Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit 197d1da

Browse files
webyneterwebyneter
authoredSep 25, 2018
Merge pull request #2 from micahlmartin/feature/web-service-alb
Replace classic ELB with ALB
2 parents c5024f0 + b79d2fb commit 197d1da

File tree

2 files changed

+92
-68
lines changed

2 files changed

+92
-68
lines changed
 

‎web-service/elb/main.tf ‎web-service/alb/main.tf

+52-39
Original file line numberDiff line numberDiff line change
@@ -48,56 +48,65 @@ variable "internal_zone_id" {
4848
description = "The zone ID to create the record in"
4949
}
5050

51-
variable "ssl_certificate_id" {
51+
variable "ssl_certificate_id" {}
52+
53+
variable "vpc_id" {
54+
description = "The id of the VPC."
5255
}
5356

5457
/**
5558
* Resources.
5659
*/
5760

58-
resource "aws_elb" "main" {
59-
name = "${var.name}"
60-
61-
internal = false
62-
cross_zone_load_balancing = true
63-
subnets = ["${split(",", var.subnet_ids)}"]
64-
security_groups = ["${split(",",var.security_groups)}"]
61+
# Create a new load balancer
62+
resource "aws_alb" "main" {
63+
name = "${var.name}"
64+
internal = false
65+
subnets = ["${split(",", var.subnet_ids)}"]
66+
security_groups = ["${split(",",var.security_groups)}"]
6567

66-
idle_timeout = 30
67-
connection_draining = true
68-
connection_draining_timeout = 15
69-
70-
listener {
71-
lb_port = 80
72-
lb_protocol = "http"
73-
instance_port = "${var.port}"
74-
instance_protocol = "http"
68+
access_logs {
69+
bucket = "${var.log_bucket}"
7570
}
71+
}
7672

77-
listener {
78-
lb_port = 443
79-
lb_protocol = "https"
80-
instance_port = "${var.port}"
81-
instance_protocol = "http"
82-
ssl_certificate_id = "${var.ssl_certificate_id}"
83-
}
73+
resource "aws_alb_target_group" "main" {
74+
name = "alb-target-${var.name}"
75+
port = "${var.port}"
76+
protocol = "HTTP"
77+
vpc_id = "${var.vpc_id}"
8478

8579
health_check {
8680
healthy_threshold = 2
8781
unhealthy_threshold = 2
8882
timeout = 5
89-
target = "HTTP:${var.port}${var.healthcheck}"
83+
protocol = "HTTP"
84+
path = "${var.healthcheck}"
9085
interval = 30
9186
}
87+
}
9288

93-
access_logs {
94-
bucket = "${var.log_bucket}"
89+
resource "aws_alb_listener" "service_https" {
90+
load_balancer_arn = "${aws_alb.main.arn}"
91+
port = "443"
92+
protocol = "HTTPS"
93+
ssl_policy = "ELBSecurityPolicy-2015-05"
94+
certificate_arn = "${var.ssl_certificate_id}"
95+
96+
default_action {
97+
target_group_arn = "${aws_alb_target_group.main.arn}"
98+
type = "forward"
9599
}
100+
}
96101

97-
tags {
98-
Name = "${var.name}-balancer"
99-
Service = "${var.name}"
100-
Environment = "${var.environment}"
102+
resource "aws_alb_listener" "service_http" {
103+
load_balancer_arn = "${aws_alb.main.arn}"
104+
port = "80"
105+
protocol = "HTTP"
106+
107+
default_action {
108+
target_group_arn = "${aws_alb_target_group.main.arn}"
109+
type = "forward"
101110
}
102111
}
103112

@@ -107,8 +116,8 @@ resource "aws_route53_record" "external" {
107116
type = "A"
108117

109118
alias {
110-
zone_id = "${aws_elb.main.zone_id}"
111-
name = "${aws_elb.main.dns_name}"
119+
zone_id = "${aws_alb.main.zone_id}"
120+
name = "${aws_alb.main.dns_name}"
112121
evaluate_target_health = false
113122
}
114123
}
@@ -119,8 +128,8 @@ resource "aws_route53_record" "internal" {
119128
type = "A"
120129

121130
alias {
122-
zone_id = "${aws_elb.main.zone_id}"
123-
name = "${aws_elb.main.dns_name}"
131+
zone_id = "${aws_alb.main.zone_id}"
132+
name = "${aws_alb.main.dns_name}"
124133
evaluate_target_health = false
125134
}
126135
}
@@ -131,17 +140,17 @@ resource "aws_route53_record" "internal" {
131140

132141
// The ELB name.
133142
output "name" {
134-
value = "${aws_elb.main.name}"
143+
value = "${aws_alb.main.name}"
135144
}
136145

137146
// The ELB ID.
138147
output "id" {
139-
value = "${aws_elb.main.id}"
148+
value = "${aws_alb.main.id}"
140149
}
141150

142151
// The ELB dns_name.
143152
output "dns" {
144-
value = "${aws_elb.main.dns_name}"
153+
value = "${aws_alb.main.dns_name}"
145154
}
146155

147156
// FQDN built using the zone domain and name (external)
@@ -156,5 +165,9 @@ output "internal_fqdn" {
156165

157166
// The zone id of the ELB
158167
output "zone_id" {
159-
value = "${aws_elb.main.zone_id}"
168+
value = "${aws_alb.main.zone_id}"
169+
}
170+
171+
output "target_group" {
172+
value = "${aws_alb_target_group.main.arn}"
160173
}

