diff --git a/components/testing/infrastructure/ec2.tf b/components/testing/infrastructure/ec2.tf index 2f443144c..39efd6307 100644 --- a/components/testing/infrastructure/ec2.tf +++ b/components/testing/infrastructure/ec2.tf @@ -10,7 +10,7 @@ data "archive_file" "test_files" { resource "aws_security_group" "this" { name = "somleng-switch-testing" - vpc_id = data.terraform_remote_state.core_infrastructure.outputs.vpc.vpc_id + vpc_id = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc.vpc_id } resource "aws_security_group_rule" "ingress" { @@ -21,7 +21,7 @@ resource "aws_security_group_rule" "ingress" { security_group_id = aws_security_group.this.id cidr_blocks = [ "${data.terraform_remote_state.core_infrastructure.outputs.nat_instance_ip}/32", - "${data.terraform_remote_state.core_infrastructure.outputs.vpc.nat_public_ips[0]}/32", + "${data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc.nat_public_ips[0]}/32", ] } @@ -42,7 +42,7 @@ data "aws_network_interface" "nat_instance" { } resource "aws_route" "nat_instance" { - route_table_id = data.terraform_remote_state.core_infrastructure.outputs.vpc.private_route_table_ids[0] + route_table_id = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc.private_route_table_ids[0] destination_cidr_block = "${aws_instance.this.public_ip}/32" network_interface_id = data.aws_network_interface.nat_instance.id } @@ -51,7 +51,7 @@ resource "aws_instance" "this" { ami = data.aws_ssm_parameter.arm64_ami.value instance_type = "t4g.small" vpc_security_group_ids = [aws_security_group.this.id] - subnet_id = element(data.terraform_remote_state.core_infrastructure.outputs.vpc.public_subnets, 0) + subnet_id = element(data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc.public_subnets, 0) associate_public_ip_address = true iam_instance_profile = aws_iam_instance_profile.this.id user_data_replace_on_change = true diff --git a/infrastructure/core/terraform.tf b/infrastructure/core/terraform.tf index 3242599d3..7cf9efcd0 100644 --- a/infrastructure/core/terraform.tf +++ b/infrastructure/core/terraform.tf @@ -12,6 +12,6 @@ provider "aws" { } provider "aws" { - region = "us-east-1" - alias = "us-east-1" + region = "us-east-1" + alias = "us-east-1" } diff --git a/infrastructure/modules/switch/cache.tf b/infrastructure/modules/switch/cache.tf index 6654fb12f..62244076f 100644 --- a/infrastructure/modules/switch/cache.tf +++ b/infrastructure/modules/switch/cache.tf @@ -1,6 +1,6 @@ module "cache" { source = "../efs" - vpc = var.vpc + vpc = var.region.vpc name = var.cache_name security_group_name = var.cache_security_group_name } diff --git a/infrastructure/modules/switch/container_instances.tf b/infrastructure/modules/switch/container_instances.tf index 90f06563d..8f38cbbf7 100644 --- a/infrastructure/modules/switch/container_instances.tf +++ b/infrastructure/modules/switch/container_instances.tf @@ -2,8 +2,8 @@ module "container_instances" { source = "../container_instances" app_identifier = var.identifier - vpc = var.vpc - instance_subnets = var.vpc.private_subnets + vpc = var.region.vpc + instance_subnets = var.region.vpc.private_subnets cluster_name = var.ecs_cluster.name max_capacity = var.max_tasks * 2 iam_instance_profile = var.container_instance_profile diff --git a/infrastructure/modules/switch/ecs.tf b/infrastructure/modules/switch/ecs.tf index 6b4487651..b210b64df 100644 --- a/infrastructure/modules/switch/ecs.tf +++ b/infrastructure/modules/switch/ecs.tf @@ -27,7 +27,7 @@ resource "aws_ecs_task_definition" "this" { logDriver = "awslogs", options = { awslogs-group = aws_cloudwatch_log_group.nginx.name, - awslogs-region = var.aws_region, + awslogs-region = var.region.aws_region, awslogs-stream-prefix = var.app_environment } }, @@ -52,7 +52,7 @@ resource "aws_ecs_task_definition" "this" { logDriver = "awslogs", options = { awslogs-group = aws_cloudwatch_log_group.app.name, - awslogs-region = var.aws_region, + awslogs-region = var.region.aws_region, awslogs-stream-prefix = var.app_environment } }, @@ -101,7 +101,7 @@ resource "aws_ecs_task_definition" "this" { }, { name = "AWS_DEFAULT_REGION", - value = var.aws_region + value = var.region.aws_region }, { name = "AHN_CORE_HTTP_PORT", @@ -128,7 +128,7 @@ resource "aws_ecs_task_definition" "this" { logDriver = "awslogs", options = { awslogs-group = aws_cloudwatch_log_group.freeswitch.name, - awslogs-region = var.aws_region, + awslogs-region = var.region.aws_region, awslogs-stream-prefix = var.app_environment } }, @@ -192,7 +192,7 @@ resource "aws_ecs_task_definition" "this" { environment = [ { name = "AWS_DEFAULT_REGION", - value = var.aws_region + value = var.region.aws_region }, { name = "FS_CACHE_DIRECTORY", @@ -259,7 +259,7 @@ resource "aws_ecs_task_definition" "this" { logDriver = "awslogs", options = { awslogs-group = aws_cloudwatch_log_group.redis.name, - awslogs-region = var.aws_region, + awslogs-region = var.region.aws_region, awslogs-stream-prefix = var.app_environment } }, @@ -283,7 +283,7 @@ resource "aws_ecs_task_definition" "this" { logDriver = "awslogs", options = { awslogs-group = aws_cloudwatch_log_group.freeswitch_event_logger.name, - awslogs-region = var.aws_region, + awslogs-region = var.region.aws_region, awslogs-stream-prefix = var.app_environment } }, @@ -339,7 +339,7 @@ resource "aws_ecs_service" "this" { desired_count = var.min_tasks network_configuration { - subnets = var.vpc.private_subnets + subnets = var.region.vpc.private_subnets security_groups = [ aws_security_group.this.id ] @@ -355,21 +355,11 @@ resource "aws_ecs_service" "this" { } load_balancer { - target_group_arn = aws_lb_target_group.regional.arn + target_group_arn = aws_lb_target_group.this.arn container_name = "nginx" container_port = var.webserver_port } - dynamic "load_balancer" { - for_each = aws_lb_target_group.default - - content { - target_group_arn = load_balancer.value.arn - container_name = "nginx" - container_port = var.webserver_port - } - } - lifecycle { ignore_changes = [task_definition, desired_count] } diff --git a/infrastructure/modules/switch/lb.tf b/infrastructure/modules/switch/lb.tf index e75ea66b3..be4a9ca9f 100644 --- a/infrastructure/modules/switch/lb.tf +++ b/infrastructure/modules/switch/lb.tf @@ -1,12 +1,13 @@ locals { - create_default_lb_rule = var.lb_default_rule_index != null + subdomain = "${var.identifier}-${var.region.alias}" + target_group_name = var.target_group_name == null ? local.subdomain : var.target_group_name } -resource "aws_lb_target_group" "regional" { - name = "${var.identifier}-${var.region_alias}" +resource "aws_lb_target_group" "this" { + name = local.target_group_name port = var.webserver_port protocol = "HTTP" - vpc_id = var.default_vpc.vpc_id + vpc_id = var.region.vpc.vpc_id target_type = "ip" deregistration_delay = 60 @@ -16,77 +17,24 @@ resource "aws_lb_target_group" "regional" { healthy_threshold = 3 interval = 10 } - - provider = aws.default -} - -resource "aws_lb_target_group" "default" { - count = local.create_default_lb_rule ? 1 : 0 - name = "${var.identifier}-internal" - port = var.webserver_port - protocol = "HTTP" - vpc_id = var.default_vpc.vpc_id - target_type = "ip" - deregistration_delay = 60 - - health_check { - protocol = "HTTP" - path = "/health_checks" - healthy_threshold = 3 - interval = 10 - } - - provider = aws.default -} - -resource "aws_lb_listener_rule" "regional" { - priority = var.lb_region_rule_index - listener_arn = var.internal_listener.arn - - action { - type = "forward" - target_group_arn = aws_lb_target_group.regional.id - } - - condition { - host_header { - values = [local.route53_record.fqdn] - } - } - - condition { - http_header { - http_header_name = "X-Somleng-Region-Alias" - values = [var.region_alias] - } - } - - lifecycle { - ignore_changes = [action] - } - - provider = aws.default } -resource "aws_lb_listener_rule" "default" { - count = local.create_default_lb_rule ? 