updating application
This commit is contained in:
parent
ee2d46b86f
commit
0a5338f20f
3 changed files with 19 additions and 110 deletions
|
@ -3,9 +3,10 @@
|
||||||
|
|
||||||
provider "registry.opentofu.org/hashicorp/aws" {
|
provider "registry.opentofu.org/hashicorp/aws" {
|
||||||
version = "5.45.0"
|
version = "5.45.0"
|
||||||
constraints = ">= 4.0.0, >= 4.66.1, >= 5.30.0, >= 5.33.0"
|
constraints = ">= 4.66.1, >= 5.30.0, >= 5.33.0"
|
||||||
hashes = [
|
hashes = [
|
||||||
"h1:3zU3yp1SY+8vHAQvhfhYdPnFYQpFwXXXar+hOrnofzQ=",
|
"h1:3zU3yp1SY+8vHAQvhfhYdPnFYQpFwXXXar+hOrnofzQ=",
|
||||||
|
"h1:A8MJa+VwONA4BNO5xzeleguJbrblNLnXBImHTK/qgFg=",
|
||||||
"zh:1d71c406aeaf4ba762eb62e4595ab9c9f8da1a2c9b74bb4277c0acfd9678ae65",
|
"zh:1d71c406aeaf4ba762eb62e4595ab9c9f8da1a2c9b74bb4277c0acfd9678ae65",
|
||||||
"zh:3b00b13154eadedb37bca99bf7cbd556fa9472e6900c970effa17a270ee9f721",
|
"zh:3b00b13154eadedb37bca99bf7cbd556fa9472e6900c970effa17a270ee9f721",
|
||||||
"zh:6f264e8b70153925ac8abfa83ebffe2c2d5a27ab5557a6b16124269b08ac2441",
|
"zh:6f264e8b70153925ac8abfa83ebffe2c2d5a27ab5557a6b16124269b08ac2441",
|
||||||
|
|
|
@ -44,23 +44,26 @@ module "ecs_service" {
|
||||||
# Container definition(s)
|
# Container definition(s)
|
||||||
container_definitions = {
|
container_definitions = {
|
||||||
|
|
||||||
fluent-bit = {
|
valkey = {
|
||||||
cpu = 512
|
cpu = 512
|
||||||
memory = 1024
|
memory = 1024
|
||||||
essential = true
|
essential = true
|
||||||
image = nonsensitive(data.aws_ssm_parameter.fluentbit.value)
|
image = "valkey/valkey:7.2.4-rc1-alpine"
|
||||||
firelens_configuration = {
|
port_mappings = [
|
||||||
type = "fluentbit"
|
{
|
||||||
|
name = "valkey"
|
||||||
|
containerPort = 6379
|
||||||
|
hostPort = 6379
|
||||||
|
protocol = "tcp"
|
||||||
}
|
}
|
||||||
memory_reservation = 50
|
]
|
||||||
user = "0"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
(local.container_name) = {
|
(local.container_name) = {
|
||||||
cpu = 512
|
cpu = 512
|
||||||
memory = 1024
|
memory = 1024
|
||||||
essential = true
|
essential = true
|
||||||
image = "public.ecr.aws/aws-containers/ecsdemo-frontend:776fd50"
|
image = "richarvey/chat-app:latest"
|
||||||
port_mappings = [
|
port_mappings = [
|
||||||
{
|
{
|
||||||
name = local.container_name
|
name = local.container_name
|
||||||
|
@ -70,39 +73,14 @@ module "ecs_service" {
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
# Example image used requires access to write to root filesystem
|
environment = [
|
||||||
readonly_root_filesystem = false
|
{
|
||||||
|
name = "REDIS_ENDPOINT"
|
||||||
dependencies = [{
|
value = "valkey"
|
||||||
containerName = "fluent-bit"
|
},
|
||||||
condition = "START"
|
]
|
||||||
}]
|
|
||||||
|
|
||||||
enable_cloudwatch_logging = false
|
enable_cloudwatch_logging = false
|
||||||
log_configuration = {
|
|
||||||
logDriver = "awsfirelens"
|
|
||||||
options = {
|
|
||||||
Name = "firehose"
|
|
||||||
region = local.region
|
|
||||||
delivery_stream = "my-stream"
|
|
||||||
log-driver-buffer-limit = "2097152"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
linux_parameters = {
|
|
||||||
capabilities = {
|
|
||||||
add = []
|
|
||||||
drop = [
|
|
||||||
"NET_RAW"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Not required for fluent-bit, just an example
|
|
||||||
volumes_from = [{
|
|
||||||
sourceContainer = "fluent-bit"
|
|
||||||
readOnly = false
|
|
||||||
