diff --git a/terraform/environments/nomis-combined-reporting/locals_bip_cms.tf b/terraform/environments/nomis-combined-reporting/locals_bip_cms.tf index a45688d09db..7968713a4d3 100644 --- a/terraform/environments/nomis-combined-reporting/locals_bip_cms.tf +++ b/terraform/environments/nomis-combined-reporting/locals_bip_cms.tf @@ -6,178 +6,6 @@ locals { } } - bip_cms_target_group_http_7777 = { - port = 7777 - protocol = "HTTP" - target_type = "instance" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 7777 - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - bip_cms_target_group_http_6410 = { - port = 6410 - protocol = "HTTP" - target_type = "instance" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 6410 - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - bip_cms_target_group_http_6400 = { - port = 6400 - protocol = "HTTP" - target_type = "instance" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 6400 - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - bip_cms_target_group_http_6455 = { - port = 6455 - protocol = "HTTP" - target_type = "instance" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 6455 - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - - bip_cms_lb_listeners = { - - http = { - port = 80 - protocol = "HTTP" - - default_action = { - type = "redirect" - redirect = { - port = 443 - protocol = "HTTPS" - status_code = "HTTP_301" - } - } - } - - http7777 = { - port = 7777 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - http6410 = { - port = 6410 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - http6400 = { - port = 6400 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - http6455 = { - port = 6455 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - https = { - port = 443 - protocol = "HTTPS" - ssl_policy = "ELBSecurityPolicy-2016-08" - certificate_names_or_arns = ["nomis_combined_reporting_wildcard_cert"] - cloudwatch_metric_alarms = module.baseline_presets.cloudwatch_metric_alarms.lb - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - } - bip_cms_cloudwatch_metric_alarms = merge( module.baseline_presets.cloudwatch_metric_alarms.ec2, module.baseline_presets.cloudwatch_metric_alarms.ec2_cwagent_linux, @@ -204,15 +32,6 @@ locals { user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_and_ansible - autoscaling_group = module.baseline_presets.ec2_autoscaling_group.default - - lb_target_groups = { - http-7777 = local.bip_cms_target_group_http_7777 - http-6455 = local.bip_cms_target_group_http_6455 - http-6410 = local.bip_cms_target_group_http_6410 - http-6400 = local.bip_cms_target_group_http_6400 - } - ebs_volumes = { "/dev/sdb" = { type = "gp3", size = 100 } "/dev/sdc" = { type = "gp3", size = 100 } diff --git a/terraform/environments/nomis-combined-reporting/locals_test.tf b/terraform/environments/nomis-combined-reporting/locals_test.tf index cf62e84a2d3..cdbadfe059c 100644 --- a/terraform/environments/nomis-combined-reporting/locals_test.tf +++ b/terraform/environments/nomis-combined-reporting/locals_test.tf @@ -113,7 +113,7 @@ locals { instance-scheduling = "skip-scheduling" }) }) - t1-ncr-tomcat-admin = merge(local.tomcat_admin_ec2_default, { + t1-ncr-web-admin-a = merge(local.tomcat_admin_ec2_default, { cloudwatch_metric_alarms = local.tomcat_admin_cloudwatch_metric_alarms config = merge(local.tomcat_admin_ec2_default.config, { instance_profile_policies = concat(local.tomcat_admin_ec2_default.config.instance_profile_policies, [ @@ -125,7 +125,7 @@ locals { nomis-combined-reporting-environment = "t1" }) }) - t1-ncr-cms = merge(local.bip_cms_ec2_default, { + t1-ncr-cms-a = merge(local.bip_cms_ec2_default, { cloudwatch_metric_alarms = local.bip_cms_cloudwatch_metric_alarms config = merge(local.bip_cms_ec2_default.config, { instance_profile_policies = concat(local.bip_cms_ec2_default.config.instance_profile_policies, [ @@ -139,396 +139,98 @@ locals { }) }) } - - baseline_ec2_autoscaling_groups = { - t1-ncr-tomcat-admin-a = merge(local.tomcat_admin_ec2_default, { - autoscaling_group = merge(local.tomcat_admin_ec2_default.autoscaling_group, { - desired_capacity = 0 - }) - cloudwatch_metric_alarms = local.tomcat_admin_cloudwatch_metric_alarms - config = merge(local.tomcat_admin_ec2_default.config, { - instance_profile_policies = concat(local.tomcat_admin_ec2_default.config.instance_profile_policies, [ - "Ec2T1ReportingPolicy", - ]) - }) - tags = merge(local.tomcat_admin_ec2_default.tags, { - description = "For testing SAP BI Platform tomcat admin installation and configurations" - nomis-combined-reporting-environment = "t1" - deployment = "green" - }) - }) - t1-ncr-tomcat-admin-b = merge(local.tomcat_admin_ec2_default, { - autoscaling_group = merge(local.tomcat_admin_ec2_default.autoscaling_group, { - desired_capacity = 0 - }) - cloudwatch_metric_alarms = local.tomcat_admin_cloudwatch_metric_alarms - config = merge(local.tomcat_admin_ec2_default.config, { - instance_profile_policies = concat(local.tomcat_admin_ec2_default.config.instance_profile_policies, [ - "Ec2T1ReportingPolicy", - ]) - }) - tags = merge(local.tomcat_admin_ec2_default.tags, { - description = "For testing SAP BI Platform tomcat admin installation and configurations" - nomis-combined-reporting-environment = "t1" - deployment = "green" - }) - }) - t1-ncr-bip-cms-a = merge(local.bip_cms_ec2_default, { - autoscaling_group = merge(local.bip_cms_ec2_default.autoscaling_group, { - desired_capacity = 0 - }) - cloudwatch_metric_alarms = local.bip_cms_cloudwatch_metric_alarms - config = merge(local.bip_cms_ec2_default.config, { - instance_profile_policies = concat(local.bip_cms_ec2_default.config.instance_profile_policies, [ - "Ec2T1ReportingPolicy", - ]) - }) - tags = merge(local.bip_cms_ec2_default.tags, { - description = "For testing SAP BI Platform CMS installation and configurations" - nomis-combined-reporting-environment = "t1" - deployment = "green" - }) - }) - t1-ncr-bip-cms-b = merge(local.bip_cms_ec2_default, { - autoscaling_group = merge(local.bip_cms_ec2_default.autoscaling_group, { - desired_capacity = 0 - }) - cloudwatch_metric_alarms = local.bip_cms_cloudwatch_metric_alarms - config = merge(local.bip_cms_ec2_default.config, { - instance_profile_policies = concat(local.bip_cms_ec2_default.config.instance_profile_policies, [ - "Ec2T1ReportingPolicy", - ]) - }) - tags = merge(local.bip_cms_ec2_default.tags, { - description = "For testing SAP BI Platform tomcat admin installation and configurations" - nomis-combined-reporting-environment = "t1" - deployment = "blue" - }) - }) - } baseline_lbs = { private = { - internal_lb = true - enable_delete_protection = false - force_destrroy_bucket = true - idle_timeout = 3600 - subnets = module.environment.subnets["private"].ids - security_groups = ["private"] - listeners = { - http = merge(local.bip_cms_lb_listeners.http, local.tomcat_admin_lb_listeners.http) + internal_lb = true + enable_delete_protection = false + load_balancer_type = "application" + idle_timeout = 3600 + security_groups = ["private"] + subnets = module.environment.subnets["private"].ids + enable_cross_zone_load_balancing = true - http7777 = merge(local.bip_cms_lb_listeners.http7777, local.tomcat_admin_lb_listeners.http7777, { - rules = { - t1-ncr-bip-cms-a = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-a-http-7777" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-bip-cms-b = { - priority = 200 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-b-http-7777" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-tomcat-admin-a = { - priority = 300 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-a-http-7777" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-tomcat-admin-b = { - priority = 400 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-b-http-7777" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } + instance_target_groups = { + t1-ncr-cms-a = { + port = 7777 + protocol = "HTTP" + health_check = { + enabled = true + path = "/" + healthy_threshold = 3 + unhealthy_threshold = 5 + timeout = 5 + interval = 30 + matcher = "200-399" + port = 7777 } - }) - http6455 = merge(local.bip_cms_lb_listeners.http6455, { - rules = { - t1-ncr-bip-cms-a = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-a-http-6455" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-bip-cms-b = { - priority = 200 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-b-http-6455" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } + stickiness = { + enabled = true + type = "lb_cookie" } - }) - http6410 = merge(local.bip_cms_lb_listeners.http6410, { - rules = { - t1-ncr-bip-cms-a = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-a-http-6410" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-bip-cms-b = { - priority = 200 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-b-http-6410" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - } - }) - http6400 = merge(local.bip_cms_lb_listeners.http6400, { - rules = { - t1-ncr-bip-cms-a = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-a-http-6400" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-bip-cms-b = { - priority = 200 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-b-http-6400" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] + attachments = [ + { ec2_instance_name = "t1-ncr-cms-a" }, + ] + } + } + listeners = { + http = { + port = 7777 + protocol = "HTTP" + default_action = { + type = "fixed-response" + fixed_response = { + content_type = "text/plain" + message_body = "Not implemented" + status_code = "501" } } - }) - http7010 = merge(local.tomcat_admin_lb_listeners.http7010, { rules = { - t1-ncr-tomcat-admin-a = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-a-http-7010" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-tomcat-admin-b = { - priority = 200 + t1-ncr-cms-a = { + priority = 4000 actions = [{ type = "forward" - target_group_name = "t1-ncr-tomcat-admin-b-http-7010" + target_group_name = "t1-ncr-cms-a" }] conditions = [{ host_header = { values = [ - "t1-ncr-tomcat-admin-b.test.reporting.nomis.service.justice.gov.uk", + "t1-ncr-cms-a.nomis-combined-reporting.hmpps-test.modernisation-platform.service.justice.gov.uk", ] } }] } } - }) - http8005 = merge(local.tomcat_admin_lb_listeners.http8005, { - rules = { - t1-ncr-tomcat-admin-a = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-a-http-8005" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-tomcat-admin-b = { - priority = 200 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-b-http-8005" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - } - }) - http8443 = merge(local.tomcat_admin_lb_listeners.http8443, { - rules = { - t1-ncr-tomcat-admin-a = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-a-http-8443" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-tomcat-admin-b = { - priority = 200 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-b-http-8443" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] + } + https = { + port = 443 + protocol = "HTTPS" + ssl_policy = "ELBSecurityPolicy-2016-08" + certificate_names_or_arns = ["nomis_combined_reporting_wildcard_cert"] + default_action = { + type = "fixed-response" + fixed_response = { + content_type = "text/plain" + message_body = "Not implemented" + status_code = "501" } } - }) - https = merge(local.bip_cms_lb_listeners.https, local.tomcat_admin_lb_listeners.https, { rules = { - t1-ncr-bip-cms-a-http-7777 = { - priority = 100 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-a-http-7777" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-bip-cms-b-http-7777 = { - priority = 150 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-bip-cms-b-http-7777" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-bip-cms-b.