This repository has been archived by the owner on Jan 8, 2024. It is now read-only.
Backport of Convert ECS platform plugin to use resource manager into release/0.5.x #2196
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport
This PR is auto-generated from #2098 to be assessed for backporting due to the inclusion of the label backport/0.5.x.
The below text is copied from the body of the original PR.
This converts the ECS plugin from its own resource lifecycle logic to use resource manager, and implements the Status plugin.
Addresses #1645
Closes #2061
What changes
From a user perspective, there are three changes:
More detailed deployment UI
Previous
waypoint deploy
console output:New console output:
Users can now see the progress on creating or discovering all of the resources that go into an ECS deployment.
Better rollback behavior on deployment failure
If a deployment fails partway through, waypoint will now call destroy on each resource that was created during that deployment, leaving fewer orphaned resources. Example:
Note that after the rate limit exception, waypoint destroyed the ALB listener and target group before exiting.
Status
I've implemented status functions on
cluster
andservice
resources. Theservice
resource produces additionaltask
resources. You can view them withwaypoint status -app=<app>
Example of a service coming online:
One drawback of this change: we run a status check immediately after a deployment, at which point generally the service exists, but the tasks do not yet exist. The initial status check will generally look like this, until a user enables app polling or runs the upcoming
waypoint status -refresh
command:Technical notes
There are so many of individual resources that an ECS deployment creates or needs to be directly aware of. The full list is:
This is also a bit of a nerve-wracking change, as it touches the entire surface area of the plugin and there aren't any tests. I tested:
That said, if anyone has any specific trial workflows in mind, please give them a whirl or let me know.
Future considerations
Improved destroy logic
We only have destroy implemented for ALB listener, target group, and service, which was the state before this change. Other resources are either app-scoped (security groups, etc), or globally scoped (log group). We have a
DestroyWorkspace
plugin func, which could be useful for this, but I feel like we might need aDestroyApp
plugin func too, as I don't think most of these resources are workspace scoped.Relevant issue: #805
More status functions
I've only implemented status on the
cluster
andservice
resources, which I think are the most dynamic and valuable. Implementing more status functions would result in more aws API usage, which bring us closer to hitting api rate limits for large waypoint installations. AWS rate limits to 20 RPS per region. With this change, each status check will result in 4 GET api calls, so with the default check interval of 30 seconds on the latest deploy only, waypoint won't be able to support more than 150 apps.Once we have a plan to address the rate limit problem, we can implement status functions on more resources.
ECS Releaser plugin
The ECS releaser plugin cannot be easily replaced by the ALB plugin (context: #1577 (comment)). The ECS plugin doesn't create any resources though - only modify existing deployment resources - so I don't think it needs resource manager.
Incidental changes
Apologies for not making these smaller separate PRs.
ingress_port
, that allows you to configure the external port the load balancer uses. It still defaults to 443 if a cert is configured, and 80 otherwise.withContext
, so if the aws api is slow or hanging it should be possible to cancel the operation.