}]
|
|
||||||
|
|
||||||
memory_reservation = 100
|
memory_reservation = 100
|
||||||
}
|
}
|
||||||
|
@ -154,67 +132,10 @@ module "ecs_service" {
|
||||||
tags = local.tags
|
tags = local.tags
|
||||||
}
|
}
|
||||||
|
|
||||||
################################################################################
|
|
||||||
# Standalone Task Definition (w/o Service)
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
module "ecs_task_definition" {
|
|
||||||
source = "./modules/service"
|
|
||||||
|
|
||||||
# Service
|
|
||||||
name = "${local.name}-standalone"
|
|
||||||
cluster_arn = module.ecs_cluster.arn
|
|
||||||
|
|
||||||
# Task Definition
|
|
||||||
volume = {
|
|
||||||
ex-vol = {}
|
|
||||||
}
|
|
||||||
|
|
||||||
runtime_platform = {
|
|
||||||
cpu_architecture = "ARM64"
|
|
||||||
operating_system_family = "LINUX"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Container definition(s)
|
|
||||||
container_definitions = {
|
|
||||||
al2023 = {
|
|
||||||
image = "public.ecr.aws/amazonlinux/amazonlinux:2023-minimal"
|
|
||||||
|
|
||||||
mount_points = [
|
|
||||||
{
|
|
||||||
sourceVolume = "ex-vol",
|
|
||||||
containerPath = "/var/www/ex-vol"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
|
|
||||||
command = ["echo hello world"]
|
|
||||||
entrypoint = ["/usr/bin/sh", "-c"]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
subnet_ids = module.vpc.private_subnets
|
|
||||||
|
|
||||||
security_group_rules = {
|
|
||||||
egress_all = {
|
|
||||||
type = "egress"
|
|
||||||
from_port = 0
|
|
||||||
to_port = 0
|
|
||||||
protocol = "-1"
|
|
||||||
cidr_blocks = ["0.0.0.0/0"]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
tags = local.tags
|
|
||||||
}
|
|
||||||
|
|
||||||
################################################################################
|
################################################################################
|
||||||
# Supporting Resources
|
# Supporting Resources
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
data "aws_ssm_parameter" "fluentbit" {
|
|
||||||
name = "/aws/service/aws-for-fluent-bit/stable"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_service_discovery_http_namespace" "this" {
|
resource "aws_service_discovery_http_namespace" "this" {
|
||||||
name = local.name
|
name = local.name
|
||||||
description = "CloudMap namespace for ${local.name}"
|
description = "CloudMap namespace for ${local.name}"
|
||||||
|
|
|
@ -151,16 +151,3 @@ output "service_security_group_id" {
|
||||||
value = module.ecs_service.security_group_id
|
value = module.ecs_service.security_group_id
|
||||||
}
|
}
|
||||||
|
|
||||||
################################################################################
|
|
||||||
# Standalone Task Definition (w/o Service)
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
output "task_definition_run_task_command" {
|
|
||||||
description = "awscli command to run the standalone task"
|
|
||||||
value = <<EOT
|
|
||||||
aws ecs run-task --cluster ${module.ecs_cluster.name} \
|
|
||||||
--task-definition ${module.ecs_task_definition.task_definition_family_revision} \
|
|
||||||
--network-configuration "awsvpcConfiguration={subnets=[${join(",", module.vpc.private_subnets)}],securityGroups=[${module.ecs_task_definition.security_group_id}]}" \
|
|
||||||
--region ${local.region}
|
|
||||||
EOT
|
|
||||||
}
|
|
||||||
|
|
Loading…
Reference in a new issue