This module will all the necessary configuration to run a Polytomic On ECS Fargate. Using the architecture outlined in the image below.
To run this example you need to execute:
$ terraform init
$ terraform plan
$ terraform apply
Complete
provider "aws" {
region = "us-east-1"
}
module "polytomic-ecs" {
source = "github.com/polytomic/on-premises/terraform/modules/ecs"
prefix = "polytomic"
tags = {
Owner = "polytomic"
Environment = "staging"
Billing = "R/D"
}
region = "us-east-1"
####### Polytomic settings #######
polytomic_image = "568237466542.dkr.ecr.us-west-2.amazonaws.com/polytomic-onprem:latest"
polytomic_root_user = "[email protected]"
polytomic_deployment = "DEPLOYMENT"
polytomic_deployment_key = "DEPLOYMENT_KEY"
polytomic_deployment_api_key = "DEPLOYMENT_API_KEY"
polytomic_google_client_id = "GOOGLE_ID"
polytomic_google_client_secret = "GOOGLE_SECRET"
polytomic_url = ""
polytomic_single_player = false
polytomic_bootstrap = true
polytomic_record_log_disabled = false
# valid values are debug, info, warn, error; the default is info
polytomic_log_level = "info"
# enable periodically writing stats to S3
enable_stats = true
alert_emails = ["[email protected]"]
aws_profile = "default"
enable_monitoring = true
extra_environment = {
FOO = "BAR"
}
####### VPC settings #######
#
# Use this to set the VPC ID to use for the VPC.
# If not set, the VPC will be created.
# vpc_id = "vpc-123456789"
vpc_id = ""
private_subnet_ids = []
public_subnet_ids = []
#
# New VPC settings
vpc_cidr = "10.0.0.0/16"
vpc_azs = ["us-east-1a", "us-east-1b", "us-east-1c"]
vpc_private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
vpc_public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
####### ECS settings #######
#
# Use this if you want to use an existing ECS cluster.
# If not set, a new ECS cluster will be created.
# ecs_cluster_name = "my-ecs-cluster"
ecs_cluster_name = ""
####### Redis settings #######
#
# Use this if you already have a Redis endpoint set up.
# If left blank, we'll create a new Redis instance for you using the settings below.
# redis_endpoint = redis://:password@host:6379/"
redis_endpoint = ""
#
# New Redis instance settings
redis_cluster_size = 1
redis_port = 6379
redis_instance_type = "cache.t2.micro"
redis_engine_version = "6.2"
redis_family = "redis6.x"
redis_at_rest_encryption_enabled = true
redis_transit_encryption_enabled = true
redis_maintenance_window = "mon:03:00-mon:04:00"
redis_snapshot_window = "04:00-06:00"
