Skip to content

jetbrains-infra/terraform-aws-ecs-cluster

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

66 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

About

Terraform module to run ECS cluster, with ASG + Launch Template + Scaling policies via capacity provider. See details in the corresponding AWS blog post Amazon ECS Cluster Auto Scaling is Now Generally Available.

Features

  • ECS cluster manages ASG capacity automatically.
  • ASG with optional spot instances support.
  • It's possible to specify various instance types for your cluster.
  • EC2 instance profile with SSM policy - you can connect to the instances using the Session Manager.
  • Default ECS task role allows creating a log group.
  • Default security group for ECS nodes allow inbound connections from configurable list of network CIDRs.
  • It's possible to specify additional security groups for ECS nodes.
  • Latest ECS Optimized AMI with amd64 or arm64 architectures.
  • Additional EBS disks.
  • ASG lifecycle hooks.

Usage

Minimal

module "example_ecs_cluster" {
  source       = "github.com/jetbrains-infra/terraform-aws-ecs-cluster?ref=vX.X.X" // see https://github.com/jetbrains-infra/terraform-aws-ecs-cluster/releases
  cluster_name = "FooBar"

  // subnets where the ECS nodes are hosted
  subnets_ids = [
    aws_subnet.private_subnet_1.id,
    aws_subnet.private_subnet_2.id
  ]
}

Full example

module "example_ecs_cluster" {
  source               = "github.com/jetbrains-infra/terraform-aws-ecs-cluster?ref=vX.X.X" // see https://github.com/jetbrains-infra/terraform-aws-ecs-cluster/releases
  cluster_name         = "FooBar"
  spot                 = true
  arm64                = true
  target_capacity      = 100
  nodes_with_public_ip = true

  instance_types = {
    "t3a.large"  = 1
    "t3a.xlarge" = 2
  }

  // subnets with ALB and bastion host e.g..
  trusted_cidr_blocks = [
    aws_subnet.public_subnet_1.cidr_block,
    aws_subnet.public_subnet_2.cidr_block
  ]

  ebs_disks = {
    "/dev/sda" = 100
  }

  // subnets where the ECS nodes are hosted
  subnets_ids = [
    aws_subnet.private_subnet_1.id,
    aws_subnet.private_subnet_2.id
  ]

  lifecycle_hooks = [
    {
      name                    = "Example"
      lifecycle_transition    = "autoscaling:EC2_INSTANCE_LAUNCHING"
      default_result          = "CONTINUE"
      heartbeat_timeout       = 2000
      role_arn                = aws_iam_role.example.arn
      notification_target_arn = "arn:aws:sqs:us-east-1:444455556666:queue1"
      notification_metadata   = <<EOF
{
  "foo": "bar"
}
EOF
    }
  ]
}

Required Inputs

The following input variables are required:

Description: Cluster name.

Type: any

Description: IDs of subnets. Use subnets from various availability zones to make the cluster more reliable.

Type: list(string)

Optional Inputs

The following input variables are optional (have default values):

Description: ECS node architecture. Default is amd64. You can change it to arm64 by activating this flag. If you do, then you should use corresponding instance types.

Type: bool

Default: false

Description: The maximum size the auto scaling group (measured in EC2 instances).

Type: number

Default: 100

Description: The minimum size the auto scaling group (measured in EC2 instances).

Type: number

Default: 0

Description: A list of additional EBS disks.

Type: map(string)

Default: {}

Description: n/a

Type: bool

Default: true

Description: ECS node instance types. Maps of pairs like type = weight. Where weight gives the instance type a proportional weight to other instance types.

Type: map(any)

Default:

{
  "t3a.small": 2
}

Description: A list of lifecycle hook actions. See details at https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html.

Type:

list(object({
    name                    = string
    lifecycle_transition    = string
    default_result          = string
    heartbeat_timeout       = number
    role_arn                = string
    notification_target_arn = string
    notification_metadata   = string
  }))

Default: []

Description: Assign public IP addresses to ECS cluster nodes. Useful when an ECS cluster hosted in internet facing networks.

Type: bool

Default: false

Description: The minimum number of on-demand EC2 instances.

Type: number

Default: 0

Description: The autoscaling group will not select instances with this setting for termination during scale in events.

Type: bool

Default: true

Description: Additional security group IDs. Default security group would be merged with the provided list.

Type: list

Default: []

Description: Choose should we use spot instances or on-demand to populate ECS cluster.

Type: bool

Default: false

Description: The target utilization for the cluster. A number between 1 and 100.

Type: string

Default: "100"

Description: List of trusted subnets CIDRs with hosts that should connect to the cluster. E.g., subnets with ALB and bastion hosts.

Type: list(string)

Default:

[
  ""
]

Description: A shell script will be executed at once at EC2 instance start.

Type: string

Default: ""

Outputs

The following outputs are exported:

Description: Cluster ARN.

Description: capacity provider name (the same name for ASG).

Description: ECS default task role ARN.

Description: ECS default task role name.

Description: ECS service role ARN.

Description: ECS service role name.

Description: IAM instance profile ARN.

Description: IAM instance profile name.

Description: IAM instance role name.

Description: Cluster ID.

Description: Cluster name.

Description: The ID of the ECS nodes security group.

Description: The name of the ECS nodes security group.

Providers

The following providers are used by this module:

Resources

The following resources are used by this module: