Skip to content

Commit

Permalink
feat: support target-tracking autoscaling (#18)
Browse files Browse the repository at this point in the history
  • Loading branch information
francesco-racciatti authored Sep 27, 2023
2 parents 1d60a4d + 1955491 commit 062ece1
Show file tree
Hide file tree
Showing 4 changed files with 82 additions and 14 deletions.
36 changes: 22 additions & 14 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,20 +48,23 @@ No modules.

## Resources and Data Sources

| Name | Type |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
| [aws_cloudwatch_log_group.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
| [aws_ecs_cluster.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster) | resource |
| [aws_ecs_service.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |
| [aws_ecs_task_definition.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |
| [aws_iam_role.orchestrator_agent_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_lb.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb) | resource |
| [aws_lb_listener.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
| [aws_lb_target_group.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
| [aws_security_group.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group_rule.orchestrator_agent_egress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_security_group_rule.orchestrator_agent_ingress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_region.current_region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
| Name | Type |
|------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------|
| [aws_cloudwatch_log_group.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
| [aws_ecs_cluster.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_cluster) | resource |
| [aws_ecs_service.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_service) | resource |
| [aws_ecs_task_definition.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecs_task_definition) | resource |
| [aws_iam_role.orchestrator_agent_execution_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_lb.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb) | resource |
| [aws_lb_listener.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
| [aws_lb_target_group.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
| [aws_security_group.orchestrator_agent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
| [aws_security_group_rule.orchestrator_agent_egress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_security_group_rule.orchestrator_agent_ingress_rule](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_appautoscaling_target.autoscaling_target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_target) | resource |
| [aws_appautoscaling_policy.autoscaling_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/appautoscaling_policy) | resource |
| [aws_iam_role.orchestrator_agent_autoscaling](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
| [aws_region.current_region](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |

## Inputs

Expand Down Expand Up @@ -94,6 +97,11 @@ No modules.
| <a name="input_http_proxy_configuration_ssl"></a> [http\_proxy\_configuration.ssl](#http\_proxy\_configuration.ssl) | Configures the SSL connection to the HTTP proxy - Enables/disables SSL encryption | `string` | `""` | no |
| <a name="input_http_proxy_configuration_ssl_verify_certificate"></a> [http\_proxy\_configuration.ssl\_verify\_certificate](#http\_proxy\_configuration.ssl\_verify\_vertificate) | Configures the SSL connection to the HTTP proxy - Enables/disables CA certificate verification | `string` | `""` | no |
| <a name="input_http_proxy_configuration_ca_certificate"></a> [http\_proxy\_configuration.ca\_certificate](#http\_proxy\_configuration.ca\_certificate) | Configures the SSL connection to the HTTP proxy - The path to the Ca certificate to use in the SSL connection to the HTTP proxy | `string` | `""` | no |
| <a name="input_autoscaling_target_metric"></a> [autoscaling.target\_metric](#autoscaling.target\_metric) | Sets the TargetTracking metric, can be either `ECSServiceAverageCPUUtilization` or `ECSServiceAverageMemoryUtilization` | `string` | `""` | no |
| <a name="input_autoscaling_target_value"></a> [autoscaling.target\_value](#autoscaling.target\_value) | The target value for the chosen metric, for example, if the chosen metric is `ECSServiceAverageCPUUtilization` a possible target value could be 50 (that means 50% of CPU Utilization) | `string` | `""` | no |
| <a name="input_autoscaling_max_capacity"></a> [autoscaling.max\_capacity](#autoscaling.max\_capacity) | Sets the maximum capacity the Service can scale out to | `string` | `""` | no |
| <a name="input_autoscaling_scale_in_cooldown"></a> [autoscaling.scale\_in\_cooldown](#autoscaling.scale\_in\_cooldown) | Sets the time in seconds after a scale-in activity completes before another scale-in activity can start | `string` | `""` | no |
| <a name="input_autoscaling_scale_out_cooldown"></a> [autoscaling.scale\_out\_cooldown](#autoscaling.scale\_out\_cooldown) | Sets the time in seconds after a scale-out activity completes before another scale-out activity can start | `string` | `""` | no |

## Outputs

Expand Down
9 changes: 9 additions & 0 deletions roles.tf
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,15 @@ resource "aws_iam_role" "orchestrator_agent_execution_role" {
tags = merge(var.tags, var.default_tags)
}

resource "aws_iam_role" "orchestrator_agent_autoscaling" {
// Deploy this resource conditionally
count = local.enable_autoscaling ? 1 : 0

assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json
managed_policy_arns = ["arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole"]
tags = merge(var.tags, var.default_tags)
}

data "aws_iam_policy_document" "assume_role_policy" {
statement {
actions = ["sts:AssumeRole"]
Expand Down
32 changes: 32 additions & 0 deletions service.tf
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,35 @@ resource "aws_ecs_service" "orchestrator_agent" {

tags = merge(var.tags, var.default_tags)
}

resource "aws_appautoscaling_target" "autoscaling_target" {
// Deploy this resource conditionally
count = local.enable_autoscaling ? 1 : 0

max_capacity = var.autoscaling.max_capacity
min_capacity = 1
resource_id = "service/${aws_ecs_cluster.orchestrator_agent.name}/${aws_ecs_service.orchestrator_agent.name}"
role_arn = aws_iam_role.orchestrator_agent_autoscaling[0].arn
scalable_dimension = "ecs:service:DesiredCount"
service_namespace = "ecs"
}

resource "aws_appautoscaling_policy" "autoscaling_policy" {
// Deploy this resource conditionally
count = local.enable_autoscaling ? 1 : 0

name = "${var.name}-autoscaling"
policy_type = "TargetTrackingScaling"
resource_id = aws_appautoscaling_target.autoscaling_target[0].resource_id
scalable_dimension = "ecs:service:DesiredCount"
service_namespace = "ecs"

target_tracking_scaling_policy_configuration {
predefined_metric_specification {
predefined_metric_type = var.autoscaling.target_metric
}
target_value = var.autoscaling.target_value
scale_in_cooldown = var.autoscaling.scale_in_cooldown
scale_out_cooldown = var.autoscaling.scale_out_cooldown
}
}
19 changes: 19 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ variable "access_key" {
locals {
do_fetch_secret_access_key = startswith(var.access_key, "arn:aws:secretsmanager:") ? true : false
do_fetch_secret_http_proxy_password = startswith(var.http_proxy_configuration.proxy_password, "arn:aws:secretsmanager:") ? true : false
enable_autoscaling = contains(["ECSServiceAverageCPUUtilization", "ECSServiceAverageMemoryUtilization"], var.autoscaling.target_metric) ? true : false
}

variable "subnets" {
Expand Down Expand Up @@ -155,3 +156,21 @@ variable "http_proxy_configuration" {
ca_certificate = "" # /ssl/proxy_cert.pem
})
}

variable "autoscaling" {
description = "Enables TargetTracking Autoscaling"
type = object({
target_metric = string
target_value = string
max_capacity = string
scale_in_cooldown = string
scale_out_cooldown = string
})
default = ({
target_metric = ""
target_value = ""
max_capacity = ""
scale_in_cooldown = ""
scale_out_cooldown = ""
})
}

0 comments on commit 062ece1

Please sign in to comment.