Page MenuHomePhabricator

[services][terraform] Set up blob ECS service
ClosedPublic

Authored by bartek on Jul 21 2023, 9:49 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 5, 6:53 AM
Unknown Object (File)
Tue, Nov 5, 6:53 AM
Unknown Object (File)
Tue, Nov 5, 6:53 AM
Unknown Object (File)
Tue, Nov 5, 6:53 AM
Unknown Object (File)
Tue, Nov 5, 6:52 AM
Unknown Object (File)
Fri, Nov 1, 4:51 PM
Unknown Object (File)
Fri, Nov 1, 4:51 PM
Unknown Object (File)
Fri, Nov 1, 4:51 PM
Subscribers

Details

Summary

This diff demonstrates a ECS service that is hosted on a EC2 instance.
Blob Service exposes both HTTP and gRPC endpoints so it was a good candidate for this demo.

Depends on D8583

Test Plan

ECS-based blob service is up and running in production. Tested HTTPS endpoints via Postman and gRPC (SSL) endpoints with BloomRPC.

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

bartek held this revision as a draft.
bartek published this revision for review.Jul 21 2023, 11:17 AM
bartek added inline comments.
services/terraform/remote/aws_iam.tf
6–9

This role will be replaced with a Terraform-managed one with stricter permissions in subsequent diffs.

services/terraform/remote/service_blob.tf
136–138

This endpoint now returns 404 but I'm going to implement it for HTTP services

185–195

Left the legacy EC2-instance target with 0% traffic to be able to easily switch traffic to the old one while I'm experimenting with ECS

services/terraform/remote/aws_iam.tf
6–9

Do you mind adding a comment about that? I'm sure it will be surprising in the future.

Rebase. Add the IAM role directly.

services/terraform/remote/aws_iam.tf
6–9

Actually I decided to do it right away here

services/terraform/remote/service_blob.tf
136–138

Tracked in ENG-4470

My concern gets addressed in a later diff

The diff graph looks a bit... complex :)

This revision is now accepted and ready to land.Aug 1 2023, 10:11 AM