1 : 0 - priority = var.lb_default_rule_index - listener_arn = var.internal_listener.arn +resource "aws_lb_listener_rule" "this" { + priority = var.lb_rule_index + listener_arn = var.region.internal_load_balancer.https_listener.arn action { type = "forward" - target_group_arn = aws_lb_target_group.default[0].id + target_group_arn = aws_lb_target_group.this.id } condition { host_header { - values = [local.route53_record.fqdn] + values = [aws_route53_record.this.fqdn] } } lifecycle { ignore_changes = [action] } - - provider = aws.default } diff --git a/infrastructure/modules/switch/outputs.tf b/infrastructure/modules/switch/outputs.tf index f30a8f5ba..7f226e7b2 100644 --- a/infrastructure/modules/switch/outputs.tf +++ b/infrastructure/modules/switch/outputs.tf @@ -38,10 +38,6 @@ output "iam_task_execution_role" { value = local.iam_task_execution_role } -output "route53_record" { - value = local.route53_record -} - output "identifier" { value = var.identifier } @@ -86,14 +82,6 @@ output "services_function" { value = var.services_function } -output "internal_load_balancer" { - value = var.internal_load_balancer -} - -output "internal_listener" { - value = var.internal_listener -} - output "app_image" { value = var.app_image } @@ -109,3 +97,11 @@ output "freeswitch_image" { output "freeswitch_event_logger_image" { value = var.freeswitch_event_logger_image } + +output "internal_route53_zone" { + value = var.internal_route53_zone +} + +output "target_group" { + value = aws_lb_target_group.this +} diff --git a/infrastructure/modules/switch/providers.tf b/infrastructure/modules/switch/providers.tf index f5d4e48a2..f2702bf6e 100644 --- a/infrastructure/modules/switch/providers.tf +++ b/infrastructure/modules/switch/providers.tf @@ -1,8 +1,7 @@ terraform { required_providers { aws = { - source = "hashicorp/aws" - configuration_aliases = [aws, aws.default] + source = "hashicorp/aws" } } } diff --git a/infrastructure/modules/switch/route53.tf b/infrastructure/modules/switch/route53.tf index 35b6a9805..c8191a2be 100644 --- a/infrastructure/modules/switch/route53.tf +++ b/infrastructure/modules/switch/route53.tf @@ -1,17 +1,11 @@ -locals { - create_route53_record = var.route53_record == null - route53_record = local.create_route53_record ? aws_route53_record.this[0] : var.route53_record -} - resource "aws_route53_record" "this" { - count = local.create_route53_record ? 1 : 0 zone_id = var.internal_route53_zone.zone_id - name = var.subdomain + name = local.subdomain type = "A" alias { - name = var.internal_load_balancer.dns_name - zone_id = var.internal_load_balancer.zone_id + name = var.region.internal_load_balancer.this.dns_name + zone_id = var.region.internal_load_balancer.this.zone_id evaluate_target_health = true } } diff --git a/infrastructure/modules/switch/sg.tf b/infrastructure/modules/switch/sg.tf index ed05ec2c6..8171a8707 100644 --- a/infrastructure/modules/switch/sg.tf +++ b/infrastructure/modules/switch/sg.tf @@ -1,6 +1,6 @@ resource "aws_security_group" "this" { name = var.identifier - vpc_id = var.vpc.vpc_id + vpc_id = var.region.vpc.vpc_id tags = { "Name" = var.identifier @@ -24,7 +24,7 @@ resource "aws_security_group_rule" "ingress_freeswitch_event_socket" { protocol = "TCP" from_port = 8021 security_group_id = aws_security_group.this.id - cidr_blocks = [var.vpc.vpc_cidr_block] + cidr_blocks = [var.region.vpc.vpc_cidr_block] } resource "aws_security_group_rule" "ingress_sip" { @@ -33,7 +33,7 @@ resource "aws_security_group_rule" "ingress_sip" { protocol = "UDP" from_port = var.sip_port security_group_id = aws_security_group.this.id - cidr_blocks = [var.vpc.vpc_cidr_block] + cidr_blocks = [var.region.vpc.vpc_cidr_block] } resource "aws_security_group_rule" "ingress_sip_alternative" { @@ -42,7 +42,7 @@ resource "aws_security_group_rule" "ingress_sip_alternative" { protocol = "UDP" from_port = var.sip_alternative_port security_group_id = aws_security_group.this.id - cidr_blocks = [var.vpc.vpc_cidr_block] + cidr_blocks = [var.region.vpc.vpc_cidr_block] } resource "aws_security_group_rule" "egress" { diff --git a/infrastructure/modules/switch/variables.tf b/infrastructure/modules/switch/variables.tf index 86e5c59b9..e55b04460 100644 --- a/infrastructure/modules/switch/variables.tf +++ b/infrastructure/modules/switch/variables.tf @@ -1,14 +1,10 @@ variable "identifier" {} -variable "aws_region" {} -variable "vpc" {} -variable "default_vpc" {} variable "ecs_cluster" {} variable "app_environment" {} +variable "lb_rule_index" {} +variable "region" {} -variable "region_alias" {} -variable "lb_region_rule_index" {} - -variable "lb_default_rule_index" { +variable "target_group_name" { default = null } @@ -80,11 +76,7 @@ variable "cache_name" { variable "cache_security_group_name" { default = null } -variable "internal_route53_zone" { - default = null -} -variable "internal_load_balancer" {} -variable "internal_listener" {} +variable "internal_route53_zone" {} variable "app_image" {} variable "nginx_image" {} variable "freeswitch_image" {} @@ -93,9 +85,6 @@ variable "external_rtp_ip" {} variable "alternative_sip_outbound_ip" {} variable "alternative_rtp_ip" {} variable "json_cdr_url" {} -variable "subdomain" { - default = null -} variable "route53_record" { default = null } diff --git a/infrastructure/production/client_gateway.tf b/infrastructure/production/client_gateway.tf index 074223caf..d8bd58623 100644 --- a/infrastructure/production/client_gateway.tf +++ b/infrastructure/production/client_gateway.tf @@ -7,7 +7,7 @@ module "client_gateway" { app_environment = var.app_environment aws_region = var.aws_default_region - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc ecs_cluster = aws_ecs_cluster.this route53_zone = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_somleng_org diff --git a/infrastructure/production/media_proxy.tf b/infrastructure/production/media_proxy.tf index 584ebc64c..1741b62de 100644 --- a/infrastructure/production/media_proxy.tf +++ b/infrastructure/production/media_proxy.tf @@ -5,7 +5,7 @@ module "media_proxy" { app_environment = var.app_environment aws_region = var.aws_default_region - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc ecs_cluster = aws_ecs_cluster.this app_image = data.terraform_remote_state.core.outputs.media_proxy_ecr_repository.repository_uri } diff --git a/infrastructure/production/public_gateway.tf b/infrastructure/production/public_gateway.tf index c730f66f9..8b5d6d6dc 100644 --- a/infrastructure/production/public_gateway.tf +++ b/infrastructure/production/public_gateway.tf @@ -5,7 +5,7 @@ module "public_gateway" { app_environment = var.app_environment aws_region = var.aws_default_region - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc ecs_cluster = aws_ecs_cluster.this app_image = data.terraform_remote_state.core.outputs.public_gateway_ecr_repository.repository_uri @@ -21,5 +21,5 @@ module "public_gateway" { db_host = data.terraform_remote_state.core_infrastructure.outputs.db_cluster.endpoint db_port = data.terraform_remote_state.core_infrastructure.outputs.db_cluster.port global_accelerator = data.terraform_remote_state.core_infrastructure.outputs.global_accelerator - logs_bucket = data.terraform_remote_state.core_infrastructure.outputs.logs_bucket + logs_bucket = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.logs_bucket } diff --git a/infrastructure/production/services.tf b/infrastructure/production/services.tf index e706e0039..7e8035c9f 100644 --- a/infrastructure/production/services.tf +++ b/infrastructure/production/services.tf @@ -9,7 +9,7 @@ module "services" { public_gateway_db_name = var.public_gateway_db_name client_gateway_db_name = var.client_gateway_db_name - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc app_image = data.terraform_remote_state.core.outputs.services_ecr_repository.repository_url