Refactor cluster to not create EC2 resources by default

emyller · Apr 20, 2022 · 9b9df89 · 9b9df89
1 parent 6b7be70
commit 9b9df89
Show file tree

Hide file tree

Showing 14 changed files with 108 additions and 45 deletions.
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+  "workbench.colorTheme": "Monokai Pro (Filter Ristretto)"
+}
diff --git a/_main.tf b/_main.tf
@@ -1,7 +1,3 @@
-data "aws_subnet" "any" {
-  id = var.subnets[0]
-}
-
 locals {
-  vpc_id = data.aws_subnet.any.vpc_id
+  is_ec2 = var.ec2_settings != null
 }
diff --git a/_outputs.tf b/_outputs.tf
@@ -11,7 +11,7 @@ output "name" {
   ]))[1]
 }
 
-output "instances_security_group_id" {
-  description = "The ID of the Security Group created for ECS instances."
-  value = module.security_group_ecs_instances.id
+output "security_group_id" {
+  description = "The ID of the Security Group created for ECS resources."
+  value = module.security_group.id
 }
diff --git a/_vars.tf b/_vars.tf
@@ -3,25 +3,20 @@ variable "name" {
   type = string
 }
 
-variable "subnets" {
-  description = "The subnets to place objects in."
-  type = list(string)
-}
-
-variable "instance_type" {
-  description = "The instance type of the EC2 hosts to spin up."
-  type = string
-}
-
-variable "instance_key_name" {
-  description = "The SSH key name in EC2 to manually connect to hosts."
+variable "vpc_id" {
+  description = "VPC to put resources in."
   type = string
 }
 
-variable "max_instances_count" {
-  type = number
-  description = "The maximum number of instances to provision in the cluster."
-  default = 10
+variable "ec2_settings" {
+  description = "EC2-specific settings, when using EC2 as default provider."
+  type = object({
+    subnets = list(string)
+    instance_type = string
+    instance_key_name = string
+    max_instances_count = number
+  })
+  default = null
 }
 
 variable "ingress_cidr_blocks" {

diff --git a/cluster.tf b/cluster.tf
@@ -3,10 +3,21 @@ resource "aws_ecs_cluster" "main" {
   The ECS cluster itself
   */
   name = var.name
-  capacity_providers = [aws_ecs_capacity_provider.main.name]
+}
 
-  default_capacity_provider_strategy {
-    capacity_provider = aws_ecs_capacity_provider.main.name
-    weight = 100
-  }
+resource "aws_ecs_cluster_capacity_providers" "fargate" {
+  /*
+  EC2 capacity provider
+  */
+  cluster_name = aws_ecs_cluster.main.name
+  capacity_providers = ["FARGATE"]
+}
+
+resource "aws_ecs_cluster_capacity_providers" "ec2" {
+  /*
+  EC2 capacity provider
+  */
+  count = local.is_ec2 ? 1 : 0
+  cluster_name = aws_ecs_cluster.main.name
+  capacity_providers = [one(module.ec2[*]).ecs_capacity_provider.name]
 }
diff --git a/ec2.tf b/ec2.tf
@@ -0,0 +1,15 @@
+module "ec2" {
+  /*
+  EC2 machinery if using it as capacity provider
+  */
+  source = "./ec2"
+  count = local.is_ec2 ? 1 : 0
+
+  name = var.name
+  security_group_id = module.security_group.id
+  extra_security_groups = var.extra_security_groups
+  subnets = var.ec2_settings.subnets
+  instance_type = var.ec2_settings.instance_type
+  instance_key_name = var.ec2_settings.instance_key_name
+  max_instances_count = var.ec2_settings.max_instances_count
+}
diff --git a/ec2/_main.tf b/ec2/_main.tf
@@ -0,0 +1,7 @@
+data "aws_subnet" "any" {
+  id = var.subnets[0]
+}
+
+locals {
+  vpc_id = data.aws_subnet.any.vpc_id
+}
diff --git a/ec2/_outputs.tf b/ec2/_outputs.tf
@@ -0,0 +1,3 @@
+output "ecs_capacity_provider" {
+  value = aws_ecs_capacity_provider.main
+}
diff --git a/ec2/_vars.tf b/ec2/_vars.tf
@@ -0,0 +1,35 @@
+variable "name" {
+  description = "The name of the cluster to manage."
+  type = string
+}
+
+variable "security_group_id" {
+  description = "The ID of the Security Group to assign to EC2 instances."
+  type = string
+}
+
+variable "extra_security_groups" {
+  type = list(string)
+  default = []
+}
+
+variable "subnets" {
+  description = "The subnets to place objects in."
+  type = list(string)
+}
+
+variable "instance_type" {
+  description = "The instance type of the EC2 hosts to spin up."
+  type = string
+}
+
+variable "instance_key_name" {
+  description = "The SSH key name in EC2 to manually connect to hosts."
+  type = string
+}
+
+variable "max_instances_count" {
+  type = number
+  description = "The maximum number of instances to provision in the cluster."
+  default = 10
+}
diff --git a/auto-scaling.tf → ec2/auto-scaling.tf b/auto-scaling.tf → ec2/auto-scaling.tf
diff --git a/nodes.iam.tf → ec2/nodes.iam.tf b/nodes.iam.tf → ec2/nodes.iam.tf
diff --git a/nodes.tf → ec2/nodes.tf b/nodes.tf → ec2/nodes.tf
@@ -40,9 +40,7 @@ resource "aws_launch_template" "main" {
 
   network_interfaces {
     associate_public_ip_address = false
-    security_groups = concat([
-      module.security_group_ecs_instances.id,
-    ], var.extra_security_groups)
+    security_groups = concat([var.security_group_id], var.extra_security_groups)
   }
 
   monitoring {
@@ -58,16 +56,3 @@ resource "aws_launch_template" "main" {
     }
   }
 }
-
-module "security_group_ecs_instances" {
-  /*
-  The security group to wrap EC2 instances in HTTP services
-  */
-  source = "emyller/security-group/aws"
-  version = "~> 1.0"
-  name = "i-${var.name}"
-  vpc_id = local.vpc_id
-  ingress_security_groups = var.ingress_security_groups
-  ingress_cidr_blocks = var.ingress_cidr_blocks
-  allow_self_ingress = true
-}
diff --git a/nodes.user-data.sh.tpl → ec2/nodes.user-data.sh.tpl b/nodes.user-data.sh.tpl → ec2/nodes.user-data.sh.tpl
diff --git a/networking.tf b/networking.tf
@@ -0,0 +1,13 @@
+module "security_group" {
+  /*
+  The security group to wrap resources within the cluster
+  */
+  source = "emyller/security-group/aws"
+  version = "~> 1.0"
+
+  name = "ecs-${var.name}"
+  vpc_id = var.vpc_id
+  ingress_security_groups = var.ingress_security_groups
+  ingress_cidr_blocks = var.ingress_cidr_blocks
+  allow_self_ingress = true
+}