horizontal pod scaling, v1 #154

redterror · 2023-04-24T20:58:55Z

This PR adds a module + an initial configuration for staging's deployment to do horizontal pod scaling via a "target tracking" policy type.
E.g. this adjusts the ECS DesiredCount setting for the service to crank the number of worker containers based on a autoscaling-controlled metric.
AWS docs advise against touching the service-created metric (if we want direct control over the metric we need to use a different policy type).

The ECS cluster has a capacity provider that will scale up more instances to accommodate demand.

TODO:

Set the DesireCount on the app to be ignored via:

lifecycle {
  ignore_changes = [desired_count]
}

Though, I am not clear on how to do this in a multi-module world.

…olicy as a starting point

…etrics optionally

github-actions · 2023-04-24T20:59:39Z

Plan for staging

Terraform Format and Style 🖌`failure`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Show Plan


terraform
module.autoscaling.data.aws_partition.current: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Reading...
module.app.data.aws_region.current: Reading...
module.app.module.rds-secret.data.aws_caller_identity.current: Reading...
module.envconfig.data.aws_cloudformation_stack.vpc: Reading...
module.app.aws_cloudwatch_log_group.api: Refreshing state... [id=CAPP/staging/Api]
module.autoscaling.data.aws_caller_identity.current: Reading...
module.app.aws_kms_key.main: Refreshing state... [id=30a59499-7723-4c00-92ea-f6ad776481e8]
module.app.module.rds-secret.data.aws_region.current: Reading...
module.autoscaling.data.aws_region.current: Reading...
module.app.module.rds-secret.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.autoscaling.data.aws_partition.current: Read complete after 0s [id=aws]
module.autoscaling.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.aws_iam_role.ecs_execution_role: Refreshing state... [id=capp-staging-ecs-execution-role]
module.app.module.rds-secret.data.aws_partition.current: Reading...
module.app.module.rds-secret.data.aws_partition.current: Read complete after 0s [id=aws]
module.autoscaling.data.aws_caller_identity.current: Read complete after 0s [id=297530360210]
module.app.module.rds-secret.data.aws_caller_identity.current: Read complete after 0s [id=297530360210]
module.app.aws_secretsmanager_secret.auth0_express_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/auth0_express_config-8QlnRN]
module.app.aws_kms_alias.main: Refreshing state... [id=alias/capp-staging]
module.app.module.rds-secret.aws_secretsmanager_secret.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/db/config-diOBFJ]
module.app.aws_secretsmanager_secret.auth0_api_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/auth0_api_config-rMTYHL]
module.envconfig.data.aws_cloudformation_stack.vpc: Read complete after 0s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/staging-vpc/11517dd0-547a-11ed-9cff-0e260fe472a5]
module.app.data.aws_vpc.main: Reading...
module.app.data.aws_lb.main: Reading...
module.app.data.aws_security_group.db_security_group: Reading...
module.app.data.aws_route53_zone.main: Reading...
module.app.module.rds-secret.aws_serverlessapplicationrepository_cloudformation_stack.postgres-rotator: Refreshing state... [id=arn:aws:cloudformation:us-east-1:297530360210:stack/serverlessrepo-capp-staging-rds-postgres-rotator/d6562850-dfc7-11ed-b51e-0ef52c6bcbbb]
module.app.data.aws_db_subnet_group.main_subnet_group: Reading...
module.app.aws_iam_role_policy_attachment.default_execution_role: Refreshing state... [id=capp-staging-ecs-execution-role-20230420220433246500000002]
module.envconfig.data.aws_cloudformation_stack.ecs: Read complete after 0s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/staging-ecs-cluster/f100faf0-547a-11ed-aa6a-0ae642554bcb]
module.app.data.aws_iam_policy_document.execution_role: Reading...
module.envconfig.data.aws_ecs_cluster.ecs: Reading...
module.app.data.aws_iam_policy_document.execution_role: Read complete after 0s [id=3169407866]
module.app.aws_iam_role_policy.execution_role: Refreshing state... [id=capp-staging-ecs-execution-role:capp-task-execution-role]
module.app.aws_ecs_task_definition.api: Refreshing state... [id=capp-staging-api]
module.app.aws_ecs_task_definition.cli: Refreshing state... [id=capp-staging-cli]
module.envconfig.data.aws_ecs_cluster.ecs: Read complete after 0s [id=arn:aws:ecs:us-east-1:297530360210:cluster/staging]
module.app.data.aws_security_group.db_security_group: Read complete after 0s [id=sg-04b8398ee774b4573]
module.app.data.aws_db_subnet_group.main_subnet_group: Read complete after 0s [id=staging-private-subnets]
module.app.aws_rds_cluster.main: Refreshing state... [id=capp-staging20230420213209891000000002]
module.app.data.aws_route53_zone.main: Read complete after 0s [id=Z0980147ID00KB9TQ97U]
module.app.aws_route53_record.auth: Refreshing state... [id=Z0980147ID00KB9TQ97U_capp-auth.staging.apps.futurestech.cloud_CNAME]
module.app.data.aws_lb.main: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:loadbalancer/app/staging/5e07f0b5cbb70d23]
module.app.aws_route53_record.api: Refreshing state... [id=Z0980147ID00KB9TQ97U_capp-api.staging.apps.futurestech.cloud_A]
module.app.data.aws_lb_listener.main443: Reading...
module.app.module.rds-secret.aws_secretsmanager_secret_version.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/db/config-diOBFJ|A5819FA8-5A8D-429B-BA5A-BF61508B6CAD]
module.app.aws_rds_cluster_instance.instance0: Refreshing state... [id=tf-20230420213312480700000004]
module.app.data.aws_vpc.main: Read complete after 1s [id=vpc-0727aba7fe94fe8c5]
module.app.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:targetgroup/tf-20230420213204479600000001/3f17923b5abc3006]
module.app.data.aws_lb_listener.main443: Read complete after 1s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener/app/staging/5e07f0b5cbb70d23/ecdd95f56b1c3a80]
module.app.module.rds-secret.aws_secretsmanager_secret_rotation.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/db/config-diOBFJ]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_healthy_hosts_count: Refreshing state... [id=capp-staging-api-healthy-hosts]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_500_errors: Refreshing state... [id=capp-staging-api-500-errors]
module.app.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:297530360210:service/staging/capp-api]
module.app.aws_lb_listener_rule.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener-rule/app/staging/5e07f0b5cbb70d23/ecdd95f56b1c3a80/346446b6d495f3cc]
module.app.aws_cloudwatch_metric_alarm.rds_instance0_cpu: Refreshing state... [id=capp-staging-rds-instance0-cpu]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.autoscaling.aws_appautoscaling_policy.default["CPUAverage"] will be created
  + resource "aws_appautoscaling_policy" "default" {
      + alarm_arns         = (known after apply)
      + arn                = (known after apply)
      + id                 = (known after apply)
      + name               = "ecs-target-capp-api-cpuaverage"
      + policy_type        = "TargetTrackingScaling"
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"

