resource "aws_launch_template" "public_ecs_ec2_launch_template" { name_pref

1. resource "aws_launch_template" "public_ecs_ec2_launch_template" {
2. name_prefix = var.public_ecs.asg.instance_prefix
3. image_id = data.aws_ami.aws_linux_2.id
4. instance_type = var.public_ecs.asg.instance_type
5. key_name = var.aws_keypair_name
6. vpc_security_group_ids = [aws_security_group.allow_http.id, aws_security_group.allow_https.id, aws_security_group.allow_ssh.id]
7.  
8. iam_instance_profile {
9. name = "ecsInstanceRole"
10. }
11.  
12. block_device_mappings {
13. device_name = "/dev/xvda"
14.  
15. ebs {
16. volume_size = 30
17. volume_type = "gp3"
18. }
19. }
20.  
21. tag_specifications {
22. resource_type = "instance"
23. tags = {
24. Name = "public-ecs-ec2-instance"
25. }
26. }
27.  
28. user_data = filebase64("${path.module}/ecs.sh")
29. }
30.  
31. resource "aws_autoscaling_group" "public_ecs_asg" {
32. name = var.public_ecs.asg.name
33.  
34. vpc_zone_identifier = [aws_subnet.main_vpc_public_subnet_1.id, aws_subnet.main_vpc_public_subnet_2.id]
35. min_size = var.public_ecs.asg.ec2_min_instances
36. max_size = var.public_ecs.asg.ec2_max_instances
37. desired_capacity = 1
38.  
39. launch_template {
40. id = aws_launch_template.public_ecs_ec2_launch_template.id
41. version = "$Latest"
42. }
43.  
44. tag {
45. key = var.public_ecs.asg.name
46. value = true
47. propagate_at_launch = true
48. }
49.  
50. health_check_type = "ELB"
51.  
52. # Required to redeploy without an outage.
53. lifecycle {
54. create_before_destroy = true
55. }
56.  
57. metrics_granularity = "1Minute"
58. enabled_metrics = [
59. "GroupMinSize",
60. "GroupMaxSize",
61. "GroupDesiredCapacity",
62. "GroupInServiceInstances",
63. "GroupTotalInstances"
64. ]
65.  
66. }
67.  
68. resource "aws_lb" "public_lb" {
69. name = var.public_load_balancer.name
70. internal = false
71. load_balancer_type = "application"
72. security_groups = [aws_security_group.allow_http.id, aws_security_group.allow_https.id, aws_security_group.allow_ssh.id]
73. subnets = [aws_subnet.main_vpc_public_subnet_1.id, aws_subnet.main_vpc_public_subnet_2.id]
74.  
75. tags = {
76. Name = var.public_load_balancer.name
77. }
78. }
79.  
80. resource "aws_lb_listener" "ecs_lb_listener" {
81. load_balancer_arn = aws_lb.public_lb.arn
82. port = 80
83. protocol = "HTTP"
84.  
85. default_action {
86. type = "forward"
87. target_group_arn = aws_lb_target_group.public_ecs_lb_target_group.arn
88. }
89. }
90.  
91. resource "aws_lb_target_group" "public_ecs_lb_target_group" {
92. name = var.public_load_balancer.target_group.name
93. port = 80
94. protocol = "HTTP"
95. target_type = "instance"
96. vpc_id = aws_vpc.main.id
97.  
98. health_check {
99. interval = 30
100. path = "/"
101. protocol = "HTTP"
102. timeout = 5
103. healthy_threshold = 5
104. unhealthy_threshold = 2
105. matcher = "200-299"
106. }
107. }
108.  
109. resource "aws_ecs_cluster" "public_ecs_cluster" {
110. name = var.public_ecs.cluster_name
111.  
112. setting {
113. name = "containerInsights"
114. value = "disabled"
115. }
116. }
117.  
118. resource "aws_ecs_capacity_provider" "public_ecs_capacity_provider" {
119. name = var.public_ecs.capacity_provider_name
120.  
121. auto_scaling_group_provider {
122. auto_scaling_group_arn = aws_autoscaling_group.public_ecs_asg.arn
123.  
124. managed_scaling {
125. maximum_scaling_step_size = 1
126. minimum_scaling_step_size = 1
127. status = "ENABLED"
128. target_capacity = 1
129. }
130. }
131. }
132.  
133. resource "aws_ecs_cluster_capacity_providers" "public_ecs_cluster_capacity_provider" {
134. cluster_name = aws_ecs_cluster.public_ecs_cluster.name
135.  
136. capacity_providers = [aws_ecs_capacity_provider.public_ecs_capacity_provider.name]
137.  
138. default_capacity_provider_strategy {
139. base = 1
140. weight = 100
141. capacity_provider = aws_ecs_capacity_provider.public_ecs_capacity_provider.name
142. }
143. }
144.  
145. resource "aws_ecs_task_definition" "public_ecs_task_definition" {
146.  
147. family = var.public_ecs.task_definition_name
148. network_mode = "bridge"
149. execution_role_arn = "arn:aws:iam::${var.aws_account_id}:role/ecsTaskExecutionRole"
150. cpu = 256
151. runtime_platform {
152. operating_system_family = "LINUX"
153. cpu_architecture = "X86_64"
154. }
155.  
156. container_definitions = jsonencode([
157. {
158. name = var.public_ecs.asg.instance_name
159. image = "${var.aws_account_id}.dkr.ecr.${var.aws_main_region}.amazonaws.com/${var.public_ecs.ecr_repository_production_microservice}:latest"
160. cpu = 256
161. memory = 512
162. essential = true
163. portMappings = [
164. {
165. containerPort = 80
166. hostPort = 80
167. protocol = "tcp"
168. }
169. ]
170.  
171. logConfiguration = {
172. logDriver = "awslogs"
173. options = {
174. "awslogs-group" = aws_cloudwatch_log_group.public_ecs_log_group.name
175. "awslogs-region" = var.aws_main_region
176. }
177. }
178. }
179. ])
180.  
181. }
182.  
183. resource "aws_ecs_service" "public_ecs_service" {
184. name = var.public_ecs.service_name
185. cluster = aws_ecs_cluster.public_ecs_cluster.id
186. task_definition = aws_ecs_task_definition.public_ecs_task_definition.arn
187. desired_count = 1
188.  
189. force_new_deployment = true
190.  
191. placement_constraints {
192. type = "distinctInstance"
193. }
194.  
195. triggers = {
196. redeployment = timestamp()
197. }
198.  
199. capacity_provider_strategy {
200. capacity_provider = aws_ecs_capacity_provider.public_ecs_capacity_provider.name
201. weight = 100
202. }
203.  
204. load_balancer {
205. target_group_arn = aws_lb_target_group.public_ecs_lb_target_group.arn
206. container_name = var.public_ecs.asg.instance_name
207. container_port = 80
208. }
209.  
210. depends_on = [aws_autoscaling_group.public_ecs_asg]
211. }
212.  
213. resource "aws_cloudwatch_log_group" "public_ecs_log_group" {
214. name = var.public_ecs.log_group
215. retention_in_days = 3
216.  
217. tags = {
218. name = "logs"
219. }
220. }
221.  
222.