‎web-service/main.tf

+40-29
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
/**
22
* The web-service is similar to the `service` module, but the
3-
* it provides a __public__ ELB instead.
3+
* it provides a __public__ ALB instead.
44
*
55
* Usage:
66
*
@@ -36,11 +36,11 @@ variable "version" {
3636
}
3737

3838
variable "subnet_ids" {
39-
description = "Comma separated list of subnet IDs that will be passed to the ELB module"
39+
description = "Comma separated list of subnet IDs that will be passed to the ALB module"
4040
}
4141

4242
variable "security_groups" {
43-
description = "Comma separated list of security group IDs that will be passed to the ELB module"
43+
description = "Comma separated list of security group IDs that will be passed to the ALB module"
4444
}
4545

4646
variable "port" {
@@ -52,7 +52,7 @@ variable "cluster" {
5252
}
5353

5454
variable "log_bucket" {
55-
description = "The S3 bucket ID to use for the ELB"
55+
description = "The S3 bucket ID to use for the ALB"
5656
}
5757

5858
variable "ssl_certificate_id" {
@@ -64,12 +64,12 @@ variable "iam_role" {
6464
}
6565

6666
variable "external_dns_name" {
67-
description = "The subdomain under which the ELB is exposed externally, defaults to the task name"
67+
description = "The subdomain under which the ALB is exposed externally, defaults to the task name"
6868
default = ""
6969
}
7070

7171
variable "internal_dns_name" {
72-
description = "The subdomain under which the ELB is exposed internally, defaults to the task name"
72+
description = "The subdomain under which the ALB is exposed internally, defaults to the task name"
7373
default = ""
7474
}
7575

@@ -120,6 +120,11 @@ variable "cpu" {
120120
default = 512
121121
}
122122

123+
variable "working_directory" {
124+
description = "The working directory of the container process."
125+
default = "/"
126+
}
127+
123128
variable "deployment_minimum_healthy_percent" {
124129
description = "lower limit (% of desired_count) of # of running tasks during a deployment"
125130
default = 100
@@ -130,6 +135,10 @@ variable "deployment_maximum_percent" {
130135
default = 200
131136
}
132137

138+
variable vpc_id {
139+
description = "The id of the VPC."
140+
}
141+
133142
/**
134143
* Resources.
135144
*/
@@ -144,9 +153,9 @@ resource "aws_ecs_service" "main" {
144153
deployment_maximum_percent = "${var.deployment_maximum_percent}"
145154

146155
load_balancer {
147-
elb_name = "${module.elb.id}"
148-
container_name = "${module.task.name}"
149-
container_port = "${var.container_port}"
156+
target_group_arn = "${module.alb.target_group}"
157+
container_name = "${module.task.name}"
158+
container_port = "${var.container_port}"
150159
}
151160

152161
lifecycle {
@@ -157,13 +166,14 @@ resource "aws_ecs_service" "main" {
157166
module "task" {
158167
source = "../task"
159168

160-
name = "${coalesce(var.name, replace(var.image, "/", "-"))}"
161-
image = "${var.image}"
162-
image_version = "${var.version}"
163-
command = "${var.command}"
164-
env_vars = "${var.env_vars}"
165-
memory = "${var.memory}"
166-
cpu = "${var.cpu}"
169+
name = "${coalesce(var.name, replace(var.image, "/", "-"))}"
170+
image = "${var.image}"
171+
image_version = "${var.version}"
172+
command = "${var.command}"
173+
env_vars = "${var.env_vars}"
174+
memory = "${var.memory}"
175+
cpu = "${var.cpu}"
176+
working_directory = "${var.working_directory}"
167177

168178
ports = <<EOF
169179
[
@@ -175,8 +185,8 @@ module "task" {
175185
EOF
176186
}
177187

178-
module "elb" {
179-
source = "./elb"
188+
module "alb" {
189+
source = "./alb"
180190

181191
name = "${module.task.name}"
182192
port = "${var.port}"
@@ -190,38 +200,39 @@ module "elb" {
190200
security_groups = "${var.security_groups}"
191201
log_bucket = "${var.log_bucket}"
192202
ssl_certificate_id = "${var.ssl_certificate_id}"
203+
vpc_id = "${var.vpc_id}"
193204
}
194205

195206
/**
196207
* Outputs.
197208
*/
198209

199-
// The name of the ELB
210+
// The name of the ALB
200211
output "name" {
201-
value = "${module.elb.name}"
212+
value = "${module.alb.name}"
202213
}
203214

204-
// The DNS name of the ELB
215+
// The DNS name of the ALB
205216
output "dns" {
206-
value = "${module.elb.dns}"
217+
value = "${module.alb.dns}"
207218
}
208219

209-
// The id of the ELB
210-
output "elb" {
211-
value = "${module.elb.id}"
220+
// The id of the ALB
221+
output "alb" {
222+
value = "${module.alb.id}"
212223
}
213224

214-
// The zone id of the ELB
225+
// The zone id of the ALB
215226
output "zone_id" {
216-
value = "${module.elb.zone_id}"
227+
value = "${module.alb.zone_id}"
217228
}
218229

219230
// FQDN built using the zone domain and name (external)
220231
output "external_fqdn" {
221-
value = "${module.elb.external_fqdn}"
232+
value = "${module.alb.external_fqdn}"
222233
}
223234

224235
// FQDN built using the zone domain and name (internal)
225236
output "internal_fqdn" {
226-
value = "${module.elb.internal_fqdn}"
237+
value = "${module.alb.internal_fqdn}"
227238
}

0 commit comments

Comments
 (0)
Please sign in to comment.