forked from cloudposse/terraform-aws-ecs-alb-service-task
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME.yaml
199 lines (181 loc) · 9.44 KB
/
README.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
name: terraform-aws-ecs-alb-service-task
license: APACHE2
github_repo: cloudposse/terraform-aws-ecs-alb-service-task
badges:
- name: Latest Release
image: https://img.shields.io/github/release/cloudposse/terraform-aws-ecs-alb-service-task.svg
url: https://github.com/cloudposse/terraform-aws-ecs-alb-service-task/releases/latest
- name: Slack Community
image: https://slack.cloudposse.com/badge.svg
url: https://slack.cloudposse.com
related:
- name: terraform-aws-alb
description: Terraform module to provision a standard ALB for HTTP/HTTP traffic
url: https://github.com/cloudposse/terraform-aws-alb
- name: terraform-aws-alb-ingress
description: Terraform module to provision an HTTP style ingress rule based on hostname
and path for an ALB
url: https://github.com/cloudposse/terraform-aws-alb-ingress
- name: terraform-aws-codebuild
description: Terraform Module to easily leverage AWS CodeBuild for Continuous Integration
url: https://github.com/cloudposse/terraform-aws-codebuild
- name: terraform-aws-ecr
description: Terraform Module to manage Docker Container Registries on AWS ECR
url: https://github.com/cloudposse/terraform-aws-ecr
- name: terraform-aws-ecs-web-app
description: Terraform module that implements a web app on ECS and supporting AWS
resources
url: https://github.com/cloudposse/terraform-aws-ecs-web-app
- name: terraform-aws-ecs-codepipeline
description: Terraform Module for CI/CD with AWS Code Pipeline and Code Build for
ECS
url: https://github.com/cloudposse/terraform-aws-ecs-codepipeline
- name: terraform-aws-ecs-cloudwatch-sns-alarms
description: Terraform module to create CloudWatch Alarms on ECS Service level metrics
url: https://github.com/cloudposse/terraform-aws-ecs-cloudwatch-sns-alarms
- name: terraform-aws-ecs-container-definition
description: Terraform module to generate well-formed JSON documents that are passed
to the aws_ecs_task_definition Terraform resource
url: https://github.com/cloudposse/terraform-aws-ecs-container-definition
- name: terraform-aws-lb-s3-bucket
description: Terraform module to provision an S3 bucket with built in IAM policy
to allow AWS Load Balancers to ship access logs.
url: https://github.com/cloudposse/terraform-aws-lb-s3-bucket
description: Terraform module to create an ECS Service for a web app (task), and an
ALB target group to route requests.
usage: |2-
For a complete example, see [examples/complete](examples/complete).
For automated test of the complete example using `bats` and `Terratest`, see [test](test).
```hcl
provider "aws" {
region = var.region
}
module "label" {
source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.15.0"
namespace = var.namespace
name = var.name
stage = var.stage
delimiter = var.delimiter
attributes = var.attributes
tags = var.tags
}
module "vpc" {
source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.8.1"
namespace = var.namespace
stage = var.stage
name = var.name
delimiter = var.delimiter
attributes = var.attributes
cidr_block = var.vpc_cidr_block
tags = var.tags
}
module "subnets" {
source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.16.1"
availability_zones = var.availability_zones
namespace = var.namespace
stage = var.stage
name = var.name
attributes = var.attributes
delimiter = var.delimiter
vpc_id = module.vpc.vpc_id
igw_id = module.vpc.igw_id
cidr_block = module.vpc.vpc_cidr_block
nat_gateway_enabled = true
nat_instance_enabled = false
tags = var.tags
}
resource "aws_ecs_cluster" "default" {
name = module.label.id
tags = module.label.tags
}
module "container_definition" {
source = "git::https://github.com/cloudposse/terraform-aws-ecs-container-definition.git?ref=tags/0.21.0"
container_name = var.container_name
container_image = var.container_image
container_memory = var.container_memory
container_memory_reservation = var.container_memory_reservation
container_cpu = var.container_cpu
essential = var.container_essential
readonly_root_filesystem = var.container_readonly_root_filesystem
environment = var.container_environment
port_mappings = var.container_port_mappings
log_configuration = var.container_log_configuration
}
module "ecs_alb_service_task" {
source = "cloudposse/ecs-alb-service-task/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = var.namespace
stage = var.stage
name = var.name
attributes = var.attributes
delimiter = var.delimiter
alb_security_group = module.vpc.vpc_default_security_group_id
container_definition_json = module.container_definition.json
ecs_cluster_arn = aws_ecs_cluster.default.arn
launch_type = var.ecs_launch_type
vpc_id = module.vpc.vpc_id
security_group_ids = [module.vpc.vpc_default_security_group_id]
subnet_ids = module.subnets.public_subnet_ids
tags = var.tags
ignore_changes_task_definition = var.ignore_changes_task_definition
network_mode = var.network_mode
assign_public_ip = var.assign_public_ip
propagate_tags = var.propagate_tags
health_check_grace_period_seconds = var.health_check_grace_period_seconds
deployment_minimum_healthy_percent = var.deployment_minimum_healthy_percent
deployment_maximum_percent = var.deployment_maximum_percent
deployment_controller_type = var.deployment_controller_type
desired_count = var.desired_count
task_memory = var.task_memory
task_cpu = var.task_cpu
}
```
The `container_image` in the `container_definition` module is the Docker image used to start a container.
The `container_definition` is a string of JSON-encoded container definitions. Normally, you would place only one container definition here as the example
above demonstrates. However, there might be situations where more than one container per task is more appropriate such as optionally in
[Fargate](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html#application_architecture_fargate) or in other cases
where sidecars may be required. With [cloudposse/terraform-aws-ecs-container-definition](https://github.com/cloudposse/terraform-aws-ecs-container-definition)
multi-container task definitions can be created using:
```hcl
module "ecs_alb_service_task" {
...
container_definition_json = jsonencode([
module.first_container.json_map_object,
module.second_container.json_map_object,
])
...
}
```
Refer to the [multiple definitions](https://github.com/cloudposse/terraform-aws-ecs-container-definition/blob/master/examples/multiple_definitions/main.tf) example
in cloudposse/terraform-aws-ecs-container-definition for details on defining multiple definitions.
This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default.
Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest`.
Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed.
This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of `docker run`.
When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use.
However, subsequent updates to a repository image are not propagated to already running tasks.
Images in Amazon ECR repositories can be specified by either using the full `registry/repository:tag` or `registry/repository@digest`.
For example, `012345678910.dkr.ecr.<region-name>.amazonaws.com/<repository-name>:latest` or `012345678910.dkr.ecr.<region-name>.amazonaws.com/<repository-name>@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE`.
Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo`).
Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent`).
Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu`).
For more info, see [Container Definition](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html).
include:
- docs/targets.md
- docs/terraform.md
contributors:
- name: Erik Osterman
github: osterman
- name: Igor Rodionov
github: goruha
- name: Andriy Knysh
github: aknysh
- name: Sarkis Varozian
github: sarkis
- name: Chris Weyl
github: rsrchboy
- name: RB
github: nitrocode
- name: Maxim Mironenko
github: maximmi