updating application
This commit is contained in:
parent
ee2d46b86f
commit
0a5338f20f
GPG key ID:
CD63CE502B962F16
3 changed files with 19 additions and 110 deletions
|
|
@ -3,9 +3,10 @@
|
|||
|
||||
provider "registry.opentofu.org/hashicorp/aws" {
|
||||
version = "5.45.0"
|
||||
constraints = ">= 4.0.0, >= 4.66.1, >= 5.30.0, >= 5.33.0"
|
||||
constraints = ">= 4.66.1, >= 5.30.0, >= 5.33.0"
|
||||
hashes = [
|
||||
"h1:3zU3yp1SY+8vHAQvhfhYdPnFYQpFwXXXar+hOrnofzQ=",
|
||||
"h1:A8MJa+VwONA4BNO5xzeleguJbrblNLnXBImHTK/qgFg=",
|
||||
"zh:1d71c406aeaf4ba762eb62e4595ab9c9f8da1a2c9b74bb4277c0acfd9678ae65",
|
||||
"zh:3b00b13154eadedb37bca99bf7cbd556fa9472e6900c970effa17a270ee9f721",
|
||||
"zh:6f264e8b70153925ac8abfa83ebffe2c2d5a27ab5557a6b16124269b08ac2441",
|
||||
|
|
|
|||
|
|
@ -44,23 +44,26 @@ module "ecs_service" {
|
|||
# Container definition(s)
|
||||
container_definitions = {
|
||||
|
||||
fluent-bit = {
|
||||
valkey = {
|
||||
cpu = 512
|
||||
memory = 1024
|
||||
essential = true
|
||||
image = nonsensitive(data.aws_ssm_parameter.fluentbit.value)
|
||||
firelens_configuration = {
|
||||
type = "fluentbit"
|
||||
image = "valkey/valkey:7.2.4-rc1-alpine"
|
||||
port_mappings = [
|
||||
{
|
||||
name = "valkey"
|
||||
containerPort = 6379
|
||||
hostPort = 6379
|
||||
protocol = "tcp"
|
||||
}
|
||||
memory_reservation = 50
|
||||
user = "0"
|
||||
]
|
||||
}
|
||||
|
||||
(local.container_name) = {
|
||||
cpu = 512
|
||||
memory = 1024
|
||||
essential = true
|
||||
image = "public.ecr.aws/aws-containers/ecsdemo-frontend:776fd50"
|
||||
image = "richarvey/chat-app:latest"
|
||||
port_mappings = [
|
||||
{
|
||||
name = local.container_name
|
||||
|
|
@ -70,39 +73,14 @@ module "ecs_service" {
|
|||
}
|
||||
]
|
||||
|
||||
# Example image used requires access to write to root filesystem
|
||||
readonly_root_filesystem = false
|
||||
|
||||
dependencies = [{
|
||||
containerName = "fluent-bit"
|
||||
condition = "START"
|
||||
}]
|
||||
environment = [
|
||||
{
|
||||
name = "REDIS_ENDPOINT"
|
||||
value = "valkey"
|
||||
},
|
||||
]
|
||||
|
||||
enable_cloudwatch_logging = false
|
||||
log_configuration = {
|
||||
logDriver = "awsfirelens"
|
||||
options = {
|
||||
Name = "firehose"
|
||||
region = local.region
|
||||
delivery_stream = "my-stream"
|
||||
log-driver-buffer-limit = "2097152"
|
||||
}
|
||||
}
|
||||
|
||||
linux_parameters = {
|
||||
capabilities = {
|
||||
add = []
|
||||
drop = [
|
||||
"NET_RAW"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
# Not required for fluent-bit, just an example
|
||||
volumes_from = [{
|
||||
sourceContainer = "fluent-bit"
|
||||
readOnly = false
|
||||
}]
|
||||
|
||||
memory_reservation = 100
|
||||
}
|
||||
|
|
@ -154,67 +132,10 @@ module "ecs_service" {
|
|||
tags = local.tags
|
||||
}
|
||||
|
||||
################################################################################
|
||||
# Standalone Task Definition (w/o Service)
|
||||
################################################################################
|
||||
|
||||
module "ecs_task_definition" {
|
||||
source = "./modules/service"
|
||||
|
||||
# Service
|
||||
name = "${local.name}-standalone"
|
||||
cluster_arn = module.ecs_cluster.arn
|
||||
|
||||
# Task Definition
|
||||
volume = {
|
||||
ex-vol = {}
|
||||
}
|
||||
|
||||
runtime_platform = {
|
||||
cpu_architecture = "ARM64"
|
||||
operating_system_family = "LINUX"
|
||||
}
|
||||
|
||||
# Container definition(s)
|
||||
container_definitions = {
|
||||
al2023 = {
|
||||
image = "public.ecr.aws/amazonlinux/amazonlinux:2023-minimal"
|
||||
|
||||
mount_points = [
|
||||
{
|
||||
sourceVolume = "ex-vol",
|
||||
containerPath = "/var/www/ex-vol"
|
||||
}
|
||||
]
|
||||
|
||||
command = ["echo hello world"]
|
||||
entrypoint = ["/usr/bin/sh", "-c"]
|
||||
}
|
||||
}
|
||||
|
||||
subnet_ids = module.vpc.private_subnets
|
||||
|
||||
security_group_rules = {
|
||||
egress_all = {
|
||||
type = "egress"
|
||||
from_port = 0
|
||||
to_port = 0
|
||||
protocol = "-1"
|
||||
cidr_blocks = ["0.0.0.0/0"]
|
||||
}
|
||||
}
|
||||
|
||||
tags = local.tags
|
||||
}
|
||||
|
||||
################################################################################
|
||||
# Supporting Resources
|
||||
################################################################################
|
||||
|
||||
data "aws_ssm_parameter" "fluentbit" {
|
||||
name = "/aws/service/aws-for-fluent-bit/stable"
|
||||
}
|
||||
|
||||
resource "aws_service_discovery_http_namespace" "this" {
|
||||
name = local.name
|
||||
description = "CloudMap namespace for ${local.name}"
|
||||
|
|
|
|||
|
|
@ -151,16 +151,3 @@ output "service_security_group_id" {
|
|||
value = module.ecs_service.security_group_id
|
||||
}
|
||||
|
||||
################################################################################
|
||||
# Standalone Task Definition (w/o Service)
|
||||
################################################################################
|
||||
|
||||
output "task_definition_run_task_command" {
|
||||
description = "awscli command to run the standalone task"
|
||||
value = <<EOT
|
||||
aws ecs run-task --cluster ${module.ecs_cluster.name} \
|
||||
--task-definition ${module.ecs_task_definition.task_definition_family_revision} \
|
||||
--network-configuration "awsvpcConfiguration={subnets=[${join(",", module.vpc.private_subnets)}],securityGroups=[${module.ecs_task_definition.security_group_id}]}" \
|
||||
--region ${local.region}
|
||||
EOT
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue