From 62e339423a26327d2c1c55663b244bff059c4263 Mon Sep 17 00:00:00 2001 From: Kristian Garza Date: Fri, 15 Mar 2019 11:50:36 +0100 Subject: [PATCH] Metrics API to FARGATE PROD --- prod-eu-west/services/metrics-api/input.tf | 13 +++ prod-eu-west/services/metrics-api/main.tf | 80 +++++++++++++------ .../services/metrics-api/metrics-api.json | 14 +++- prod-eu-west/services/metrics-api/var.tf | 6 ++ 4 files changed, 86 insertions(+), 27 deletions(-) diff --git a/prod-eu-west/services/metrics-api/input.tf b/prod-eu-west/services/metrics-api/input.tf index a0b55333d..ea99c1ac9 100644 --- a/prod-eu-west/services/metrics-api/input.tf +++ b/prod-eu-west/services/metrics-api/input.tf @@ -13,6 +13,18 @@ data "aws_route53_zone" "internal" { private_zone = true } +data "aws_security_group" "datacite-private" { + id = "${var.security_group_id}" +} + + data "aws_subnet" "datacite-private" { + id = "${var.subnet_datacite-private_id}" +} + + data "aws_subnet" "datacite-alt" { + id = "${var.subnet_datacite-alt_id}" +} + data "aws_ecs_cluster" "default" { cluster_name = "default" } @@ -38,6 +50,7 @@ data "template_file" "metrics-api_task" { template = "${file("metrics-api.json")}" vars { + public_key = "${var.public_key}" jwt_public_key = "${var.jwt_public_key}" jwt_private_key = "${var.jwt_private_key}" memcache_servers = "${var.memcache_servers}" diff --git a/prod-eu-west/services/metrics-api/main.tf b/prod-eu-west/services/metrics-api/main.tf index 3812ad46a..6494fa3fe 100644 --- a/prod-eu-west/services/metrics-api/main.tf +++ b/prod-eu-west/services/metrics-api/main.tf @@ -3,18 +3,30 @@ resource "aws_ecs_service" "metrics-api" { cluster = "${data.aws_ecs_cluster.default.id}" task_definition = "${aws_ecs_task_definition.metrics-api.arn}" desired_count = 1 - iam_role = "${data.aws_iam_role.ecs_service.arn}" - - ordered_placement_strategy { - type = "binpack" - field = "cpu" - } + launch_type = "FARGATE" load_balancer { target_group_arn = "${aws_lb_target_group.metrics-api.id}" container_name = "metrics-api" container_port = "80" } + + network_configuration { + security_groups = ["${data.aws_security_group.datacite-private.id}"] + subnets = [ + "${data.aws_subnet.datacite-private.id}", + "${data.aws_subnet.datacite-alt.id}" + ] + } + + service_registries { + registry_arn = "${aws_service_discovery_service.metrics-api.arn}" + } + + depends_on = [ + "data.aws_lb_listener.default", + ] + } resource "aws_lb_target_group" "metrics-api" { @@ -22,31 +34,33 @@ resource "aws_lb_target_group" "metrics-api" { port = 80 protocol = "HTTP" vpc_id = "${var.vpc_id}" + target_type = "ip" + health_check { path = "/heartbeat" } } -resource "aws_lb_listener_rule" "metrics-api" { - listener_arn = "${data.aws_lb_listener.default.arn}" - priority = 19 +// resource "aws_lb_listener_rule" "metrics-api" { +// listener_arn = "${data.aws_lb_listener.default.arn}" +// priority = 19 - action { - type = "forward" - target_group_arn = "${aws_lb_target_group.metrics-api.arn}" - } +// action { +// type = "forward" +// target_group_arn = "${aws_lb_target_group.metrics-api.arn}" +// } - condition { - field = "host-header" - values = ["api.datacite.org"] - } +// condition { +// field = "host-header" +// values = ["api.datacite.org"] +// } - condition { - field = "path-pattern" - values = ["/reports*"] - } -} +// condition { +// field = "path-pattern" +// values = ["/reports*"] +// } +// } resource "aws_cloudwatch_log_group" "metrics-api" { name = "/ecs/metrics-api" @@ -56,6 +70,10 @@ resource "aws_ecs_task_definition" "metrics-api" { family = "metrics-api" execution_role_arn = "${data.aws_iam_role.ecs_task_execution_role.arn}" container_definitions = "${data.template_file.metrics-api_task.rendered}" + network_mode = "awsvpc" + requires_compatibilities = ["FARGATE"] + cpu = "1024" + memory = "2048" } resource "aws_route53_record" "metrics-api" { @@ -72,4 +90,20 @@ resource "aws_route53_record" "split-metrics-api" { type = "CNAME" ttl = "${var.ttl}" records = ["${data.aws_lb.default.dns_name}"] -} \ No newline at end of file +} + +resource "aws_service_discovery_service" "matrics-api" { + name = "metrics-api" + + health_check_custom_config { + failure_threshold = 3 + } + + dns_config { + namespace_id = "${var.namespace_id}" + + dns_records { + ttl = 300 + type = "A" + } + } \ No newline at end of file diff --git a/prod-eu-west/services/metrics-api/metrics-api.json b/prod-eu-west/services/metrics-api/metrics-api.json index 2253dea8f..9ea233db8 100644 --- a/prod-eu-west/services/metrics-api/metrics-api.json +++ b/prod-eu-west/services/metrics-api/metrics-api.json @@ -2,13 +2,15 @@ { "name": "metrics-api", "image": "datacite/sashimi:${version}", - "cpu": 512, - "memory": 1000, + "cpu": 1024, + "memory": 2048, "essential": true, - "hostname": "metrics-api", + "networkMode": "awsvpc", "portMappings": [ { - "containerPort": 80 + "containerPort": 80, + "hostPort": 80 + } ], "logConfiguration": { @@ -92,6 +94,10 @@ "name" : "USAGE_URL", "value" : "${usage_url}" }, + { + "name" : "PUBLIC_KEY", + "value" : "${public_key}" + }, { "name" : "GITHUB_VERSION", "value" : "${version}" diff --git a/prod-eu-west/services/metrics-api/var.tf b/prod-eu-west/services/metrics-api/var.tf index 29d288ab8..20bc55fb1 100644 --- a/prod-eu-west/services/metrics-api/var.tf +++ b/prod-eu-west/services/metrics-api/var.tf @@ -35,3 +35,9 @@ variable "mysql_database" { default = "metrics" } variable "mysql_host" {} +variable "public_key" {} + +variable "security_group_id" {} +variable "subnet_datacite-private_id" {} +variable "subnet_datacite-alt_id" {} +variable "namespace_id" {} \ No newline at end of file