From 22c2ab5e91723aad1f0744c597c349c168279010 Mon Sep 17 00:00:00 2001 From: Colin Coleman Date: Sat, 8 Jul 2023 23:04:31 +0200 Subject: [PATCH 1/5] Add an optional health check to the container definition (#15) This update enables passing a health check object to the container so that ECS can evaluate the task health - very useful if you are not using an ALB / target groups --- main.tf | 1 + variables.tf | 14 ++++++++++++++ 2 files changed, 15 insertions(+) diff --git a/main.tf b/main.tf index b5ccf61..bb6967d 100644 --- a/main.tf +++ b/main.tf @@ -163,6 +163,7 @@ locals { } "privileged" : var.privileged "readonlyRootFilesystem" : var.readonlyRootFilesystem + "healthCheck" : var.container_health_check }, local.task_container_secrets, local.repository_credentials) } diff --git a/variables.tf b/variables.tf index 242c181..f8cc198 100644 --- a/variables.tf +++ b/variables.tf @@ -314,3 +314,17 @@ variable "extra_target_groups" { })) default = [] } + +variable "container_health_check" { + description = "An ECS TaskDefinition HealthCheck object to set in each container" + default = null + type = object( + { + command = list(string) + interval = number + retries = number + startPeriod = number + timeout = number + } + ) +} From 6da0b28fee5058a882bb5cdc64b65321101e2d09 Mon Sep 17 00:00:00 2001 From: Colin Coleman Date: Fri, 4 Aug 2023 08:51:07 +0100 Subject: [PATCH 2/5] Add target_group_arn_suffix to outputs for use in Cloudwatch alarms (#16) Add ability to set Ulimits --- main.tf | 1 + outputs.tf | 5 +++++ variables.tf | 10 ++++++++++ 3 files changed, 16 insertions(+) diff --git a/main.tf b/main.tf index bb6967d..01b6dd6 100644 --- a/main.tf +++ b/main.tf @@ -157,6 +157,7 @@ locals { "environment" = local.task_container_environment "environmentFiles" = var.task_container_environment_file "MountPoints" = local.task_container_mount_points + "ulimits" = var.task_container_ulimits "logConfiguration" = { "logDriver" = "awslogs" "options" = local.log_configuration_options diff --git a/outputs.tf b/outputs.tf index d446678..4d075c9 100644 --- a/outputs.tf +++ b/outputs.tf @@ -11,6 +11,11 @@ output "target_group_arn" { value = var.lb_arn == "" ? null : aws_lb_target_group.task[0].arn } +output "target_group_arn_suffix" { + description = "The ARN suffix for use with CloudWatch Metrics." + value = var.lb_arn == "" ? null : aws_lb_target_group.task[0].arn_suffix +} + output "target_group_name" { description = "The Name of the Target Group." value = var.lb_arn == "" ? null : aws_lb_target_group.task[0].name diff --git a/variables.tf b/variables.tf index f8cc198..c25f605 100644 --- a/variables.tf +++ b/variables.tf @@ -328,3 +328,13 @@ variable "container_health_check" { } ) } + +variable "task_container_ulimits" { + type = list(object({ + name = string + hardLimit = number + softLimit = number + })) + description = "(Optional) Container ulimit settings. This is a list of maps, where each map should contain \"name\", \"hardLimit\" and \"softLimit\"" + default = null +} \ No newline at end of file From 7ba9064f207629a6dcf7316066ed795776f3e926 Mon Sep 17 00:00:00 2001 From: Colin Coleman Date: Fri, 4 Aug 2023 08:55:09 +0100 Subject: [PATCH 3/5] Remove target group name (#17) The target group name was added for readability but was orignially excluded because of problems destroying a target group while a listener was attached. See comment in code. This was removed again in case this was still an issue and becuase of a length limit of 32 chars for the name parameter which was causing problems --- main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/main.tf b/main.tf index 01b6dd6..de14337 100644 --- a/main.tf +++ b/main.tf @@ -93,7 +93,6 @@ resource "aws_security_group_rule" "egress_service" { # LB Target group # ------------------------------------------------------------------------------ resource "aws_lb_target_group" "task" { - name = "${var.name_prefix}-${var.task_container_port}" count = var.lb_arn == "" ? 0 : 1 vpc_id = var.vpc_id protocol = var.task_container_protocol From bc88da4d5a0b1cab844b95030d554ae516b7ffee Mon Sep 17 00:00:00 2001 From: Colin Coleman Date: Wed, 8 May 2024 15:57:41 +0200 Subject: [PATCH 4/5] Pull upsteam changes (#19) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Bump gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.0 (#88) Bumps gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.0. --- updated-dependencies: - dependency-name: gopkg.in/yaml.v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Add optional capacity provider strategy (#85) * Add option to set a healthCheck property on the task container definition (#91) * Allow higher versions of null provider (#92) * Allow higher versions of null provider * Bump Taskfile schema version * Use Cantara version of container health check --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Feraudet Cyril Co-authored-by: Fredrik Oterholt Co-authored-by: Pål Sollie --- Taskfile.yml | 6 +++--- examples/basic/main.tf | 8 ++++++++ go.mod | 2 +- go.sum | 4 ++-- main.tf | 10 +++++++++- variables.tf | 6 ++++++ versions.tf | 2 +- 7 files changed, 30 insertions(+), 8 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index d19a6ca..e1e1440 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -1,4 +1,4 @@ -version: '2' +version: '3' env: TERM: screen-256color @@ -36,7 +36,7 @@ tasks: CWD=$PWD - for d in $DIRECTORIES; do + for d in $DIRECTORIES; do cd $d echo "${BOLD}$PWD:${NORM}" @@ -66,4 +66,4 @@ tasks: silent: true cmds: - go test -v ./... -timeout=1h - \ No newline at end of file + diff --git a/examples/basic/main.tf b/examples/basic/main.tf index 16cb92d..0b3e953 100644 --- a/examples/basic/main.tf +++ b/examples/basic/main.tf @@ -112,6 +112,14 @@ module "fargate" { TEST_VARIABLE = "TEST_VALUE" } + container_health_check = { + retries = 3, + command = ["CMD-SHELL", "curl -f http://localhost:9000/ || exit 1"], + timeout = 5, + interval = 30, + startPeriod = 15 + } + health_check = { port = "traffic-port" path = "/" diff --git a/go.mod b/go.mod index 5ec6f46..6f82068 100644 --- a/go.mod +++ b/go.mod @@ -7,5 +7,5 @@ require ( github.com/gruntwork-io/terratest v0.36.0 github.com/stretchr/testify v1.7.0 gopkg.in/yaml.v2 v2.4.0 // indirect - gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect + gopkg.in/yaml.v3 v3.0.0 // indirect ) diff --git a/go.sum b/go.sum index 5cc31cd..cb4f243 100644 --- a/go.sum +++ b/go.sum @@ -591,8 +591,8 @@ gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0 h1:hjy8E9ON/egN1tAYqKb61G10WtihqetD4sz2H+8nIeA= +gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/main.tf b/main.tf index de14337..f687fe1 100644 --- a/main.tf +++ b/main.tf @@ -215,7 +215,7 @@ resource "aws_ecs_service" "service" { cluster = var.cluster_id task_definition = var.task_definition != "" ? var.task_definition : aws_ecs_task_definition.task.arn desired_count = var.desired_count - launch_type = "FARGATE" + launch_type = length(var.capacity_provider_strategy) == 0 ? "FARGATE" : null deployment_minimum_healthy_percent = var.deployment_minimum_healthy_percent deployment_maximum_percent = var.deployment_maximum_percent health_check_grace_period_seconds = var.lb_arn == "" ? null : var.health_check_grace_period_seconds @@ -263,6 +263,14 @@ resource "aws_ecs_service" "service" { container_name = var.container_name != "" ? var.container_name : var.name_prefix } } + dynamic "capacity_provider_strategy" { + for_each = var.capacity_provider_strategy + content { + base = lookup(capacity_provider_strategy.value, "base", null) + capacity_provider = lookup(capacity_provider_strategy.value, "capacity_provider", null) + weight = lookup(capacity_provider_strategy.value, "weight", null) + } + } } # HACK: The workaround used in ecs/service does not work for some reason in this module, this fixes the following error: diff --git a/variables.tf b/variables.tf index c25f605..705c701 100644 --- a/variables.tf +++ b/variables.tf @@ -306,6 +306,12 @@ variable "volumes" { default = [] } +variable "capacity_provider_strategy" { + description = "List capacity provider strategy" + type = list(any) + default = [] +} + variable "extra_target_groups" { description = "List of extra target group configurations used to register a service to multiple target groups" type = list(object({ diff --git a/versions.tf b/versions.tf index 04100e5..da4b81f 100644 --- a/versions.tf +++ b/versions.tf @@ -7,7 +7,7 @@ terraform { } null = { source = "hashicorp/null" - version = "~> 3.1.0" + version = ">= 3.1.0" } } } From 347d978dd83e27ff9ea6683b05572d8a147757da Mon Sep 17 00:00:00 2001 From: Colin Coleman Date: Wed, 15 May 2024 13:54:40 +0200 Subject: [PATCH 5/5] Add tags to ECS task definition (#18) * Add tags to ECS task definition This was missing (maybe it wasn't available when this was first written?) * Add missing tags to ECS Service --- main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/main.tf b/main.tf index f687fe1..650a37d 100644 --- a/main.tf +++ b/main.tf @@ -201,6 +201,7 @@ resource "aws_ecs_task_definition" "task" { operating_system_family = var.task_definition_os_family cpu_architecture = var.task_definition_cpu_arch } + tags = var.tags } resource "aws_ecs_service" "service" { @@ -263,6 +264,7 @@ resource "aws_ecs_service" "service" { container_name = var.container_name != "" ? var.container_name : var.name_prefix } } + tags = var.tags dynamic "capacity_provider_strategy" { for_each = var.capacity_provider_strategy content {