init commit for v0.12 with containername support

lean-delivery · Feb 19, 2021 · a501645 · a501645
1 parent b4d6c9c
commit a501645
Show file tree

Hide file tree

Showing 9 changed files with 189 additions and 138 deletions.
diff --git a/autoscaling.tf b/autoscaling.tf
@@ -7,14 +7,14 @@ resource "aws_cloudwatch_metric_alarm" "cpu-high" {
   evaluation_periods  = "1"
   namespace           = "AWS/ECS"
   period              = "60"
-  threshold           = "${var.autoscaling_cpu_high_threshold}"
+  threshold           = var.autoscaling_cpu_high_threshold
 
-  dimensions {
-    ClusterName = "${local.ecs_cluster_name}"
+  dimensions = {
+    ClusterName = local.ecs_cluster_name
     ServiceName = "${var.service}-${var.environment}"
   }
 
-  alarm_actions = ["${aws_appautoscaling_policy.scale_policy_high.arn}"]
+  alarm_actions = [aws_appautoscaling_policy.scale_policy_high.arn]
 }
 
 resource "aws_cloudwatch_metric_alarm" "cpu-low" {
@@ -26,14 +26,14 @@ resource "aws_cloudwatch_metric_alarm" "cpu-low" {
   evaluation_periods  = "2"
   namespace           = "AWS/ECS"
   period              = "60"
-  threshold           = "${var.autoscaling_cpu_low_threshold}"
+  threshold           = var.autoscaling_cpu_low_threshold
 
-  dimensions {
-    ClusterName = "${local.ecs_cluster_name}"
+  dimensions = {
+    ClusterName = local.ecs_cluster_name
     ServiceName = "${var.service}-${var.environment}"
   }
 
-  alarm_actions = ["${aws_appautoscaling_policy.scale_policy_low.arn}"]
+  alarm_actions = [aws_appautoscaling_policy.scale_policy_low.arn]
 }
 
 resource "aws_cloudwatch_metric_alarm" "cpu-high_ec2" {
@@ -45,14 +45,14 @@ resource "aws_cloudwatch_metric_alarm" "cpu-high_ec2" {
   evaluation_periods  = "1"
   namespace           = "AWS/EC2"
   period              = "60"
-  threshold           = "${var.autoscaling_cpu_high_threshold}"
+  threshold           = var.autoscaling_cpu_high_threshold
 
-  dimensions {
-    AutoScalingGroupName = "${aws_autoscaling_group.autoscaling-group.name}"
+  dimensions = {
+    AutoScalingGroupName = aws_autoscaling_group.autoscaling-group[0].name
   }
 
-  count         = "${var.launch_type == "FARGATE" ? 0 : 1}"
-  alarm_actions = ["${aws_autoscaling_policy.scale_policy_high_ec2.arn}"]
+  count         = var.launch_type == "FARGATE" ? 0 : 1
+  alarm_actions = [aws_autoscaling_policy.scale_policy_high_ec2[0].arn]
 }
 
 resource "aws_cloudwatch_metric_alarm" "cpu-low_ec2" {
@@ -64,14 +64,14 @@ resource "aws_cloudwatch_metric_alarm" "cpu-low_ec2" {
   evaluation_periods  = "2"
   namespace           = "AWS/EC2"
   period              = "60"
-  threshold           = "${var.autoscaling_cpu_low_threshold}"
+  threshold           = var.autoscaling_cpu_low_threshold
 
-  dimensions {
-    AutoScalingGroupName = "${aws_autoscaling_group.autoscaling-group.name}"
+  dimensions = {
+    AutoScalingGroupName = aws_autoscaling_group.autoscaling-group[0].name
   }
 
-  count         = "${var.launch_type == "FARGATE" ? 0 : 1}"
-  alarm_actions = ["${aws_autoscaling_policy.scale_policy_low_ec2.arn}"]
+  count         = var.launch_type == "FARGATE" ? 0 : 1
+  alarm_actions = [aws_autoscaling_policy.scale_policy_low_ec2[0].arn]
 }
 
 resource "aws_appautoscaling_policy" "scale_policy_high" {
@@ -92,7 +92,7 @@ resource "aws_appautoscaling_policy" "scale_policy_high" {
     }
   }
 
