/storage/main.tf      |  4 ++
 4 files changed, 87 insertions(+), 23 deletions(-)

diff --git a/terraform/compute/main.tf b/terraform/compute/main.tf
index b4d5f53..80b959d 100755
--- a/terraform/compute/main.tf
+++ b/terraform/compute/main.tf
@@ -25,3 +25,71 @@ resource "aws_iam_role_policy_attachment" "policy_attachment" {
   role       = aws_iam_role.batch_role.name
   policy_arn = "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole"
 }
+
+resource "aws_iam_instance_profile" "batch_instance_profile" {
+  name = "BatchInstanceProfile"  # Replace with your desired instance profile name
+
+  role = aws_iam_role.batch_role.id  # Replace with the ID of the IAM role you want to associate
+}
+
+
+
+# Extract the IAM role ARN
+output "batch_role_arn" {
+  value = aws_iam_role.batch_role.arn
+}
+
+
+# Define the AWS Batch job definition
+resource "aws_batch_job_definition" "my_job_definition" {
+  name = "my-batch-job"  # Replace with your desired job definition name
+  type = "container"
+
+  container_properties = jsonencode({
+    image = var.ecr_repository_url
+      resourceRequirements = [
+      {
+        type  = "VCPU"
+        value = "4"
+      },
+      {
+        type  = "MEMORY"
+        value = "8192"
+      }
+    ]
+  })
+}
+
+# Create an AWS Batch compute environment
+resource "aws_batch_compute_environment" "my_compute_environment" {
+  service_role = aws_iam_role.batch_role.arn  # Replace with the actual Batch service role ARN
+  compute_environment_name = "my-compute-env"  # Replace with your desired compute environment name
+  type = "MANAGED"
+
+  compute_resources {
+    type = "EC2"
+    instance_role = aws_iam_instance_profile.batch_instance_profile.arn  # Replace with the actual instance role ARN
+    instance_type = ["m5.large"]
+    min_vcpus = 0
+    max_vcpus = 4
+    subnets = [var.subnet_id]
+    security_group_ids = [var.security_group_id]
+  }
+}
+
+# # Create an AWS Batch job queue
+# resource "aws_batch_job_queue" "my_job_queue" {
+#   name = "my-job-queue"  # Replace with your desired job queue name
+#   priority = 1
+#   compute_environment_order {
+#     order = 1
+#     compute_environment = aws_batch_compute_environment.my_compute_environment.arn
+#   }
+# }
+
+# # Create an AWS Batch job
+# resource "aws_batch_job" "my_batch_job" {
+#   name = "my-batch-job-run"  # Replace with your desired job name
+#   job_queue = aws_batch_job_queue.my_job_queue.arn
+#   job_definition = aws_batch_job_definition.my_job_definition.arn
+# }
diff --git a/terraform/compute/variables.tf b/terraform/compute/variables.tf
index e69de29..bb49058 100644
--- a/terraform/compute/variables.tf
+++ b/terraform/compute/variables.tf
@@ -0,0 +1,12 @@
+variable "ecr_repository_url" {
+  type        = string
+  description = "Image URL for AWS Batch job"
+}
+variable "subnet_id" {
+  type        = string
+  description = "Subnet ID for AWS Batch job"
+}
+variable "security_group_id" {
+  type        = string
+  description = "Security group ID for AWS Batch job"
+}
diff --git a/terraform/main.tf b/terraform/main.tf
index 6d7d562..65d030c 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -55,35 +55,12 @@ resource "aws_security_group" "batch_security_group" {
 
 }
 
-# Create a security group for EFS mount targets
-resource "aws_security_group" "efs_security_group" {
-  name_prefix = "EFSSG-"
-  vpc_id      = aws_vpc.my_vpc.id
-
-  # Allow inbound traffic from the Batch security group
-  ingress {
-    from_port   = 2049
-    to_port     = 2049
-    protocol    = "tcp"
-    security_groups = [aws_security_group.batch_security_group.id]
-  }
-  tags = {
-      project = "ppp"
-    }
-
-}
 
 # Output the security group IDs
 output "batch_security_group_id" {
   value = aws_security_group.batch_security_group.id
 }
 
-output "efs_security_group_id" {
-  value = aws_security_group.efs_security_group.id
-}
-
-
-
 
 module storage {
   source = "./storage"
@@ -91,4 +68,7 @@ module storage {
 
 module compute {
   source = "./compute"
+  ecr_repository_url = module.storage.ecr_repository_url
+  subnet_id = aws_subnet.my_subnet.id
+  security_group_id = aws_security_group.batch_security_group.id
 }
diff --git a/terraform/storage/main.tf b/terraform/storage/main.tf
index d059b0f..e0eee64 100644
--- a/terraform/storage/main.tf
+++ b/terraform/storage/main.tf
@@ -26,3 +26,7 @@ resource "aws_ecr_repository" "my_repository" {
     ]
   }
 }
+
+output "ecr_repository_url" {
+  value = aws_ecr_repository.my_repository.repository_url
+}