redis_snapshot_retention_limit = 7
####### Database settings #######
#
# Use this if you already have a database endpoint set up.
# If left blank, we'll create a new database instance for you using the settings below.
# database_endpoint = "postgres://user:password@host:port/database"
database_endpoint = ""
#
# New database instance settings
database_username = "polytomic"
database_name = "polytomic"
database_port = 5432
database_engine = "postgres"
database_engine_version = "14.1"
database_family = "postgres14"
database_major_engine_version = "14"
database_instance_class = "db.t3.small"
database_multi_az = true
database_allocated_storage = 20
database_max_allocated_storage = 100
database_backup_retention = 30
database_maintenance_window = "Mon:00:00-Mon:03:00"
database_backup_window = "03:00-06:00"
database_skip_final_snapshot = false
database_deletion_protection = false
database_enabled_cloudwatch_logs_exports = ["postgresql", "upgrade"]
database_create_cloudwatch_log_group = false
database_performance_insights_enabled = true
database_performance_insights_retention_period = 7
database_create_monitoring_role = true
database_monitoring_interval = 60
database_monitoring_role_name = "monitoring-role"
}Minimal
provider "aws" {
region = "us-east-1"
}
module "polytomic-ecs" {
source = "github.com/polytomic/on-premises//terraform/modules/ecs?ref=v1.0.0"
prefix = "polytomic"
region = "us-east-1"
####### Polytomic settings #######
polytomic_image = "568237466542.dkr.ecr.us-west-2.amazonaws.com/polytomic-onprem:latest"
polytomic_root_user = "[email protected]"
polytomic_deployment = "DEPLOYMENT"
polytomic_deployment_key = "DEPLOYMENT_KEY"
polytomic_google_client_id = "GOOGLE_ID"
polytomic_google_client_secret = "GOOGLE_SECRET"
}| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 4.6 |
| Name | Version |
|---|---|
| aws | 4.22.0 |
| null | 3.1.1 |
| random | 3.3.2 |
| Name | Source | Version |
|---|---|---|
| database | terraform-aws-modules/rds/aws | 5.9.0 |
| database_sg | terraform-aws-modules/security-group/aws | ~> 4.0 |
| ecs | terraform-aws-modules/ecs/aws | <5.0.0 |
| ecs-alerts-worker | ../monitoring/ecs-alerts | n/a |
| ecs_log_groups | terraform-aws-modules/cloudwatch/aws//modules/log-group | ~> 3.0 |
| efs | cloudposse/efs/aws | ~> 0.35.0 |
| efs_sg | terraform-aws-modules/security-group/aws | ~> 4.0 |
| elasticache-alerts | ../monitoring/elasticache-alerts | n/a |
| fargate_sg | terraform-aws-modules/security-group/aws | ~> 4.0 |
| lb_sg | terraform-aws-modules/security-group/aws | ~> 4.0 |
| log_group | terraform-aws-modules/cloudwatch/aws//modules/log-group | ~> 3.0 |
| rds-alerts | ../monitoring/rds-alerts | n/a |
| redis | umotif-public/elasticache-redis/aws | n/a |
| s3_bucket | terraform-aws-modules/s3-bucket/aws | n/a |
| scheduled_task | cn-terraform/ecs-fargate-scheduled-task/aws | 1.0.22 |
| vpc | terraform-aws-modules/vpc/aws | <5.0.0 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_ecs_security_groups | ECS security group ids | list |
[] |
no |
| alert_emails | Email addresses to send alerts to | list(string) |
[] |
no |
| aws_profile | AWS profile to use | string |
"default" |
no |
| bucket_prefix | Bucket prefix | string |
"" |
no |
| database_allocated_storage | Database allocated storage | number |
20 |
no |
| database_auto_minor_version_upgrade | Database auto minor version upgrade | bool |
false |
no |
| database_backup_retention | Database backup retention | number |
30 |
no |
| database_backup_window | Database backup window | string |
"03:00-06:00" |
no |
| database_create_cloudwatch_log_group | Database create cloudwatch log group | bool |
true |
no |
| database_create_monitoring_role | Database create monitoring role | bool |
true |
no |
| database_deletion_protection | Database deletion protection | bool |
true |
no |
| database_enabled_cloudwatch_logs_exports | Database enabled cloudwatch logs exports | list |
[ |
no |
| database_endpoint | Database Endpoint | string |
"" |
no |
| database_engine | Database engine | string |
"postgres" |
no |
| database_engine_version | Database engine version | string |
"14.7" |
no |
| database_family | Database family | string |
"postgres14" |
no |
