From 620d5d652fa8621c33d1e1a1087465ea3c5bb5cb Mon Sep 17 00:00:00 2001 From: keisukematsuda19921106 Date: Thu, 20 Mar 2025 11:18:55 +0900 Subject: [PATCH 1/2] feat: Add support for availability zone rebalancing (#262) --- examples/complete/main.tf | 3 ++- main.tf | 1 + modules/service/README.md | 4 ++-- modules/service/variables.tf | 2 +- wrappers/service/main.tf | 4 ++-- 5 files changed, 8 insertions(+), 6 deletions(-) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 5b2100e0..0bd43e54 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -151,7 +151,8 @@ module "ecs" { } ] - subnet_ids = module.vpc.private_subnets + subnet_ids = module.vpc.private_subnets + availability_zone_rebalancing = "ENABLED" security_group_rules = { alb_ingress_3000 = { type = "ingress" diff --git a/main.tf b/main.tf index 8b976573..33f36ae9 100644 --- a/main.tf +++ b/main.tf @@ -59,6 +59,7 @@ module "service" { # Service ignore_task_definition_changes = try(each.value.ignore_task_definition_changes, false) alarms = try(each.value.alarms, {}) + availability_zone_rebalancing = try(each.value.availability_zone_rebalancing, "DISABLED") capacity_provider_strategy = try(each.value.capacity_provider_strategy, {}) cluster_arn = module.cluster.arn deployment_circuit_breaker = try(each.value.deployment_circuit_breaker, {}) diff --git a/modules/service/README.md b/modules/service/README.md index 742de6ba..bf515571 100644 --- a/modules/service/README.md +++ b/modules/service/README.md @@ -237,7 +237,7 @@ module "ecs_service" { | [autoscaling\_min\_capacity](#input\_autoscaling\_min\_capacity) | Minimum number of tasks to run in your service | `number` | `1` | no | | [autoscaling\_policies](#input\_autoscaling\_policies) | Map of autoscaling policies to create for the service | `any` | 
{
  "cpu": {
    "policy_type": "TargetTrackingScaling",
    "target_tracking_scaling_policy_configuration": {
      "predefined_metric_specification": {
        "predefined_metric_type": "ECSServiceAverageCPUUtilization"
      }
    }
  },
  "memory": {
    "policy_type": "TargetTrackingScaling",
    "target_tracking_scaling_policy_configuration": {
      "predefined_metric_specification": {
        "predefined_metric_type": "ECSServiceAverageMemoryUtilization"
      }
    }
  }
}
| no | | [autoscaling\_scheduled\_actions](#input\_autoscaling\_scheduled\_actions) | Map of autoscaling scheduled actions to create for the service | 
map(object({
    name         = optional(string)
    min_capacity = number
    max_capacity = number
    schedule     = string
    start_time   = optional(string)
    end_time     = optional(string)
    timezone     = optional(string)
  }))
| `null` | no | -| [availability\_zone\_rebalancing](#input\_availability\_zone\_rebalancing) | ECS automatically redistributes tasks within a service across Availability Zones (AZs) to mitigate the risk of impaired application availability due to underlying infrastructure failures and task lifecycle activities. The valid values are `ENABLED` and `DISABLED`. Defaults to `DISABLED` | `string` | `null` | no | +| [availability\_zone\_rebalancing](#input\_availability\_zone\_rebalancing) | ECS automatically redistributes tasks within a service across Availability Zones (AZs) to mitigate the risk of impaired application availability due to underlying infrastructure failures and task lifecycle activities. The valid values are `ENABLED` and `DISABLED`. Defaults to `DISABLED` | `string` | `"DISABLED"` | no | | [capacity\_provider\_strategy](#input\_capacity\_provider\_strategy) | Capacity provider strategies to use for the service. Can be one or more | 
map(object({
    base              = optional(number)
    capacity_provider = string
    weight            = optional(number)
  }))