      + target_tracking_scaling_policy_configuration {
          + disable_scale_in   = false
          + scale_in_cooldown  = 120
          + scale_out_cooldown = 120
          + target_value       = 60

          + predefined_metric_specification {
              + predefined_metric_type = "ECSServiceAverageCPUUtilization"
            }
        }
    }

  # module.autoscaling.aws_appautoscaling_policy.default["CPUSpike"] will be created
  + resource "aws_appautoscaling_policy" "default" {
      + alarm_arns         = (known after apply)
      + arn                = (known after apply)
      + id                 = (known after apply)
      + name               = "ecs-target-capp-api-cpuspike"
      + policy_type        = "TargetTrackingScaling"
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"

      + target_tracking_scaling_policy_configuration {
          + disable_scale_in   = false
          + scale_in_cooldown  = 120
          + scale_out_cooldown = 120
          + target_value       = 85

          + customized_metric_specification {
              + metric_name = "CPUUtilization"
              + namespace   = "AWS/ECS"
              + statistic   = "Maximum"
              + unit        = "Percent"

              + dimensions {
                  + name  = "ClusterName"
                  + value = "arn:aws:ecs:us-east-1:297530360210:cluster/staging"
                }
              + dimensions {
                  + name  = "ServiceName"
                  + value = "capp-api"
                }
            }
        }
    }

  # module.autoscaling.aws_appautoscaling_policy.default["MemoryAverage"] will be created
  + resource "aws_appautoscaling_policy" "default" {
      + alarm_arns         = (known after apply)
      + arn                = (known after apply)
      + id                 = (known after apply)
      + name               = "ecs-target-capp-api-memoryaverage"
      + policy_type        = "TargetTrackingScaling"
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"

      + target_tracking_scaling_policy_configuration {
          + disable_scale_in   = false
          + scale_in_cooldown  = 120
          + scale_out_cooldown = 120
          + target_value       = 60

          + predefined_metric_specification {
              + predefined_metric_type = "ECSServiceAverageMemoryUtilization"
            }
        }
    }

  # module.autoscaling.aws_appautoscaling_target.default will be created
  + resource "aws_appautoscaling_target" "default" {
      + id                 = (known after apply)
      + max_capacity       = 10
      + min_capacity       = 1
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + role_arn           = (known after apply)
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"
    }

  # module.autoscaling.aws_iam_role.ecs-autoscale-role will be created
  + resource "aws_iam_role" "ecs-autoscale-role" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "application-autoscaling.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "staging-capp-api-app-scaling"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + role_last_used        = (known after apply)
      + tags_all              = {
          + "BillingCode" = "TLE-451"
          + "Environment" = "Staging"
          + "Project"     = "CAPP"
        }
      + unique_id             = (known after apply)
    }

  # module.autoscaling.aws_iam_role_policy_attachment.ecs-autoscale will be created
  + resource "aws_iam_role_policy_attachment" "ecs-autoscale" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole"
      + role       = (known after apply)
    }

Plan: 6 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tf-staging.plan

To perform exactly these actions, run the following command to apply:
    terraform apply "tf-staging.plan"