| database_instance_class | Database instance class | string |
"db.t3.small" |
no |
| database_maintenance_window | Database maintenance window | string |
"Mon:00:00-Mon:03:00" |
no |
| database_major_engine_version | Database major engine version | string |
"14" |
no |
| database_max_allocated_storage | Database max allocated storage | number |
100 |
no |
| database_monitoring_interval | Database monitoring interval | number |
60 |
no |
| database_monitoring_role_name | Database monitoring role name | string |
"polytomic-monitoring-role" |
no |
| database_multi_az | Multi-AZ database | bool |
true |
no |
| database_name | Database Name | string |
"polytomic" |
no |
| database_performance_insights_enabled | Database performance insights enabled | bool |
true |
no |
| database_performance_insights_retention_period | Database performance insights retention period | number |
7 |
no |
| database_port | Database port | number |
5432 |
no |
| database_skip_final_snapshot | Database skip final snapshot | bool |
false |
no |
| database_username | Database username | string |
"polytomic" |
no |
| ecs_cluster_name | ECS cluster name | string |
"" |
no |
| ecs_enable_container_insights | ECS enable container insights | bool |
true |
no |
| enable_monitoring | enable automatic monitoring | bool |
false |
no |
| enable_stats | enable automatic stats reporting | bool |
false |
no |
| extra_environment | Extra environment variables to pass to the containers | map(string) |
{} |
no |
| load_balancer_internal | use internal load balancer | bool |
false |
no |
| load_balancer_redirect_https | enable https listener on load balancer | bool |
false |
no |
| load_balancer_security_groups | security groups for load balancer | list(string) |
[] |
no |
| log_retention_days | Cloudwatch log retention days | number |
120 |
no |
| polyotmic_efs_caching | Enable EFS caching | bool |
false |
no |
| polytomic_bootstrap | Whether to bootstrap Polytomic | bool |
false |
no |
| polytomic_data_path | Filesystem path to local data cache | string |
"/var/polytomic" |
no |
| polytomic_dd_agent_image | Docker image to use for the Datadog agent | string |
"568237466542.dkr.ecr.us-west-2.amazonaws.com/polytomic-dd-agent:latest" |
no |
| polytomic_deployment | A unique identifier for your on premises deploy, provided by Polytomic | string |
"" |
no |
| polytomic_deployment_api_key | API key used to authenticate with the Polytomic management API | string |
"" |
no |
| polytomic_deployment_key | The license key for your deployment, provided by Polytomic | string |
"" |
no |
| polytomic_deployment_links | Additional links to display in the Polytomic navigation | list(object({ |
[] |
no |
| polytomic_enabled_backends | List of backends to enable | list |
[] |
no |
| polytomic_ga_measurement_id | Google Analytics Measurement ID | string |
"" |
no |
| polytomic_google_client_id | Google OAuth Client ID, obtained by creating a OAuth 2.0 Client ID | string |
"" |
no |
| polytomic_google_client_secret | Google OAuth Client Secret, obtained by creating a OAuth 2.0 Client ID | string |
"" |
no |
| polytomic_image | Docker image to use for the Polytomic ECS cluster | string |
"568237466542.dkr.ecr.us-west-2.amazonaws.com/polytomic-onprem:latest" |
no |
| polytomic_legacy_config | Use legacy configuration | bool |
false |
no |
| polytomic_log_level | The log level to use for Polytomic | string |
"info" |
no |
| polytomic_logger_image | Docker image to use for the Polytomic log aggregator | string |
"568237466542.dkr.ecr.us-west-2.amazonaws.com/polytomic-vector:latest" |
no |
| polytomic_managed_logs | Use managed logs | bool |
false |
no |
| polytomic_mssql_tx_isolation | Transaction isolation level for MSSQL connections | string |
"" |
no |
| polytomic_port | Port on which Polytomic is listening | string |
"80" |
no |
| polytomic_preflight_check | Whether to run a preflight check | bool |
false |
no |
| polytomic_query_runner_exclude_dbs | List of databases to exclude from query runner | list |
[] |
no |
| polytomic_query_worker_count | Number of query workers to use | number |
20 |
no |
| polytomic_record_log_disabled | Globally disable record logging for this deployment | bool |