db_password_parameter = data.terraform_remote_state.core_infrastructure.outputs.db_master_password_parameter diff --git a/infrastructure/production/switch.tf b/infrastructure/production/switch.tf index 3b8095fc4..30e3a1627 100644 --- a/infrastructure/production/switch.tf +++ b/infrastructure/production/switch.tf @@ -2,7 +2,7 @@ module "switch" { source = "../modules/switch" json_cdr_url = "https://api.internal.somleng.org/services/call_data_records" - subdomain = "switch" + target_group_name = "switch-internal" cache_name = "somleng-switch-cache" cache_security_group_name = "switch-efs-cache" recordings_bucket_name = "raw-recordings.somleng.org" @@ -12,10 +12,9 @@ module "switch" { recordings_bucket_access_key_id_parameter_name = "somleng-switch.${var.app_environment}.recordings_bucket_access_key_id" recordings_bucket_secret_access_key_parameter_name = "somleng-switch.${var.app_environment}.recordings_bucket_secret_access_key" max_tasks = 10 - aws_region = var.aws_default_region identifier = var.switch_identifier app_environment = var.app_environment - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + region = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region ecs_cluster = aws_ecs_cluster.this sip_port = var.sip_port sip_alternative_port = var.sip_alternative_port @@ -23,14 +22,45 @@ module "switch" { json_cdr_password_parameter = data.aws_ssm_parameter.somleng_services_password services_function = module.services.function internal_route53_zone = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_internal_somleng_org - internal_load_balancer = data.terraform_remote_state.core_infrastructure.outputs.internal_application_load_balancer - internal_listener = data.terraform_remote_state.core_infrastructure.outputs.internal_https_listener - lb_default_rule_index = 30 + lb_rule_index = 20 app_image = data.terraform_remote_state.core.outputs.switch_ecr_repository.repository_uri nginx_image = data.terraform_remote_state.core.outputs.nginx_ecr_repository.repository_uri freeswitch_image = data.terraform_remote_state.core.outputs.freeswitch_ecr_repository.repository_uri freeswitch_event_logger_image = data.terraform_remote_state.core.outputs.freeswitch_event_logger_ecr_repository.repository_uri - external_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.vpc.nat_public_ips[0] + external_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc.nat_public_ips[0] alternative_sip_outbound_ip = data.terraform_remote_state.core_infrastructure.outputs.nat_instance_ip alternative_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.nat_instance_ip } + + +resource "aws_route53_record" "switch_legacy" { + zone_id = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_internal_somleng_org_old.zone_id + name = "switch" + type = "A" + + alias { + name = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.internal_load_balancer.this.dns_name + zone_id = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.internal_load_balancer.this.zone_id + evaluate_target_health = true + } +} + +resource "aws_lb_listener_rule" "switch_legacy" { + priority = 30 + listener_arn = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.internal_load_balancer.https_listener.arn + + action { + type = "forward" + target_group_arn = module.switch.target_group.id + } + + condition { + host_header { + values = [aws_route53_record.switch_legacy.fqdn] + } + } + + lifecycle { + ignore_changes = [action] + } +} diff --git a/infrastructure/staging/client_gateway.tf b/infrastructure/staging/client_gateway.tf index 44bea95e2..9ba9e3dbd 100644 --- a/infrastructure/staging/client_gateway.tf +++ b/infrastructure/staging/client_gateway.tf @@ -7,7 +7,7 @@ module "client_gateway" { app_environment = var.app_environment aws_region = var.aws_default_region - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc ecs_cluster = aws_ecs_cluster.this route53_zone = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_somleng_org