Skip to content

Commit 118da82

Browse files
siddharth-singh1siddharth-singh1
committed
Modified README and added var desc
1 parent c3220e0 commit 118da82

File tree

6 files changed

+96
-274
lines changed

6 files changed

+96
-274
lines changed

.terraform.lock.hcl

Lines changed: 25 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

README.md

Lines changed: 33 additions & 87 deletions
Original file line numberDiff line numberDiff line change
@@ -9,20 +9,19 @@
99
[![Known Vulnerabilities](https://github.com/sourcefuse/terraform-aws-arc-ecs/actions/workflows/snyk.yaml/badge.svg)](https://github.com/sourcefuse/terraform-aws-arc-ecs/actions/workflows/snyk.yaml)
1010
## Overview
1111

12-
SourceFuse's AWS Reference Architecture Terraform module leverages the terraform-aws-modules/terraform-aws-ecs GitHub repository to facilitate the deployment and management of an AWS ECS (Elastic Container Service) cluster. It streamlines the configuration of ECS tasks, services, and related components, providing a scalable and efficient solution for orchestrating containerized applications. With customizable settings for logging, load balancing, and service discovery, the module promotes seamless deployment and management of containerized workloads on AWS.
12+
SourceFuse's AWS Reference Architecture Terraform module leverages the terraform-aws-modules/terraform-aws-ecs GitHub repository to facilitate the deployment and management of an AWS ECS (Elastic Container Service) cluster. It streamlines the configuration of ECS tasks, services, and related components, providing a scalable and efficient solution for orchestrating containerized applications. With customizable settings for logging and load balancing the module promotes seamless deployment and management of containerized workloads on AWS.
1313

1414
The module assumes that upstream dependencies, namely networking dependencies, are created upstream and the values are passed into this module via mechanisms such as Terraform data source queries.
1515

1616
![Module Structure](./static/ecs_module_hla.png)
1717

1818
The module provisions
1919

20-
* ECS Cluster - we are focusing on the Fargate launch type, so we do not provision any underlying EC2 instances for the ECS launch type.
21-
* Application Load Balancer - default port 80 to 443 redirect.
20+
* ECS Cluster - we are focusing on the Fargate launch type, so we do not provision any underlying EC2 instances for the ECS launch type for the time being.
21+
* Application Load Balancer - default port 80.
2222
* Health Check Service - vanilla HTTP echo service that is used as the default target group for the load balancer. The purpose of the health check service is to ensure that the core infrastructure, networking, security groups, etc. are configured correctly.
2323
* Task execution IAM role - used by downstream services for task execution.
24-
* Utilizes ACM to generate a certificate specific to the ALB.
25-
* Tags/SSM params - the module tags resources and outputs SSM params that can be used in data source lookups downstream for ECS services to reference to deploy into the cluster.
24+
* Tags - the module tags resources for easy reference in the AWS console.
2625

2726

2827
![Module Structure](./static/arc_ecs_basic_components.png)
@@ -35,7 +34,6 @@ Before using this module, ensure you have the following:
3534
- AWS credentials configured.
3635
- Terraform installed.
3736
- A working knowledge of Terraform.
38-
- Route 53 hosted zone
3937
- Network
4038

