forked from mergermarket/terraform-acuris-ecs-service
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
155 lines (136 loc) · 6.28 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
locals {
service_name = "${var.env}-${var.release["component"]}"
}
module "ecs_update_monitor" {
source = "mergermarket/ecs-update-monitor/acuris"
version = "2.0.4"
cluster = var.ecs_cluster
service = module.service.name
taskdef = module.taskdef.arn
is_test = var.is_test
}
module "service" {
source = "mergermarket/load-balanced-ecs-service-no-target-group/acuris"
version = "2.2.7"
name = "${local.service_name}${var.name_suffix}"
cluster = var.ecs_cluster
task_definition = module.taskdef.arn
container_name = "${var.release["component"]}${var.name_suffix}"
container_port = var.port
desired_count = var.desired_count
target_group_arn = var.target_group_arn
multiple_target_group_arns = var.multiple_target_group_arns
deployment_minimum_healthy_percent = var.deployment_minimum_healthy_percent
deployment_maximum_percent = var.deployment_maximum_percent
network_configuration_subnets = var.network_configuration_subnets
network_configuration_security_groups = var.network_configuration_security_groups
pack_and_distinct = var.pack_and_distinct
}
module "taskdef" {
source = "mergermarket/task-definition-with-task-role/acuris"
version = "2.1.0"
family = "${local.service_name}${var.name_suffix}"
container_definitions = [module.service_container_definition.rendered]
policy = var.task_role_policy
assume_role_policy = var.assume_role_policy
volume = var.taskdef_volume
env = var.env
release = var.release
network_mode = var.network_mode
is_test = var.is_test
}
module "service_container_definition" {
source = "mergermarket/ecs-container-definition/acuris"
version = "2.1.0"
name = "${var.release["component"]}${var.name_suffix}"
image = "${var.image_id != "" ? var.image_id : var.release["image_id"]}"
cpu = var.cpu
memory = var.memory
stop_timeout = var.stop_timeout
container_port = var.port
nofile_soft_ulimit = var.nofile_soft_ulimit
mountpoint = var.container_mountpoint
port_mappings = var.container_port_mappings
application_secrets = var.application_secrets
platform_secrets = var.platform_secrets
container_env = merge(
{
"LOGSPOUT_CLOUDWATCHLOGS_LOG_GROUP_STDOUT" = "${local.service_name}${var.name_suffix}-stdout"
"LOGSPOUT_CLOUDWATCHLOGS_LOG_GROUP_STDERR" = "${local.service_name}${var.name_suffix}-stderr"
"STATSD_HOST" = "172.17.42.1"
"STATSD_PORT" = "8125"
"STATSD_ENABLED" = "true"
"ENV_NAME" = var.env
"COMPONENT_NAME" = var.release["component"]
"VERSION" = var.release["version"]
},
var.common_application_environment,
var.application_environment,
var.secrets,
)
labels = merge(
{
"component" = var.release["component"]
"env" = var.env
"team" = var.release["team"]
"version" = var.release["version"]
},
var.container_labels,
)
}
resource "aws_cloudwatch_log_group" "stdout" {
name = "${local.service_name}${var.name_suffix}-stdout"
retention_in_days = "7"
}
resource "aws_cloudwatch_log_group" "stderr" {
name = "${local.service_name}${var.name_suffix}-stderr"
retention_in_days = "7"
}
resource "aws_cloudwatch_log_subscription_filter" "kinesis_log_stdout_stream" {
count = var.platform_config["datadog_log_subscription_arn"] != "" && var.add_datadog_feed ? 1 : 0
name = "kinesis-log-stdout-stream-${local.service_name}"
destination_arn = var.platform_config["datadog_log_subscription_arn"]
log_group_name = "${local.service_name}${var.name_suffix}-stdout"
filter_pattern = ""
depends_on = [aws_cloudwatch_log_group.stdout]
}
resource "aws_cloudwatch_log_subscription_filter" "kinesis_log_stderr_stream" {
count = var.platform_config["datadog_log_subscription_arn"] != "" && var.add_datadog_feed ? 1 : 0
name = "kinesis-log-stdout-stream-${local.service_name}"
destination_arn = var.platform_config["datadog_log_subscription_arn"]
log_group_name = "${local.service_name}${var.name_suffix}-stderr"
filter_pattern = ""
depends_on = [aws_cloudwatch_log_group.stderr]
}
resource "aws_appautoscaling_target" "ecs" {
count = var.allow_overnight_scaledown ? 1 : 0
min_capacity = var.desired_count
max_capacity = var.desired_count
resource_id = "service/${var.ecs_cluster}/${local.service_name}${var.name_suffix}"
scalable_dimension = "ecs:service:DesiredCount"
service_namespace = "ecs"
}
resource "aws_appautoscaling_scheduled_action" "scale_down" {
count = var.env != "live" && var.allow_overnight_scaledown ? 1 : 0
name = "scale_down-${local.service_name}${var.name_suffix}"
service_namespace = aws_appautoscaling_target.ecs[0].service_namespace
resource_id = aws_appautoscaling_target.ecs[0].resource_id
scalable_dimension = aws_appautoscaling_target.ecs[0].scalable_dimension
schedule = "cron(*/30 ${var.overnight_scaledown_start_hour}-${var.overnight_scaledown_end_hour - 1} ? * * *)"
scalable_target_action {
min_capacity = var.overnight_scaledown_min_count
max_capacity = var.overnight_scaledown_min_count
}
}
resource "aws_appautoscaling_scheduled_action" "scale_back_up" {
count = var.env != "live" && var.allow_overnight_scaledown ? 1 : 0
name = "scale_up-${local.service_name}${var.name_suffix}"
service_namespace = aws_appautoscaling_target.ecs[0].service_namespace
resource_id = aws_appautoscaling_target.ecs[0].resource_id
scalable_dimension = aws_appautoscaling_target.ecs[0].scalable_dimension
schedule = "cron(10 ${var.overnight_scaledown_end_hour} ? * MON-FRI *)"
scalable_target_action {
min_capacity = var.desired_count
max_capacity = var.desired_count
}
}