| `null` | no | | [cluster\_arn](#input\_cluster\_arn) | ARN of the ECS cluster where the resources will be provisioned | `string` | `""` | no | | [container\_definition\_defaults](#input\_container\_definition\_defaults) | A map of default values for [container definitions](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) created by `container_definitions` | `any` | `{}` | no | @@ -340,7 +340,7 @@ module "ecs_service" { | [track\_latest](#input\_track\_latest) | Whether should track latest `ACTIVE` task definition on AWS or the one created with the resource stored in state. Default is `false`. Useful in the event the task definition is modified outside of this resource | `bool` | `true` | no | | [triggers](#input\_triggers) | Map of arbitrary keys and values that, when changed, will trigger an in-place update (redeployment). Useful with `timestamp()` | `map(string)` | `null` | no | | [volume](#input\_volume) | Configuration block for volumes that containers in your task may use | 
map(object({
    configure_at_launch = optional(bool)
    docker_volume_configuration = optional(object({
      autoprovision = optional(bool)
      driver        = optional(string)
      driver_opts   = optional(map(string))
      labels        = optional(map(string))
      scope         = optional(string)
    }))
    efs_volume_configuration = optional(object({
      authorization_config = optional(object({
        access_point_id = optional(string)
        iam             = optional(string)
      }))
      file_system_id          = string
      root_directory          = optional(string)
      transit_encryption      = optional(string)
      transit_encryption_port = optional(number)
    }))
    fsx_windows_file_server_volume_configuration = optional(object({
      authorization_config = optional(object({
        credentials_parameter = string
        domain                = string
      }))
      file_system_id = string
      root_directory = string
    }))
    host_path = optional(string)
    name      = optional(string)
  }))
| `null` | no | -| [volume\_configuration](#input\_volume\_configuration) | Configuration for a volume specified in the task definition as a volume that is configured at launch time | 
object({
    name = string
    managed_ebs_volume = list(object({
      encrypted        = optional(bool)
      file_system_type = optional(string)
      iops             = optional(number)
      kms_key_id       = optional(string)
      size_in_gb       = optional(number)
      snapshot_id      = optional(string)
      throughput       = optional(number)
      volume_type      = optional(string)
      tag_specification = optional(list(object({
        resource_type  = string
        propagate_tags = optional(string, "TASK_DEFINITION")
        tags           = optional(map(string))
      })))
    }))
  })
| `null` | no | +| [volume\_configuration](#input\_volume\_configuration) | Configuration for a volume specified in the task definition as a volume that is configured at launch time | 
object({
    name = string
    managed_ebs_volume = list(object({
      encrypted        = optional(bool)
      file_system_type = optional(string)
      iops             = optional(number)
      kms_key_id       = optional(string)
      size_in_gb       = optional(number)
      snapshot_id      = optional(string)
      throughput       = optional(number)
      volume_type      = optional(string)
      tag_specifications = optional(list(object({
        resource_type  = string
        propagate_tags = optional(string, "TASK_DEFINITION")
        tags           = optional(map(string))
      })))
    }))
  })
| `null` | no | | [vpc\_lattice\_configurations](#input\_vpc\_lattice\_configurations) | The VPC Lattice configuration for your service that allows Lattice to connect, secure, and monitor your service across multiple accounts and VPCs | 
object({
    role_arn         = string
    target_group_arn = string
    port_name        = string
  })
