Page MenuHomePhabricator
Differential D13360

[terraform] Make Tunnelbroker deployments more future-proof
ClosedPublic
Actions

Authored by bartek on Sep 17 2024, 4:37 AM.
Tags
None
Referenced Files
F3341258: D13360.diff
Thu, Nov 21, 10:45 PM
Unknown Object (File)
Wed, Nov 20, 7:04 AM
Unknown Object (File)
Wed, Nov 20, 7:03 AM
Unknown Object (File)
Wed, Nov 20, 7:02 AM
Unknown Object (File)
Wed, Nov 20, 6:39 AM
Unknown Object (File)
Oct 20 2024, 2:58 PM
Unknown Object (File)
Oct 20 2024, 2:58 PM
Unknown Object (File)
Oct 20 2024, 2:57 PM
View All 33 Files
Subscribers
ashoat
tomek

Details

Reviewers
will
kamil
Commits
rCOMMde4a5b45fcfb: [terraform] Make Tunnelbroker deployments more future-proof
Summary

Tunnelbroker deployments on prod sometimes failed due to The target group tunnelbroker-grpc-tg does not have an associated load balancer.
This was due to disabled LB listener for gRPC, so the target group had no listeners.
Detaching the ECS Service from adding Tunnelbroker to this blind target group resolved the issue.
Added appropriate comments

Test Plan

Terraform apply succeeded on prod after previously failing with the message. Opened AWS Console and made sure Tunnelbroker is not registered to the gRPC target group.

Diff Detail

Repository
rCOMM Comm
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

bartek created this revision.Sep 17 2024, 4:37 AM
bartek held this revision as a draft.
Herald added subscribers: tomek, ashoat. · View Herald TranscriptSep 17 2024, 4:37 AM
bartek published this revision for review.Sep 17 2024, 4:43 AM
Harbormaster completed remote builds in B31663: Diff 44266.Sep 17 2024, 4:54 AM
will added inline comments.Sep 17 2024, 8:00 AM
services/terraform/remote/service_tunnelbroker.tf
190

Just double checking my understanding. Because there won't be any listeners, essentially this for_each will result in no `load_balancer" blocks actually being deployed.

Why do we still need this block in the first place? Testing purposes?

bartek added inline comments.Sep 17 2024, 11:57 PM
services/terraform/remote/service_tunnelbroker.tf
190

We want it for staging, and yes, for "testing purposes".

Just double checking my understanding. Because there won't be any listeners, essentially this for_each will result in no `load_balancer" blocks actually being deployed.

Yes, exactly. No load_balancer blocks on prod, and one on staging.
In resource "aws_lb_listener" "tunnelbroker_grpc" at the bottom of this file, there's a count = staging ? 1 : 0.

kamil accepted this revision.Sep 18 2024, 12:51 AM
This revision is now accepted and ready to land.Sep 18 2024, 12:51 AM
Closed by commit rCOMMde4a5b45fcfb: [terraform] Make Tunnelbroker deployments more future-proof (authored by bartek). · Explain WhySep 18 2024, 3:03 AM
This revision was automatically updated to reflect the committed changes.
bartek added a commit: rCOMMde4a5b45fcfb: [terraform] Make Tunnelbroker deployments more future-proof.

Revision Contents
Changeset List

PathSize
services/
terraform/
remote/
23 lines

Diff 44266

View Options

services/terraform/remote/service_tunnelbroker.tf

Loading...