Adds support for additional containers (sidecars) (#107)

JaredDarling · jdarling-aim · web-flow · commit 153206c479ed · 2023-10-18T11:45:33.000+01:00
Co-authored-by: Jared Darling &lt;jdarling@aimconsulting.com&gt;
diff --git a/examples/test/main.tf b/examples/test/main.tf
@@ -1,10 +1,48 @@
+locals {
+  public_subnet_ids  = [for s in module.base-network.public_subnets : s.id]
+  private_subnet_ids = [for s in module.base-network.private_subnets : s.id]
+}
+
 module "base-network" {
-  source                                      = "cn-terraform/networking/aws"
-  name_prefix                                 = "test-networking"
-  vpc_cidr_block                              = "192.168.0.0/16"
-  availability_zones                          = ["us-east-1a", "us-east-1b", "us-east-1c", "us-east-1d"]
-  public_subnets_cidrs_per_availability_zone  = ["192.168.0.0/19", "192.168.32.0/19", "192.168.64.0/19", "192.168.96.0/19"]
-  private_subnets_cidrs_per_availability_zone = ["192.168.128.0/19", "192.168.160.0/19", "192.168.192.0/19", "192.168.224.0/19"]
+  source     = "cn-terraform/networking/aws"
+  cidr_block = "192.168.0.0/16"
+
+  vpc_additional_tags = {
+    vpc_tag1 = "tag1",
+    vpc_tag2 = "tag2",
+  }
+
+  public_subnets = {
+    first_public_subnet = {
+      availability_zone = "us-east-1a"
+      cidr_block        = "192.168.0.0/19"
+    }
+    second_public_subnet = {
+      availability_zone = "us-east-1b"
+      cidr_block        = "192.168.32.0/19"
+    }
+  }
+
+  public_subnets_additional_tags = {
+    public_subnet_tag1 = "tag1",
+    public_subnet_tag2 = "tag2",
+  }
+
+  private_subnets = {
+    first_private_subnet = {
+      availability_zone = "us-east-1a"
+      cidr_block        = "192.168.128.0/19"
+    }
+    second_private_subnet = {
+      availability_zone = "us-east-1b"
+      cidr_block        = "192.168.160.0/19"
+    }
+  }
+
+  private_subnets_additional_tags = {
+    private_subnet_tag1 = "tag1",
+    private_subnet_tag2 = "tag2",
+  }
 }
 
 module "test" {
@@ -13,6 +51,6 @@ module "test" {
   vpc_id              = module.base-network.vpc_id
   container_image     = "ubuntu"
   container_name      = "test"
-  public_subnets_ids  = module.base-network.public_subnets_ids
-  private_subnets_ids = module.base-network.private_subnets_ids
+  public_subnets_ids  = local.public_subnet_ids
+  private_subnets_ids = local.private_subnet_ids
 }
diff --git a/main.tf b/main.tf
@@ -15,56 +15,57 @@ module "ecs-cluster" {
 #------------------------------------------------------------------------------
 module "td" {
   source  = "cn-terraform/ecs-fargate-task-definition/aws"
-  version = "1.0.35"
+  version = "1.0.36"
   # source  = "../terraform-aws-ecs-fargate-task-definition"
 