-  depends_on = ["aws_appautoscaling_target.ecs_target"]
+  depends_on = [aws_appautoscaling_target.ecs_target]
 }
 
 resource "aws_appautoscaling_policy" "scale_policy_low" {
@@ -113,12 +113,12 @@ resource "aws_appautoscaling_policy" "scale_policy_low" {
     }
   }
 
-  depends_on = ["aws_appautoscaling_target.ecs_target"]
+  depends_on = [aws_appautoscaling_target.ecs_target]
 }
 
 resource "aws_appautoscaling_target" "ecs_target" {
-  max_capacity = "${var.autoscaling_max_capacity}"
-  min_capacity = "${var.autoscaling_min_capacity}"
+  max_capacity = var.autoscaling_max_capacity
+  min_capacity = var.autoscaling_min_capacity
   resource_id  = "service/${local.ecs_cluster_name}/${aws_ecs_service.this.name}"
 
   ### https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-service-linked-roles.html
@@ -133,28 +133,28 @@ resource "aws_autoscaling_policy" "scale_policy_high_ec2" {
   scaling_adjustment     = 1
   adjustment_type        = "ChangeInCapacity"
   cooldown               = 300
-  autoscaling_group_name = "${aws_autoscaling_group.autoscaling-group.name}"
-  count                  = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  autoscaling_group_name = aws_autoscaling_group.autoscaling-group[0].name
+  count                  = var.launch_type == "FARGATE" ? 0 : 1
 }
 
 resource "aws_autoscaling_policy" "scale_policy_low_ec2" {
   name                   = "${title(lower(var.project))}-${title(lower(var.environment))}-${title(lower(var.service))}-ScalePolicyLow_ec2"
   scaling_adjustment     = -1
   adjustment_type        = "ChangeInCapacity"
   cooldown               = 300
-  autoscaling_group_name = "${aws_autoscaling_group.autoscaling-group.name}"
-  count                  = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  autoscaling_group_name = aws_autoscaling_group.autoscaling-group[0].name
+  count                  = var.launch_type == "FARGATE" ? 0 : 1
 }
 
 resource "aws_autoscaling_group" "autoscaling-group" {
   name             = "${var.environment}-${var.service}-autoscaling-group"
-  max_size         = "${var.autoscaling_max_capacity}"
-  min_size         = "${var.autoscaling_min_capacity}"
-  desired_capacity = "${var.autoscaling_min_capacity}"
+  max_size         = var.autoscaling_max_capacity
+  min_size         = var.autoscaling_min_capacity
+  desired_capacity = var.autoscaling_min_capacity
 
-  availability_zones   = ["${var.availability_zones}"]
-  vpc_zone_identifier  = ["${var.subnets}"]
-  launch_configuration = "${aws_launch_configuration.launch-configuration_ec2.name}"
+  availability_zones   = var.availability_zones
+  vpc_zone_identifier  = var.subnets
+  launch_configuration = aws_launch_configuration.launch-configuration_ec2[0].name
   health_check_type    = "ELB"
 
   tag {
@@ -163,5 +163,6 @@ resource "aws_autoscaling_group" "autoscaling-group" {
     propagate_at_launch = true
   }
 
-  count = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  count = var.launch_type == "FARGATE" ? 0 : 1
 }
+
diff --git a/define-policies.tf b/define-policies.tf
@@ -39,13 +39,13 @@ data "aws_iam_policy_document" "ecs-service-allow-elb" {
 resource "aws_iam_policy" "ecs-service-allow-ec2" {
   name        = "ecs-service-allow-ec2-${var.project}-${var.service}-${var.environment}"
   description = "ECS Service policy to access EC2"
-  policy      = "${data.aws_iam_policy_document.ecs-service-allow-ec2.json}"
+  policy      = data.aws_iam_policy_document.ecs-service-allow-ec2.json
 }
 
 resource "aws_iam_policy" "ecs-service-allow-elb" {
   name        = "ecs-service-allow-elb-${var.project}-${var.service}-${var.environment}"
   description = "ECS Service policy to access ELB"
-  policy      = "${data.aws_iam_policy_document.ecs-service-allow-elb.json}"
+  policy      = data.aws_iam_policy_document.ecs-service-allow-elb.json
 }
 
 resource "aws_iam_role" "ecs-service" {
@@ -67,8 +67,9 @@ resource "aws_iam_role" "ecs-service" {
 }
 EOF
 