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-tomcat-admin-a-http-7777 = { - priority = 500 + t1-ncr-cms-a = { + priority = 4580 actions = [{ type = "forward" - target_group_name = "t1-ncr-tomcat-admin-a-http-7777" + target_group_name = "t1-ncr-cms-a" }] conditions = [{ host_header = { values = [ - "t1-ncr-tomcat-admin-a.test.reporting.nomis.service.justice.gov.uk", - ] - } - }] - } - t1-ncr-tomcat-admin-b-http-7777 = { - priority = 550 - actions = [{ - type = "forward" - target_group_name = "t1-ncr-tomcat-admin-b-http-7777" - }] - conditions = [{ - host_header = { - values = [ - "t1-ncr-tomcat-admin-b.test.reporting.nomis.service.justice.gov.uk", + "t1-ncr-cms-a.nomis-combined-reporting.hmpps-test.modernisation-platform.service.justice.gov.uk", ] } }] } } - }) + } } } } @@ -541,10 +243,8 @@ locals { ] lb_alias_records = [ # T1 - { name = "t1-ncr-bip-cms-a", type = "A", lbs_map_key = "private" }, - { name = "t1-ncr-bip-cms-b", type = "A", lbs_map_key = "private" }, - { name = "t1-ncr-tomcat-admin-a", type = "A", lbs_map_key = "private" }, - { name = "t1-ncr-tomcat-admin-b", type = "A", lbs_map_key = "private" }, + { name = "t1-ncr-cms", type = "A", lbs_map_key = "private" }, + { name = "t1-ncr-tomcat-admin", type = "A", lbs_map_key = "private" }, ] } } diff --git a/terraform/environments/nomis-combined-reporting/locals_tomcat_admin.tf b/terraform/environments/nomis-combined-reporting/locals_tomcat_admin.tf index dd2bc72b5b0..3231d4428f1 100644 --- a/terraform/environments/nomis-combined-reporting/locals_tomcat_admin.tf +++ b/terraform/environments/nomis-combined-reporting/locals_tomcat_admin.tf @@ -6,181 +6,6 @@ locals { } } - tomcat_admin_target_group_http_7777 = { - port = 7777 - protocol = "HTTP" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 7777 - protocol = "HTTP" - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - - tomcat_admin_target_group_http_7010 = { - port = 7010 - protocol = "HTTP" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 7010 - protocol = "HTTP" - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - - tomcat_admin_target_group_http_8443 = { - port = 8443 - protocol = "HTTP" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 8443 - protocol = "HTTP" - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - - tomcat_admin_target_group_http_8005 = { - port = 8005 - protocol = "HTTP" - deregistration_delay = 30 - health_check = { - enabled = true - interval = 30 - healthy_threshold = 3 - matcher = "200-399" - path = "/" - port = 8005 - protocol = "HTTP" - timeout = 5 - unhealthy_threshold = 5 - } - stickiness = { - enabled = true - type = "lb_cookie" - } - } - - tomcat_admin_lb_listeners = { - - http = { - port = 80 - protocol = "HTTP" - - default_action = { - type = "redirect" - redirect = { - port = 443 - protocol = "HTTPS" - status_code = "HTTP_301" - } - } - } - - http7777 = { - port = 7777 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - http7010 = { - port = 7010 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - http8443 = { - port = 8433 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - http8005 = { - port = 8005 - protocol = "HTTP" - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - https = { - port = 443 - protocol = "HTTPS" - ssl_policy = "ELBSecurityPolicy-2016-08" - certificate_names_or_arns = ["nomis_combined_reporting_wildcard_cert"] - cloudwatch_metric_alarms = module.baseline_presets.cloudwatch_metric_alarms.lb - - default_action = { - type = "fixed-response" - fixed_response = { - content_type = "text/plain" - message_body = "Not implemented" - status_code = "501" - } - } - } - - } - tomcat_admin_cloudwatch_metric_alarms = merge( module.baseline_presets.cloudwatch_metric_alarms.ec2, module.baseline_presets.cloudwatch_metric_alarms.ec2_cwagent_linux, @@ -212,15 +37,6 @@ locals { } user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_and_ansible - autoscaling_group = module.baseline_presets.ec2_autoscaling_group.default - - lb_target_groups = { - http-7777 = local.tomcat_admin_target_group_http_7777 - http-7010 = local.tomcat_admin_target_group_http_7010 - http-8443 = local.tomcat_admin_target_group_http_8443 - http-8005 = local.tomcat_admin_target_group_http_8005 - } - tags = { description = "ncr tomcat admin webtier component" ami = "base_rhel_8_5"