diff --git a/infrastructure/staging/media_proxy.tf b/infrastructure/staging/media_proxy.tf index e57be39d5..78aae89e6 100644 --- a/infrastructure/staging/media_proxy.tf +++ b/infrastructure/staging/media_proxy.tf @@ -5,7 +5,7 @@ module "media_proxy" { app_environment = var.app_environment aws_region = var.aws_default_region - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc ecs_cluster = aws_ecs_cluster.this app_image = data.terraform_remote_state.core.outputs.media_proxy_ecr_repository.repository_uri diff --git a/infrastructure/staging/public_gateway.tf b/infrastructure/staging/public_gateway.tf index 491dbb02b..6b304f5b3 100644 --- a/infrastructure/staging/public_gateway.tf +++ b/infrastructure/staging/public_gateway.tf @@ -5,7 +5,7 @@ module "public_gateway" { app_environment = var.app_environment aws_region = var.aws_default_region - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc ecs_cluster = aws_ecs_cluster.this @@ -24,5 +24,5 @@ module "public_gateway" { db_host = data.terraform_remote_state.core_infrastructure.outputs.db_cluster.endpoint db_port = data.terraform_remote_state.core_infrastructure.outputs.db_cluster.port global_accelerator = data.terraform_remote_state.core_infrastructure.outputs.global_accelerator - logs_bucket = data.terraform_remote_state.core_infrastructure.outputs.logs_bucket + logs_bucket = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.logs_bucket } diff --git a/infrastructure/staging/services.tf b/infrastructure/staging/services.tf index e706e0039..7e8035c9f 100644 --- a/infrastructure/staging/services.tf +++ b/infrastructure/staging/services.tf @@ -9,7 +9,7 @@ module "services" { public_gateway_db_name = var.public_gateway_db_name client_gateway_db_name = var.client_gateway_db_name - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + vpc = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc app_image = data.terraform_remote_state.core.outputs.services_ecr_repository.repository_url db_password_parameter = data.terraform_remote_state.core_infrastructure.outputs.db_master_password_parameter diff --git a/infrastructure/staging/switch.tf b/infrastructure/staging/switch.tf index 742e74464..2721b1225 100644 --- a/infrastructure/staging/switch.tf +++ b/infrastructure/staging/switch.tf @@ -2,7 +2,7 @@ module "switch" { source = "../modules/switch" json_cdr_url = "https://api-staging.internal.somleng.org/services/call_data_records" - subdomain = "switch-staging" + target_group_name = "switch-staging-internal" cache_name = "switch-staging-cache" cache_security_group_name = "switch-staging-efs-cache" recordings_bucket_name = "raw-recordings-staging.somleng.org" @@ -13,14 +13,10 @@ module "switch" { recordings_bucket_secret_access_key_parameter_name = "somleng-switch.${var.app_environment}.recordings_bucket_secret_access_key" min_tasks = 0 max_tasks = 2 - aws_region = var.aws_default_region - region_alias = "hydrogen" - lb_region_rule_index = 120 - lb_default_rule_index = 130 + lb_rule_index = 120 identifier = var.switch_identifier app_environment = var.app_environment - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc - default_vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + region = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region ecs_cluster = aws_ecs_cluster.this sip_port = var.sip_port sip_alternative_port = var.sip_alternative_port @@ -28,34 +24,24 @@ module "switch" { json_cdr_password_parameter = data.aws_ssm_parameter.somleng_services_password services_function = module.services.function internal_route53_zone = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_internal_somleng_org - internal_load_balancer = data.terraform_remote_state.core_infrastructure.outputs.internal_application_load_balancer - internal_listener = data.terraform_remote_state.core_infrastructure.outputs.internal_https_listener app_image = data.terraform_remote_state.core.outputs.switch_ecr_repository.repository_uri