Merge pull request #2 from jbrosa/prototipo

feat: adicionando configuração de load balancer
mentoriaiac · Dec 20, 2023 · fbef0dc · fbef0dc
2 parents 3081452 + 100cc93
commit fbef0dc
Show file tree

Hide file tree

Showing 7 changed files with 185 additions and 26 deletions.
diff --git a/main.tf b/main.tf
@@ -15,10 +15,12 @@ provider "aws" {
 module "rede_prototipo" {
   source   = "./modules/rede"
   vpc_cidr = "10.1.0.0/16"
+
   subnets = {
     primaria   = "10.1.1.0/24",
     secundaria = "10.1.2.0/24",
   }
+
   ingress_rules = [
     {
       from_port   = 80
@@ -50,11 +52,13 @@ module "cluster" {
 module "apache" {
   source = "./modules/ecs-app"
 
-  name            = "apache"
-  cluster_id      = module.cluster.cluster_id
-  desired_count   = 1
-  subnets         = [module.rede_prototipo.subnet_id.primaria]
-  security_groups = [module.rede_prototipo.security_group_id]
+  name             = "apache"
+  cluster_id       = module.cluster.cluster_id
+  desired_count    = 1
+  subnets          = [module.rede_prototipo.subnet_id.primaria]
+  security_groups  = [module.rede_prototipo.security_group_id]
+  target_group_arn = aws_lb_target_group.apache1.arn
+
   resources = {
     cpu    = 256
     memory = 512
@@ -63,22 +67,22 @@ module "apache" {
   container_definitions = <<EOF
     [
       {
-        "name": "fargate-app", 
-        "image": "public.ecr.aws/docker/library/httpd:latest", 
+        "name": "fargate-app",
+        "image": "public.ecr.aws/docker/library/httpd:latest",
         "portMappings": [
           {
-            "containerPort": 80, 
-            "hostPort": 80, 
+            "containerPort": 80,
+            "hostPort": 80,
             "protocol": "tcp"
           }
-        ], 
-        "essential": true, 
+        ],
+        "essential": true,
         "entryPoint": [
           "sh",
           "-c"
-        ], 
+        ],
         "command": [
-          "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' >  /usr/local/apache2/htdocs/index.html && httpd-foreground\""
+          "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App 1</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App 1</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' >  /usr/local/apache2/htdocs/index.html && httpd-foreground\""
         ]
       }
     ]
@@ -89,11 +93,13 @@ module "apache" {
 module "apache2" {
   source = "./modules/ecs-app"
 
-  name            = "apache2"
-  cluster_id      = module.cluster.cluster_id
-  desired_count   = 1
-  subnets         = [module.rede_prototipo.subnet_id.secundaria]
-  security_groups = [module.rede_prototipo.security_group_id]
+  name             = "apache2"
+  cluster_id       = module.cluster.cluster_id
+  desired_count    = 1
+  subnets          = [module.rede_prototipo.subnet_id.secundaria]
+  security_groups  = [module.rede_prototipo.security_group_id]
+  target_group_arn = aws_lb_target_group.apache2.arn
+
   resources = {
     cpu    = 256
     memory = 512
@@ -102,25 +108,104 @@ module "apache2" {
   container_definitions = <<EOF
     [
       {
-        "name": "fargate-app", 
-        "image": "public.ecr.aws/docker/library/httpd:latest", 
+        "name": "fargate-app",
+        "image": "public.ecr.aws/docker/library/httpd:latest",
         "portMappings": [
           {
-            "containerPort": 80, 
-            "hostPort": 80, 
+            "containerPort": 80,
+            "hostPort": 80,
             "protocol": "tcp"
           }
-        ], 
-        "essential": true, 
+        ],
+        "essential": true,
         "entryPoint": [
           "sh",
           "-c"
-        ], 
+        ],
         "command": [
-          "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' >  /usr/local/apache2/htdocs/index.html && httpd-foreground\""
+          "/bin/sh -c \"echo '<html> <head> <title>Amazon ECS Sample App 2</title> <style>body {margin-top: 40px; background-color: #333;} </style> </head><body> <div style=color:white;text-align:center> <h1>Amazon ECS Sample App 2</h1> <h2>Congratulations!</h2> <p>Your application is now running on a container in Amazon ECS.</p> </div></body></html>' >  /usr/local/apache2/htdocs/index.html && httpd-foreground\""
         ]
       }
     ]
     EOF
 
