From aa2d99ff0e1856fb371a90452bc313fce1d99599 Mon Sep 17 00:00:00 2001 From: "Jorge E. Gamboa G" <59892618+jorge-cr-13@users.noreply.github.com> Date: Mon, 15 Jan 2024 17:23:48 +0100 Subject: [PATCH] ET-5331 Adapting modules and deleting redundant (#169) * Adapting modules and deleting redundant * Adding optional domain * Making public domain dynamic * Adding health settings * adapting * Modifying variables * Adding docker nginx * Adding timeout --- docker/nginx/Dockerfile | 9 +++ docker/nginx/default.conf | 15 ++++ docker/nginx/entrypoint.sh | 3 + generic/lightsail/main.tf | 29 +++++--- generic/lightsail/outputs.tf | 12 +++- generic/lightsail/variables.tf | 3 + generic/lightsail_container/main.tf | 85 ----------------------- generic/lightsail_container/outputs.tf | 9 --- generic/lightsail_container/terraform.tf | 10 --- generic/lightsail_container/variables.tf | 76 -------------------- generic/lightsail_deployment/main.tf | 34 ++++----- generic/lightsail_deployment/variables.tf | 57 ++++++++------- 12 files changed, 108 insertions(+), 234 deletions(-) create mode 100644 docker/nginx/Dockerfile create mode 100644 docker/nginx/default.conf create mode 100755 docker/nginx/entrypoint.sh delete mode 100644 generic/lightsail_container/main.tf delete mode 100644 generic/lightsail_container/outputs.tf delete mode 100644 generic/lightsail_container/terraform.tf delete mode 100644 generic/lightsail_container/variables.tf diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile new file mode 100644 index 00000000..30e4cb59 --- /dev/null +++ b/docker/nginx/Dockerfile @@ -0,0 +1,9 @@ +FROM nginx:latest + +# Custom nginx conf +COPY default.conf /tmp/default_temp.conf + +# Copy the entrypoint script to the container +COPY entrypoint.sh /docker-entrypoint.d/ + +RUN chmod +x /docker-entrypoint.d/entrypoint.sh diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf new file mode 100644 index 00000000..f0a5f9be --- /dev/null +++ b/docker/nginx/default.conf @@ -0,0 +1,15 @@ +server { + listen 80; + server_name ${SERVER_NAME}; + + location / { + access_log off; + proxy_pass http://${BACKEND_IP}; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # Set timeout values + proxy_read_timeout 600s; + } +} diff --git a/docker/nginx/entrypoint.sh b/docker/nginx/entrypoint.sh new file mode 100755 index 00000000..8fc02abd --- /dev/null +++ b/docker/nginx/entrypoint.sh @@ -0,0 +1,3 @@ +#!/bin/sh +envsubst '${SERVER_NAME} ${BACKEND_IP}' < /tmp/default_temp.conf > /etc/nginx/conf.d/default.conf +exec "$@" diff --git a/generic/lightsail/main.tf b/generic/lightsail/main.tf index 813ebbd5..3a5a284b 100644 --- a/generic/lightsail/main.tf +++ b/generic/lightsail/main.tf @@ -10,38 +10,45 @@ resource "aws_lightsail_container_service" "this" { } } - public_domain_names { - certificate { - certificate_name = var.certificate_name - domain_names = [ - var.subdomain_name, - "www.${var.subdomain_name}" - ] + dynamic "public_domain_names" { + for_each = var.domain_name != "" ? [1] : [] + content { + certificate { + certificate_name = var.certificate_name + domain_names = [ + var.subdomain_name, + "www.${var.subdomain_name}" + ] + } } } } # Domain settings data "aws_route53_zone" "this" { - name = var.domain_name + count = var.domain_name != "" ? 1 : 0 + name = var.domain_name } locals { - url_no_protocol = replace(replace(aws_lightsail_container_service.this.url, "https://", ""), "//$/", "") + url_no_protocol = replace(replace(aws_lightsail_container_service.this.url, "https://", ""), "//$/", "") + custom_domain_zone_id = var.domain_name != "" ? data.aws_route53_zone.this[0].id : "" } resource "aws_route53_record" "custom_domain" { + count = var.domain_name != "" ? 1 : 0 name = var.subdomain_name type = "CNAME" records = [local.url_no_protocol] ttl = 300 - zone_id = data.aws_route53_zone.this.id + zone_id = local.custom_domain_zone_id } resource "aws_route53_record" "www_custom_domain" { + count = var.domain_name != "" ? 1 : 0 name = "www.