ric/terraform-tofu-labs
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

updating application

Browse source
This commit is contained in:
Ric Harvey 2024-04-15 17:29:24 +01:00
parent ee2d46b86f
commit 0a5338f20f
Signed by: ric
GPG key ID: CD63CE502B962F16
3 changed files with 19 additions and 110 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
2-simple-example/iac/.terraform.lock.hcl
View file

@ -3,9 +3,10 @@
provider "registry.opentofu.org/hashicorp/aws" { provider "registry.opentofu.org/hashicorp/aws" {
version = "5.45.0" version = "5.45.0"
constraints = ">= 4.0.0, >= 4.66.1, >= 5.30.0, >= 5.33.0" constraints = ">= 4.66.1, >= 5.30.0, >= 5.33.0"
hashes = [ hashes = [
"h1:3zU3yp1SY+8vHAQvhfhYdPnFYQpFwXXXar+hOrnofzQ=", "h1:3zU3yp1SY+8vHAQvhfhYdPnFYQpFwXXXar+hOrnofzQ=",
"h1:A8MJa+VwONA4BNO5xzeleguJbrblNLnXBImHTK/qgFg=",
"zh:1d71c406aeaf4ba762eb62e4595ab9c9f8da1a2c9b74bb4277c0acfd9678ae65", "zh:1d71c406aeaf4ba762eb62e4595ab9c9f8da1a2c9b74bb4277c0acfd9678ae65",
"zh:3b00b13154eadedb37bca99bf7cbd556fa9472e6900c970effa17a270ee9f721", "zh:3b00b13154eadedb37bca99bf7cbd556fa9472e6900c970effa17a270ee9f721",
"zh:6f264e8b70153925ac8abfa83ebffe2c2d5a27ab5557a6b16124269b08ac2441", "zh:6f264e8b70153925ac8abfa83ebffe2c2d5a27ab5557a6b16124269b08ac2441",

113
2-simple-example/iac/ecs.tf
View file

@ -44,23 +44,26 @@ module "ecs_service" {
# Container definition(s) # Container definition(s)
container_definitions = { container_definitions = {
fluent-bit = { valkey = {
cpu = 512 cpu = 512
memory = 1024 memory = 1024
essential = true essential = true
image = nonsensitive(data.aws_ssm_parameter.fluentbit.value) image = "valkey/valkey:7.2.4-rc1-alpine"
firelens_configuration = { port_mappings = [
type = "fluentbit" {
} name = "valkey"
memory_reservation = 50 containerPort = 6379
user = "0" hostPort = 6379
protocol = "tcp"
}
]
} }
(local.container_name) = { (local.container_name) = {
cpu = 512 cpu = 512
memory = 1024 memory = 1024
essential = true essential = true
image = "public.ecr.aws/aws-containers/ecsdemo-frontend:776fd50" image = "richarvey/chat-app:latest"
port_mappings = [ port_mappings = [
{ {
name = local.container_name name = local.container_name
@ -70,39 +73,14 @@ module "ecs_service" {
} }
] ]
# Example image used requires access to write to root filesystem environment = [
readonly_root_filesystem = false {
name = "REDIS_ENDPOINT"
dependencies = [{ value = "valkey"
containerName = "fluent-bit" },
condition = "START" ]
}]
enable_cloudwatch_logging = false enable_cloudwatch_logging = false
log_configuration = {
logDriver = "awsfirelens"
options = {
Name = "firehose"
region = local.region
delivery_stream = "my-stream"
log-driver-buffer-limit = "2097152"
}
}
linux_parameters = {
capabilities = {
add = []
drop = [
"NET_RAW"
]
}
}
# Not required for fluent-bit, just an example
volumes_from = [{
sourceContainer = "fluent-bit"
readOnly = false
}]
memory_reservation = 100 memory_reservation = 100
} }
@ -154,67 +132,10 @@ module "ecs_service" {
tags = local.tags tags = local.tags
} }
################################################################################
# Standalone Task Definition (w/o Service)
################################################################################
module "ecs_task_definition" {
source = "./modules/service"
# Service
name = "${local.name}-standalone"
cluster_arn = module.ecs_cluster.arn
# Task Definition
volume = {
ex-vol = {}
}
runtime_platform = {
cpu_architecture = "ARM64"
operating_system_family = "LINUX"
}
# Container definition(s)
container_definitions = {
al2023 = {
image = "public.ecr.aws/amazonlinux/amazonlinux:2023-minimal"
mount_points = [
{
sourceVolume = "ex-vol",
containerPath = "/var/www/ex-vol"
}
]
command = ["echo hello world"]
entrypoint = ["/usr/bin/sh", "-c"]
}
}
subnet_ids = module.vpc.private_subnets
security_group_rules = {
egress_all = {
type = "egress"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
tags = local.tags
}
################################################################################ ################################################################################
# Supporting Resources # Supporting Resources
################################################################################ ################################################################################
data "aws_ssm_parameter" "fluentbit" {
name = "/aws/service/aws-for-fluent-bit/stable"
}
resource "aws_service_discovery_http_namespace" "this" { resource "aws_service_discovery_http_namespace" "this" {
name = local.name name = local.name
description = "CloudMap namespace for ${local.name}" description = "CloudMap namespace for ${local.name}"

13
2-simple-example/iac/outputs.tf
View file

@ -151,16 +151,3 @@ output "service_security_group_id" {
value = module.ecs_service.security_group_id value = module.ecs_service.security_group_id
} }
################################################################################
# Standalone Task Definition (w/o Service)
################################################################################
output "task_definition_run_task_command" {
description = "awscli command to run the standalone task"
value = <<EOT
aws ecs run-task --cluster ${module.ecs_cluster.name} \
--task-definition ${module.ecs_task_definition.task_definition_family_revision} \
--network-configuration "awsvpcConfiguration={subnets=[${join(",", module.vpc.private_subnets)}],securityGroups=[${module.ecs_task_definition.security_group_id}]}" \
--region ${local.region}
EOT
}