| `null` | no | | [wait\_for\_steady\_state](#input\_wait\_for\_steady\_state) | If true, Terraform will wait for the service to reach a steady state before continuing. Default is `false` | `bool` | `null` | no | | [wait\_until\_stable](#input\_wait\_until\_stable) | Whether terraform should wait until the task set has reached `STEADY_STATE` | `bool` | `null` | no | diff --git a/modules/service/variables.tf b/modules/service/variables.tf index 75d31cab..b0734933 100644 --- a/modules/service/variables.tf +++ b/modules/service/variables.tf @@ -39,7 +39,7 @@ variable "alarms" { variable "availability_zone_rebalancing" { description = " ECS automatically redistributes tasks within a service across Availability Zones (AZs) to mitigate the risk of impaired application availability due to underlying infrastructure failures and task lifecycle activities. The valid values are `ENABLED` and `DISABLED`. Defaults to `DISABLED`" type = string - default = null + default = "DISABLED" } variable "capacity_provider_strategy" { diff --git a/wrappers/service/main.tf b/wrappers/service/main.tf index 374763a8..2b1c52a6 100644 --- a/wrappers/service/main.tf +++ b/wrappers/service/main.tf @@ -28,7 +28,7 @@ module "wrapper" { } }) autoscaling_scheduled_actions = try(each.value.autoscaling_scheduled_actions, var.defaults.autoscaling_scheduled_actions, null) - availability_zone_rebalancing = try(each.value.availability_zone_rebalancing, var.defaults.availability_zone_rebalancing, null) + availability_zone_rebalancing = try(each.value.availability_zone_rebalancing, var.defaults.availability_zone_rebalancing, "DISABLED") capacity_provider_strategy = try(each.value.capacity_provider_strategy, var.defaults.capacity_provider_strategy, null) cluster_arn = try(each.value.cluster_arn, var.defaults.cluster_arn, "") container_definition_defaults = try(each.value.container_definition_defaults, var.defaults.container_definition_defaults, {}) @@ -120,6 +120,7 @@ module "wrapper" { task_exec_iam_statements = try(each.value.task_exec_iam_statements, var.defaults.task_exec_iam_statements, null) task_exec_secret_arns = try(each.value.task_exec_secret_arns, var.defaults.task_exec_secret_arns, ["arn:aws:secretsmanager:*:*:secret:*"]) task_exec_ssm_param_arns = try(each.value.task_exec_ssm_param_arns, var.defaults.task_exec_ssm_param_arns, ["arn:aws:ssm:*:*:parameter/*"]) + task_tags = try(each.value.task_tags, var.defaults.task_tags, {}) tasks_iam_role_arn = try(each.value.tasks_iam_role_arn, var.defaults.tasks_iam_role_arn, null) tasks_iam_role_description = try(each.value.tasks_iam_role_description, var.defaults.tasks_iam_role_description, null) tasks_iam_role_name = try(each.value.tasks_iam_role_name, var.defaults.tasks_iam_role_name, null) @@ -129,7 +130,6 @@ module "wrapper" { tasks_iam_role_statements = try(each.value.tasks_iam_role_statements, var.defaults.tasks_iam_role_statements, null) tasks_iam_role_tags = try(each.value.tasks_iam_role_tags, var.defaults.tasks_iam_role_tags, {}) tasks_iam_role_use_name_prefix = try(each.value.tasks_iam_role_use_name_prefix, var.defaults.tasks_iam_role_use_name_prefix, true) - task_tags = try(each.value.task_tags, var.defaults.task_tags, {}) timeouts = try(each.value.timeouts, var.defaults.timeouts, null) track_latest = try(each.value.track_latest, var.defaults.track_latest, true) triggers = try(each.value.triggers, var.defaults.triggers, null) From 6c4694b4caebb6d9bd2789bcedf911bf7ba8cb4e Mon Sep 17 00:00:00 2001 From: keisukematsuda19921106 Date: Fri, 21 Mar 2025 13:42:51 +0900 Subject: [PATCH 2/2] revert default value of availability zone rebalancing --- main.tf | 2 +- modules/service/README.md | 2 +- modules/service/variables.tf | 2 +- wrappers/service/main.tf | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/main.tf b/main.tf index 33f36ae9..0dfe8a17 100644 --- a/main.tf +++ b/main.tf @@ -59,7 +59,7 @@ module "service" { # Service ignore_task_definition_changes = try(each.value.ignore_task_definition_changes, false) alarms = try(each.value.alarms, {}) - availability_zone_rebalancing = try(each.value.availability_zone_rebalancing, "DISABLED") + availability_zone_rebalancing = try(each.value.availability_zone_rebalancing, "null") capacity_provider_strategy = try(each.value.capacity_provider_strategy, {}) cluster_arn = module.cluster.arn deployment_circuit_breaker = try(each.value.deployment_circuit_breaker, {}) diff --git a/modules/service/README.md b/modules/service/README.md index bf515571..c35bf58f 100644 --- a/modules/service/README.md +++ b/modules/service/README.md @@ -237,7 +237,7 @@ module "ecs_service" { | [autoscaling\_min\_capacity](#input\_autoscaling\_min\_capacity) | Minimum number of tasks to run in your service | `number` | `1` | no | | [autoscaling\_policies](#input\_autoscaling\_policies) | Map of autoscaling policies to create for the service | `any` | 
