-
github actions, ecs, ecr을 이용한 CI/CD - 3infra 2023. 2. 26. 16:27
ecs 설정
클러스터를 먼저 생성 해준다
이것을 테라폼으로 표현 해볼예정이다
ecs 클러스터 생성이다
resource "aws_ecs_cluster_capacity_providers" "aws_ecs_cluster_cps" { cluster_name = aws_ecs_cluster.jhc_cluster.name capacity_providers = [aws_ecs_capacity_provider.jhc-ecs-cp.name] default_capacity_provider_strategy { base = 1 weight = 100 capacity_provider = aws_ecs_capacity_provider.jhc-ecs-cp.name } } resource "aws_ecs_capacity_provider" "jhc-ecs-cp" { name = "${var.app_name}-${var.app_environment}-ecs-cp" auto_scaling_group_provider { auto_scaling_group_arn = aws_autoscaling_group.asg.arn } } resource "aws_ecs_cluster" "jhc_cluster" { name = "${var.app_name}-${var.app_environment}-ecs-cluster" configuration { execute_command_configuration { kms_key_id = aws_kms_key.ecs_cluster_kms_key.arn logging = "OVERRIDE" log_configuration { cloud_watch_encryption_enabled = true cloud_watch_log_group_name = aws_cloudwatch_log_group.ecs_cluster_log.name s3_bucket_name = "" } } } }아래는 보안그룹 및 위에서 연결한 autoscaling group, ec2 instance profile에 관한 내용이다
여기서 좀 헤멘 부분이 ami인데 이것을 ecs가 설치 된 ami를 선택한다
- terraform script
resource "aws_iam_instance_profile" "ecs_agent" { name = "ecs-agent" role = aws_iam_role.ecs_agent.name } resource "aws_security_group" "ec2-sg" { vpc_id = aws_vpc.jhc_vpc.id ingress { from_port = 443 to_port = 443 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } ingress { from_port = 8080 to_port = 8080 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } ingress { from_port = 22 to_port = 22 protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] ipv6_cidr_blocks = ["::/0"] } tags = { Name = "${var.app_name}-sg" Environment = var.app_environment } } resource "aws_launch_configuration" "ecs_launch_config" { image_id = "ami-0b6d6fc5fe3f750f1" #amazon ec2 iam_instance_profile = aws_iam_instance_profile.ecs_agent.name security_groups = [aws_security_group.ec2-sg.id] user_data = <<EOF #!/bin/bash echo ECS_CLUSTER=${aws_ecs_cluster.jhc_cluster.name} >> /etc/ecs/ecs.config EOF instance_type = "t3.small" name_prefix = "${var.app_name}-${var.app_environment}" key_name = "test_key" } resource "aws_autoscaling_group" "asg" { vpc_zone_identifier = aws_subnet.public.*.id name = "${var.app_name}-${var.app_environment}-asg" max_size = 2 min_size = 1 health_check_grace_period = 300 health_check_type = "EC2" desired_capacity = 2 force_delete = true #운영단에서는 false 취급한다 target_group_arns = [aws_lb_target_group.target_group.arn] launch_configuration = aws_launch_configuration.ecs_launch_config.name }'infra' 카테고리의 다른 글
aws parameter store - 2 (스프링 부트) (0) 2023.03.05 aws parameter store - 1 (0) 2023.03.04 github actions, ecs, ecr을 이용한 CI/CD - 1 (0) 2023.02.25 aws 기초 네트워크 설정하기 - 2 (0) 2023.02.21 aws 기초 네트워크 설정하기 - 1 (0) 2023.02.21