Merge pull request #6 from warnermediacode/spot

Spot instance support

README.md

@@ -10,7 +10,7 @@ This will spin up a new ECS cluster and fargate service running a simple default
 
 ```
 module "fargate" {
-  source = "[email protected]:warnermediacode/terraform-ecs-fargate-module/?ref=v4.1.0"
+  source = "[email protected]:warnermediacode/terraform-ecs-fargate-module/?ref=v4.2.0"
 
   app                   = "mywebsite"
   environment           = "main"
@@ -38,15 +38,15 @@ If you would like a ready to use template for this module, it's state bucket as
 | <a name="input_app"></a> [app](#input\_app) | The application's name | `string` | n/a | yes |
 | <a name="input_container_port"></a> [container\_port](#input\_container\_port) | The port the container will listen on, used for load balancer health check Best practice is that this value is higher than 1024 so the container processes isn't running at root. | `string` | n/a | yes |
 | <a name="input_environment"></a> [environment](#input\_environment) | The environment that is being built | `string` | n/a | yes |
-| <a name="input_fargate_subnets"></a> [fargate\_subnets](#input\_fargate\_subnets) | These are the subnet ids that the containers will use | `list` | n/a | yes |
-| <a name="input_load_balancer_subnets"></a> [load\_balancer\_subnets](#input\_load\_balancer\_subnets) | These are the subnet ids that the load balancer will use | `list` | n/a | yes |
+| <a name="input_fargate_subnets"></a> [fargate\_subnets](#input\_fargate\_subnets) | These are the subnet ids that the containers will use | `list(any)` | n/a | yes |
+| <a name="input_load_balancer_subnets"></a> [load\_balancer\_subnets](#input\_load\_balancer\_subnets) | These are the subnet ids that the load balancer will use | `list(any)` | n/a | yes |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags for the infrastructure | `map(string)` | n/a | yes |
 | <a name="input_vpc"></a> [vpc](#input\_vpc) | The VPC to use for the Fargate cluster | `any` | n/a | yes |
 | <a name="input_certificate_arn"></a> [certificate\_arn](#input\_certificate\_arn) | The ARN for the SSL certificate, if this is not blank it will use it instead of requesting a dns validated ACM certificate | `string` | `""` | no |
 | <a name="input_container_definitions"></a> [container\_definitions](#input\_container\_definitions) | This is the json formatted container definition for the task. By default, a definition with the indicated container image and cloudwatch logging will be provided. Setting this will override the defaults allowing configuration like environment variables to be set. We recommend using this module to help build the json rather than doing it in a large string: https://registry.terraform.io/modules/cloudposse/ecs-container-definition/aws/latest | `string` | `""` | no |
 | <a name="input_container_image"></a> [container\_image](#input\_container\_image) | The default docker image to deploy with the infrastructure. Note that you can use the fargate CLI for application concerns like deploying actual application images and environment variables on top of the infrastructure provisioned by this template https://github.com/turnerlabs/fargate note that the source for the turner default backend image is here: https://github.com/turnerlabs/turner-defaultbackend | `string` | `"ghcr.io/warnermedia/fargate-default-backend:v0.9.0"` | no |
 | <a name="input_container_name"></a> [container\_name](#input\_container\_name) | The name of the container to run | `string` | `"app"` | no |
-| <a name="input_cpu_architecture"></a> [cpu\_architecture](#input\_cpu\_architecture) | The CPU Architecture, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform | `string` | `"X86_64"` | no |
+| <a name="input_cpu_architecture"></a> [cpu\_architecture](#input\_cpu\_architecture) | The CPU Architecture X86\_64 or ARM64 for Graviton, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform | `string` | `"X86_64"` | no |
 | <a name="input_cpu_units"></a> [cpu\_units](#input\_cpu\_units) | See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size | `number` | `256` | no |
 | <a name="input_create_cicd_user"></a> [create\_cicd\_user](#input\_create\_cicd\_user) | Should the module create an iam user with permissions tuned for cicd (cicf.tf) | `bool` | `false` | no |
 | <a name="input_create_ecs_dashboard"></a> [create\_ecs\_dashboard](#input\_create\_ecs\_dashboard) | Log the ECS events happening in fargate and create a cloudwatch dashboard that shows these messages | `bool` | `false` | no |
@@ -61,6 +61,7 @@ If you would like a ready to use template for this module, it's state bucket as
 | <a name="input_ecs_autoscale_min_instances"></a> [ecs\_autoscale\_min\_instances](#input\_ecs\_autoscale\_min\_instances) | The minimum number of containers that should be running. Must be at least 1. For production, consider using at least "2". | `number` | `1` | no |
 | <a name="input_ecs_cluster_name"></a> [ecs\_cluster\_name](#input\_ecs\_cluster\_name) | Name of an existing ECS cluster, if left blank it will create one with the app and environment values | `string` | `""` | no |
 | <a name="input_ecs_lambda_runtime"></a> [ecs\_lambda\_runtime](#input\_ecs\_lambda\_runtime) | The lambda runtime for the ecs dashboard, provided here so that it is easy to update to the latest supported | `string` | `"nodejs14.x"` | no |
+| <a name="input_fixed_non_spot_count"></a> [fixed\_non\_spot\_count](#input\_fixed\_non\_spot\_count) | How many tasks are required stay normal fargate (non-spot) instances despite the percentages | `number` | `1` | no |
 | <a name="input_health_check"></a> [health\_check](#input\_health\_check) | The path to the health check for the load balancer to know if the container(s) are ready | `string` | `"/"` | no |
 | <a name="input_health_check_interval"></a> [health\_check\_interval](#input\_health\_check\_interval) | How often to check the liveliness of the container | `string` | `"30"` | no |
 | <a name="input_health_check_matcher"></a> [health\_check\_matcher](#input\_health\_check\_matcher) | What HTTP response code to listen for | `string` | `"200"` | no |
@@ -78,7 +79,8 @@ If you would like a ready to use template for this module, it's state bucket as
 | <a name="input_scaling_cpu_low_threshold"></a> [scaling\_cpu\_low\_threshold](#input\_scaling\_cpu\_low\_threshold) | If the average CPU utilization over a minute drops to this threshold, the number of containers will be reduced (but not below ecs\_autoscale\_min\_instances). | `string` | `"20"` | no |
 | <a name="input_secrets_manager"></a> [secrets\_manager](#input\_secrets\_manager) | indicates if a secrets manager | `bool` | `false` | no |
 | <a name="input_secrets_manager_recovery_window_in_days"></a> [secrets\_manager\_recovery\_window\_in\_days](#input\_secrets\_manager\_recovery\_window\_in\_days) | Number of days that secrets manager will wait before fully deleting a secret, set to 0 to delete immediately https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#recovery_window_in_days | `number` | `7` | no |
-| <a name="input_secrets_users"></a> [secrets\_users](#input\_secrets\_users) | A list of users that will have full access to the secrets manager and its kms key, the current user applying the terraform will have access as well. | `list` | `[]` | no |
+| <a name="input_secrets_users"></a> [secrets\_users](#input\_secrets\_users) | A list of users that will have full access to the secrets manager and its kms key, the current user applying the terraform will have access as well. | `list(any)` | `[]` | no |
+| <a name="input_spot_percentage"></a> [spot\_percentage](#input\_spot\_percentage) | The percentage of tasks in the service that should run as spot instances. This also works for ARM/Graviton, but beware, some regions don't have any capacity or support for ARM spot | `number` | `0` | no |
 | <a name="input_ssl_policy"></a> [ssl\_policy](#input\_ssl\_policy) | This is the policy that controls the specifics about TLS/SSL versions and supported ciphers. This default will only support TLS 1.2 https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies | `string` | `"ELBSecurityPolicy-TLS-1-2-Ext-2018-06"` | no |
 
 ## Outputs
@@ -88,7 +90,7 @@ If you would like a ready to use template for this module, it's state bucket as
 | <a name="output_cicd_keys"></a> [cicd\_keys](#output\_cicd\_keys) | A command to run that can extract the AWS keys for the CICD user to use in a build system (remove the \ in the select section |
 | <a name="output_ecs_cluster_arn"></a> [ecs\_cluster\_arn](#output\_ecs\_cluster\_arn) | The arn of the ecs cluster that was created or referenced |
 | <a name="output_ecs_cluster_name"></a> [ecs\_cluster\_name](#output\_ecs\_cluster\_name) | The name of the ecs cluster that was created or referenced |
-| <a name="output_ecs_service_name"></a> [ecs\_service\_name](#output\_ecs\_service\_name) | The arn of the ecs cluster that was created or referenced |
+| <a name="output_ecs_service_name"></a> [ecs\_service\_name](#output\_ecs\_service\_name) | The arn of the fargate ecs service that was created |
 | <a name="output_fqdn"></a> [fqdn](#output\_fqdn) | The fully qualified domain name created if dns based ACM is enabled |
 | <a name="output_lb_dns"></a> [lb\_dns](#output\_lb\_dns) | The load balancer DNS name |
 | <a name="output_secret_arn"></a> [secret\_arn](#output\_secret\_arn) | The arn of the created secret manager (if enabled) |

docs/header.md

@@ -10,7 +10,7 @@ This will spin up a new ECS cluster and fargate service running a simple default
 