nginx_image = data.terraform_remote_state.core.outputs.nginx_ecr_repository.repository_uri freeswitch_image = data.terraform_remote_state.core.outputs.freeswitch_ecr_repository.repository_uri freeswitch_event_logger_image = data.terraform_remote_state.core.outputs.freeswitch_event_logger_ecr_repository.repository_uri - external_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.vpc.nat_public_ips[0] + external_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.vpc.nat_public_ips[0] alternative_sip_outbound_ip = data.terraform_remote_state.core_infrastructure.outputs.nat_instance_ip alternative_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.nat_instance_ip - - providers = { - aws = aws - aws.default = aws - } } module "switch_helium" { source = "../modules/switch" - aws_region = var.aws_helium_region - region_alias = "helium" - lb_region_rule_index = 121 - vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc_helium - default_vpc = data.terraform_remote_state.core_infrastructure.outputs.vpc + lb_rule_index = 121 + region = data.terraform_remote_state.core_infrastructure.outputs.helium_region ecs_cluster = aws_ecs_cluster.helium - external_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.vpc_helium.nat_public_ips[0] - alternative_sip_outbound_ip = data.terraform_remote_state.core_infrastructure.outputs.vpc_helium.nat_public_ips[0] - alternative_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.vpc_helium.nat_public_ips[0] + external_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.helium_region.vpc.nat_public_ips[0] + alternative_sip_outbound_ip = data.terraform_remote_state.core_infrastructure.outputs.helium_region.vpc.nat_public_ips[0] + alternative_rtp_ip = data.terraform_remote_state.core_infrastructure.outputs.helium_region.vpc.nat_public_ips[0] identifier = module.switch.identifier app_environment = module.switch.app_environment json_cdr_url = module.switch.json_cdr_url @@ -69,7 +55,6 @@ module "switch_helium" { container_instance_profile = module.switch.container_instances.iam_instance_profile iam_task_role = module.switch.iam_task_role iam_task_execution_role = module.switch.iam_task_execution_role - route53_record = module.switch.route53_record min_tasks = module.switch.min_tasks max_tasks = module.switch.max_tasks sip_port = module.switch.sip_port @@ -77,15 +62,45 @@ module "switch_helium" { freeswitch_event_socket_port = module.switch.freeswitch_event_socket_port json_cdr_password_parameter = module.switch.json_cdr_password_parameter services_function = module.switch.services_function - internal_load_balancer = module.switch.internal_load_balancer - internal_listener = module.switch.internal_listener app_image = module.switch.app_image nginx_image = module.switch.nginx_image freeswitch_image = module.switch.freeswitch_image freeswitch_event_logger_image = module.switch.freeswitch_event_logger_image + internal_route53_zone = module.switch.internal_route53_zone providers = { - aws = aws.helium - aws.default = aws + aws = aws.helium + } +} + +resource "aws_route53_record" "switch_legacy" { + zone_id = data.terraform_remote_state.core_infrastructure.outputs.route53_zone_internal_somleng_org_old.zone_id + name = "switch-staging" + type = "A" + + alias { + name = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.internal_load_balancer.this.dns_name + zone_id = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.internal_load_balancer.this.zone_id + evaluate_target_health = true + } +} + +resource "aws_lb_listener_rule" "switch_legacy" { + priority = 130 + listener_arn = data.terraform_remote_state.core_infrastructure.outputs.hydrogen_region.internal_load_balancer.https_listener.arn + + action { + type = "forward" + target_group_arn = module.switch.target_group.id + } + + condition { + host_header { + values = [aws_route53_record.switch_legacy.fqdn] + } + } + + lifecycle { + ignore_changes = [action] } }