-  count = "${var.launch_type == "FARGATE" ? 1 : 0}"
-  tags  = "${merge(local.default_tags, var.tags)}"
+
+  count = var.launch_type == "FARGATE" ? 1 : 0
+  tags  = merge(local.default_tags, var.tags)
 }
 
 resource "aws_iam_role" "ecs-service-ec2" {
@@ -81,7 +82,7 @@ resource "aws_iam_role" "ecs-service-ec2" {
     {
       "Action": "sts:AssumeRole",
       "Principal": {
-        "Service": "ec2.amazonaws.com${data.aws_partition.current.partition == "aws-cn" ? ".cn" : "" }"
+        "Service": "ec2.amazonaws.com${data.aws_partition.current.partition == "aws-cn" ? ".cn" : ""}"
       },
       "Effect": "Allow",
       "Sid": ""
@@ -90,44 +91,45 @@ resource "aws_iam_role" "ecs-service-ec2" {
 }
 EOF
 
-  count = "${var.launch_type == "FARGATE" ? 0 : 1}"
-  tags  = "${merge(local.default_tags, var.tags)}"
+
+  count = var.launch_type == "FARGATE" ? 0 : 1
+  tags  = merge(local.default_tags, var.tags)
 }
 
 resource "aws_iam_role_policy_attachment" "this_ec2" {
   policy_arn = "arn:${data.aws_partition.current.partition}:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
-  role       = "${aws_iam_role.ecs-service-ec2.name}"
-  count      = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  role       = aws_iam_role.ecs-service-ec2[0].name
+  count      = var.launch_type == "FARGATE" ? 0 : 1
 }
 
 resource "aws_iam_role_policy_attachment" "this_default_ecs_ec2" {
   policy_arn = "arn:${data.aws_partition.current.partition}:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole"
-  role       = "${aws_iam_role.ecs-service-ec2.name}"
-  count      = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  role       = aws_iam_role.ecs-service-ec2[0].name
+  count      = var.launch_type == "FARGATE" ? 0 : 1
 }
 
 resource "aws_iam_role_policy_attachment" "attach-allow-ec2_ec2" {
-  role       = "${aws_iam_role.ecs-service-ec2.name}"
-  policy_arn = "${aws_iam_policy.ecs-service-allow-ec2.arn}"
-  count      = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  role       = aws_iam_role.ecs-service-ec2[0].name
+  policy_arn = aws_iam_policy.ecs-service-allow-ec2.arn
+  count      = var.launch_type == "FARGATE" ? 0 : 1
 }
 
 resource "aws_iam_role_policy_attachment" "attach-allow-elb_ec2" {
-  role       = "${aws_iam_role.ecs-service-ec2.name}"
-  policy_arn = "${aws_iam_policy.ecs-service-allow-elb.arn}"
-  count      = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  role       = aws_iam_role.ecs-service-ec2[0].name
+  policy_arn = aws_iam_policy.ecs-service-allow-elb.arn
+  count      = var.launch_type == "FARGATE" ? 0 : 1
 }
 
 resource "aws_iam_role_policy_attachment" "attach-allow-ec2" {
-  role       = "${aws_iam_role.ecs-service.name}"
-  policy_arn = "${aws_iam_policy.ecs-service-allow-ec2.arn}"
-  count      = "${var.launch_type == "FARGATE" ? 1 : 0}"
+  role       = aws_iam_role.ecs-service[0].name
+  policy_arn = aws_iam_policy.ecs-service-allow-ec2.arn
+  count      = var.launch_type == "FARGATE" ? 1 : 0
 }
 
 resource "aws_iam_role_policy_attachment" "attach-allow-elb" {
-  role       = "${aws_iam_role.ecs-service.name}"
-  policy_arn = "${aws_iam_policy.ecs-service-allow-elb.arn}"
-  count      = "${var.launch_type == "FARGATE" ? 1 : 0}"
+  role       = aws_iam_role.ecs-service[0].name
+  policy_arn = aws_iam_policy.ecs-service-allow-elb.arn
+  count      = var.launch_type == "FARGATE" ? 1 : 0
 }
 
