61 lines
1.7 KiB
Python
61 lines
1.7 KiB
Python
import pulumi
|
|
import pulumi_aws as aws
|
|
import conf as config
|
|
import iam
|
|
import ecs
|
|
|
|
|
|
# ECS Cluster Setup
|
|
app_ecs_cluster = aws.ecs.Cluster(f"{config.project_name}-ecs-cluster",
|
|
configuration=aws.ecs.ClusterConfigurationArgs(
|
|
execute_command_configuration=aws.ecs.ClusterConfigurationExecuteCommandConfigurationArgs(
|
|
logging="DEFAULT",
|
|
),
|
|
),
|
|
settings=[aws.ecs.ClusterSettingArgs(
|
|
name="containerInsights",
|
|
value="disabled",
|
|
)],
|
|
tags={"Name": f"{config.project_name}-{config.stack_name}"},
|
|
)
|
|
|
|
ecs_cluster_capacity_providers = aws.ecs.ClusterCapacityProviders(f"{config.project_name}-cluster-capacity-providers",
|
|
cluster_name=app_ecs_cluster.name,
|
|
capacity_providers=["FARGATE", "FARGATE_SPOT"],
|
|
)
|
|
|
|
# Security Group Setup
|
|
alb_security_group = aws.ec2.SecurityGroup(f"{config.project_name}-security-group",
|
|
vpc_id=config.network["vpc_id"],
|
|
ingress=[aws.ec2.SecurityGroupIngressArgs(
|
|
protocol="-1",
|
|
from_port=0,
|
|
to_port=0,
|
|
cidr_blocks=config.network["alb_allow_ingress_cidr"],
|
|
),
|
|
],
|
|
egress=[aws.ec2.SecurityGroupEgressArgs(
|
|
protocol="-1",
|
|
from_port=0,
|
|
to_port=0,
|
|
cidr_blocks=["0.0.0.0/0"],
|
|
)],
|
|
)
|
|
|
|
# Load Balancer Setup
|
|
app_load_balancer = aws.lb.LoadBalancer(
|
|
f"alb-{config.project_name}",
|
|
load_balancer_type="application",
|
|
security_groups=[alb_security_group.id],
|
|
subnets=config.network["alb_subnet_ids"],
|
|
idle_timeout=(1200),
|
|
internal=config.network['alb_internal'],
|
|
)
|
|
|
|
for ecs_app in config.ecs:
|
|
ecs.deploy_app(ecs_app, app_ecs_cluster, alb_security_group, app_load_balancer.arn)
|
|
|
|
# Export the ALB DNS Name
|
|
pulumi.export("url", app_load_balancer.dns_name.apply(lambda dns_name: f"http://{dns_name}"))
|
|
|