diff --git a/aws-fargate-terraform/alb.tf b/aws-fargate-terraform/alb.tf new file mode 100644 index 00000000..0659a66a --- /dev/null +++ b/aws-fargate-terraform/alb.tf @@ -0,0 +1,92 @@ +resource "aws_alb" "lb_cdc" { + name = "lb-cdc" + subnets = ["${aws_subnet.public-subnet1.id}", "${aws_subnet.public-subnet2.id}"] + security_groups = ["${aws_security_group.sg-alb.id}"] + load_balancer_type = "application" + idle_timeout = 60 + internal = false + enable_deletion_protection = false + + tags { + Name = "CDC" + } +} + +resource "aws_alb_listener" "cdc_listner" { + load_balancer_arn = "${aws_alb.lb_cdc.arn}" + port = 80 + protocol = "HTTP" + depends_on = ["aws_alb_target_group.cdc_target_group", "aws_alb.lb_cdc"] + + default_action { + target_group_arn = "${aws_alb_target_group.cdc_target_group.arn}" + type = "forward" + } +} + +resource "aws_alb_target_group" "cdc_target_group" { + name = "cdc-target-group" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.vpc-eventuate.id}" + target_type = "ip" + + lifecycle { + create_before_destroy = true + } + + health_check { + healthy_threshold = 2 + path = "/actuator/health" + timeout = 10 + interval = 30 + port = "8080" + } +} + +resource "aws_alb" "lb_customer" { + name = "lb-customer" + subnets = ["${aws_subnet.public-subnet2.id}", "${aws_subnet.public-subnet1.id}"] + security_groups = ["${aws_security_group.sg-alb.id}"] + load_balancer_type = "application" + idle_timeout = 60 + internal = false + enable_deletion_protection = false + + tags { + Name = "customer_elb" + } + +} + +resource "aws_alb_listener" "customer_listner" { + load_balancer_arn = "${aws_alb.lb_customer.arn}" + port = 80 + protocol = "HTTP" + depends_on = ["aws_alb_target_group.customer_target_group"] + + default_action { + target_group_arn = "${aws_alb_target_group.customer_target_group.arn}" + type = "forward" + } +} + +resource "aws_alb_target_group" "customer_target_group" { + name = "customer-target-group" + port = 8080 + protocol = "HTTP" + vpc_id = "${aws_vpc.vpc-eventuate.id}" + target_type = "ip" + + lifecycle { + create_before_destroy = true + } + + health_check { + healthy_threshold = 2 + path = "/actuator/health" + timeout = 30 + interval = 60 + port = "8080" + } +} diff --git a/aws-fargate-terraform/ecs.tf b/aws-fargate-terraform/ecs.tf index 551cf5a5..47753523 100644 --- a/aws-fargate-terraform/ecs.tf +++ b/aws-fargate-terraform/ecs.tf @@ -10,7 +10,7 @@ resource "aws_ecs_service" "svc_cdc" { desired_count = 1 depends_on = [ - "aws_iam_role_policy.ecs_service_role_policy", + "aws_iam_role_policy.ecs_service_role_policy", "aws_alb_listener.cdc_listner" ] lifecycle { @@ -27,12 +27,19 @@ resource "aws_ecs_service" "svc_cdc" { ] subnets = [ - "${aws_subnet.public-subnet.id}", "${aws_subnet.public-subnet1.id}", + "${aws_subnet.public-subnet2.id}", ] assign_public_ip = true } + + load_balancer { + container_name = "cdcservice" + container_port = 8080 + target_group_arn = "${aws_alb_target_group.cdc_target_group.arn}" + } + health_check_grace_period_seconds = 120 } data "template_file" "cdc_task_definition" { diff --git a/aws-fargate-terraform/ecs_cdc.json b/aws-fargate-terraform/ecs_cdc.json index a7e7de99..479fbf1c 100644 --- a/aws-fargate-terraform/ecs_cdc.json +++ b/aws-fargate-terraform/ecs_cdc.json @@ -15,9 +15,9 @@ "containerPort": 8099 }, { - "hostPort": 8088, + "hostPort": 8080, "protocol": "tcp", - "containerPort": 8088 + "containerPort": 8080 } ], "environment": [ diff --git a/aws-fargate-terraform/ecs_customer_definition.json b/aws-fargate-terraform/ecs_customer_definition.json index 439740c3..43d91cb1 100644 --- a/aws-fargate-terraform/ecs_customer_definition.json +++ b/aws-fargate-terraform/ecs_customer_definition.json @@ -7,6 +7,13 @@ "awslogs-stream-prefix": "ecs" } }, + "portMappings": [ + { + "hostPort": 8080, + "protocol": "tcp", + "containerPort": 8080 + } + ], "environment": [ { "name": "JAVA_OPTS", diff --git a/aws-fargate-terraform/ecs_customer_service.tf b/aws-fargate-terraform/ecs_customer_service.tf index 29a5f585..f45e0d09 100644 --- a/aws-fargate-terraform/ecs_customer_service.tf +++ b/aws-fargate-terraform/ecs_customer_service.tf @@ -6,7 +6,7 @@ resource "aws_ecs_service" "svc_customer" { desired_count = 1 depends_on = [ - "aws_iam_role_policy.ecs_service_role_policy", + "aws_iam_role_policy.ecs_service_role_policy","aws_alb_listener.customer_listner" ] lifecycle { @@ -23,12 +23,19 @@ resource "aws_ecs_service" "svc_customer" { ] subnets = [ - "${aws_subnet.public-subnet.id}", "${aws_subnet.public-subnet1.id}", + "${aws_subnet.public-subnet2.id}", ] assign_public_ip = true } + + load_balancer { + container_name = "customer" + container_port = 8080 + target_group_arn = "${aws_alb_target_group.customer_target_group.arn}" + } + health_check_grace_period_seconds = 120 } data "template_file" "customer_task_definition" { diff --git a/aws-fargate-terraform/ecs_definition.json b/aws-fargate-terraform/ecs_definition.json deleted file mode 100644 index f4136fc4..00000000 --- a/aws-fargate-terraform/ecs_definition.json +++ /dev/null @@ -1,162 +0,0 @@ -[ - { - "logConfiguration": { - "logDriver": "awslogs", - "options": { - "awslogs-group": "${log_group}", - "awslogs-region": "${logs_region}", - "awslogs-stream-prefix": "ecs" - } - }, - "portMappings": [ - { - "hostPort": 2181, - "protocol": "tcp", - "containerPort": 2181 - }, - { - "hostPort": 2888, - "protocol": "tcp", - "containerPort": 2888 - }, - { - "hostPort": 3888, - "protocol": "tcp", - "containerPort": 3888 - } - ], - "cpu": 340, - "environment": [], - "memoryReservation": 512, - "image": "eventuateio/eventuateio-local-zookeeper:0.18.0.RELEASE", - "dependsOn": null, - "name": "zookeeper" - }, - { - "logConfiguration": { - "logDriver": "awslogs", - "options": { - "awslogs-group": "${log_group}", - "awslogs-region": "${logs_region}", - "awslogs-stream-prefix": "ecs" - } - }, - "portMappings": [ - { - "hostPort": 9092, - "protocol": "tcp", - "containerPort": 9092 - } - ], - "cpu": 340, - "environment": [ - { - "name": "ADVERTISED_HOST_NAME", - "value": "127.0.0.1" - }, - { - "name": "KAFKA_HEAP_OPTS", - "value": "-Xmx320m -Xms320m" - }, - { - "name": "ZOOKEEPER_SERVERS", - "value": "127.0.0.1:2181" - } - ], - "memoryReservation": 512, - "image": "eventuateio/eventuateio-local-kafka:0.18.0.RELEASE", - "dependsOn": [ - { - "containerName": "zookeeper", - "condition": "START" - } - ], - "name": "kafka" - }, - { - "logConfiguration": { - "logDriver": "awslogs", - "options": { - "awslogs-group": "${log_group}", - "awslogs-region": "${logs_region}", - "awslogs-stream-prefix": "ecs" - } - }, - "portMappings": [ - { - "hostPort": 8099, - "protocol": "tcp", - "containerPort": 8099 - }, - { - "hostPort": 8088, - "protocol": "tcp", - "containerPort": 8088 - } - ], - "cpu": 340, - "environment": [ - { - "name": "EVENTUATELOCAL_CDC_MYSQL_BINLOG_CLIENT_UNIQUE_ID", - "value": "1234567890" - }, - { - "name": "EVENTUATELOCAL_CDC_READ_OLD_DEBEZIUM_DB_OFFSET_STORAGE_TOPIC", - "value": "false" - }, - { - "name": "EVENTUATELOCAL_CDC_READER_NAME", - "value": "MySqlReader" - }, - { - "name": "EVENTUATELOCAL_CDC_OFFSET_STORE_KEY", - "value": "MySqlBinlog" - }, - { - "name": "EVENTUATELOCAL_CDC_DB_PASSWORD", - "value": "${db_pwd}" - }, - { - "name": "EVENTUATELOCAL_CDC_DB_USER_NAME", - "value": "${db_user}" - }, - { - "name": "EVENTUATELOCAL_KAFKA_BOOTSTRAP_SERVERS", - "value": "127.0.0.1:9092" - }, - { - "name": "EVENTUATELOCAL_ZOOKEEPER_CONNECTION_STRING", - "value": "127.0.0.1:2181" - }, - { - "name": "SPRING_DATASOURCE_DRIVER_CLASS_NAME", - "value": "com.mysql.jdbc.Driver" - }, - { - "name": "SPRING_DATASOURCE_PASSWORD", - "value": "${db_pwd}" - }, - { - "name": "SPRING_DATASOURCE_URL", - "value": "${db_url}" - }, - { - "name": "SPRING_DATASOURCE_USERNAME", - "value": "${db_user}" - } - ], - "memoryReservation": 1000, - "image": "eventuateio/eventuate-cdc-service:0.4.0.RELEASE", - "dependsOn": [ - { - "containerName": "kafka", - "condition": "START" - } - ], - "name": "cdcservice", - "healthCheck" : { - "command" : [ "CMD-SHELL", "curl -f http://localhost:8080/actuator/health || exit 1" ], - "startPeriod": 60 - } - } -] diff --git a/aws-fargate-terraform/kafka.tf b/aws-fargate-terraform/kafka.tf index 4954f02b..25825ad0 100644 --- a/aws-fargate-terraform/kafka.tf +++ b/aws-fargate-terraform/kafka.tf @@ -9,11 +9,11 @@ resource "aws_msk_cluster" "eventuate" { client_subnets = [ "${aws_subnet.public-subnet1.id}", - "${aws_subnet.public-subnet.id}", "${aws_subnet.public-subnet2.id}", + "${aws_subnet.public-subnet3.id}" ] - security_groups = ["${aws_security_group.kafka.id}"] + security_groups = ["${aws_security_group.sg_kafka.id}"] } encryption_info { @@ -56,3 +56,9 @@ output "bootstrap_brokers_tls" { description = "TLS connection host:port pairs" value = "${aws_msk_cluster.eventuate.bootstrap_brokers_tls}" } + +output "bootstrap_brokers" { + description = "TLS connection host:port pairs" + value = "${aws_msk_cluster.eventuate.bootstrap_brokers}" +} + diff --git a/aws-fargate-terraform/network.tf b/aws-fargate-terraform/network.tf index 568ea9c7..0ace3794 100644 --- a/aws-fargate-terraform/network.tf +++ b/aws-fargate-terraform/network.tf @@ -9,9 +9,9 @@ resource "aws_vpc" "vpc-eventuate" { } } -resource "aws_subnet" "public-subnet" { +resource "aws_subnet" "public-subnet3" { vpc_id = "${aws_vpc.vpc-eventuate.id}" - cidr_block = "${var.public_subnet_cidr}" + cidr_block = "${var.public_subnet_cidr3}" map_public_ip_on_launch = true availability_zone = "${var.az1}" @@ -55,8 +55,8 @@ resource "aws_route_table" "public" { } } -resource "aws_route_table_association" "public" { - subnet_id = "${aws_subnet.public-subnet.id}" +resource "aws_route_table_association" "public3" { + subnet_id = "${aws_subnet.public-subnet3.id}" route_table_id = "${aws_route_table.public.id}" } @@ -65,8 +65,13 @@ resource "aws_route_table_association" "public1" { route_table_id = "${aws_route_table.public.id}" } +resource "aws_route_table_association" "public2" { + subnet_id = "${aws_subnet.public-subnet2.id}" + route_table_id = "${aws_route_table.public.id}" +} + resource "aws_db_subnet_group" "rds-subnet" { - subnet_ids = ["${aws_subnet.public-subnet1.id}", "${aws_subnet.public-subnet.id}"] + subnet_ids = ["${aws_subnet.public-subnet1.id}", "${aws_subnet.public-subnet2.id}", "${aws_subnet.public-subnet3.id}"] } resource "aws_internet_gateway" "igw_eventuate" { diff --git a/aws-fargate-terraform/sg.tf b/aws-fargate-terraform/sg.tf index b942b5fe..e054e2d8 100644 --- a/aws-fargate-terraform/sg.tf +++ b/aws-fargate-terraform/sg.tf @@ -93,8 +93,8 @@ resource "aws_security_group" "sg-rds" { } } -resource "aws_security_group" "kafka" { - name = "kafka" +resource "aws_security_group" "sg_kafka" { + name = "sgkafka" description = "only 90092, 2181 inbound" vpc_id = "${aws_vpc.vpc-eventuate.id}" @@ -105,6 +105,7 @@ resource "aws_security_group" "kafka" { cidr_blocks = ["0.0.0.0/0"] } + ingress { from_port = 2181 to_port = 2181 @@ -120,6 +121,27 @@ resource "aws_security_group" "kafka" { } tags { - Name = "kafka-eventuate" + Name = "sg-kafka" + } +} + +resource "aws_security_group" "sg-alb" { + name = "ecs-alb" + description = "only 80 inbound" + vpc_id = "${aws_vpc.vpc-eventuate.id}" + ingress { + from_port = 80 + to_port = 80 + protocol = "TCP" + cidr_blocks = ["0.0.0.0/0"] + } + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + tags { + Name = "ecs-alb" } } diff --git a/aws-fargate-terraform/variables.tf b/aws-fargate-terraform/variables.tf index e21ee670..9844038c 100644 --- a/aws-fargate-terraform/variables.tf +++ b/aws-fargate-terraform/variables.tf @@ -26,7 +26,7 @@ variable "vpcCIDRblock" { default = "10.0.0.0/16" } -variable "public_subnet_cidr" { +variable "public_subnet_cidr3" { description = "CIDR for the Public Subnet" default = "10.0.0.0/24" }