false |
no |
| polytomic_resource_scheduler_cpu | CPU units for the scheduler container | number |
1024 |
no |
| polytomic_resource_scheduler_memory | Memory units for the scheduler container | number |
2048 |
no |
| polytomic_resource_sync_count | Number of sync containers to run | number |
2 |
no |
| polytomic_resource_sync_cpu | CPU units for the sync container | number |
4096 |
no |
| polytomic_resource_sync_memory | Memory units for the sync container | number |
8192 |
no |
| polytomic_resource_sync_storage | Ephemeral storage for the sync container | number |
21 |
no |
| polytomic_resource_web_cpu | CPU units for the web container | number |
2048 |
no |
| polytomic_resource_web_memory | Memory units for the web container | number |
4096 |
no |
| polytomic_resource_worker_cpu | CPU units for the worker container | number |
2048 |
no |
| polytomic_resource_worker_memory | Memory units for the worker container | number |
4096 |
no |
| polytomic_root_user | The email address to use when starting for the first time; this user will be able to add additional users and configure Polytomic | string |
"" |
no |
| polytomic_single_player | Whether to use the single player mode | bool |
false |
no |
| polytomic_sso_domain | Domain for SSO users of first Polytomic workspace; ie, example.com. | string |
"" |
no |
| polytomic_sync_logging_enabled | Record execution logs for syncs performed via Polytomic | bool |
true |
no |
| polytomic_tx_buffer_size | Transaction buffer size for datalite cache | number |
50000 |
no |
| polytomic_url | Base URL for accessing Polytomic. This will be used when redirecting back from Google and other integrations after authenticating with OAuth. | string |
"" |
no |
| polytomic_use_dd_agent | Use Datadog agent | bool |
false |
no |
| polytomic_use_logger | Use polytomic log aggregator | bool |
true |
no |
| polytomic_workos_api_key | The API key for the WorkOS account to use for Polytomic | string |
"" |
no |
| polytomic_workos_client_id | The WorkOS client ID | string |
"" |
no |
| polytomic_workos_org_id | WorkOS organization ID for workspace SSO | string |
"" |
no |
| polytomic_workspace_name | Name of first Polytomic workspace | string |
"" |
no |
| prefix | n/a | any |
n/a | yes |
| private_subnet_ids | Private subnet IDs | list |
[] |
no |
| public_subnet_ids | Public subnet IDs | list |
[] |
no |
| redis_at_rest_encryption_enabled | Redis at rest encryption enabled | string |
"true" |
no |
| redis_auth_token | Redis auth token | string |
"" |
no |
| redis_cluster_size | Redis cluster size | string |
"1" |
no |
| redis_endpoint | Redis endpoint | string |
"" |
no |
| redis_engine_version | Redis engine version | string |
"6.2" |
no |
| redis_family | Redis family | string |
"redis6.x" |
no |
| redis_instance_type | Redis instance type | string |
"cache.t2.micro" |
no |
| redis_maintenance_window | Redis maintenance window | string |
"mon:03:00-mon:04:00" |
no |
| redis_port | Redis port | number |
6379 |
no |
| redis_snapshot_retention_limit | Redis snapshot retention limit | string |
"7" |
no |
| redis_snapshot_window | Redis snapshot window | string |
"04:00-06:00" |
no |
| redis_transit_encryption_enabled | Redis transit encryption enabled | string |
"true" |
no |
| region | AWS region to use | string |
"us-east-1" |
no |
| stats_cron | Stats cron | string |
"cron(0 0 * * ? *)" |
no |
| stats_format | Output format for stats reporter | string |
"json" |
no |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| task_tags | A map of tags to add to application-launched tasks | map(string) |
{} |
no |
| vpc_azs | VPC availability zones | list |
[ |
no |
| vpc_cidr | VPC CIDR | string |
"10.0.0.0/16" |
no |
| vpc_id | VPC ID | string |
"" |
no |
| vpc_private_subnets | VPC private subnets | list |
[ |
no |
| vpc_public_subnets | VPC public subnets | list |
[ |
no |
| Name | Description |
|---|---|
| cluster_arn | n/a |
| deploy_api_key | API key used to authenticate with the Polytomic management API. |
| loadbalancer_arn | n/a |
| loadbalancer_dns_name | n/a |
| loadbalancer_zone_id | n/a |
| override_sgs | n/a |
| override_subnets | n/a |
| override_task_definition | n/a |
| target_group_arn | n/a |