Pushed by: @redterror, Action: pull_request

github-actions · 2023-04-24T20:59:46Z

Plan for dev

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Show Plan


terraform
module.envconfig.data.aws_cloudformation_stack.vpc: Reading...
module.app.data.aws_region.current: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Reading...
module.app.module.rds-secret.data.aws_region.current: Reading...
aws_ecr_repository.api: Refreshing state... [id=capp/api]
module.app.module.rds-secret.data.aws_caller_identity.current: Reading...
module.app.aws_cloudwatch_log_group.api: Refreshing state... [id=CAPP/dev/Api]
module.app.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.aws_kms_key.main: Refreshing state... [id=ea6236ff-b065-4017-be43-6507e9ed2cc6]
module.app.aws_iam_role.ecs_execution_role: Refreshing state... [id=capp-dev-ecs-execution-role]
module.app.module.rds-secret.data.aws_partition.current: Reading...
module.app.module.rds-secret.data.aws_partition.current: Read complete after 0s [id=aws]
module.app.module.rds-secret.data.aws_caller_identity.current: Read complete after 0s [id=297530360210]
module.app.aws_kms_alias.main: Refreshing state... [id=alias/capp-dev]
module.app.module.rds-secret.aws_secretsmanager_secret.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/db/config-s2od0G]
module.app.aws_secretsmanager_secret.auth0_express_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/auth0_express_config-yX7wkp]
module.app.aws_secretsmanager_secret.auth0_api_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/auth0_api_config-RTF7ao]
module.envconfig.data.aws_cloudformation_stack.vpc: Read complete after 0s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/dev-vpc/f767ba00-f0c0-11ec-a3f3-0ad0a1c16427]
module.app.module.rds-secret.aws_serverlessapplicationrepository_cloudformation_stack.postgres-rotator: Refreshing state... [id=arn:aws:cloudformation:us-east-1:297530360210:stack/serverlessrepo-capp-dev-rds-postgres-rotator/ad4b8400-b218-11ed-9541-0a0171f42e2b]
module.app.data.aws_security_group.db_security_group: Reading...
module.app.data.aws_route53_zone.main: Reading...
module.app.data.aws_vpc.main: Reading...
module.app.data.aws_db_subnet_group.main_subnet_group: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Read complete after 0s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/dev-ecs-cluster/620609c0-f0c1-11ec-a011-1215c9e41705]
module.app.data.aws_lb.main: Reading...
aws_ecr_repository_policy.api: Refreshing state... [id=capp/api]
module.envconfig.data.aws_ecs_cluster.ecs: Reading...
module.app.aws_iam_role_policy_attachment.default_execution_role: Refreshing state... [id=capp-dev-ecs-execution-role-20230221185050569000000002]
module.app.data.aws_iam_policy_document.execution_role: Reading...
module.app.data.aws_iam_policy_document.execution_role: Read complete after 0s [id=329197936]
module.app.aws_iam_role_policy.execution_role: Refreshing state... [id=capp-dev-ecs-execution-role:capp-task-execution-role]
module.app.data.aws_security_group.db_security_group: Read complete after 1s [id=sg-0b4edf6bac267e791]
module.app.aws_ecs_task_definition.cli: Refreshing state... [id=capp-dev-cli]
module.app.aws_ecs_task_definition.api: Refreshing state... [id=capp-dev-api]
module.envconfig.data.aws_ecs_cluster.ecs: Read complete after 0s [id=arn:aws:ecs:us-east-1:297530360210:cluster/dev]
module.app.data.aws_db_subnet_group.main_subnet_group: Read complete after 1s [id=dev-private-subnets]
module.app.aws_rds_cluster.main: Refreshing state... [id=capp-dev20230221185055321900000003]
module.app.data.aws_lb.main: Read complete after 1s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:loadbalancer/app/dev/cda426650006d1a1]
module.app.data.aws_lb_listener.main443: Reading...
module.app.data.aws_route53_zone.main: Read complete after 1s [id=Z04192993OAZN6X06QOB4]
module.app.aws_route53_record.api: Refreshing state... [id=Z04192993OAZN6X06QOB4_capp-api.dev.apps.futurestech.cloud_A]
module.app.aws_route53_record.auth: Refreshing state... [id=Z04192993OAZN6X06QOB4_capp-auth.dev.apps.futurestech.cloud_CNAME]
module.app.data.aws_vpc.main: Read complete after 1s [id=vpc-0b02fcef328ff133e]
module.app.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:targetgroup/tf-20230221185050133700000001/2eeebcb399425cdf]
module.app.aws_rds_cluster_instance.instance0: Refreshing state... [id=tf-20230221185228373600000006]
module.app.module.rds-secret.aws_secretsmanager_secret_version.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/db/config-s2od0G|4221A900-E5A4-4891-8947-B499CB9AB0F9]
module.app.data.aws_lb_listener.main443: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener/app/dev/cda426650006d1a1/69e81d812491d770]
module.app.aws_lb_listener_rule.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener-rule/app/dev/cda426650006d1a1/69e81d812491d770/6f84ce345b32593a]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_500_errors: Refreshing state... [id=capp-dev-api-500-errors]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_healthy_hosts_count: Refreshing state... [id=capp-dev-api-healthy-hosts]
module.app.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:297530360210:service/dev/capp-api]
module.app.module.rds-secret.aws_secretsmanager_secret_rotation.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/db/config-s2od0G]
module.app.aws_cloudwatch_metric_alarm.rds_instance0_cpu: Refreshing state... [id=capp-dev-rds-instance0-cpu]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