4139

@@ -53,7 +51,6 @@ ecs/
5351
|-- outputs.tf
5452
```
5553

56-
5754
2. **Define Input Variables**
5855

5956
Inside the `variables.tf` or in `*.tfvars` file, you should define values for the variables that the module requires.
@@ -63,37 +60,22 @@ In your main Terraform configuration file (e.g., main.tf), you can use the modul
6360

6461

6562
```hcl
66-
module "ecs" {
67-
source = "sourcefuse/arc-ecs/aws"
68-
version = "1.5.2"
69-
70-
environment = var.environment
71-
namespace = var.namespace
72-
73-
vpc_id = data.aws_vpc.vpc.id
74-
alb_subnet_ids = data.aws_subnets.public.ids
75-
health_check_subnet_ids = data.aws_subnets.private.ids
76-
77-
// --- Devs: DO NOT override, otherwise tests will fail --- //
78-
access_logs_enabled = false
79-
alb_access_logs_s3_bucket_force_destroy = true
80-
alb_access_logs_s3_bucket_force_destroy_enabled = true
81-
// -------------------------- END ------------------------- //
82-
83-
## create acm certificate and dns record for health check
84-
route_53_zone_name = var.route_53_zone
85-
route_53_zone_id = data.aws_route53_zone.this.id
86-
acm_domain_name = "healthcheck-ecs-${var.namespace}-${var.environment}.${local.route_53_zone}"
87-
acm_subject_alternative_names = []
88-
health_check_route_53_records = [
89-
"healthcheck-ecs-${var.namespace}-${var.environment}.${local.route_53_zone}"
90-
]
91-
92-
service_discovery_private_dns_namespace = [
93-
"${var.namespace}.${var.environment}.${local.route_53_zone}"
94-
]
95-
96-
tags = module.tags.tags
63+
module "ecs_cluster" {
64+
source = "./modules/ecs_cluster"
65+
66+
ecs_cluster = {
67+
name = var.ecs_cluster.name
68+
configuration = var.ecs_cluster.configuration
69+
create_cloudwatch_log_group = var.ecs_cluster.create_cloudwatch_log_group
70+
service_connect_defaults = var.ecs_cluster.service_connect_defaults
71+
settings = var.ecs_cluster.settings
72+
}
73+
74+
capacity_provider = {
75+
autoscaling_capacity_providers = var.capacity_provider.autoscaling_capacity_providers
76+
default_capacity_provider_use_fargate = var.capacity_provider.default_capacity_provider_use_fargate
77+
fargate_capacity_providers = var.capacity_provider.fargate_capacity_providers
78+
}
9779
}
9880
```
9981

@@ -107,10 +89,6 @@ output "cluster_name" {
10789
value = module.ecs.cluster_name
10890
}
10991
110-
output "health_check_fqdn" {
111-
description = "Health check FQDN record created in Route 53."
112-
value = module.ecs.health_check_fqdn
113-
}
11492
```
11593

11694
5. **Execute Terraform Commands**
@@ -155,62 +133,30 @@ No resources.
155133

