Merge pull request #4102 from ministryofjustice/ecs-update

Updating Apex ECS setup with ALB details

terraform/environments/apex/application_variables.json

@@ -33,7 +33,8 @@
       "docker_image_tag": "development",
       "app_db_url": "db.apex.aws.dev.legalservices.gov.uk:1521:APEX",
       "app_debug_enabled": "false",
-      "acm_cert_domain_name": "modernisation-platform.service.justice.gov.uk"
+      "acm_cert_domain_name": "modernisation-platform.service.justice.gov.uk",
+      "server_port": 8080
     },
     "test": {
       "example_var": "test-data"

terraform/environments/apex/ecs.tf

@@ -6,25 +6,25 @@ module "apex-ecs" {
 
   source = "./modules/ecs"
 
-  subnet_set_name         = local.subnet_set_name
-  vpc_all                 = local.vpc_all
-  app_name                = local.application_name
-  container_instance_type = local.application_data.accounts[local.environment].container_instance_type
-  ami_image_id            = local.application_data.accounts[local.environment].ami_image_id
-  instance_type           = local.application_data.accounts[local.environment].instance_type
-  user_data               = local.user_data
-  key_name                = local.application_data.accounts[local.environment].key_name
-  task_definition         = local.task_definition
-  ec2_desired_capacity    = local.application_data.accounts[local.environment].ec2_desired_capacity
-  ec2_max_size            = local.application_data.accounts[local.environment].ec2_max_size
-  ec2_min_size            = local.application_data.accounts[local.environment].ec2_min_size
-  task_definition_volume  = local.application_data.accounts[local.environment].task_definition_volume
-  network_mode            = local.application_data.accounts[local.environment].network_mode
-  #   server_port                 = local.application_data.accounts[local.environment].server_port
-  app_count         = local.application_data.accounts[local.environment].app_count
-  ec2_ingress_rules = local.ec2_ingress_rules
-  ec2_egress_rules  = local.ec2_egress_rules
-  #   lb_tg_arn                   = module.alb.target_group_arn
+  subnet_set_name           = local.subnet_set_name
+  vpc_all                   = local.vpc_all
+  app_name                  = local.application_name
+  container_instance_type   = local.application_data.accounts[local.environment].container_instance_type
+  ami_image_id              = local.application_data.accounts[local.environment].ami_image_id
+  instance_type             = local.application_data.accounts[local.environment].instance_type
+  user_data                 = local.user_data
+  key_name                  = local.application_data.accounts[local.environment].key_name
+  task_definition           = local.task_definition
+  ec2_desired_capacity      = local.application_data.accounts[local.environment].ec2_desired_capacity
+  ec2_max_size              = local.application_data.accounts[local.environment].ec2_max_size
+  ec2_min_size              = local.application_data.accounts[local.environment].ec2_min_size
+  task_definition_volume    = local.application_data.accounts[local.environment].task_definition_volume
+  network_mode              = local.application_data.accounts[local.environment].network_mode
+  server_port               = local.application_data.accounts[local.environment].server_port
+  app_count                 = local.application_data.accounts[local.environment].app_count
+  ec2_ingress_rules         = local.ec2_ingress_rules
+  ec2_egress_rules          = local.ec2_egress_rules
+  lb_tg_arn                 = module.alb.target_group_arn
   tags_common               = local.tags
   appscaling_min_capacity   = local.application_data.accounts[local.environment].appscaling_min_capacity
   appscaling_max_capacity   = local.application_data.accounts[local.environment].appscaling_max_capacity

terraform/environments/apex/locals.tf

@@ -42,8 +42,7 @@ locals {
       to_port     = 61000
       protocol    = "tcp"
       cidr_blocks = []
-      # Update the below SG to mention ALB SG
-      security_groups = []
+      security_groups = [module.alb.security_group.id]
     }
   }
   ec2_egress_rules = {

terraform/environments/apex/modules/ecs/main.tf

@@ -342,21 +342,18 @@ resource "aws_ecs_service" "ecs_service" {
     weight            = 1
   }
 
-  # Uncomment this section when the ALB for Apex is built
-  # health_check_grace_period_seconds = 300
+  health_check_grace_period_seconds = 300
 
   ordered_placement_strategy {
     field = "attribute:ecs.availability-zone"
     type  = "spread"
   }
-
-  # Uncomment this section when the ALB for Apex is built
-  # 
-  #   load_balancer {
-  #     target_group_arn = var.lb_tg_arn
-  #     container_name   = var.app_name
-  #     container_port   = var.server_port
-  #   }
+
+  load_balancer {
+    target_group_arn = var.lb_tg_arn
+    container_name   = var.app_name
+    container_port   = var.server_port
+  }
 
   depends_on = [
     aws_iam_role_policy_attachment.ecs_task_execution_role, aws_ecs_task_definition.windows_ecs_task_definition, aws_ecs_task_definition.linux_ecs_task_definition, aws_cloudwatch_log_group.cloudwatch_group

terraform/environments/apex/modules/ecs/variables.tf

@@ -140,4 +140,14 @@ variable "environment" {
 variable "ecs_target_capacity" {
   type        = string
   description = "The target value for the CloudWatch metric used in the Amazon ECS-managed target tracking scaling policy. For example, a value of 100 will result in the Amazon EC2 instances in your Auto Scaling group being completely utilized."
+}
+
+variable "lb_tg_arn" {
+  type        = string
+  description = "Load balancer target group ARN used by ECS service"
+}
+
+variable "server_port" {
+  type        = string
+  description = "The port the containers will be listening on"
 }