Merge pull request #191 from XinFinOrg/XIN-242-define-ecs-task-definition

XIN-242: Define task definition for running ecs cluster
2026-06-19 21:31:37 +00:00 · 2022-10-09 21:33:12 +11:00 · 2022-10-09 21:33:12 +11:00 · 4595bcfac1
commit 4595bcfac1
parent a75c315eb5 af7eb197a1
6 changed files with 118 additions and 3 deletions
--- a/cicd/devnet/terraform/.terraform.lock.hcl
+++ b/cicd/devnet/terraform/.terraform.lock.hcl
@ -20,3 +20,20 @@ provider "registry.terraform.io/hashicorp/aws" {
    "zh:f4b86e7df4e846a38774e8e648b41c5ebaddcefa913cfa1864568086b7735575",
  ]
 }
+
+provider "registry.terraform.io/hashicorp/template" {
+  version = "2.2.0"
+  hashes = [
+    "h1:0wlehNaxBX7GJQnPfQwTNvvAf38Jm0Nv7ssKGMaG6Og=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
--- a/cicd/devnet/terraform/container-definition.tpl
+++ b/cicd/devnet/terraform/container-definition.tpl
@ -0,0 +1,46 @@
+[
+  {
+    "name": "tfXdcNode",
+    "image": "xinfinorg/${xdc_environment}:latest",
+    "environment": [
+      {"name": "PRIVATE_KEYS", "value": "${private_keys}"}
+    ],
+    "essential": true,
+    "logConfiguration": {
+      "logDriver": "awslogs",
+      "options": {
+        "awslogs-group": "${cloudwatch_group}",
+        "awslogs-region": "us-east-1",
+        "awslogs-stream-prefix": "ecs"
+      }
+    },
+    "portMappings": [
+      {
+        "hostPort": 80,
+        "protocol": "tcp",
+        "containerPort": 80
+      },
+      {
+        "hostPort": 8555,
+        "protocol": "tcp",
+        "containerPort": 8555
+      },
+      {
+        "hostPort": 8545,
+        "protocol": "tcp",
+        "containerPort": 8545
+      },
+      {
+        "hostPort": 30304,
+        "protocol": "tcp",
+        "containerPort": 30304
+      }
+    ],
+    "mountPoints": [
+      {
+        "containerPath": "/work/xdcchain",
+        "sourceVolume": "efs"
+      }
+    ]
+  }
+]
--- a/cicd/devnet/terraform/ecs.tf
+++ b/cicd/devnet/terraform/ecs.tf
@ -0,0 +1,41 @@
+data template_file devnet_container_definition {
+  for_each = var.devnet_node_kyes
+  template = "${file("${path.module}/container-definition.tpl")}"
+
+  vars = {
+    xdc_environment = "devnet"
+    private_keys = "${each.value.pk}",
+    cloudwatch_group = "tf-${each.key}"
+  }
+}
+
+resource "aws_ecs_task_definition" "devnet_task_definition_group" {
+  for_each = var.devnet_node_kyes
+  
+  family = "devnet-${each.key}"
+  requires_compatibilities = ["FARGATE"]
+  network_mode = "awsvpc"
+  container_definitions = data.template_file.devnet_container_definition[each.key].rendered
+  execution_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn
+  task_role_arn = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.arn
+  
+  cpu = 1024
+  memory = 2048
+  volume {
+    name = "efs"
+
+    efs_volume_configuration {
+      file_system_id          = aws_efs_file_system.devnet_efs.id
+      root_directory          = "/"
+      transit_encryption      = "ENABLED"
+      authorization_config {
+        access_point_id = aws_efs_access_point.devnet_efs_access_point[each.key].id
+        iam             = "DISABLED"
+      }
+    }
+  }
+  
+  tags = {
+       Name = "TfDevnetEcs-${each.key}"
+   }
+}
--- a/cicd/devnet/terraform/efs.tf
+++ b/cicd/devnet/terraform/efs.tf
@ -17,8 +17,8 @@ resource "aws_efs_mount_target" "devnet_efs_efs_mount_target" {
 }

 resource "aws_efs_access_point" "devnet_efs_access_point" {
-  file_system_id = aws_efs_file_system.devnet_efs.id
  for_each = var.devnet_node_kyes
+  file_system_id = aws_efs_file_system.devnet_efs.id
  root_directory {
    path = "/${each.key}/database"
    creation_info {
@ -34,6 +34,6 @@ resource "aws_efs_access_point" "devnet_efs_access_point" {
  }
  
  tags = {
-       Name = "TfDevnetEfsAccessPoint-${each.key}"
+       Name = "TfDevnetEfsAccessPoint${each.key}"
   }
 }
--- a/cicd/devnet/terraform/main.tf
+++ b/cicd/devnet/terraform/main.tf
@ -34,6 +34,7 @@ terraform {
 resource "aws_vpc" "devnet_vpc" {
  cidr_block = "10.0.0.0/16"
  instance_tenancy = "default"
+  enable_dns_hostnames = true
  
  tags = {
    Name = "TfDevnetVpc"
@ -150,3 +151,13 @@ resource "aws_iam_role_policy_attachment" "devnet_xdc_ecs_tasks_execution_role"
  role       = aws_iam_role.devnet_xdc_ecs_tasks_execution_role.name
  policy_arn = each.value
 }
+
+# Logs
+resource "aws_cloudwatch_log_group" "devnet_cloud_watch_group" {
+  for_each = var.devnet_node_kyes
+  name = "tf-${each.key}"
+  retention_in_days = 14 # Logs are only kept for 14 days
+  tags = {
+    Name = "TfDevnetCloudWatchGroup${each.key}"
+  }
+}
--- a/cicd/devnet/terraform/variables.tf
+++ b/cicd/devnet/terraform/variables.tf
@ -11,7 +11,7 @@ variable "devnet_node_kyes" {
    Note: No `n` is allowed in the node name
  **/
  default = {
-    xdc-1 = {
+    xdc1 = {
      pk  = "3efdb44088929167487da052125162b48d8d54fe8f7b7db11b5d5cc3b9a1c14b",
      isChaosNode = false # This is a placeholder, config not supported yet
    }