Pushed by: @redterror, Action: pull_request

github-actions · 2023-04-24T20:59:48Z

Plan for prod

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Show Plan


terraform
module.app.module.rds-secret.data.aws_region.current: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Reading...
module.app.aws_cloudwatch_log_group.api: Refreshing state... [id=CAPP/prod/Api]
module.envconfig.data.aws_cloudformation_stack.vpc: Reading...
module.app.aws_kms_key.main: Refreshing state... [id=b945bab5-d107-4efb-a311-d4b62c6cf1fe]
module.app.data.aws_region.current: Reading...
module.app.module.rds-secret.data.aws_caller_identity.current: Reading...
module.app.aws_iam_role.ecs_execution_role: Refreshing state... [id=capp-prod-ecs-execution-role]
module.app.module.rds-secret.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_partition.current: Reading...
module.app.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_partition.current: Read complete after 0s [id=aws]
module.app.module.rds-secret.data.aws_caller_identity.current: Read complete after 0s [id=297669039735]
module.app.aws_kms_alias.main: Refreshing state... [id=alias/capp-prod]
module.app.aws_secretsmanager_secret.auth0_api_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/auth0_api_config-ZJXodX]
module.app.aws_secretsmanager_secret.auth0_express_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/auth0_express_config-OJ1aFY]
module.app.module.rds-secret.aws_secretsmanager_secret.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/db/config-8sCzXO]
module.envconfig.data.aws_cloudformation_stack.vpc: Read complete after 0s [id=arn:aws:cloudformation:us-east-1:297669039735:stack/prod-vpc/b5575880-daf0-11ed-b626-0e44aecea259]
module.app.data.aws_db_subnet_group.main_subnet_group: Reading...
module.app.module.rds-secret.aws_serverlessapplicationrepository_cloudformation_stack.postgres-rotator: Refreshing state... [id=arn:aws:cloudformation:us-east-1:297669039735:stack/serverlessrepo-capp-prod-rds-postgres-rotator/2af8f4e0-e069-11ed-8214-0afa48bdab23]
module.app.data.aws_vpc.main: Reading...
module.app.data.aws_route53_zone.main: Reading...
module.app.data.aws_security_group.db_security_group: Reading...
module.app.data.aws_lb.main: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Read complete after 1s [id=arn:aws:cloudformation:us-east-1:297669039735:stack/prod-ecs-cluster/d5b473a0-daf1-11ed-b6a7-0ec7288a04bd]
module.app.aws_iam_role_policy_attachment.default_execution_role: Refreshing state... [id=capp-prod-ecs-execution-role-20230421172250473800000002]
module.envconfig.data.aws_ecs_cluster.ecs: Reading...
module.app.data.aws_iam_policy_document.execution_role: Reading...
module.app.data.aws_iam_policy_document.execution_role: Read complete after 0s [id=3555092288]
module.app.aws_iam_role_policy.execution_role: Refreshing state... [id=capp-prod-ecs-execution-role:capp-task-execution-role]
module.app.aws_ecs_task_definition.api: Refreshing state... [id=capp-prod-api]
module.app.aws_ecs_task_definition.cli: Refreshing state... [id=capp-prod-cli]
module.app.data.aws_security_group.db_security_group: Read complete after 0s [id=sg-013fe91355119891b]
module.app.data.aws_db_subnet_group.main_subnet_group: Read complete after 1s [id=prod-ext-private-subnets]
module.app.aws_rds_cluster.main: Refreshing state... [id=capp-prod20230421170733107600000002]
module.envconfig.data.aws_ecs_cluster.ecs: Read complete after 0s [id=arn:aws:ecs:us-east-1:297669039735:cluster/prod-ext]
module.app.data.aws_lb.main: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:loadbalancer/app/prod-ext/a4923c06bc1f2a70]
module.app.data.aws_lb_listener.main443: Reading...
module.app.module.rds-secret.aws_secretsmanager_secret_version.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/db/config-8sCzXO|BD473C61-2CC3-471D-BED9-8F24CD42F2EB]
module.app.aws_rds_cluster_instance.instance0: Refreshing state... [id=tf-20230421170845848000000004]
module.app.data.aws_vpc.main: Read complete after 0s [id=vpc-0f371ff9781a49a61]
module.app.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:targetgroup/tf-20230421170723778200000001/e6ed46e9272abb97]
module.app.data.aws_lb_listener.main443: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:listener/app/prod-ext/a4923c06bc1f2a70/3c86d6abedae2587]
module.app.module.rds-secret.aws_secretsmanager_secret_rotation.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/db/config-8sCzXO]
module.app.aws_cloudwatch_metric_alarm.rds_instance0_cpu: Refreshing state... [id=capp-prod-rds-instance0-cpu]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_healthy_hosts_count: Refreshing state... [id=capp-prod-api-healthy-hosts]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_500_errors: Refreshing state... [id=capp-prod-api-500-errors]
module.app.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:297669039735:service/prod-ext/capp-api]
module.app.data.aws_route53_zone.main: Read complete after 1s [id=Z0605058LTYGQT7UPGFT]
module.app.aws_route53_record.auth: Refreshing state... [id=Z0605058LTYGQT7UPGFT_capp-auth.prod-ext.apps.futurestech.cloud_CNAME]
module.app.aws_lb_listener_rule.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:listener-rule/app/prod-ext/a4923c06bc1f2a70/3c86d6abedae2587/3ad3d86a5e62cd00]
module.app.aws_route53_record.api: Refreshing state... [id=Z0605058LTYGQT7UPGFT_capp-api.prod-ext.apps.futurestech.cloud_A]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

Pushed by: @redterror, Action: pull_request

atrout

LGTM. Thank you!

cwegrzyn · 2023-04-25T00:24:53Z

Oof the dynamic ignore changes in modules seems like a long-standing feature request hashicorp/terraform#24188

cwegrzyn · 2023-04-25T13:42:41Z

Yeah, all of my digging has turned up that we're basically stuck putting ignore_changes on in the module. I think that's probably fine. Can we maybe bump the default desiredcount to 2 (probably best to see if there is any weird 2 instance behavior in dev anyway) and then add ignore_changes?

