Merge pull request #27 from n3mawashi/feature/ecs_scheduler

ECS Services Scheduler

Author: diodonfrost

.github/workflows/CI.yml

@@ -3,51 +3,66 @@ on:
   push:
   pull_request:
   schedule:
-    - cron: '0 18 * * sun'
+    - cron: '0 18 * * SUN'
 
 jobs:
-  tflint:
+  lint:
     name: Terraform validate ${{ matrix.terraform_version }}
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         terraform_version:
           - latest
-          - 0.14.0
-          - 0.13.0
+          - 1.2.9
+          - 1.1.9
     steps:
       - uses: actions/checkout@master
-      - name: Terraform validate
-        run: tests/sanity/terraform_tests.sh
-        env:
+      - uses: hashicorp/setup-terraform@v2
+        with:
           terraform_version: "${{ matrix.terraform_version }}"
 
+      - name: Terraform version
+        id: version
+        run: terraform version
+      - name: Terraform fmt
+        id: fmt
+        run: terraform fmt -check
+        continue-on-error: true
+      - name: Terraform init
+        id: init
+        run: terraform init 
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+
   pythontest:
     name: ${{ matrix.config.toxenv }}
     runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         config:
-          - toxenv: py35
-            python-version: 3.5
-          - toxenv: py36
-            python-version: 3.6
           - toxenv: py37
             python-version: 3.7
           - toxenv: py38
             python-version: 3.8
+          - toxenv: py39
+            python-version: 3.9
+          - toxenv: py310
+            python-version: '3.10'
+          # - toxenv: py311
+          #   python-version: 3.11
           - toxenv: flake8
-            python-version: 3.7
+            python-version: 3.8
           - toxenv: pylint
-            python-version: 3.7
+            python-version: 3.8
           - toxenv: black
-            python-version: 3.7
+            python-version: 3.8
           - toxenv: mypy
-            python-version: 3.7
+            python-version: 3.8
           - toxenv: pytest
-            python-version: 3.7
+            python-version: 3.8
 
     steps:
       - name: Checkout repository

.python-version

@@ -0,0 +1 @@
+3.9.13

README.md

@@ -13,6 +13,7 @@ If you are using Terraform 0.11 you can use versions v1.*.
 
 *  Aws lambda runtine Python 3.7
 *  ec2 instances scheduling
+*  ecs service scheduling
 *  rds clusters scheduling
 *  rds instances scheduling
 *  autoscalings scheduling
@@ -29,6 +30,7 @@ module "stop_ec2_instance" {
   schedule_action                = "stop"
   autoscaling_schedule           = "false"
   ec2_schedule                   = "true"
+  ecs_schedule                   = "false"
   rds_schedule                   = "false"
   cloudwatch_alarm_schedule      = "false"
   scheduler_tag                  = {
@@ -44,6 +46,7 @@ module "start_ec2_instance" {
   schedule_action                = "start"
   autoscaling_schedule           = "false"
   ec2_schedule                   = "true"
+  ecs_schedule                   = "false"
   rds_schedule                   = "false"
   cloudwatch_alarm_schedule      = "false"
   scheduler_tag                  = {
@@ -72,6 +75,7 @@ module "start_ec2_instance" {
 | cloudwatch_schedule_expression | The scheduling expression | string | `"cron(0 22 ? * MON-FRI *)"` | yes |
 | autoscaling_schedule | Enable scheduling on autoscaling resources | string | `"false"` | no |
 | ec2_schedule | Enable scheduling on ec2 instance resources | string | `"false"` | no |
+| ecs_schedule | Enable scheduling on ecs services resources | string | `"false"` | no |
 | rds_schedule | Enable scheduling on rds resources | string | `"false"` | no |
 | cloudwatch_alarm_schedule | Enable scheduleding on cloudwatch alarm resources | string | `"false"` | no |
 | schedule_action | Define schedule action to apply on resources | string | `"stop"` | yes |
@@ -157,6 +161,7 @@ Apache 2 Licensed. See LICENSE for full details.
 
 *   [cloudwatch schedule expressions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html)
 *   [Python boto3 ec2](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2.html)
+*   [Python boto3 ecs](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ecs.html)
 *   [Python boto3 rds](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/rds.html)
 *   [Python boto3 autoscaling](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/autoscaling.html)
 *   [Terratest](https://github.com/gruntwork-io/terratest)

examples/ecs-scheduler/cloudwatch_alarm.tf

@@ -0,0 +1,18 @@
+resource "aws_cloudwatch_metric_alarm" "service_count" {
+  alarm_name          = "ecs-cluster-hello-service-count"
+  comparison_operator = "LessThanThreshold"
+  evaluation_periods  = "2"
+  metric_name         = "CPUUtilization"
+  namespace           = "AWS/ECS"
+  period              = "60"
+  statistic           = "SampleCount"
+  threshold           = "2"
+  alarm_description   = "Less than 2 Running Service on cluster"
+  dimensions = {
+    ClusterName = aws_ecs_cluster.hello.id
+  }
+
+  tags = {
+    tostop = "true"
+  }
+}