156134
| Name | Description | Type | Default | Required |
157135
|------|-------------|------|---------|:--------:|
158-
| <a name="input_alb"></a> [alb](#input\_alb) | n/a | <pre>object({<br/> name = optional(string, null)<br/> port = optional(number)<br/> protocol = optional(string, "HTTP")<br/> internal = optional(bool, false)<br/> load_balancer_type = optional(string, "application")<br/> idle_timeout = optional(number, 60)<br/> enable_deletion_protection = optional(bool, false)<br/> enable_http2 = optional(bool, true)<br/> certificate_arn = optional(string, null)<br/><br/> access_logs = optional(object({<br/> bucket = string<br/> enabled = optional(bool, false)<br/> prefix = optional(string, "")<br/> }))<br/><br/> tags = optional(map(string), {})<br/> })</pre> | n/a | yes |
136+
| <a name="input_alb"></a> [alb](#input\_alb) | Configuration settings for the Application Load Balancer (ALB). This includes attributes related to the ALB itself, such as its name, port, protocol, and other optional settings like access logs and tags. | <pre>object({<br/> name = optional(string, null)<br/> port = optional(number)<br/> protocol = optional(string, "HTTP")<br/> internal = optional(bool, false)<br/> load_balancer_type = optional(string, "application")<br/> idle_timeout = optional(number, 60)<br/> enable_deletion_protection = optional(bool, false)<br/> enable_http2 = optional(bool, true)<br/> certificate_arn = optional(string, null)<br/><br/> access_logs = optional(object({<br/> bucket = string<br/> enabled = optional(bool, false)<br/> prefix = optional(string, "")<br/> }))<br/><br/> tags = optional(map(string), {})<br/> })</pre> | n/a | yes |
159137
| <a name="input_alb_target_group"></a> [alb\_target\_group](#input\_alb\_target\_group) | List of target groups to create | <pre>list(object({<br/> name = optional(string, "target-group")<br/> port = number<br/> protocol = optional(string, null)<br/> protocol_version = optional(string, "HTTP1")<br/> vpc_id = optional(string, "")<br/> target_type = optional(string, "ip")<br/> ip_address_type = optional(string, "ipv4")<br/> load_balancing_algorithm_type = optional(string, "round_robin")<br/> load_balancing_cross_zone_enabled = optional(string, "use_load_balancer_configuration")<br/> deregistration_delay = optional(number, 300)<br/> slow_start = optional(number, 0)<br/> tags = optional(map(string), {})<br/><br/> health_check = optional(object({<br/> enabled = optional(bool, true)<br/> protocol = optional(string, "HTTP")<br/> path = optional(string, "/")<br/> port = optional(string, "traffic-port")<br/> timeout = optional(number, 6)<br/> healthy_threshold = optional(number, 3)<br/> unhealthy_threshold = optional(number, 3)<br/> interval = optional(number, 30)<br/> matcher = optional(string, "200")<br/> }))<br/><br/> stickiness = optional(object({<br/> enabled = optional(bool, true)<br/> type = string<br/> cookie_duration = optional(number, 86400)<br/> })<br/> )<br/><br/> }))</pre> | n/a | yes |
160-
| <a name="input_capacity_provider"></a> [capacity\_provider](#input\_capacity\_provider) | n/a | <pre>object({<br/> autoscaling_capacity_providers = map(object({<br/> name = optional(string)<br/> auto_scaling_group_arn = string<br/> managed_termination_protection = optional(string, "DISABLED")<br/> managed_draining = optional(string, "ENABLED")<br/> managed_scaling = optional(object({<br/> instance_warmup_period = optional(number)<br/> maximum_scaling_step_size = optional(number)<br/> minimum_scaling_step_size = optional(number)<br/> status = optional(string)<br/> target_capacity = optional(number)<br/> }))<br/> tags = optional(map(string), {})<br/> }))<br/> default_capacity_provider_use_fargate = bool<br/> fargate_capacity_providers = any<br/> })</pre> | n/a | yes |
161-
| <a name="input_create_alb"></a> [create\_alb](#input\_create\_alb) | n/a | `bool` | `false` | no |
162-
| <a name="input_create_service"></a> [create\_service](#input\_create\_service) | n/a | `bool` | `false` | no |
138+
| <a name="input_capacity_provider"></a> [capacity\_provider](#input\_capacity\_provider) | Configuration settings for the ECS capacity providers, including the capacity providers used for autoscaling and Fargate. This variable defines the properties of each capacity provider and how they are managed, such as scaling policies and termination protection. | <pre>object({<br/> autoscaling_capacity_providers = map(object({<br/> name = optional(string)<br/> auto_scaling_group_arn = string<br/> managed_termination_protection = optional(string, "DISABLED")<br/> managed_draining = optional(string, "ENABLED")<br/> managed_scaling = optional(object({<br/> instance_warmup_period = optional(number)<br/> maximum_scaling_step_size = optional(number)<br/> minimum_scaling_step_size = optional(number)<br/> status = optional(string)<br/> target_capacity = optional(number)<br/> }))<br/> tags = optional(map(string), {})<br/> }))<br/> default_capacity_provider_use_fargate = bool<br/> fargate_capacity_providers = any<br/> })</pre> | n/a | yes |
139+
| <a name="input_create_alb"></a> [create\_alb](#input\_create\_alb) | Flag to create or skip the creation of ALB | `bool` | `false` | no |
140+
| <a name="input_create_service"></a> [create\_service](#input\_create\_service) | Flag to create or skip the creation of ECS demo service | `bool` | `false` | no |
163141
| <a name="input_ecs_cluster"></a> [ecs\_cluster](#input\_ecs\_cluster) | The ECS-specific values to use such as cluster, service, and repository names.<br/><br/>Keys:<br/> - cluster\_name: The name of the ECS cluster.<br/> - cluster\_configuration: The execute command configuration for the cluster.<br/> - cluster\_settings: A list of cluster settings (e.g., container insights). Default is an empty list.<br/> - cluster\_service\_connect\_defaults: Configures a default Service Connect namespace.<br/> - create\_cloudwatch\_log\_group: Boolean flag to specify whether to create a CloudWatch log group for the ECS cluster. | <pre>object({<br/> name = string<br/> configuration = optional(object({<br/> execute_command_configuration = optional(object({<br/> kms_key_id = optional(string, "")<br/> logging = optional(string, "DEFAULT")<br/> log_configuration = optional(object({<br/> cloudwatch_encryption_enabled = optional(bool, null)<br/> log_group_name = optional(string, null)<br/> log_group_retention_in_days = optional(number, null)<br/> log_group_kms_key_id = optional(string, null)<br/> log_group_tags = optional(map(string), null)<br/> s3_bucket_name = optional(string, null)<br/> s3_bucket_encryption_enabled = optional(bool, null)<br/> s3_key_prefix = optional(string, null)<br/> }), {})<br/> }), {})<br/> }), {})<br/> create_cloudwatch_log_group = bool<br/> service_connect_defaults = optional(map(string), null)<br/> settings = optional(any, null)<br/> tags = optional(map(string), null)<br/> })</pre> | n/a | yes |
164142
| <a name="input_ecs_service"></a> [ecs\_service](#input\_ecs\_service) | The ECS-specific values to use such as cluster, service, and repository names. | <pre>object({<br/> cluster_name = string<br/> service_name = string<br/> repository_name = string<br/> enable_load_balancer = bool<br/> aws_lb_target_group_name = optional(string)<br/> })</pre> | n/a | yes |
165-
| <a name="input_environment"></a> [environment](#input\_environment) | The environment associated with the service | `string` | n/a | yes |
143+
| <a name="input_environment"></a> [environment](#input\_environment) | The environment associated with the ECS service | `string` | n/a | yes |
166144
| <a name="input_lb"></a> [lb](#input\_lb) | ALB-related information (listening port, deletion protection, security group) | <pre>object({<br/> name = string<br/> listener_port = number<br/> deregistration_delay = optional(number)<br/> security_group_id = string<br/> })</pre> | n/a | yes |
167145
| <a name="input_listener_rules"></a> [listener\_rules](#input\_listener\_rules) | List of listener rules to create | <pre>list(object({<br/> priority = number<br/><br/> conditions = list(object({<br/> field = string<br/> values = list(string)<br/> }))<br/><br/> actions = list(object({<br/> type = string<br/> target_group_arn = optional(string)<br/> order = optional(number)<br/> redirect = optional(object({<br/> protocol = string<br/> port = string<br/> host = optional(string)<br/> path = optional(string)<br/> query = optional(string)<br/> status_code = string<br/> }), null)<br/><br/> fixed_response = optional(object({<br/> content_type = string<br/> message_body = optional(string)<br/> status_code = optional(string)<br/> }), null)<br/> }))<br/> }))</pre> | n/a | yes |
168146
| <a name="input_task"></a> [task](#input\_task) | Task-related information (vCPU, memory, # of tasks, port, and health check info.) | <pre>object({<br/> tasks_desired = optional(number)<br/> container_vcpu = optional(number)<br/> container_memory = optional(number)<br/> container_port = number<br/> container_health_check_path = optional(string)<br/> container_definition = optional(string)<br/> environment_variables = optional(map(string))<br/> task_execution_role = optional(string)<br/> })</pre> | n/a | yes |
169-
| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | n/a | `string` | n/a | yes |
147+
| <a name="input_vpc_id"></a> [vpc\_id](#input\_vpc\_id) | ID of VPC in which all resources need to be created | `string` | n/a | yes |
170148

171149
## Outputs
172150

173-
No outputs.
151+
| Name | Description |
152+
|------|-------------|
153+
| <a name="output_alb_name"></a> [alb\_name](#output\_alb\_name) | The names of the ALBs. |
154+
| <a name="output_ecs_cluster_configuration"></a> [ecs\_cluster\_configuration](#output\_ecs\_cluster\_configuration) | The configuration details of the ECS cluster. |
155+
| <a name="output_ecs_cluster_name"></a> [ecs\_cluster\_name](#output\_ecs\_cluster\_name) | The name of the ECS cluster. |
156+
| <a name="output_ecs_service_name"></a> [ecs\_service\_name](#output\_ecs\_service\_name) | The service names of the ECS services. |
157+
| <a name="output_ecs_task_definition_arn"></a> [ecs\_task\_definition\_arn](#output\_ecs\_task\_definition\_arn) | The ARNs of the ECS task definitions. |
174158
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
175159

176-
## SSM Parameters
177-
There are some commonly referenced outputs generated by this module.
178-
These outputs are also published to SSM for ease of access for downstream resources.
179-
The default SSM Parameter format used by this module is the following:
180-
```
181-
[
182-
## alb
183-
{
184-
name = "/${var.namespace}/${var.environment}/alb/${module.alb.alb_name}/endpoint"
185-
value = module.alb.alb_dns_name
186-
description = "ALB DNS Endpoint"
187-
type = "String"
188-
},
189-
{
190-
name = "/${var.namespace}/${var.environment}/alb/${module.alb.alb_name}/arn"
191-
value = module.alb.alb_arn
192-
description = "ALB ARN"
193-
type = "String"
194-
},
195-
196-
## ecs
197-
{
198-
name = "/${var.namespace}/${var.environment}/ecs/${module.ecs.cluster_name}/id"
199-
value = module.ecs.cluster_id
200-
description = "ECS Cluster ID"
201-
type = "String"
202-
},
203-
{
204-
name = "/${var.namespace}/${var.environment}/ecs/${module.ecs.cluster_name}/arn"
205-
value = module.ecs.cluster_arn
206-
description = "ECS Cluster ARN"
207-
type = "String"
208-
}
209-
]
210-
```
211-
212-
You can append to this array by adding values to `var.additional_ssm_params`.
213-
214160
## Development
215161

216162
### Versioning

0 commit comments

Comments
 (0)