cwegrzyn

A few small things/qs, but ready when you are

tf/envs/staging/main.tf

…undo the scaling

github-actions · 2023-04-25T14:24:13Z

Plan for dev

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Show Plan


terraform
module.envconfig.data.aws_cloudformation_stack.vpc: Reading...
module.app.data.aws_region.current: Reading...
module.app.module.rds-secret.data.aws_caller_identity.current: Reading...
module.app.aws_cloudwatch_log_group.api: Refreshing state... [id=CAPP/dev/Api]
module.envconfig.data.aws_cloudformation_stack.ecs: Reading...
module.app.module.rds-secret.data.aws_region.current: Reading...
aws_ecr_repository.api: Refreshing state... [id=capp/api]
module.app.aws_iam_role.ecs_execution_role: Refreshing state... [id=capp-dev-ecs-execution-role]
module.app.aws_kms_key.main: Refreshing state... [id=ea6236ff-b065-4017-be43-6507e9ed2cc6]
module.app.module.rds-secret.data.aws_partition.current: Reading...
module.app.module.rds-secret.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_partition.current: Read complete after 0s [id=aws]
module.app.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_caller_identity.current: Read complete after 1s [id=297530360210]
aws_ecr_repository_policy.api: Refreshing state... [id=capp/api]
module.app.module.rds-secret.aws_secretsmanager_secret.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/db/config-s2od0G]
module.app.aws_kms_alias.main: Refreshing state... [id=alias/capp-dev]
module.app.aws_secretsmanager_secret.auth0_express_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/auth0_express_config-yX7wkp]
module.app.aws_secretsmanager_secret.auth0_api_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/auth0_api_config-RTF7ao]
module.envconfig.data.aws_cloudformation_stack.vpc: Read complete after 1s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/dev-vpc/f767ba00-f0c0-11ec-a3f3-0ad0a1c16427]
module.app.data.aws_security_group.db_security_group: Reading...
module.app.data.aws_db_subnet_group.main_subnet_group: Reading...
module.app.data.aws_lb.main: Reading...
module.app.module.rds-secret.aws_serverlessapplicationrepository_cloudformation_stack.postgres-rotator: Refreshing state... [id=arn:aws:cloudformation:us-east-1:297530360210:stack/serverlessrepo-capp-dev-rds-postgres-rotator/ad4b8400-b218-11ed-9541-0a0171f42e2b]
module.app.data.aws_route53_zone.main: Reading...
module.app.data.aws_vpc.main: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Read complete after 1s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/dev-ecs-cluster/620609c0-f0c1-11ec-a011-1215c9e41705]
module.app.aws_iam_role_policy_attachment.default_execution_role: Refreshing state... [id=capp-dev-ecs-execution-role-20230221185050569000000002]
module.envconfig.data.aws_ecs_cluster.ecs: Reading...
module.app.data.aws_iam_policy_document.execution_role: Reading...
module.app.data.aws_iam_policy_document.execution_role: Read complete after 0s [id=329197936]
module.app.aws_iam_role_policy.execution_role: Refreshing state... [id=capp-dev-ecs-execution-role:capp-task-execution-role]
module.app.data.aws_security_group.db_security_group: Read complete after 0s [id=sg-0b4edf6bac267e791]
module.app.aws_ecs_task_definition.api: Refreshing state... [id=capp-dev-api]
module.app.aws_ecs_task_definition.cli: Refreshing state... [id=capp-dev-cli]
module.app.data.aws_db_subnet_group.main_subnet_group: Read complete after 0s [id=dev-private-subnets]
module.app.aws_rds_cluster.main: Refreshing state... [id=capp-dev20230221185055321900000003]
module.app.data.aws_lb.main: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:loadbalancer/app/dev/cda426650006d1a1]
module.app.data.aws_lb_listener.main443: Reading...
module.envconfig.data.aws_ecs_cluster.ecs: Read complete after 0s [id=arn:aws:ecs:us-east-1:297530360210:cluster/dev]
module.app.data.aws_vpc.main: Read complete after 0s [id=vpc-0b02fcef328ff133e]
module.app.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:targetgroup/tf-20230221185050133700000001/2eeebcb399425cdf]
module.app.module.rds-secret.aws_secretsmanager_secret_version.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/db/config-s2od0G|4221A900-E5A4-4891-8947-B499CB9AB0F9]
module.app.aws_rds_cluster_instance.instance0: Refreshing state... [id=tf-20230221185228373600000006]
module.app.module.rds-secret.aws_secretsmanager_secret_rotation.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/dev/db/config-s2od0G]
module.app.data.aws_lb_listener.main443: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener/app/dev/cda426650006d1a1/69e81d812491d770]
module.app.data.aws_route53_zone.main: Read complete after 1s [id=Z04192993OAZN6X06QOB4]
module.app.aws_route53_record.auth: Refreshing state... [id=Z04192993OAZN6X06QOB4_capp-auth.dev.apps.futurestech.cloud_CNAME]
module.app.aws_route53_record.api: Refreshing state... [id=Z04192993OAZN6X06QOB4_capp-api.dev.apps.futurestech.cloud_A]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_500_errors: Refreshing state... [id=capp-dev-api-500-errors]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_healthy_hosts_count: Refreshing state... [id=capp-dev-api-healthy-hosts]
module.app.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:297530360210:service/dev/capp-api]
module.app.aws_lb_listener_rule.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener-rule/app/dev/cda426650006d1a1/69e81d812491d770/6f84ce345b32593a]
module.app.aws_cloudwatch_metric_alarm.rds_instance0_cpu: Refreshing state... [id=capp-dev-rds-instance0-cpu]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

Pushed by: @redterror, Action: pull_request

github-actions · 2023-04-25T14:24:16Z

Plan for staging

Terraform Format and Style 🖌`failure`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Show Plan


