From d64add765904048d83e33ff45ed887d41de4766a Mon Sep 17 00:00:00 2001 From: githubjianli <51385385+githubjianli@users.noreply.github.com> Date: Thu, 24 Oct 2024 08:18:00 -0700 Subject: [PATCH] fix: add condition on service account creation (#283) * fix: add condition on service account creation * feat: add ecs platform version * feat: add new variable ecs_requires_compatibilities * feat: update readwrite ECS service * feat: update change log --------- Co-authored-by: janli --- CHANGELOG.md | 7 +++++++ VARIABLES.md | 2 ++ ecs.tf | 34 ++++++++++++++++++---------------- k8s-service-accounts.tf | 3 +++ variables.tf | 12 ++++++++++++ 5 files changed, 42 insertions(+), 16 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c4e181e..481b370 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,13 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). +## [7.6.0] - 2024-10-24 +### Fixed +- Added condition for `k8s` service account secret creation. +### Added +- Added new variable `ecs_platform_version` to handle ECS platform version update. +- Added new variable `ecs_requires_compatibilities` to support overwriting compatibilities(when with `EC2`, CPU will not able beyond to `8`, and Memorry can not beyond `60G`). + ## [7.5.1] - 2024-10-22 ### Added - Added `apiary_extra_tags_s3` variable to add s3 buckets extra tags. diff --git a/VARIABLES.md b/VARIABLES.md index 8400a68..9c1adca 100644 --- a/VARIABLES.md +++ b/VARIABLES.md @@ -136,6 +136,8 @@ | tcp\_keepalive\_time | Sets net.ipv4.tcp_keepalive_time (seconds). | number | `200` | no | | tcp\_keepalive\_intvl | Sets net.ipv4.tcp_keepalive_intvl (seconds) | number | `30` | no | | tcp\_keepalive\_probes | Sets net.ipv4.tcp_keepalive_probes (seconds) | number | `2` | no | +| ecs\_platform\_version | ECS Service Platform Version | `string` | `"LATEST"` +| ecs\_requires\_compatibilities | ECS task definition requires compatibilities. | `list(string)` | `["EC2", "FARGATE"]` | no | ### apiary_assume_roles diff --git a/ecs.tf b/ecs.tf index 694ef7f..8db8c4f 100644 --- a/ecs.tf +++ b/ecs.tf @@ -24,7 +24,7 @@ resource "aws_ecs_task_definition" "apiary_hms_readwrite" { network_mode = "awsvpc" memory = var.hms_rw_heapsize cpu = var.hms_rw_cpu - requires_compatibilities = ["EC2", "FARGATE"] + requires_compatibilities = var.ecs_requires_compatibilities container_definitions = local.hms_readwrite_template tags = var.apiary_tags } @@ -37,19 +37,20 @@ resource "aws_ecs_task_definition" "apiary_hms_readonly" { network_mode = "awsvpc" memory = var.hms_ro_heapsize cpu = var.hms_ro_cpu - requires_compatibilities = ["EC2", "FARGATE"] + requires_compatibilities = var.ecs_requires_compatibilities container_definitions = local.hms_readonly_template tags = var.apiary_tags } resource "aws_ecs_service" "apiary_hms_readwrite_service" { - count = var.hms_instance_type == "ecs" ? 1 : 0 - depends_on = [aws_lb_target_group.apiary_hms_rw_tg] - name = "${local.instance_alias}-hms-readwrite-service" - launch_type = "FARGATE" - cluster = aws_ecs_cluster.apiary[0].id - task_definition = aws_ecs_task_definition.apiary_hms_readwrite[0].arn - desired_count = var.hms_rw_ecs_task_count + count = var.hms_instance_type == "ecs" ? 1 : 0 + depends_on = [aws_lb_target_group.apiary_hms_rw_tg] + name = "${local.instance_alias}-hms-readwrite-service" + launch_type = "FARGATE" + platform_version = var.ecs_platform_version + cluster = aws_ecs_cluster.apiary[0].id + task_definition = aws_ecs_task_definition.apiary_hms_readwrite[0].arn + desired_count = var.hms_rw_ecs_task_count load_balancer { target_group_arn = aws_lb_target_group.apiary_hms_rw_tg[0].arn @@ -70,13 +71,14 @@ resource "aws_ecs_service" "apiary_hms_readwrite_service" { } resource "aws_ecs_service" "apiary_hms_readonly_service" { - count = var.hms_instance_type == "ecs" ? 1 : 0 - depends_on = [aws_lb_target_group.apiary_hms_ro_tg] - name = "${local.instance_alias}-hms-readonly-service" - launch_type = "FARGATE" - cluster = aws_ecs_cluster.apiary[0].id - task_definition = aws_ecs_task_definition.apiary_hms_readonly[0].arn - desired_count = var.hms_ro_ecs_task_count + count = var.hms_instance_type == "ecs" ? 1 : 0 + depends_on = [aws_lb_target_group.apiary_hms_ro_tg] + name = "${local.instance_alias}-hms-readonly-service" + launch_type = "FARGATE" + platform_version = var.ecs_platform_version + cluster = aws_ecs_cluster.apiary[0].id + task_definition = aws_ecs_task_definition.apiary_hms_readonly[0].arn + desired_count = var.hms_ro_ecs_task_count load_balancer { target_group_arn = aws_lb_target_group.apiary_hms_ro_tg[0].arn diff --git a/k8s-service-accounts.tf b/k8s-service-accounts.tf index 35176e7..738f47d 100644 --- a/k8s-service-accounts.tf +++ b/k8s-service-accounts.tf @@ -10,6 +10,7 @@ resource "kubernetes_service_account_v1" "hms_readwrite" { } resource "kubernetes_secret_v1" "hms_readwrite" { + count = var.hms_instance_type == "k8s" ? 1 : 0 metadata { name = "${local.hms_alias}-readwrite" namespace = var.metastore_namespace @@ -37,6 +38,7 @@ resource "kubernetes_service_account_v1" "hms_readonly" { } resource "kubernetes_secret_v1" "hms_readonly" { + count = var.hms_instance_type == "k8s" ? 1 : 0 metadata { name = "${local.hms_alias}-readonly" namespace = var.metastore_namespace @@ -64,6 +66,7 @@ resource "kubernetes_service_account_v1" "s3_inventory" { } resource "kubernetes_secret_v1" "s3_inventory" { + count = var.hms_instance_type == "k8s" ? 1 : 0 metadata { name = "${local.instance_alias}-s3-inventory" namespace = var.metastore_namespace diff --git a/variables.tf b/variables.tf index 8775b3d..0326e0c 100644 --- a/variables.tf +++ b/variables.tf @@ -999,3 +999,15 @@ variable "apiary_managed_service_iamroles" { type = list(string) default = [] } + +variable "ecs_platform_version" { + description = "ECS Service Platform Version" + type = string + default = "LATEST" +} + +variable "ecs_requires_compatibilities" { + description = "ECS task definition requires compatibilities, default EC2; FARGATE" + type = list(string) + default = ["EC2", "FARGATE"] +}