From 38c05fd0c7363d60f033692202d7ffc6a49162e6 Mon Sep 17 00:00:00 2001 From: Edward Viaene Date: Wed, 26 Oct 2016 10:56:37 +0000 Subject: [PATCH] docker-demo-2 --- docker-demo-2/ecr.tf | 3 ++ docker-demo-2/ecs.tf | 15 ++++--- docker-demo-2/myapp.tf | 61 ++++++++++++++++++++++++++++ docker-demo-2/output.tf | 3 ++ docker-demo-2/securitygroup.tf | 29 ++++++++++++- docker-demo-2/templates/app.json.tpl | 18 ++++++++ 6 files changed, 123 insertions(+), 6 deletions(-) create mode 100644 docker-demo-2/ecr.tf create mode 100644 docker-demo-2/myapp.tf create mode 100644 docker-demo-2/output.tf create mode 100644 docker-demo-2/templates/app.json.tpl diff --git a/docker-demo-2/ecr.tf b/docker-demo-2/ecr.tf new file mode 100644 index 0000000..c136228 --- /dev/null +++ b/docker-demo-2/ecr.tf @@ -0,0 +1,3 @@ +resource "aws_ecr_repository" "myapp" { + name = "myapp" +} diff --git a/docker-demo-2/ecs.tf b/docker-demo-2/ecs.tf index 651cf63..4dc7f7e 100644 --- a/docker-demo-2/ecs.tf +++ b/docker-demo-2/ecs.tf @@ -1,3 +1,7 @@ +# cluster +resource "aws_ecs_cluster" "example-cluster" { + name = "example-cluster" +} resource "aws_launch_configuration" "ecs-example-launchconfig" { name_prefix = "ecs-launchconfig" image_id = "${lookup(var.ECS_AMIS, var.AWS_REGION)}" @@ -5,19 +9,20 @@ resource "aws_launch_configuration" "ecs-example-launchconfig" { key_name = "${aws_key_pair.mykeypair.key_name}" iam_instance_profile = "${aws_iam_instance_profile.ecs-ec2-role.id}" security_groups = ["${aws_security_group.ecs-securitygroup.id}"] - user_data = "#!/bin/bash\necho 'ECS_CLUSTER=example' > /etc/ecs/ecs.config\nstart ecs" + user_data = "#!/bin/bash\necho 'ECS_CLUSTER=example-cluster' > /etc/ecs/ecs.config\nstart ecs" lifecycle { create_before_destroy = true } } resource "aws_autoscaling_group" "ecs-example-autoscaling" { name = "ecs-example-autoscaling" - vpc_zone_identifier = ["${aws_subnet.main-private-1.id}", "${aws_subnet.main-private-2.id}"] + vpc_zone_identifier = ["${aws_subnet.main-public-1.id}", "${aws_subnet.main-public-2.id}"] launch_configuration = "${aws_launch_configuration.ecs-example-launchconfig.name}" - min_size = 3 - max_size = 5 - desired_capacity = 3 + min_size = 1 + max_size = 1 tag { key = "Name" value = "ecs-ec2-container" propagate_at_launch = true } } + + diff --git a/docker-demo-2/myapp.tf b/docker-demo-2/myapp.tf new file mode 100644 index 0000000..e994559 --- /dev/null +++ b/docker-demo-2/myapp.tf @@ -0,0 +1,61 @@ +# app + +data "template_file" "myapp-task-definition-template" { + template = "${file("templates/app.json.tpl")}" + vars { + REPOSITORY_URL = "${replace("${aws_ecr_repository.myapp.repository_url}", "https://", "")}" + } +} + +resource "aws_ecs_task_definition" "myapp-task-definition" { + family = "myapp" + container_definitions = "${data.template_file.myapp-task-definition-template.rendered}" +} + +resource "aws_elb" "myapp-elb" { + name = "myapp-elb" + + listener { + instance_port = 3000 + instance_protocol = "http" + lb_port = 80 + lb_protocol = "http" + } + + health_check { + healthy_threshold = 3 + unhealthy_threshold = 3 + timeout = 30 + target = "HTTP:3000/" + interval = 60 + } + + cross_zone_load_balancing = true + idle_timeout = 400 + connection_draining = true + connection_draining_timeout = 400 + + subnets = ["${aws_subnet.main-public-1.id}","${aws_subnet.main-public-2.id}"] + security_groups = ["${aws_security_group.myapp-elb-securitygroup.id}"] + + tags { + Name = "myapp-elb" + } +} + +resource "aws_ecs_service" "myapp-service" { + name = "myapp" + cluster = "${aws_ecs_cluster.example-cluster.id}" + task_definition = "${aws_ecs_task_definition.myapp-task-definition.arn}" + desired_count = 1 + iam_role = "${aws_iam_role.ecs-service-role.arn}" + depends_on = ["aws_iam_policy_attachment.ecs-service-attach1"] + + load_balancer { + elb_name = "${aws_elb.myapp-elb.name}" + container_name = "myapp" + container_port = 3000 + } + lifecycle { ignore_changes = ["task_definition"] } +} + diff --git a/docker-demo-2/output.tf b/docker-demo-2/output.tf new file mode 100644 index 0000000..87c3237 --- /dev/null +++ b/docker-demo-2/output.tf @@ -0,0 +1,3 @@ +output "elb" { + value = "${aws_elb.myapp-elb.dns_name}" +} diff --git a/docker-demo-2/securitygroup.tf b/docker-demo-2/securitygroup.tf index 98ab08a..51d18da 100644 --- a/docker-demo-2/securitygroup.tf +++ b/docker-demo-2/securitygroup.tf @@ -9,6 +9,33 @@ resource "aws_security_group" "ecs-securitygroup" { cidr_blocks = ["0.0.0.0/0"] } + ingress { + from_port = 3000 + to_port = 3000 + protocol = "tcp" + security_groups = ["${aws_security_group.myapp-elb-securitygroup.id}"] + } + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + tags { + Name = "ecs" + } +} +resource "aws_security_group" "myapp-elb-securitygroup" { + vpc_id = "${aws_vpc.main.id}" + name = "myapp-elb" + description = "security group for ecs" + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + ingress { from_port = 80 to_port = 80 @@ -16,6 +43,6 @@ resource "aws_security_group" "ecs-securitygroup" { cidr_blocks = ["0.0.0.0/0"] } tags { - Name = "ecs" + Name = "myapp-elb" } } diff --git a/docker-demo-2/templates/app.json.tpl b/docker-demo-2/templates/app.json.tpl new file mode 100644 index 0000000..9146116 --- /dev/null +++ b/docker-demo-2/templates/app.json.tpl @@ -0,0 +1,18 @@ +[ + { + "essential": true, + "memory": 256, + "name": "myapp", + "cpu": 256, + "image": "${REPOSITORY_URL}:1", + "workingDirectory": "/app", + "command": ["npm", "start"], + "portMappings": [ + { + "containerPort": 3000, + "hostPort": 3000 + } + ] + } +] +