examples/ecs-scheduler/ecs.tf

@@ -0,0 +1,81 @@
+resource "aws_ecs_cluster" "hello" {
+  name = "ecs-scheduler-test-cluster"
+
+  setting {
+    name  = "containerInsights"
+    value = "disabled"
+  }
+}
+
+resource "aws_ecs_service" "hello" {
+  name            = "ecs-scheduler-test-service"
+  cluster         = aws_ecs_cluster.hello.id
+  task_definition = aws_ecs_task_definition.hello.arn
+  desired_count   = 1
+  launch_type     = "FARGATE"
+
+  network_configuration {
+    subnets = [aws_subnet.primary.id]
+  }
+
+  tags = {
+    tostop        = "true",
+    terratest_tag = var.random_tag
+  }
+  lifecycle {
+    ignore_changes = [
+      desired_count,
+      tags
+    ]
+  }
+}
+
+resource "aws_ecs_service" "hello-false" {
+  name            = "ecs-scheduler-test-false-service"
+  cluster         = aws_ecs_cluster.hello.id
+  task_definition = aws_ecs_task_definition.hello.arn
+  desired_count   = 1
+  launch_type     = "FARGATE"
+
+  network_configuration {
+    subnets = [aws_subnet.primary.id]
+  }
+
+  tags = {
+    tostop        = "false",
+    terratest_tag = var.random_tag
+  }
+  lifecycle {
+    ignore_changes = [
+      desired_count,
+      tags
+    ]
+  }
+}
+
+resource "aws_ecs_task_definition" "hello" {
+  family = "hello-world-1"
+
+  # Refer to https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html
+  # for cpu and memory values
+  cpu    = 256
+  memory = 512
+
+  requires_compatibilities = ["FARGATE"]
+  network_mode             = "awsvpc"
+
+  # execution_role_arn = aws_iam_role.ecs_service.arn
+  task_role_arn = aws_iam_role.hello_ecs_task_execution_role.arn
+
+  container_definitions = jsonencode([
+    {
+      name      = "hello-world-rest"
+      image     = "public.ecr.aws/docker/library/busybox:latest"
+      essential = true
+    }
+  ])
+
+  tags = {
+    terratest_tag = var.random_tag
+  }
+}

examples/ecs-scheduler/iam.tf

@@ -0,0 +1,24 @@
+resource "aws_iam_role" "hello_ecs_task_execution_role" {
+  name = "hello-ecsTaskExecutionRole"
+
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "ecs-tasks.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy_attachment" "ecs-task-execution-role-policy-attachment" {
+  role       = aws_iam_role.hello_ecs_task_execution_role.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy"
+}

examples/ecs-scheduler/main.tf

@@ -0,0 +1,39 @@
+# Terraform ecs with lambda scheduler
+
+# Get aws availability zones
+data "aws_availability_zones" "available" {}
+
+### Terraform modules ###
+
+module "ecs-stop-friday" {
+  source                         = "../../"
+  name                           = "stop-ecs"
+  cloudwatch_schedule_expression = "cron(0 23 ? * FRI *)"
+  schedule_action                = "stop"
+  ec2_schedule                   = "false"
+  ecs_schedule                   = "true"
+  rds_schedule                   = "false"
+  autoscaling_schedule           = "false"
+  cloudwatch_alarm_schedule      = "true"
+
+  scheduler_tag = {
+    key   = "tostop"
+    value = "true"
+  }
+}
+
+module "ecs-start-monday" {
+  source                         = "../../"
+  name                           = "start-ecs"
+  cloudwatch_schedule_expression = "cron(0 07 ? * MON *)"
+  schedule_action                = "start"
+  ec2_schedule                   = "false"
+  ecs_schedule                   = "true"
+  autoscaling_schedule           = "false"
+  cloudwatch_alarm_schedule      = "true"
+
+  scheduler_tag = {
+    key   = "tostop"
+    value = "true"
+  }
+}

examples/ecs-scheduler/outputs.tf

@@ -0,0 +1,17 @@
+# Terraform ex2-schedule outputs
+
+output "lambda_stop_name" {
+  value = module.ecs-stop-friday.scheduler_lambda_name
+}
+
+output "lambda_stop_arn" {
+  value = module.ecs-stop-friday.scheduler_lambda_arn
+}
+
+output "lambda_start_name" {
+  value = module.ecs-start-monday.scheduler_lambda_name
+}
+
+output "lambda_start_arn" {
+  value = module.ecs-start-monday.scheduler_lambda_arn
+}

examples/ecs-scheduler/provider.tf

@@ -0,0 +1,24 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "4.20.0"
+    }
+    archive = {
+      source  = "hashicorp/archive"
+      version = "2.2.0"
+    }
+  }
+  required_version = ">= 1.0.11"
+}
+
+provider "aws" {
+  region = "us-west-1"
+  default_tags {
+    tags = {
+      Created_by = "Terraform"
+      Project    = "esc-scheduler-testing-example"
+    }
+  }
+}
+

examples/ecs-scheduler/variables.tf

@@ -0,0 +1,4 @@
+variable "random_tag" {
+  description = "aws tag use during integration tests"
+  default     = "terratest_random_tag"
+}