 # data "aws_iam_role" "ecs-task-execution" {
@@ -169,13 +171,13 @@ data "aws_iam_policy_document" "ecs-task-access-cloudwatch" {
 resource "aws_iam_policy" "ecs-task-access-ecr" {
   name        = "ecs-task-allow-ec2-${var.project}-${var.service}-${var.environment}"
   description = "ECS task policy to access ECR"
-  policy      = "${data.aws_iam_policy_document.ecs-task-access-ecr.json}"
+  policy      = data.aws_iam_policy_document.ecs-task-access-ecr.json
 }
 
 resource "aws_iam_policy" "ecs-task-access-cloudwatch" {
   name        = "ecs-task-allow-elb-${var.project}-${var.service}-${var.environment}"
   description = "ECS task policy to access CloudWatch"
-  policy      = "${data.aws_iam_policy_document.ecs-task-access-cloudwatch.json}"
+  policy      = data.aws_iam_policy_document.ecs-task-access-cloudwatch.json
 }
 
 resource "aws_iam_role" "ecs-task-execution" {
@@ -197,15 +199,17 @@ resource "aws_iam_role" "ecs-task-execution" {
 }
 EOF
 
-  tags = "${merge(local.default_tags, var.tags)}"
+
+  tags = merge(local.default_tags, var.tags)
 }
 
 resource "aws_iam_role_policy_attachment" "attach-allow-ecr" {
-  role       = "${aws_iam_role.ecs-task-execution.name}"
-  policy_arn = "${aws_iam_policy.ecs-task-access-ecr.arn}"
+  role       = aws_iam_role.ecs-task-execution.name
+  policy_arn = aws_iam_policy.ecs-task-access-ecr.arn
 }
 
 resource "aws_iam_role_policy_attachment" "attach-allow-cw" {
-  role       = "${aws_iam_role.ecs-task-execution.name}"
-  policy_arn = "${aws_iam_policy.ecs-task-access-cloudwatch.arn}"
+  role       = aws_iam_role.ecs-task-execution.name
+  policy_arn = aws_iam_policy.ecs-task-access-cloudwatch.arn
 }
+
diff --git a/ecs-cluster-ec2.tf b/ecs-cluster-ec2.tf
@@ -1,45 +1,45 @@
 data "aws_ami" "ecs_optimized_ami" {
-  most_recent      = true
-  owners           = ["amazon"]
+  most_recent = true
+  owners      = ["amazon"]
 
   filter {
-    name = "name"
+    name   = "name"
     values = ["amzn2-ami-ecs-*"]
   }
 
   filter {
-    name = "root-device-type"
+    name   = "root-device-type"
     values = ["ebs"]
   }
 
   filter {
-    name = "virtualization-type"
+    name   = "virtualization-type"
     values = ["hvm"]
   }
 }
 
 resource "aws_iam_instance_profile" "ecs-instance-profile_ec2" {
   name = "${var.environment}-${var.service}-instance-profile"
   path = "/"
-  role = "${aws_iam_role.ecs-service-ec2.id}"
+  role = aws_iam_role.ecs-service-ec2[0].id
 
   provisioner "local-exec" {
     command = "sleep 60"
   }
 
-  count = "${var.launch_type == "FARGATE" ? 0 : 1}"
+  count = var.launch_type == "FARGATE" ? 0 : 1
 }
 
 resource "aws_launch_configuration" "launch-configuration_ec2" {
   name_prefix          = "${var.environment}-${var.service}-launch-configuration-"
-  image_id             = "${data.aws_ami.ecs_optimized_ami.id}"
-  instance_type        = "${var.instance_type}"
-  iam_instance_profile = "${aws_iam_instance_profile.ecs-instance-profile_ec2.id}"
-  key_name             = "${var.key-pair-name}"
+  image_id             = data.aws_ami.ecs_optimized_ami.id
+  instance_type        = var.instance_type
+  iam_instance_profile = aws_iam_instance_profile.ecs-instance-profile_ec2[0].id
+  key_name             = var.key-pair-name
 
   root_block_device {
-    volume_type           = "${var.volume_type}"
-    volume_size           = "${var.volume_size}"
+    volume_type           = var.volume_type
+    volume_size           = var.volume_size
     delete_on_termination = true
   }
 
@@ -53,7 +53,10 @@ resource "aws_launch_configuration" "launch-configuration_ec2" {
                                   #!/bin/bash -xe
       echo "ECS_CLUSTER=${local.ecs_cluster_name}" >> /etc/ecs/ecs.config
       start ecs
-      EOF
+      
+EOF
 
-  count = "${var.launch_type == "FARGATE" ? 0 : 1}"
+
+  count = var.launch_type == "FARGATE" ? 0 : 1
 }
+