 ```
 module "fargate" {
-  source = "[email protected]:warnermediacode/terraform-ecs-fargate-module/?ref=v4.1.0"
+  source = "[email protected]:warnermediacode/terraform-ecs-fargate-module/?ref=v4.2.0"
 
   app                   = "mywebsite"
   environment           = "main"

ecs.tf

@@ -104,7 +104,7 @@ module "task_definition" {
 resource "aws_ecs_service" "app" {
   name            = "${var.app}-${var.environment}"
   cluster         = local.ecs_cluster_id
-  launch_type     = "FARGATE"
+  #launch_type     = "FARGATE"
   task_definition = aws_ecs_task_definition.app.arn
   desired_count   = var.replicas
 
@@ -127,6 +127,21 @@ resource "aws_ecs_service" "app" {
 
   # workaround for https://github.com/hashicorp/terraform/issues/12634
   depends_on = [aws_alb_listener.http]
+
+  capacity_provider_strategy  {
+    capacity_provider = "FARGATE"
+    weight = local.fargate_percentage
+    base = var.fixed_non_spot_count
+  }
+
+  capacity_provider_strategy {
+    capacity_provider = "FARGATE_SPOT"
+    weight = var.spot_percentage
+  }
+}
+
+locals {
+  fargate_percentage = 100 - var.spot_percentage
 }
 
 # https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html
@@ -163,6 +178,8 @@ resource "aws_cloudwatch_log_group" "logs" {
   tags              = var.tags
 }
 
+
+
 # The name of the ecs cluster that was created or referenced 
 output "ecs_cluster_name" {
   value = local.ecs_cluster_name

refreshdocs.sh

@@ -1 +1,3 @@
+#!/bin/sh
+
 terraform-docs -c .terraform-docs.yml .

variables.tf

@@ -248,7 +248,7 @@ variable "operating_system_family" {
   default = "LINUX"
 }
 
-# The CPU Architecture, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform
+# The CPU Architecture X86_64 or ARM64 for Graviton, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform
 variable "cpu_architecture" {
   type    = string
   default = "X86_64"
@@ -260,3 +260,16 @@ variable "platform_version" {
   type    = string
   default = "LATEST"
 }
+
+# The percentage of tasks in the service that should run as spot instances. This also works for ARM/Graviton, but beware, 
+#  some regions don't have any capacity or support for ARM spot
+variable "spot_percentage" {
+  type = number
+  default = 0
+}
+
+# How many tasks are required stay normal fargate (non-spot) instances despite the percentages
+variable "fixed_non_spot_count" {
+  type = number
+  default = 1 
+}