-  name_prefix                  = var.name_prefix
-  container_name               = var.container_name
-  container_image              = var.container_image
-  container_memory             = var.container_memory
-  container_memory_reservation = var.container_memory_reservation
-  container_definition         = var.container_definition
-  port_mappings                = var.port_mappings
-  healthcheck                  = var.healthcheck
-  container_cpu                = var.container_cpu
-  essential                    = var.essential
-  entrypoint                   = var.entrypoint
-  command                      = var.command
-  working_directory            = var.working_directory
-  environment                  = var.environment
-  extra_hosts                  = var.extra_hosts
-  map_environment              = var.map_environment
-  environment_files            = var.environment_files
-  secrets                      = var.secrets
-  readonly_root_filesystem     = var.readonly_root_filesystem
-  linux_parameters             = var.linux_parameters
-  log_configuration            = var.log_configuration
-  firelens_configuration       = var.firelens_configuration
-  mount_points                 = var.mount_points
-  dns_servers                  = var.dns_servers
-  dns_search_domains           = var.dns_search_domains
-  ulimits                      = var.ulimits
-  repository_credentials       = var.repository_credentials
-  volumes_from                 = var.volumes_from
-  links                        = var.links
-  user                         = var.user
-  container_depends_on         = var.container_depends_on
-  docker_labels                = var.docker_labels
-  start_timeout                = var.start_timeout
-  stop_timeout                 = var.stop_timeout
-  privileged                   = var.privileged
-  system_controls              = var.system_controls
-  hostname                     = var.hostname
-  disable_networking           = var.disable_networking
-  interactive                  = var.interactive
-  pseudo_terminal              = var.pseudo_terminal
-  docker_security_options      = var.docker_security_options
+  additional_containers          = var.additional_containers
+  command                        = var.command
+  container_cpu                  = var.container_cpu
+  container_definition_overrides = var.container_definition_overrides
+  container_depends_on           = var.container_depends_on
+  container_image                = var.container_image
+  container_memory               = var.container_memory
+  container_memory_reservation   = var.container_memory_reservation
+  container_name                 = var.container_name
+  disable_networking             = var.disable_networking
+  dns_search_domains             = var.dns_search_domains
+  dns_servers                    = var.dns_servers
+  docker_labels                  = var.docker_labels
+  docker_security_options        = var.docker_security_options
+  entrypoint                     = var.entrypoint
+  environment                    = var.environment
+  environment_files              = var.environment_files
+  essential                      = var.essential
+  extra_hosts                    = var.extra_hosts
+  firelens_configuration         = var.firelens_configuration
+  healthcheck                    = var.healthcheck
+  hostname                       = var.hostname
+  interactive                    = var.interactive
+  links                          = var.links
+  linux_parameters               = var.linux_parameters
+  log_configuration              = var.log_configuration
+  map_environment                = var.map_environment
+  mount_points                   = var.mount_points
+  name_prefix                    = var.name_prefix
+  port_mappings                  = var.port_mappings
+  privileged                     = var.privileged
+  pseudo_terminal                = var.pseudo_terminal
+  readonly_root_filesystem       = var.readonly_root_filesystem
+  repository_credentials         = var.repository_credentials
+  secrets                        = var.secrets
+  start_timeout                  = var.start_timeout
+  stop_timeout                   = var.stop_timeout
+  system_controls                = var.system_controls
+  ulimits                        = var.ulimits
+  user                           = var.user
+  volumes_from                   = var.volumes_from
+  working_directory              = var.working_directory
 
+  ecs_task_execution_role_custom_policies = var.ecs_task_execution_role_custom_policies
+  ephemeral_storage_size                  = var.ephemeral_storage_size
   permissions_boundary                    = var.permissions_boundary
   placement_constraints                   = var.placement_constraints_task_definition
   proxy_configuration                     = var.proxy_configuration
-  ephemeral_storage_size                  = var.ephemeral_storage_size
-  ecs_task_execution_role_custom_policies = var.ecs_task_execution_role_custom_policies
   volumes                                 = var.volumes
 
   tags = var.tags
@@ -75,19 +76,20 @@ module "td" {
 #------------------------------------------------------------------------------
 module "ecs-fargate-service" {
   source  = "cn-terraform/ecs-fargate-service/aws"
-  version = "2.0.41"
+  version = "2.0.42"
   # source  = "../terraform-aws-ecs-fargate-service"
 