 }
+
+module "lb" {
+  source = "./modules/load-balancer"
+
+  name = "apache"
+
+  security_group_ids = [
+    module.rede_prototipo.security_group_id,
+  ]
+
+  subnet_ids = [
+    module.rede_prototipo.subnet_id.primaria,
+    module.rede_prototipo.subnet_id.secundaria,
+  ]
+
+  listeners = {
+    http = {
+      port                     = "80"
+      protocol                 = "HTTP"
+      default_target_group_arn = aws_lb_target_group.apache1.arn
+    },
+    https = {
+      port                     = "443"
+      protocol                 = "HTTP"
+      default_target_group_arn = aws_lb_target_group.apache1.arn
+    },
+  }
+}
+
+
+resource "aws_lb_listener_rule" "apache1" {
+  listener_arn = module.lb.listener_arns["http"]
+  priority     = 100
+
+  action {
+    type             = "forward"
+    target_group_arn = aws_lb_target_group.apache1.arn
+  }
+
+  condition {
+    query_string {
+      key   = "apache"
+      value = "1"
+    }
+  }
+}
+
+resource "aws_lb_listener_rule" "apache2" {
+  listener_arn = module.lb.listener_arns["http"]
+  priority     = 101
+
+  action {
+    type             = "forward"
+    target_group_arn = aws_lb_target_group.apache2.arn
+  }
+
+  condition {
+    query_string {
+      key   = "apache"
+      value = "2"
+    }
+  }
+}
+
+resource "aws_lb_target_group" "apache1" {
+  name        = "apache1"
+  port        = 80
+  protocol    = "HTTP"
+  target_type = "ip"
+  vpc_id      = module.rede_prototipo.vpc_id
+}
+
+resource "aws_lb_target_group" "apache2" {
+  name        = "apache2"
+  port        = 80
+  protocol    = "HTTP"
+  target_type = "ip"
+  vpc_id      = module.rede_prototipo.vpc_id
+}
diff --git a/modules/ecs-app/main.tf b/modules/ecs-app/main.tf
@@ -4,11 +4,18 @@ resource "aws_ecs_service" "service" {
   task_definition = aws_ecs_task_definition.task.arn
   desired_count   = var.desired_count
   launch_type     = "FARGATE"
+
   network_configuration {
     subnets          = var.subnets
     assign_public_ip = true
     security_groups  = var.security_groups
   }
+
+  load_balancer {
+    target_group_arn = var.target_group_arn
+    container_name   = "fargate-app"
+    container_port   = 80
+  }
 }
 
 resource "aws_ecs_task_definition" "task" {

diff --git a/modules/ecs-app/variables.tf b/modules/ecs-app/variables.tf
@@ -29,4 +29,8 @@ variable "resources" {
 variable "container_definitions" {
   type = string
 }
+
+variable "target_group_arn" {
+  type = string
+}
 
diff --git a/modules/load-balancer/main.tf b/modules/load-balancer/main.tf
@@ -0,0 +1,21 @@
+resource "aws_lb" "lb" {
+  name               = var.name
+  internal           = false
+  load_balancer_type = "application"
+
+  security_groups = var.security_group_ids
+  subnets         = var.subnet_ids
+}
+
+resource "aws_lb_listener" "listeners" {
+  for_each = var.listeners
+
+  load_balancer_arn = aws_lb.lb.arn
+  port              = each.value.port
+  protocol          = each.value.protocol
+
+  default_action {
+    type             = "forward"
+    target_group_arn = each.value.default_target_group_arn
+  }
+}
diff --git a/modules/load-balancer/outputs.tf b/modules/load-balancer/outputs.tf
@@ -0,0 +1,7 @@
+output "lb_arn" {
+  value = aws_lb.lb.arn
+}
+
+output "listener_arns" {
+  value = { for k, v in aws_lb_listener.listeners : k => v.arn }
+}
diff --git a/modules/load-balancer/variables.tf b/modules/load-balancer/variables.tf
@@ -0,0 +1,31 @@
+variable "name" {
+  type    = string
+  default = ""
+}
+
+variable "security_group_ids" {
+  type = list(string)
+}
+
+variable "subnet_ids" {
+  type = list(string)
+
+  validation {
+    condition     = length(var.subnet_ids) >= 2
+    error_message = "Must provide at least two subnets"
+  }
+
+  validation {
+    condition     = alltrue([for id in var.subnet_ids : id != ""])
+    error_message = "Subnet ID must not be empty"
+  }
+}
+
+variable "listeners" {
+  type = map(object({
+    port                     = string
+    protocol                 = string
+    default_target_group_arn = string
+  }))
+  default = {}
+}
diff --git a/modules/rede/outputs.tf b/modules/rede/outputs.tf
@@ -7,3 +7,7 @@ output "security_group_id" {
   description = "Id do security group"
   value       = aws_security_group.sg.id
 }
+
+output "vpc_id" {
+  value = aws_vpc.main.id
+}