{
  "cpu": {
    "policy_type": "TargetTrackingScaling",
    "target_tracking_scaling_policy_configuration": {
      "predefined_metric_specification": {
        "predefined_metric_type": "ECSServiceAverageCPUUtilization"
      }
    }
  },
  "memory": {
    "policy_type": "TargetTrackingScaling",
    "target_tracking_scaling_policy_configuration": {
      "predefined_metric_specification": {
        "predefined_metric_type": "ECSServiceAverageMemoryUtilization"
      }
    }
  }
}
| no | | [autoscaling\_scheduled\_actions](#input\_autoscaling\_scheduled\_actions) | Map of autoscaling scheduled actions to create for the service | 
map(object({
    name         = optional(string)
    min_capacity = number
    max_capacity = number
    schedule     = string
    start_time   = optional(string)
    end_time     = optional(string)
    timezone     = optional(string)
  }))
| `null` | no | -| [availability\_zone\_rebalancing](#input\_availability\_zone\_rebalancing) | ECS automatically redistributes tasks within a service across Availability Zones (AZs) to mitigate the risk of impaired application availability due to underlying infrastructure failures and task lifecycle activities. The valid values are `ENABLED` and `DISABLED`. Defaults to `DISABLED` | `string` | `"DISABLED"` | no | +| [availability\_zone\_rebalancing](#input\_availability\_zone\_rebalancing) | ECS automatically redistributes tasks within a service across Availability Zones (AZs) to mitigate the risk of impaired application availability due to underlying infrastructure failures and task lifecycle activities. The valid values are `ENABLED` and `DISABLED`. Defaults to `DISABLED` | `string` | `null` | no | | [capacity\_provider\_strategy](#input\_capacity\_provider\_strategy) | Capacity provider strategies to use for the service. Can be one or more | 
map(object({
    base              = optional(number)
    capacity_provider = string
    weight            = optional(number)
  }))
| `null` | no | | [cluster\_arn](#input\_cluster\_arn) | ARN of the ECS cluster where the resources will be provisioned | `string` | `""` | no | | [container\_definition\_defaults](#input\_container\_definition\_defaults) | A map of default values for [container definitions](http://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerDefinition.html) created by `container_definitions` | `any` | `{}` | no | diff --git a/modules/service/variables.tf b/modules/service/variables.tf index b0734933..75d31cab 100644 --- a/modules/service/variables.tf +++ b/modules/service/variables.tf @@ -39,7 +39,7 @@ variable "alarms" { variable "availability_zone_rebalancing" { description = " ECS automatically redistributes tasks within a service across Availability Zones (AZs) to mitigate the risk of impaired application availability due to underlying infrastructure failures and task lifecycle activities. The valid values are `ENABLED` and `DISABLED`. Defaults to `DISABLED`" type = string - default = "DISABLED" + default = null } variable "capacity_provider_strategy" { diff --git a/wrappers/service/main.tf b/wrappers/service/main.tf index 2b1c52a6..bc9bcb2c 100644 --- a/wrappers/service/main.tf +++ b/wrappers/service/main.tf @@ -28,7 +28,7 @@ module "wrapper" { } }) autoscaling_scheduled_actions = try(each.value.autoscaling_scheduled_actions, var.defaults.autoscaling_scheduled_actions, null) - availability_zone_rebalancing = try(each.value.availability_zone_rebalancing, var.defaults.availability_zone_rebalancing, "DISABLED") + availability_zone_rebalancing = try(each.value.availability_zone_rebalancing, var.defaults.availability_zone_rebalancing, null) capacity_provider_strategy = try(each.value.capacity_provider_strategy, var.defaults.capacity_provider_strategy, null) cluster_arn = try(each.value.cluster_arn, var.defaults.cluster_arn, "") container_definition_defaults = try(each.value.container_definition_defaults, var.defaults.container_definition_defaults, {})