   name_prefix = var.name_prefix
   vpc_id      = var.vpc_id
 
-  ecs_cluster_arn                    = module.ecs-cluster.aws_ecs_cluster_cluster_arn
+  deployment_controller              = var.deployment_controller
   deployment_maximum_percent         = var.deployment_maximum_percent
   deployment_minimum_healthy_percent = var.deployment_minimum_healthy_percent
-  deployment_controller              = var.deployment_controller
   desired_count                      = var.desired_count
+  ecs_cluster_arn                    = module.ecs-cluster.aws_ecs_cluster_cluster_arn
   enable_ecs_managed_tags            = var.enable_ecs_managed_tags
   enable_execute_command             = var.enable_execute_command
+  force_new_deployment               = var.force_new_deployment
   health_check_grace_period_seconds  = var.health_check_grace_period_seconds
   ordered_placement_strategy         = var.ordered_placement_strategy
   placement_constraints              = var.ecs_service_placement_constraints
@@ -115,6 +117,7 @@ module "ecs-fargate-service" {
 
   # Application Load Balancer
   custom_lb_arn                       = var.custom_lb_arn
+  additional_lbs                      = var.additional_lbs
   lb_internal                         = var.lb_internal
   lb_security_groups                  = var.lb_security_groups
   lb_drop_invalid_header_fields       = var.lb_drop_invalid_header_fields
diff --git a/variables.tf b/variables.tf
@@ -27,6 +27,12 @@ variable "vpc_id" {
 #------------------------------------------------------------------------------
 # AWS ECS Container Definition Variables
 #------------------------------------------------------------------------------
+variable "additional_containers" {
+  description = "Additional container definitions (sidecars) to use for the task."
+  default     = []
+  type        = any #cloudposse/ecs-container-definition/aws
+}
+
 variable "container_name" {
   type        = string
   description = "The name of the container. Up to 255 characters ([a-z], [A-Z], [0-9], -, _ allowed)"
@@ -49,7 +55,7 @@ variable "container_memory_reservation" {
   default     = 2048 # 2 GB
 }
 
-variable "container_definition" {
+variable "container_definition_overrides" {
   type        = map(any)
   description = "Container definition overrides which allows for extra keys or overriding existing keys."
   default     = {}
@@ -414,7 +420,9 @@ variable "deployment_minimum_healthy_percent" {
 variable "deployment_controller" {
   description = "(Optional) Deployment controller"
   type        = list(any)
-  default     = []
+  default = [{
+    type = "ECS"
+  }]
 }
 
 variable "desired_count" {
@@ -429,6 +437,12 @@ variable "enable_ecs_managed_tags" {
   default     = false
 }
 
+variable "force_new_deployment" {
+  description = "(Optional) Enable to force a new task deployment of the service. This can be used to update tasks to use a newer Docker image with same image/tag combination (e.g. myimage:latest), roll Fargate tasks onto a newer platform version, or immediately deploy ordered_placement_strategy and placement_constraints updates."
+  default     = false
+  type        = bool
+}
+
 variable "enable_execute_command" {
   description = "(Optional) Specifies whether to enable Amazon ECS Exec for the tasks within the service."
   type        = bool
@@ -521,6 +535,19 @@ variable "custom_lb_arn" {
   default     = null
 }
 
+variable "additional_lbs" {
+  default     = {}
+  description = "Additional load balancers to add to ECS service"
+  type = map(object
+    (
+      {
+        target_group_arn = string
+        container_port   = number
+      }
+    )
+  )
+}
+
 variable "lb_internal" {
   description = "(Optional) If true, the LB will be internal."
   type        = bool
@@ -615,7 +642,7 @@ variable "lb_http_ports" {
   description = "Map containing objects with two fields, listener_port and the target_group_port to redirect HTTP requests"
   type        = map(any)
   default = {
-    default_http = {
+    default-http = {
       listener_port     = 80
       target_group_port = 80
     }
@@ -638,7 +665,7 @@ variable "lb_https_ports" {
   description = "Map containing objects with two fields, listener_port and the target_group_port to redirect HTTPS requests"
   type        = map(any)
   default = {
-    default_http = {
+    default-https = {
       listener_port     = 443
       target_group_port = 443
     }
