Paths

Table of Contentst

Differential D12531

[terraform] initial ecs setup for keyserver primary
ClosedPublic
Actions

Authored by will on Jun 20 2024, 8:30 PM.

Tags

None

Referenced Files

	F3373264: D12531.id42416.diff
	Tue, Nov 26, 8:36 AM

	Unknown Object (File)
	Sat, Nov 23, 6:50 PM

	Unknown Object (File)
	Thu, Nov 21, 2:49 PM

	Unknown Object (File)
	Wed, Nov 20, 9:30 PM

	Unknown Object (File)
	Sat, Nov 16, 4:03 AM

	Unknown Object (File)
	Fri, Nov 15, 7:06 AM

	Unknown Object (File)
	Fri, Nov 1, 9:18 PM

	Unknown Object (File)
	Fri, Nov 1, 9:18 PM

View All 73 Files

Subscribers

Details

Reviewers

varun
bartek

Commits

rCOMM5ecf79ec6e26: [terraform] initial ecs setup for keyserver primary

Summary

Drafting this for some initial feedback. This sets up ecs cluster with primary keyserver task def

Depends on D12475

Test Plan

Successfully running the the keyserver task in a docker container

Diff Detail

Repository

Branch

keyserver_to_aws

Lint

No Lint Coverage

Unit

No Test Coverage

Event Timeline

will created this revision.Jun 20 2024, 8:30 PM

will held this revision as a draft.

Herald added subscribers: tomek, ashoat. · View Herald TranscriptJun 20 2024, 8:30 PM

will edited the summary of this revision. (Show Details)Jun 20 2024, 8:30 PM

will added a parent revision: D12529: [terraform] Allow all ip addresses to access self-host internet gateway.

Harbormaster completed remote builds in B29855: Diff 41590.Jun 20 2024, 8:45 PM

bartek added inline comments.Jun 21 2024, 10:00 PM

services/terraform/self-host/aws_ecs.tf
10–12	Is service connect needed in self-host? Are nodes going to talk to each other?
services/terraform/self-host/aws_iam.tf
48–58	I'd use `jsonencode()` - see examples in `aws_iam.tf` e.g. for `resource "aws_iam_role" "ecs_task_execution"`. Just see you used it right below
services/terraform/self-host/keyserver_primary.tf
3	You're going to change this later to comm repo?
70–76	can we use `jsonencode()`?

will added inline comments.Jun 23 2024, 8:48 PM

services/terraform/self-host/aws_ecs.tf
10–12	That's a good question. I don't think so. I'll remove for now and add back in a separate diff if it comes up
services/terraform/self-host/keyserver_primary.tf
3	Yep! Before landing the stack, I'll test and push the primary and secondary images on the commapp repo

will published this revision for review.Jun 24 2024, 6:42 PM

will added a child revision: D12558: [keyserver] add health check route to keyserver for use by load balancer.Jun 24 2024, 7:25 PM

will added inline comments.

services/terraform/self-host/aws_iam.tf
48–58	Will include in next rebase
services/terraform/self-host/keyserver_primary.tf
70–76	Will include in next rebase

Accepting but please address feedback before landing

This revision is now accepted and ready to land.Jun 26 2024, 2:22 AM

set to false initially

Harbormaster completed remote builds in B30189: Diff 42101.Jul 8 2024, 3:51 AM

configure user credentials as json object variable instead of individual string variables

Harbormaster completed remote builds in B30440: Diff 42416.Jul 17 2024, 3:03 PM

will edited the summary of this revision. (Show Details)Jul 17 2024, 6:56 PM

will edited the summary of this revision. (Show Details)

will added a parent revision: D12475: [keyserver] upgrade redis to version 7 on docker based keyserver.

will removed a parent revision: D12529: [terraform] Allow all ip addresses to access self-host internet gateway.

Closed by commit rCOMM5ecf79ec6e26: [terraform] initial ecs setup for keyserver primary (authored by will). · Explain WhyJul 17 2024, 7:01 PM

This revision was automatically updated to reflect the committed changes.

will added a commit: rCOMM5ecf79ec6e26: [terraform] initial ecs setup for keyserver primary.

Revision Contents
Changeset List

Path

Size

services/

terraform/

self-host/

7 lines

27 lines

85 lines

keyserver_primary.tf

149 lines

17 lines

Diff 41590

services/terraform/self-host/aws_db.tf

Loading...

services/terraform/self-host/aws_ecs.tf

Loading...

services/terraform/self-host/aws_iam.tf

Loading...

services/terraform/self-host/keyserver_primary.tf

Loading...

services/terraform/self-host/variables.tf

Loading...