forked from mergermarket/terraform-acuris-ecs-service
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.tf
203 lines (179 loc) · 7.83 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
locals {
service_name = "${var.env}-${var.release["component"]}"
full_service_name = "${local.service_name}${var.name_suffix}"
}
module "ecs_update_monitor" {
source = "mergermarket/ecs-update-monitor/acuris"
version = "2.3.5"
cluster = var.ecs_cluster
service = module.service.name
taskdef = module.taskdef.arn
is_test = var.is_test
timeout = var.deployment_timeout
}
locals {
capacity_providers = var.image_build_details["buildx"] == "true" && can(regexall("^arm64", var.image_build_details["platforms"])) ? [
{
capacity_provider = "${var.ecs_cluster}-native-scaling-graviton"
weight = 1
},
] : [
{
capacity_provider = "${var.ecs_cluster}-native-scaling"
weight = 1
},
]
}
output "capacity_providers" {
value = local.capacity_providers
}
module "service" {
source = "mergermarket/load-balanced-ecs-service-no-target-group/acuris"
version = "2.5.0"
name = local.full_service_name
cluster = var.ecs_cluster
task_definition = module.taskdef.arn
container_name = "${var.release["component"]}${var.name_suffix}"
container_port = var.port
desired_count = var.desired_count
target_group_arn = var.target_group_arn
multiple_target_group_arns = var.multiple_target_group_arns
deployment_minimum_healthy_percent = var.deployment_minimum_healthy_percent
deployment_maximum_percent = var.deployment_maximum_percent
network_configuration_subnets = var.network_configuration_subnets
network_configuration_security_groups = var.network_configuration_security_groups
pack_and_distinct = var.pack_and_distinct
health_check_grace_period_seconds = var.health_check_grace_period_seconds
capacity_providers = local.capacity_providers
}
module "taskdef" {
source = "mergermarket/task-definition-with-task-role/acuris"
version = "2.2.0"
family = local.full_service_name
container_definitions = [module.service_container_definition.rendered]
policy = var.task_role_policy
assume_role_policy = var.assume_role_policy
volume = var.taskdef_volume
env = var.env
release = var.release
network_mode = var.network_mode
is_test = var.is_test
placement_constraint_on_demand_only = var.placement_constraint_on_demand_only
}
module "service_container_definition" {
source = "mergermarket/ecs-container-definition/acuris"
version = "2.3.1"
name = "${var.release["component"]}${var.name_suffix}"
image = var.image_id != "" ? var.image_id : var.release["image_id"]
cpu = var.cpu
privileged = var.privileged
memory = var.memory
stop_timeout = var.stop_timeout
container_port = var.port
nofile_soft_ulimit = var.nofile_soft_ulimit
mountpoint = var.container_mountpoint
port_mappings = var.container_port_mappings
application_secrets = var.application_secrets
platform_secrets = var.platform_secrets
container_env = merge(
{
"LOGSPOUT_CLOUDWATCHLOGS_LOG_GROUP_STDOUT" = "${local.full_service_name}-stdout"
"LOGSPOUT_CLOUDWATCHLOGS_LOG_GROUP_STDERR" = "${local.full_service_name}-stderr"
"STATSD_HOST" = "172.17.42.1"
"STATSD_PORT" = "8125"
"STATSD_ENABLED" = "true"
"ENV_NAME" = var.env
"COMPONENT_NAME" = var.release["component"]
"VERSION" = var.release["version"]
},
var.common_application_environment,
var.application_environment,
var.secrets,
)
labels = merge(
{
"component" = var.release["component"]
"env" = var.env
"team" = var.release["team"]
"version" = var.release["version"]
"com.datadoghq.ad.logs" = "[{\"source\": \"amazon_ecs\", \"service\": \"${local.full_service_name}\"}]"
},
var.container_labels,
)
extra_hosts = var.extra_hosts
}
resource "aws_cloudwatch_log_group" "stdout" {
name = "${local.full_service_name}-stdout"
retention_in_days = "7"
}
resource "aws_cloudwatch_log_group" "stderr" {
name = "${local.full_service_name}-stderr"
retention_in_days = "7"
}
resource "aws_cloudwatch_log_subscription_filter" "kinesis_log_stdout_stream" {
count = var.platform_config["datadog_log_subscription_arn"] != "" && var.add_datadog_feed ? 1 : 0
name = "kinesis-log-stdout-stream-${local.service_name}"
destination_arn = var.platform_config["datadog_log_subscription_arn"]
log_group_name = "${local.full_service_name}-stdout"
filter_pattern = ""
depends_on = [aws_cloudwatch_log_group.stdout]
}
resource "aws_cloudwatch_log_subscription_filter" "kinesis_log_stderr_stream" {
count = var.platform_config["datadog_log_subscription_arn"] != "" && var.add_datadog_feed ? 1 : 0
name = "kinesis-log-stdout-stream-${local.service_name}"
destination_arn = var.platform_config["datadog_log_subscription_arn"]
log_group_name = "${local.full_service_name}-stderr"
filter_pattern = ""
depends_on = [aws_cloudwatch_log_group.stderr]
}
resource "aws_appautoscaling_target" "ecs" {
min_capacity = floor(var.desired_count / 2)
max_capacity = var.desired_count * 3
resource_id = "service/${var.ecs_cluster}/${local.full_service_name}"
scalable_dimension = "ecs:service:DesiredCount"
service_namespace = "ecs"
}
resource "aws_appautoscaling_scheduled_action" "scale_down" {
count = var.env != "live" && var.allow_overnight_scaledown ? 1 : 0
name = "scale_down-${local.full_service_name}"
service_namespace = aws_appautoscaling_target.ecs.service_namespace
resource_id = aws_appautoscaling_target.ecs.resource_id
scalable_dimension = aws_appautoscaling_target.ecs.scalable_dimension
schedule = "cron(*/30 ${var.overnight_scaledown_start_hour}-${var.overnight_scaledown_end_hour - 1} ? * * *)"
scalable_target_action {
min_capacity = var.overnight_scaledown_min_count
max_capacity = var.overnight_scaledown_min_count
}
}
resource "aws_appautoscaling_scheduled_action" "scale_back_up" {
count = var.env != "live" && var.allow_overnight_scaledown ? 1 : 0
name = "scale_up-${local.full_service_name}"
service_namespace = aws_appautoscaling_target.ecs.service_namespace
resource_id = aws_appautoscaling_target.ecs.resource_id
scalable_dimension = aws_appautoscaling_target.ecs.scalable_dimension
schedule = "cron(10 ${var.overnight_scaledown_end_hour} ? * MON-FRI *)"
scalable_target_action {
min_capacity = var.desired_count
max_capacity = var.desired_count
}
}
resource "aws_appautoscaling_policy" "task_scaling_policy" {
for_each = {
for index, scale in var.scaling_metrics :
scale.metric => scale
}
name = each.value.name
policy_type = "TargetTrackingScaling"
resource_id = aws_appautoscaling_target.ecs.resource_id
scalable_dimension = aws_appautoscaling_target.ecs.scalable_dimension
service_namespace = aws_appautoscaling_target.ecs.service_namespace
target_tracking_scaling_policy_configuration {
disable_scale_in = each.value.disable_scale_in
scale_in_cooldown = each.value.scale_in_cooldown
scale_out_cooldown = each.value.scale_out_cooldown
target_value = each.value.target_value
predefined_metric_specification {
predefined_metric_type = each.value.metric
}
}
}