terraform
module.envconfig.data.aws_cloudformation_stack.vpc: Reading...
module.app.aws_kms_key.main: Refreshing state... [id=30a59499-7723-4c00-92ea-f6ad776481e8]
module.autoscaling.data.aws_partition.current: Reading...
module.app.aws_iam_role.ecs_execution_role: Refreshing state... [id=capp-staging-ecs-execution-role]
module.autoscaling.data.aws_caller_identity.current: Reading...
module.app.module.rds-secret.data.aws_region.current: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Reading...
module.autoscaling.data.aws_region.current: Reading...
module.app.data.aws_region.current: Reading...
module.app.aws_cloudwatch_log_group.api: Refreshing state... [id=CAPP/staging/Api]
module.autoscaling.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.autoscaling.data.aws_partition.current: Read complete after 0s [id=aws]
module.app.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_partition.current: Reading...
module.app.module.rds-secret.data.aws_caller_identity.current: Reading...
module.app.module.rds-secret.data.aws_partition.current: Read complete after 0s [id=aws]
module.autoscaling.data.aws_caller_identity.current: Read complete after 1s [id=297530360210]
module.app.module.rds-secret.data.aws_caller_identity.current: Read complete after 1s [id=297530360210]
module.app.aws_kms_alias.main: Refreshing state... [id=alias/capp-staging]
module.app.aws_secretsmanager_secret.auth0_api_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/auth0_api_config-rMTYHL]
module.app.module.rds-secret.aws_secretsmanager_secret.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/db/config-diOBFJ]
module.app.aws_secretsmanager_secret.auth0_express_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/auth0_express_config-8QlnRN]
module.envconfig.data.aws_cloudformation_stack.vpc: Read complete after 1s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/staging-vpc/11517dd0-547a-11ed-9cff-0e260fe472a5]
module.app.data.aws_security_group.db_security_group: Reading...
module.app.data.aws_route53_zone.main: Reading...
module.app.data.aws_vpc.main: Reading...
module.app.data.aws_db_subnet_group.main_subnet_group: Reading...
module.app.data.aws_lb.main: Reading...
module.app.module.rds-secret.aws_serverlessapplicationrepository_cloudformation_stack.postgres-rotator: Refreshing state... [id=arn:aws:cloudformation:us-east-1:297530360210:stack/serverlessrepo-capp-staging-rds-postgres-rotator/d6562850-dfc7-11ed-b51e-0ef52c6bcbbb]
module.envconfig.data.aws_cloudformation_stack.ecs: Read complete after 1s [id=arn:aws:cloudformation:us-east-1:297530360210:stack/staging-ecs-cluster/f100faf0-547a-11ed-aa6a-0ae642554bcb]
module.app.aws_iam_role_policy_attachment.default_execution_role: Refreshing state... [id=capp-staging-ecs-execution-role-20230420220433246500000002]
module.envconfig.data.aws_ecs_cluster.ecs: Reading...
module.app.data.aws_iam_policy_document.execution_role: Reading...
module.app.data.aws_iam_policy_document.execution_role: Read complete after 0s [id=3169407866]
module.app.aws_iam_role_policy.execution_role: Refreshing state... [id=capp-staging-ecs-execution-role:capp-task-execution-role]
module.app.aws_ecs_task_definition.api: Refreshing state... [id=capp-staging-api]
module.app.aws_ecs_task_definition.cli: Refreshing state... [id=capp-staging-cli]
module.app.data.aws_security_group.db_security_group: Read complete after 0s [id=sg-04b8398ee774b4573]
module.app.data.aws_db_subnet_group.main_subnet_group: Read complete after 0s [id=staging-private-subnets]
module.app.aws_rds_cluster.main: Refreshing state... [id=capp-staging20230420213209891000000002]
module.envconfig.data.aws_ecs_cluster.ecs: Read complete after 0s [id=arn:aws:ecs:us-east-1:297530360210:cluster/staging]
module.app.data.aws_lb.main: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:loadbalancer/app/staging/5e07f0b5cbb70d23]
module.app.data.aws_lb_listener.main443: Reading...
module.app.module.rds-secret.aws_secretsmanager_secret_version.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/db/config-diOBFJ|A5819FA8-5A8D-429B-BA5A-BF61508B6CAD]
module.app.aws_rds_cluster_instance.instance0: Refreshing state... [id=tf-20230420213312480700000004]
module.app.data.aws_lb_listener.main443: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener/app/staging/5e07f0b5cbb70d23/ecdd95f56b1c3a80]
module.app.data.aws_vpc.main: Read complete after 0s [id=vpc-0727aba7fe94fe8c5]
module.app.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:targetgroup/tf-20230420213204479600000001/3f17923b5abc3006]
module.app.data.aws_route53_zone.main: Read complete after 0s [id=Z0980147ID00KB9TQ97U]
module.app.aws_route53_record.auth: Refreshing state... [id=Z0980147ID00KB9TQ97U_capp-auth.staging.apps.futurestech.cloud_CNAME]
module.app.aws_route53_record.api: Refreshing state... [id=Z0980147ID00KB9TQ97U_capp-api.staging.apps.futurestech.cloud_A]
module.app.module.rds-secret.aws_secretsmanager_secret_rotation.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297530360210:secret:projects/capp/staging/db/config-diOBFJ]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_healthy_hosts_count: Refreshing state... [id=capp-staging-api-healthy-hosts]
module.app.aws_lb_listener_rule.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297530360210:listener-rule/app/staging/5e07f0b5cbb70d23/ecdd95f56b1c3a80/346446b6d495f3cc]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_500_errors: Refreshing state... [id=capp-staging-api-500-errors]
module.app.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:297530360210:service/staging/capp-api]
module.app.aws_cloudwatch_metric_alarm.rds_instance0_cpu: Refreshing state... [id=capp-staging-rds-instance0-cpu]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.autoscaling.aws_appautoscaling_policy.default["CPUAverage"] will be created
  + resource "aws_appautoscaling_policy" "default" {
      + alarm_arns         = (known after apply)
      + arn                = (known after apply)
      + id                 = (known after apply)
      + name               = "ecs-target-capp-api-cpuaverage"
      + policy_type        = "TargetTrackingScaling"
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"

      + target_tracking_scaling_policy_configuration {
          + disable_scale_in   = false
          + scale_in_cooldown  = 120
          + scale_out_cooldown = 120
          + target_value       = 60

          + predefined_metric_specification {
              + predefined_metric_type = "ECSServiceAverageCPUUtilization"
            }
        }
    }

  # module.autoscaling.aws_appautoscaling_policy.default["CPUSpike"] will be created
  + resource "aws_appautoscaling_policy" "default" {
      + alarm_arns         = (known after apply)
      + arn                = (known after apply)
      + id                 = (known after apply)
      + name               = "ecs-target-capp-api-cpuspike"
      + policy_type        = "TargetTrackingScaling"
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"

      + target_tracking_scaling_policy_configuration {
          + disable_scale_in   = false
          + scale_in_cooldown  = 120
          + scale_out_cooldown = 120
          + target_value       = 85

          + customized_metric_specification {
              + metric_name = "CPUUtilization"
              + namespace   = "AWS/ECS"
              + statistic   = "Maximum"
              + unit        = "Percent"

              + dimensions {
                  + name  = "ClusterName"
                  + value = "arn:aws:ecs:us-east-1:297530360210:cluster/staging"
                }
              + dimensions {
                  + name  = "ServiceName"
                  + value = "capp-api"
                }
            }
        }
    }

  # module.autoscaling.aws_appautoscaling_policy.default["MemoryAverage"] will be created
  + resource "aws_appautoscaling_policy" "default" {
      + alarm_arns         = (known after apply)
      + arn                = (known after apply)
      + id                 = (known after apply)
      + name               = "ecs-target-capp-api-memoryaverage"
      + policy_type        = "TargetTrackingScaling"
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"

      + target_tracking_scaling_policy_configuration {
          + disable_scale_in   = false
          + scale_in_cooldown  = 120
          + scale_out_cooldown = 120
          + target_value       = 60

          + predefined_metric_specification {
              + predefined_metric_type = "ECSServiceAverageMemoryUtilization"
            }
        }
    }

  # module.autoscaling.aws_appautoscaling_target.default will be created
  + resource "aws_appautoscaling_target" "default" {
      + id                 = (known after apply)
      + max_capacity       = 10
      + min_capacity       = 2
      + resource_id        = "service/arn:aws:ecs:us-east-1:297530360210:cluster/staging/capp-api"
      + role_arn           = (known after apply)
      + scalable_dimension = "ecs:service:DesiredCount"
      + service_namespace  = "ecs"
    }

  # module.autoscaling.aws_iam_role.ecs-autoscale-role will be created
  + resource "aws_iam_role" "ecs-autoscale-role" {
      + arn                   = (known after apply)
      + assume_role_policy    = jsonencode(
            {
              + Statement = [
                  + {
                      + Action    = "sts:AssumeRole"
                      + Effect    = "Allow"
                      + Principal = {
                          + Service = "application-autoscaling.amazonaws.com"
                        }
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + create_date           = (known after apply)
      + force_detach_policies = false
      + id                    = (known after apply)
      + managed_policy_arns   = (known after apply)
      + max_session_duration  = 3600
      + name                  = "staging-capp-api-app-scaling"
      + name_prefix           = (known after apply)
      + path                  = "/"
      + role_last_used        = (known after apply)
      + tags_all              = {
          + "BillingCode" = "TLE-451"
          + "Environment" = "Staging"
          + "Project"     = "CAPP"
        }
      + unique_id             = (known after apply)
    }

  # module.autoscaling.aws_iam_role_policy_attachment.ecs-autoscale will be created
  + resource "aws_iam_role_policy_attachment" "ecs-autoscale" {
      + id         = (known after apply)
      + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole"
      + role       = (known after apply)
    }

Plan: 6 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tf-staging.plan

To perform exactly these actions, run the following command to apply:
    terraform apply "tf-staging.plan"

Pushed by: @redterror, Action: pull_request

github-actions · 2023-04-25T14:24:18Z

Plan for prod

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Show Plan


terraform
Acquiring state lock. This may take a few moments...
module.app.module.rds-secret.data.aws_caller_identity.current: Reading...
module.envconfig.data.aws_cloudformation_stack.ecs: Reading...
module.app.module.rds-secret.data.aws_partition.current: Reading...
module.app.aws_cloudwatch_log_group.api: Refreshing state... [id=CAPP/prod/Api]
module.envconfig.data.aws_cloudformation_stack.vpc: Reading...
module.app.aws_kms_key.main: Refreshing state... [id=b945bab5-d107-4efb-a311-d4b62c6cf1fe]
module.app.module.rds-secret.data.aws_region.current: Reading...
module.app.data.aws_region.current: Reading...
module.app.aws_iam_role.ecs_execution_role: Refreshing state... [id=capp-prod-ecs-execution-role]
module.app.module.rds-secret.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_partition.current: Read complete after 0s [id=aws]
module.app.data.aws_region.current: Read complete after 0s [id=us-east-1]
module.app.module.rds-secret.data.aws_caller_identity.current: Read complete after 0s [id=297669039735]
module.envconfig.data.aws_cloudformation_stack.vpc: Read complete after 0s [id=arn:aws:cloudformation:us-east-1:297669039735:stack/prod-vpc/b5575880-daf0-11ed-b626-0e44aecea259]
module.app.data.aws_db_subnet_group.main_subnet_group: Reading...
module.app.data.aws_lb.main: Reading...
module.app.data.aws_route53_zone.main: Reading...
module.app.data.aws_vpc.main: Reading...
module.app.data.aws_security_group.db_security_group: Reading...
module.app.aws_secretsmanager_secret.auth0_express_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/auth0_express_config-OJ1aFY]
module.app.aws_kms_alias.main: Refreshing state... [id=alias/capp-prod]
module.app.aws_secretsmanager_secret.auth0_api_config: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/auth0_api_config-ZJXodX]
module.app.module.rds-secret.aws_secretsmanager_secret.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/db/config-8sCzXO]
module.app.module.rds-secret.aws_serverlessapplicationrepository_cloudformation_stack.postgres-rotator: Refreshing state... [id=arn:aws:cloudformation:us-east-1:297669039735:stack/serverlessrepo-capp-prod-rds-postgres-rotator/2af8f4e0-e069-11ed-8214-0afa48bdab23]
module.envconfig.data.aws_cloudformation_stack.ecs: Read complete after 0s [id=arn:aws:cloudformation:us-east-1:297669039735:stack/prod-ecs-cluster/d5b473a0-daf1-11ed-b6a7-0ec7288a04bd]
module.app.aws_iam_role_policy_attachment.default_execution_role: Refreshing state... [id=capp-prod-ecs-execution-role-20230421172250473800000002]
module.envconfig.data.aws_ecs_cluster.ecs: Reading...
module.app.data.aws_iam_policy_document.execution_role: Reading...
module.app.data.aws_iam_policy_document.execution_role: Read complete after 0s [id=3555092288]
module.app.aws_iam_role_policy.execution_role: Refreshing state... [id=capp-prod-ecs-execution-role:capp-task-execution-role]
module.app.data.aws_security_group.db_security_group: Read complete after 1s [id=sg-013fe91355119891b]
module.app.data.aws_db_subnet_group.main_subnet_group: Read complete after 1s [id=prod-ext-private-subnets]
module.app.aws_rds_cluster.main: Refreshing state... [id=capp-prod20230421170733107600000002]
module.app.aws_ecs_task_definition.api: Refreshing state... [id=capp-prod-api]
module.app.aws_ecs_task_definition.cli: Refreshing state... [id=capp-prod-cli]
module.envconfig.data.aws_ecs_cluster.ecs: Read complete after 1s [id=arn:aws:ecs:us-east-1:297669039735:cluster/prod-ext]
module.app.data.aws_lb.main: Read complete after 1s [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:loadbalancer/app/prod-ext/a4923c06bc1f2a70]
module.app.data.aws_lb_listener.main443: Reading...
module.app.data.aws_route53_zone.main: Read complete after 1s [id=Z0605058LTYGQT7UPGFT]
module.app.aws_route53_record.auth: Refreshing state... [id=Z0605058LTYGQT7UPGFT_capp-auth.prod-ext.apps.futurestech.cloud_CNAME]
module.app.aws_route53_record.api: Refreshing state... [id=Z0605058LTYGQT7UPGFT_capp-api.prod-ext.apps.futurestech.cloud_A]
module.app.aws_rds_cluster_instance.instance0: Refreshing state... [id=tf-20230421170845848000000004]
module.app.module.rds-secret.aws_secretsmanager_secret_version.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/db/config-8sCzXO|BD473C61-2CC3-471D-BED9-8F24CD42F2EB]
module.app.data.aws_vpc.main: Read complete after 1s [id=vpc-0f371ff9781a49a61]
module.app.aws_lb_target_group.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:targetgroup/tf-20230421170723778200000001/e6ed46e9272abb97]
module.app.data.aws_lb_listener.main443: Read complete after 0s [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:listener/app/prod-ext/a4923c06bc1f2a70/3c86d6abedae2587]
module.app.module.rds-secret.aws_secretsmanager_secret_rotation.main: Refreshing state... [id=arn:aws:secretsmanager:us-east-1:297669039735:secret:projects/capp/prod/db/config-8sCzXO]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_healthy_hosts_count: Refreshing state... [id=capp-prod-api-healthy-hosts]
module.app.aws_ecs_service.api: Refreshing state... [id=arn:aws:ecs:us-east-1:297669039735:service/prod-ext/capp-api]
module.app.aws_lb_listener_rule.api: Refreshing state... [id=arn:aws:elasticloadbalancing:us-east-1:297669039735:listener-rule/app/prod-ext/a4923c06bc1f2a70/3c86d6abedae2587/3ad3d86a5e62cd00]
module.app.aws_cloudwatch_metric_alarm.api_targetgroup_500_errors: Refreshing state... [id=capp-prod-api-500-errors]
module.app.aws_cloudwatch_metric_alarm.rds_instance0_cpu: Refreshing state... [id=capp-prod-rds-instance0-cpu]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration
and found no differences, so no changes are needed.

