add module for services

pubpub · Feb 1, 2024 · db06834 · db06834
1 parent bf94603
commit db06834
Show file tree

Hide file tree

Showing 4 changed files with 115 additions and 0 deletions.
diff --git a/infrastructure/terraform/aws/modules/ecs-service/README.md b/infrastructure/terraform/aws/modules/ecs-service/README.md
diff --git a/infrastructure/terraform/aws/modules/ecs-service/main.tf b/infrastructure/terraform/aws/modules/ecs-service/main.tf
@@ -0,0 +1,65 @@
+module "ecs_service" {
+  source = "terraform-aws-modules/ecs/aws//modules/service"
+  name = "${var.cluster_info.name}-${var.service_name}"
+
+  cluster_arn = var.cluster_info.cluster_arn
+  enable_execute_command = true
+
+  cpu    = var.resources.cpu
+  memory = var.resources.memory
+  desired_count = var.resources.desired_count
+  # execution_role_arn       = aws_iam_role.ecs_task_execution_role.arn
+  # task_role_arn            = aws_iam_role.ecs_task_role.arn
+
+  # Container definition(s)
+  container_definitions = {
+
+    "${var.service_name}" = {
+      essential = true
+      image     = "${var.repository_url}:latest"
+      port_mappings = [{
+        protocol      = "tcp"
+        containerPort = var.configuration.container_port
+        hostPort      = var.configuration.container_port
+      }]
+
+      environment = var.configuration.environment
+
+      readonly_root_filesystem = false
+
+      log_configuration = {
+        logDriver = "awslogs",
+        options = {
+          awslogs-group = var.cluster_info.cloudwatch_log_group_name,
+          awslogs-region = var.cluster_info.region,
+          awslogs-stream-prefix = "ecs"
+        }
+      }
+      # memory_reservation = 100
+    }
+  }
+
+
+  load_balancer = {
+    service = {
+      target_group_arn = var.cluster_info.lb_target_group_arn
+      container_name   = var.service_name
+      container_port   = var.configuration.container_port
+    }
+  }
+
+  subnet_ids = var.cluster_info.private_subnet_ids
+  security_group_ids = var.cluster_info.container_security_group_ids
+  assign_public_ip = false
+
+  tags = {
+    Environment = "${var.cluster_info.name}-${var.cluster_info.environment}"
+    Project     = "Pubpub-v7"
+  }
+
+  # this lifecycle property allows us to update the version of the container image without terraform clobbering it later
+  # changing the container image creates a "revision" of the task definition
+  # lifecycle {
+  #   ignore_changes = [services.core.container_definitions.core.image]
+  # }
+}
diff --git a/infrastructure/terraform/aws/modules/ecs-service/outputs.tf b/infrastructure/terraform/aws/modules/ecs-service/outputs.tf
diff --git a/infrastructure/terraform/aws/modules/ecs-service/variables.tf b/infrastructure/terraform/aws/modules/ecs-service/variables.tf
@@ -0,0 +1,50 @@
+variable "cluster_info" {
+  description = "infrastructure values output from v7-cluster"
+
+  type = object({
+    region = string
+    name = string
+    cluster_arn = string
+    environment = string
+    private_subnet_ids = list(string)
+    container_security_group_ids = list(string)
+    cloudwatch_log_group_name = string
+    lb_target_group_arn = string
+  })
+}
+
+variable "service_name" {
+  description = "name for this service"
+}
+
+variable "repository_url" {
+  description = "url to the image repository (excluding tag)"
+}
+
+variable "resources" {
+  description = "resources available to this container service"
+  type = object({
+    cpu = number
+    memory = number
+    desired_count = number
+  })
+
+  default = {
+    cpu = 512
+    memory = 1024
+    desired_count = 1
+  }
+}
+
+variable "configuration" {
+  description = "Container configuration options"
+
+  type = object({
+    container_port = number
+
+    environment = list(object({
+      name = string
+      value = string
+    }))
+  })
+}