Skip to content

polyledger/ops

2 Branches0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

DagnanDagnan
Merge pull request #5 from polyledger/mpigassou/rename_env_to_staging
Jun 13, 2018
a45c0de · Jun 13, 2018

History

43 Commits
modules
modules
Jun 13, 2018
.gitignore
.gitignore
Jun 13, 2018
README.md
README.md
Jun 13, 2018
outputs.tf
outputs.tf
Apr 30, 2018
route53.tf
route53.tf
Jun 7, 2018
staging.tf
staging.tf
Jun 13, 2018
staging_key.pub
staging_key.pub
Jun 13, 2018
terraform.tfvars
terraform.tfvars
Jun 13, 2018
variables.tf
variables.tf
Jun 13, 2018

Repository files navigation

README

Intro

This Terraform script is based on this blog post, modified to work with a Django app.

Another interesting resource: https://github.com/hashicorp/best-practices/tree/master/terraform/providers/aws.

Infra overview

TODO

Logs

ECS tasks logs will be sent to the us-east-1 region. This is specified in each task definition JSON file. For more information see: Using the awslogs Log Driver.

Settings

  • Public SSH key/pair, edit production_key.pub
  • The AWS region, main domain name, database credentials and the app secret are located in terraform.tfvars.
  • RDS/Elasticache instance size (and other vars) in production.tf
  • Main container port and ENV variables in modules/ecs/tasks/web.json
  • Main container Github source in modules/code_pipeline/main.tf
  • CPU/RAM: need to be updated in ecs/server.tf/ecs/task_definitions/server.json, ecs/frontend.tf/ecs/task_definitions/frontend.json

Getting started

  • brew install terraform
  • terraform init
  • terraform apply -var 'access_key=foo' -var 'secret_key=bar'
  • terraform destroy -var 'access_key=foo' -var 'secret_key=bar'

Short term TODO

  • Enable code build/pipeline
  • Rails -> Django
  • Add ElastiCache Redis
  • Add public EC2 server that can connect to the DB and Redis
  • Update django sample app to connect from DATABASE_URL and REDIS_URL
  • Add Elastic IP for ssh (rename -> Bastion)
  • Setup domain name
  • Setup Cloudfront
  • Have the frontend use assets from Cloudfront
  • Rename production to staging
  • Setup ALB
  • SSL
  • Make sure admin works
  • Add prod parity
  • Change SSH keys to IAM so multiple pub keys can be used to access bastion
  • Writer better README

Medium term TODO

  • Replace supervisor by 3 distinct ECS tasks (celery, celery beat, server)
  • Add health check for backend from ECS
  • Add monitoring
  • Settings for instance types/container sizes

Long term TODO

Questions

  • Do we need nginx?
  • ALB/ELB health check?

About

Infrastructure as code

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages