From 6212a7d8cc96b64084a47068ad87a0fd29581575 Mon Sep 17 00:00:00 2001 From: shockrah Date: Fri, 9 Dec 2022 21:49:17 -0800 Subject: [PATCH] Removing atlas host --- infra/alpha.tf | 124 ++++++++++++++++++++++++++++++++++++++----------- infra/atlas.tf | 38 ++------------- infra/eip.tf | 9 ---- 3 files changed, 101 insertions(+), 70 deletions(-) diff --git a/infra/alpha.tf b/infra/alpha.tf index 01f233d..2745f4c 100644 --- a/infra/alpha.tf +++ b/infra/alpha.tf @@ -5,16 +5,66 @@ # Logging Configuration for services inside the cluster ####################################################### -resource "aws_cloudwatch_log_group" "alpha" { - name = "alpha-log" +locals { + subnet = "subnet-09302319a6678643f" } +# Alpha Cloudwatch logging configuration +######################################## +resource "aws_cloudwatch_log_group" "alpha" { + name = "${var.athens_prefix}-alpha-log" + retention_in_days = 7 +} + +# Alpha logging role +##################### +resource "aws_iam_role" "alpha_iam_role" { + name = "${var.athens_prefix}-alpha-iam-role" + assume_role_policy = jsonencode({ + Version = "2012-10-17" + Statement = [ + { + Action = "sts:AssumeRole" + Principal = { + Service = [ "ecs-tasks.amazonaws.com" ] + } + Effect = "Allow" + } + ] + }) +} + +resource "aws_iam_policy" "alpha_iam_policy" { + name = "${var.athens_prefix}-alpha-iam-policy" + policy = jsonencode({ + Version = "2012-10-17" + Statement = [ + { + Effect = "Allow" + Action = [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogStreams", + "logs:PutLogEvents", + ] + "Resource" = "*" + } + ] + }) +} + +resource "aws_iam_role_policy_attachment" "alpha_logs" { + role = aws_iam_role.alpha_iam_role.name + policy_arn = aws_iam_policy.alpha_iam_policy.arn +} + # Alpha cluster definition ########################### resource "aws_ecs_cluster" "alpha" { - name = "alpha" + name = "${var.athens_prefix}-athens-alpha" configuration { execute_command_configuration { + logging = "OVERRIDE" log_configuration { cloud_watch_log_group_name = aws_cloudwatch_log_group.alpha.name } @@ -25,36 +75,58 @@ resource "aws_ecs_cluster" "alpha" { # Lewdlad Service Definition ############################ -resource "aws_ecs_task_definition" "lewdlad" { - family = "lewdlad-task-definition" +resource "aws_ecs_task_definition" "sample" { + family = "${var.athens_prefix}-sample" + + network_mode = "awsvpc" + requires_compatibilities = ["FARGATE"] + execution_role_arn = aws_iam_role.alpha_iam_role.arn + + cpu = 256 + memory = 512 + container_definitions = jsonencode([ { - name = "lewdlad-container" - image = "registry.gitlab.com/shockrah/left-coast-server-bot:latest" - # Literally the smallest amount that fargate will allow - cpu = 256 - memory = 512 + name = "${var.athens_prefix}-sample-container" + image = "nginxdemos/nginx-hello:latest" + cpu = 128 + memory = 256 essential = true - environment = [ - { name: DISCORD_ID, value: var.DISCORD_ID }, - { name: DISCORD_TOKEN, value: var.DISCORD_TOKEN }, - { name: AWS_API_ID, value: var.AWS_API_ID }, - { name: AWS_API_STAGE, value: var.AWS_API_STAGE }, - { name: AWS_API_REGION, value: var.AWS_API_REGION }, - { name: AWS_API_KEY, value: var.AWS_API_KEY }, - { name: DEV_GUILD_ID, value: var.DEV_GUILD_ID }, - { name: BEEHIVE_ID, value: var.BEEHIVE_ID }, + portMappings = [ + { + containerPort = 8080 + hostPort = 8080 + } ] + logConfiguration = { + logDriver = "awslogs" + options = { + awslogs-group = aws_cloudwatch_log_group.alpha.name + awslogs-region = "us-west-1" + awslogs-stream-prefix = "sample-container" + } + } } ]) + tags = { + Name = "${var.athens_prefix}-sample-task-def-container" + } } -resource "aws_ecs_service" "lewdlad" { - name = "lewdlad" - cluster = aws_ecs_cluster.alpha.arn - task_definition = aws_ecs_task_definition.lewdlad.arn +# Service level definition +########################## +resource "aws_ecs_service" "sample" { + name = "${var.athens_prefix}-sample-service" + cluster = aws_ecs_cluster.alpha.id + task_definition = aws_ecs_task_definition.sample.arn desired_count = 1 + launch_type = "FARGATE" + network_configuration { + assign_public_ip = true + subnets = [ local.subnet ] + security_groups = [ + aws_security_group.ecs_web_ingress.id, + aws_security_group.base_ecs.id + ] + } } - - - diff --git a/infra/atlas.tf b/infra/atlas.tf index 3798b69..c0216fb 100644 --- a/infra/atlas.tf +++ b/infra/atlas.tf @@ -1,3 +1,6 @@ +# NOTE: this will no longer be used and is getting removed once we seutp the +# new alpha cluster correctly + # This is the continuation of the old alpha host but with much cleaner code # and less manual infra setup involved. Key differences are that block storage # is now completely kept in this module instead of yolo'd out like before. @@ -29,38 +32,3 @@ resource "aws_ebs_volume" "clips-shockrah-xyz" { Description = "Used for the clippable instance" } } - -######################### ATTACHMENT FOR files.leftcoast.space ################# -resource "aws_volume_attachment" "files-leftcoast-space" { - device_name = "/dev/sdf" - volume_id = aws_ebs_volume.files-leftcoast-space.id - instance_id = aws_instance.atlas.id -} - - -######################### ATTACHMENT FOR clips.shockrah.xyz #################### -resource "aws_volume_attachment" "clips-shockrah-xyz" { - device_name = "/dev/sdg" - volume_id = aws_ebs_volume.clips-shockrah-xyz.id - instance_id = aws_instance.atlas.id -} - -######################### INSTANCE CONFIGURATION ############################### -resource "aws_instance" "atlas" { - ami = var.atlas_ami_id - instance_type = var.atlas_instance_type - - key_name = var.atlas_ssh_key_name - - private_ip = "10.0.1.20" - vpc_security_group_ids = [ - aws_security_group.general_web_req.id, - aws_security_group.remote_ssh_rec.id - ] - subnet_id = aws_subnet.crete_subnet.id - tags = { - Name = "Atlas Host" - Description = "Simple Docker host for some personal stuff" - } - -} diff --git a/infra/eip.tf b/infra/eip.tf index a68e414..3a65d6b 100644 --- a/infra/eip.tf +++ b/infra/eip.tf @@ -1,12 +1,3 @@ -resource "aws_eip" "alpha_eip" { - instance = aws_instance.atlas.id - vpc = true - tags = { - Name = "Atlas EIP" - } -} - - resource "aws_eip" "beta_eip" { vpc = true instance = aws_instance.beta.id