Pushed by: @redterror, Action: pull_request

redterror added 3 commits April 24, 2023 17:15

add an autoscaling module for app-level scaling + setup a cpu-based p…

3df9b7a

…olicy as a starting point

switch to a target tracking policy type

a9a4679

tweak our variable formatting to support using predefined or custom m…

67961e6

…etrics optionally

redterror self-assigned this Apr 24, 2023

redterror requested review from cwegrzyn and atrout April 24, 2023 20:58

atrout approved these changes Apr 24, 2023

View reviewed changes

cwegrzyn approved these changes Apr 25, 2023

View reviewed changes

tf/envs/staging/main.tf Outdated Show resolved Hide resolved

bump desired count / min capacity to 2 + add an ignore so TF doesn't …

7b86240

…undo the scaling

redterror merged commit 458e415 into main Apr 25, 2023

redterror deleted the feat/pod-scaling branch April 25, 2023 14:25

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

horizontal pod scaling, v1 #154

horizontal pod scaling, v1 #154

redterror commented Apr 24, 2023 •

edited

Loading

github-actions bot commented Apr 24, 2023

github-actions bot commented Apr 24, 2023

github-actions bot commented Apr 24, 2023

atrout left a comment

cwegrzyn commented Apr 25, 2023

cwegrzyn commented Apr 25, 2023 •

edited

Loading

cwegrzyn left a comment

github-actions bot commented Apr 25, 2023

github-actions bot commented Apr 25, 2023

github-actions bot commented Apr 25, 2023

horizontal pod scaling, v1 #154

horizontal pod scaling, v1 #154

Conversation

redterror commented Apr 24, 2023 • edited Loading

github-actions bot commented Apr 24, 2023

Plan for staging

Terraform Format and Style 🖌failure

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

github-actions bot commented Apr 24, 2023

Plan for dev

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

github-actions bot commented Apr 24, 2023

Plan for prod

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

atrout left a comment

Choose a reason for hiding this comment

cwegrzyn commented Apr 25, 2023

cwegrzyn commented Apr 25, 2023 • edited Loading

cwegrzyn left a comment

Choose a reason for hiding this comment

github-actions bot commented Apr 25, 2023

Plan for dev

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

github-actions bot commented Apr 25, 2023

Plan for staging

Terraform Format and Style 🖌failure

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

github-actions bot commented Apr 25, 2023

Plan for prod

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Validation 🤖success

Terraform Plan 📖success

redterror commented Apr 24, 2023 •

edited

Loading

Terraform Format and Style 🖌`failure`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

cwegrzyn commented Apr 25, 2023 •

edited

Loading

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Terraform Format and Style 🖌`failure`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`

Terraform Format and Style 🖌`success`

Terraform Initialization ⚙️`success`

Terraform Validation 🤖`success`

Terraform Plan 📖`success`