Skip to content

Latest commit

 

History

History
124 lines (103 loc) · 9 KB

README.md

File metadata and controls

124 lines (103 loc) · 9 KB

terraform-aws-ecs-app-nlb

Lint Status LICENSE

This terraform module is an AWS ECS Application Module that creates a Networking LoadBalance Application setup on ECS.

This module is designed to be used with DNXLabs/terraform-aws-ecs (https://github.com/DNXLabs/terraform-aws-ecs).

The following resources will be created:

  • Cloudwatch Metrics alarm - Provides a CloudWatch Metric Alarm resource.

  • IAM roles - The cloudwatch event needs an IAM Role to run the ECS task definition. A role is created and a policy will be granted via IAM policy.

  • IAM policy - Policy to be attached to the IAM Role. This policy will have a trust with the cloudwatch event service. And it will use the managed policy AmazonEC2ContainerServiceEventsRole created by AWS.

  • Security Groups for the ECS nodes

  • Simple Notification Service (SNS) topics - Alarm topics to create and alert on ECS service metrics. Leaving empty disables all alarms.

  • Auto Scaling

    • You can specify the max number of containers to scale with autoscaling. The default is 4
    • You can specify the nin number of containers to scale with autoscaling. The default is 1
    • Cooldown in seconds to wait between scale in events. The default is 300
    • Cooldown in seconds to wait between scale out events. The default is 300
  • Cloudwatch Log Groups

  • Network Load Balancer (NLB)

  • ECS task definition - A task definition is required to run Docker containers in Amazon ECS. Some of the parameters you can specify in a task definition include:

    • Image - Docker image to deploy
      • Default value = "dnxsolutions/nginx-hello:latest"
    • CPU - Hard limit of the CPU for the container
      • Default Value = 0
    • Memory - Hard memory of the container
      • Default Value = 512
    • Name - Name of the ECS Service
    • Set log configuration
  • ECS Task-scheduler activated by cloudwatch events

In addition you have the option to create or not :

  • Autoscaling
    • Enables or not autoscaling based on average CPU tracking
    • Target average CPU percentage to track for autoscaling
  • A Hostname to create DNS record for this app

Requirements

Name Version
terraform >= 0.13.0

Providers

Name Version
aws n/a
random n/a

Inputs

Name Description Type Default Required
alarm_prefix String prefix for cloudwatch alarms. (Optional, leave blank to use iam_account_alias) string "" no
alarm_sns_topics Alarm topics to create and alert on ECS service metrics list [] no
assign_public_ip Configures ECS Service to assign public IP (Fargate Only) bool false no
autoscaling_cpu Enables autoscaling based on average CPU tracking bool false no
autoscaling_max Max number of containers to scale with autoscaling number 4 no
autoscaling_min Min number of containers to scale with autoscaling number 1 no
autoscaling_scale_in_cooldown Cooldown in seconds to wait between scale in events number 300 no
autoscaling_scale_out_cooldown Cooldown in seconds to wait between scale out events number 300 no
autoscaling_target_cpu Target average CPU percentage to track for autoscaling number 50 no
cloudwatch_logs_export Whether to mark the log group to export to an S3 bucket (needs terraform-aws-log-exporter to be deployed in the account/region) bool false no
cloudwatch_logs_retention Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. number 120 no
cluster_name n/a string "Name of existing ECS Cluster to deploy this app to" no
codedeploy_deployment_config_name Specifies the deployment configuration for CodeDeploy string "CodeDeployDefault.ECSAllAtOnce" no
codedeploy_role_arn Existing IAM CodeDeploy role ARN created by ECS cluster module any null no
codedeploy_wait_time_for_cutover Time in minutes to route the traffic to the new application deployment number 0 no
codedeploy_wait_time_for_termination Time in minutes to terminate the new deployment number 0 no
container_port Port your container listens (used in the placeholder task definition) string "8080" no
cpu Hard limit for CPU for the container string "0" no
create_iam_codedeployrole Create Codedeploy IAM Role for ECS or not. bool true no
deployment_controller Type of deployment controller. Valid values: CODE_DEPLOY, ECS, EXTERNAL. string "CODE_DEPLOY" no
efs_mapping A map of efs volume ids and paths to mount into the default task definition map(string) {} no
fargate_spot Set true to use FARGATE_SPOT capacity provider by default (only when launch_type=FARGATE) bool false no
hosted_zone Hosted Zone to create DNS record for this app string "" no
hostname Hostname to create DNS record for this app string "" no
hostname_create Optional parameter to create or not a Route53 record string "true" no
image Docker image to deploy (can be a placeholder) string "dnxsolutions/nginx-hello:latest" no
launch_type The launch type on which to run your service. The valid values are EC2 and FARGATE. Defaults to EC2. string "FARGATE" no
memory Hard memory of the container string "512" no
name Name of your ECS service any n/a yes
network_mode The Docker networking mode to use for the containers in the task. The valid values are none, bridge, awsvpc, and host. (REQUIRED IF 'LAUCH_TYPE' IS FARGATE) any null no
nlb Flag to create the NLB bool false no
nlb_arn Networking LoadBalance ARN - Required if nlb=false or nlb_internal=false string "" no
nlb_internal Creates an Internal NLB for this service bool false no
nlb_subnets_cidr The subnets associated with the task or service. (REQUIRED IF 'LAUCH_TYPE' IS FARGATE) any null no
nlb_subnets_ids The subnets associated with the task or service. (REQUIRED IF 'LAUCH_TYPE' IS FARGATE) any null no
ordered_placement_strategy Service level strategy rules that are taken into consideration during task placement. List from top to bottom in order of precedence. The maximum number of ordered_placement_strategy blocks is 5.
list(object({
field = string
expression = string
}))
[] no
placement_constraints Rules that are taken into consideration during task placement. Maximum number of placement_constraints is 10.
list(object({
type = string
expression = string
}))
[] no
port Port for target group to listen string "80" no
ports Port for target group to listen
list(object({
port = number
protocol = string
}))
[
{
"port": 80,
"protocol": "tcp"
}
]
no
security_group_ecs_nodes_inbound_cidrs ECS Nodes inbound allowed CIDRs for the security group. list(string)
[
"0.0.0.0/0"
]
no
security_group_nlb_inbound_cidrs NLB inbound allowed CIDRs for the security group. list(string)
[
"0.0.0.0/0"
]
no
security_groups The security groups associated with the task or service any null no
service_health_check_grace_period_seconds Time until your container starts serving requests number 0 no
service_role_arn Existing service role ARN created by ECS cluster module any n/a yes
subnets The subnets associated with the task or service. (REQUIRED IF 'LAUCH_TYPE' IS FARGATE) any null no
task_role_arn Existing task role ARN created by ECS cluster module any n/a yes
ulimits Container ulimit settings. This is a list of maps, where each map should contain "name", "hardLimit" and "softLimit"
list(object({
name = string
hardLimit = number
softLimit = number
}))
null no
vpc_id VPC ID to deploy this app to any n/a yes

Outputs

Name Description
aws_cloudwatch_log_group_arn n/a

Authors

Module managed by DNX Solutions.

License

Apache 2 Licensed. See LICENSE for full details.