Awesome
Terraform ECS Fargate Background Worker
A set of Terraform templates used for provisioning a background worker stack on AWS ECS Fargate. This template is similar to the web app template but without the ALB. This means that you get an ECS service without ingress.
The templates are designed to be customized. The optional components can be removed by simply deleting the .tf
file.
The templates are used for managing infrastructure concerns and, as such, the templates deploy a default backend docker image. We recommend using the fargate CLI for managing application concerns like deploying your actual application images and environment variables on top of this infrastructure. The fargate CLI can be used to deploy applications from your laptop or in CI/CD pipelines.
Components
base
These components are shared by all environments.
Name | Description | Optional |
---|---|---|
main.tf | AWS provider, output | |
state.tf | S3 bucket backend for storing Terraform remote state | |
ecr.tf | ECR repository for application (all environments share) |
env/dev
These components are for a specific environment. There should be a corresponding directory for each environment that is needed.
Name | Description | Optional |
---|---|---|
main.tf | Terrform remote state, AWS provider, output | |
ecs.tf | ECS Cluster, Service, Task Definition, ecsTaskExecutionRole, CloudWatch Log Group | |
nsg.tf | NSG for ALB and Task | |
dashboard.tf | CloudWatch dashboard: CPU, memory metrics | Yes |
role.tf | Application Role for container | Yes |
cicd.tf | IAM user that can be used by CI/CD systems | Yes |
autoscale-perf.tf | Performance-based auto scaling | Yes |
autoscale-time.tf | Time-based auto scaling | Yes |
logs-logzio.tf | Ship container logs to logz.io | Yes |
secretsmanager.tf | Provision a Secrets Manager secret for your app | Yes |
Usage
Typically, the base Terraform will only need to be run once, and then should only need changes very infrequently. After the base is built, each environment can be built.
# Move into the base directory
$ cd base
# Sets up Terraform to run
$ terraform init
# Executes the Terraform run
$ terraform apply
# Now, move into the dev environment
$ cd ../env/dev
# Sets up Terraform to run
$ terraform init
# Executes the Terraform run
$ terraform apply
fargate-create
Alternatively you can use the fargate-create CLI to scaffold new projects based on this template.
install
curl -s get-fargate-create.turnerlabs.io | sh
create an input vars file (terraform.tfvars
)
# app/env to scaffold
app = "my-app"
environment = "dev"
replicas = "1"
region = "us-east-1"
aws_profile = "default"
saml_role = "admin"
vpc = "vpc-123"
private_subnets = "subnet-123,subnet-456"
public_subnets = "subnet-789,subnet-012"
tags = {
application = "my-app"
environment = "dev"
team = "my-team"
customer = "my-customer"
contact-email = "me@example.com"
}
$ fargate-create -t git@github.com:turnerlabs/terraform-ecs-fargate-background-worker