${var.subdomain_name}" type = "CNAME" records = [local.url_no_protocol] ttl = 300 - zone_id = data.aws_route53_zone.this.id + zone_id = local.custom_domain_zone_id } diff --git a/generic/lightsail/outputs.tf b/generic/lightsail/outputs.tf index 06ffe107..668f4190 100644 --- a/generic/lightsail/outputs.tf +++ b/generic/lightsail/outputs.tf @@ -1,5 +1,5 @@ output "lightsail_service_name" { - description = "Role created for lightsail use" + description = "Service name for the containers" value = var.service_name } @@ -12,3 +12,13 @@ output "private_registry_access" { description = "Describes a request to configure an Amazon Lightsail container service to access private container image repositories" value = var.private_registry_access } + +output "service_public_url" { + description = "The url to access the service" + value = aws_lightsail_container_service.this.url +} + +output "service_private_domain" { + description = "The private domain name of the container service" + value = aws_lightsail_container_service.this.private_domain_name +} diff --git a/generic/lightsail/variables.tf b/generic/lightsail/variables.tf index 51d9bc1f..4b2bc3a8 100644 --- a/generic/lightsail/variables.tf +++ b/generic/lightsail/variables.tf @@ -26,14 +26,17 @@ variable "private_registry_access" { variable "certificate_name" { description = "Name of the validated certificate for SSL" type = string + default = "" } variable "domain_name" { description = "The name of the DNS region." type = string + default = "" } variable "subdomain_name" { description = "The domain name for the app." type = string + default = "" } diff --git a/generic/lightsail_container/main.tf b/generic/lightsail_container/main.tf deleted file mode 100644 index ace48510..00000000 --- a/generic/lightsail_container/main.tf +++ /dev/null @@ -1,85 +0,0 @@ -# Domain settings -data "aws_route53_zone" "this" { - count = var.domain_name != "" ? 1 : 0 - name = var.domain_name -} - -locals { - url_no_protocol = replace(replace(aws_lightsail_container_service.this.url, "https://", ""), "//$/", "") - custom_domain_zone_id = var.domain_name != "" ? data.aws_route53_zone.this[0].id : "" -} - -resource "aws_route53_record" "custom_domain" { - count = var.domain_name != "" ? 1 : 0 - name = var.subdomain_name - type = "CNAME" - records = [local.url_no_protocol] - ttl = 300 - zone_id = local.custom_domain_zone_id -} - -resource "aws_route53_record" "www_custom_domain" { - count = var.domain_name != "" ? 1 : 0 - name = "www.${var.subdomain_name}" - type = "CNAME" - records = [local.url_no_protocol] - ttl = 300 - zone_id = local.custom_domain_zone_id -} - -resource "aws_lightsail_container_service" "this" { - name = var.service_name - power = var.power - scale = var.node_number - is_disabled = false - - private_registry_access { - ecr_image_puller_role { - is_active = var.private_registry_access - } - } - - dynamic "public_domain_names" { - for_each = var.domain_name != "" ? [1] : [] - content { - certificate { - certificate_name = var.certificate_name - domain_names = [ - var.subdomain_name, - "www.${var.subdomain_name}" - ] - } - } - } -} - -resource "aws_lightsail_container_service_deployment_version" "this" { - dynamic "container" { - for_each = var.containers - content { - container_name = container.value.name - image = container.value.image - command = container.value.command - environment = container.value.envs - ports = container.value.port - } - } - - public_endpoint { - container_name = var.public_container - container_port = var.public_port - - health_check { - healthy_threshold = 2 - unhealthy_threshold = 2 - timeout_seconds = 2 - interval_seconds = 5 - path = var.health_check_path - success_codes = var.health_success_codes - } - } - - service_name = var.service_name - - depends_on = [aws_lightsail_container_service.this] -} diff --git a/generic/lightsail_container/outputs.tf b/generic/lightsail_container/outputs.tf deleted file mode 100644 index a04d9095..00000000 --- a/generic/lightsail_container/outputs.tf +++ /dev/null @@ -1,9 +0,0 @@ -output "service_public_url" { - description = "The url to access the service" - value = aws_lightsail_container_service.this.url -} - -output "service_private_domain" { - description = "The private domain name of the container service" - value = aws_lightsail_container_service.this.private_domain_name -} diff --git a/generic/lightsail_container/terraform.tf b/generic/lightsail_container/terraform.tf deleted file mode 100644 index a3813b20..00000000 --- a/generic/lightsail_container/terraform.tf +++ /dev/null @@ -1,10 +0,0 @@ -terraform { - required_version = "1.3.7" - - required_providers { - aws = { - source = "hashicorp/aws" - version = "4.50.0" - } - } -} diff --git a/generic/lightsail_container/variables.tf b/generic/lightsail_container/variables.tf deleted file mode 100644 index e76e08c9..00000000 --- a/generic/lightsail_container/variables.tf +++ /dev/null @@ -1,76 +0,0 @@ -# Domain settings -variable "certificate_name" { - description = "Name of the validated certificate for SSL" - type = string - default = "" -} - -variable "domain_name" { - description = "The name of the DNS region." - type = string - default = "" -} - -variable "subdomain_name" { - description = "The domain name for the app." - type = string - default = "" -} - -# Service configuration -variable "service_name" { - description = " The name for the container service." - type = string -} - -variable "power" { - description = "The power specifies the amount of memory, the number of vCPUs, and the monthly price of each node of the container service." - type = string - default = "nano" -} - -variable "node_number" { - description = "The allocated compute nodes of the container service." - type = number - default = 1 -} - -variable "private_registry_access" { - description = "Describes a request to configure an Amazon Lightsail container service to access private container image repositories" - type = bool - default = false -} - -## Container data -variable "containers" { - description = "Configuration for the containers to deploy" - type = list(object({ - name = string - image = string - port = map(string) - command = list(string) - envs = map(string) - })) -} - -variable "public_container" { - description = " The name of the main container to access" - type = string -} - -variable "public_port" { - description = "The number of the port to access the public container." - type = string -} - -variable "health_check_path" { - description = "The path to check the container health." - type = string - default = "/" -} - -variable "health_success_codes" { - description = "The success code for the health of the container." - type = string - default = "200-499" -} diff --git a/generic/lightsail_deployment/main.tf b/generic/lightsail_deployment/main.tf index 6ab3e124..1effd06b 100644 --- a/generic/lightsail_deployment/main.tf +++ b/generic/lightsail_deployment/main.tf @@ -1,26 +1,26 @@ resource "aws_lightsail_container_service_deployment_version" "this" { - container { - container_name = var.service_name - image = var.container_image - - command = var.container_command - - environment = var.environmental_variables - - ports = var.ports + dynamic "container" { + for_each = var.containers + content { + container_name = container.value.name + image = container.value.image + command = container.value.command + environment = container.value.envs + ports = container.value.port + } } public_endpoint { - container_name = var.service_name - container_port = keys(var.ports)[0] + container_name = var.public_container + container_port = var.public_port health_check { - healthy_threshold = 2 - unhealthy_threshold = 2 - timeout_seconds = 2 - interval_seconds = 5 - path = var.health_check_path - success_codes = var.health_success_codes + healthy_threshold = var.health_check.healthy_threshold + unhealthy_threshold = var.health_check.unhealthy_threshold + timeout_seconds = var.health_check.timeout_sec + interval_seconds = var.health_check.interval_sec + path = var.health_check.path + success_codes = var.health_check.success_code } } diff --git a/generic/lightsail_deployment/variables.tf b/generic/lightsail_deployment/variables.tf index 5f5b5b58..31b53e1d 100644 --- a/generic/lightsail_deployment/variables.tf +++ b/generic/lightsail_deployment/variables.tf @@ -4,36 +4,43 @@ variable "service_name" { } ## Container data -variable "container_image" { - description = " The name of the container image." - type = string -} - -variable "ports" { - description = "The number of the port to access the container." - type = map(string) +variable "containers" { + description = "Configuration for the containers to deploy" + type = list(object({ + name = string + image = string + port = map(string) + command = list(string) + envs = map(string) + })) } -variable "environmental_variables" { - description = "Pair of key-value environmental variables for the container." - type = map(string) - default = {} -} - -variable "container_command" { - description = "Launch commands for the container." - type = list(string) - default = [] +variable "public_container" { + description = " The name of the main container to access" + type = string } -variable "health_check_path" { - description = "The path to check the container health." +variable "public_port" { + description = "The number of the port to access the public container." type = string - default = "/" } -variable "health_success_codes" { - description = "The success code for the health of the container." - type = string - default = "200-499" +variable "health_check" { + description = "The health check configuration for the container" + type = object({ + healthy_threshold = number + unhealthy_threshold = number + timeout_sec = number + interval_sec = number + path = string + success_code = string + }) + default = { + healthy_threshold = 2 + unhealthy_threshold = 2 + timeout_sec = 2 + interval_sec = 5 + path = "/" + success_code = "200-499" + } }