Merge pull request brentley#25 from adamjkeller/ecsworkshop-cdk

Ecsworkshop cdk
gekart · Mar 5, 2020 · f4474d4 · f4474d4
2 parents c261003 + 0b30ad2
commit f4474d4
Show file tree

Hide file tree

Showing 3 changed files with 132 additions and 2 deletions.
diff --git a/Dockerfile.cdk b/Dockerfile.cdk
@@ -0,0 +1,24 @@
+FROM ruby:2.5-slim
+
+COPY Gemfile Gemfile.lock /usr/src/app/
+WORKDIR /usr/src/app
+
+RUN apt-get update && apt-get -y install iproute2 curl jq libgmp3-dev ruby-dev build-essential sqlite libsqlite3-dev python3 python3-pip && \
+ bundle install && \
+ pip3 install awscli && \
+ apt-get autoremove -y --purge && \
+ apt-get remove -y --auto-remove --purge ruby-dev libgmp3-dev build-essential libsqlite3-dev && \
+ apt-get clean && \
+ rm -rvf /root/* /root/.gem* /var/cache/*
+
+COPY . /usr/src/app
+RUN chmod +x /usr/src/app/startup-cdk.sh
+
+# helpful when trying to update gems -> bundle update, remove the Gemfile.lock, start ruby
+# RUN bundle update
+# RUN rm -vf /usr/src/app/Gemfile.lock
+
+HEALTHCHECK --interval=10s --timeout=3s \
+ CMD curl -f -s http:https://localhost:3000/health/ || exit 1
+EXPOSE 3000
+ENTRYPOINT ["bash","/usr/src/app/startup-cdk.sh"]
diff --git a/cdk/app.py b/cdk/app.py
@@ -6,6 +6,7 @@
  aws_ecs,
  aws_ecs_patterns,
  aws_servicediscovery,
+ aws_iam,
  core,
 )
 
@@ -54,11 +55,12 @@ def __init__(self, scope: core.Stack, id: str, **kwargs):
  self.base_platform = BasePlatform(self, self.stack_name)
 
  self.fargate_task_image = aws_ecs_patterns.ApplicationLoadBalancedTaskImageOptions(
- image=aws_ecs.ContainerImage.from_registry("brentley/ecsdemo-frontend"),
+ image=aws_ecs.ContainerImage.from_registry("adam9098/ecsdemo-frontend"),
  container_port=3000,
  environment={
  "CRYSTAL_URL": "http:https://ecsdemo-crystal.service:3000/crystal",
- "NODEJS_URL": "http:https://ecsdemo-nodejs.service:3000"
+ "NODEJS_URL": "http:https://ecsdemo-nodejs.service:3000",
+ "REGION": getenv('AWS_DEFAULT_REGION')
  },
  )
 
@@ -73,6 +75,13 @@ def __init__(self, scope: core.Stack, id: str, **kwargs):
  task_image_options=self.fargate_task_image
  )
 
+ self.fargate_load_balanced_service.task_definition.add_to_task_role_policy(
+ aws_iam.PolicyStatement(
+ actions=['ec2:DescribeSubnets'],
+ resources=['*']
+ )
+ )
+
  self.fargate_load_balanced_service.service.connections.allow_to(
  self.base_platform.services_sec_grp,
  port_range=aws_ec2.Port(protocol=aws_ec2.Protocol.TCP, string_representation="frontendtobackend", from_port=3000, to_port=3000)

diff --git a/startup-cdk.sh b/startup-cdk.sh
@@ -0,0 +1,97 @@
+#!/bin/bash
+
+set -x
+
+IP=$(ip route show |grep -o src.* |cut -f2 -d" ")
+# kubernetes sets routes differently -- so we will discover our IP differently
+if [[ ${IP} == "" ]]; then
+ IP=$(hostname -i)
+fi
+
+SUBNET=$(echo ${IP} | cut -f1 -d.)
+NETWORK=$(echo ${IP} | cut -f3 -d.)
+
+case "${SUBNET}" in
+ 10)
+ orchestrator=ecs
+ ;;
+ 192)
+ orchestrator=kubernetes
+ ;;
+ *)
+ orchestrator=unknown
+ ;;
+esac
+
+if [[ "${orchestrator}" == 'ecs' ]]; then
+ case "${NETWORK}" in
+ 100)
+ zone=a
+ color=Crimson
+ ;;
+ 101)
+ zone=b
+ color=CornflowerBlue
+ ;;
+ 102)
+ zone=c
+ color=LightGreen
+ ;;
+ *)
+ zone=unknown
+ color=Yellow
+ ;;
+ esac
+fi
+
+if [[ "${orchestrator}" == 'kubernetes' ]]; then
+ if ((0<=${NETWORK} && ${NETWORK}<32))
+ then
+ zone=a
+ elif ((32<=${NETWORK} && ${NETWORK}<64))
+ then
+ zone=b
+ elif ((64<=${NETWORK} && ${NETWORK}<96))
+ then
+ zone=c
+ elif ((96<=${NETWORK} && ${NETWORK}<128))
+ then
+ zone=a
+ elif ((128<=${NETWORK} && ${NETWORK}<160))
+ then
+ zone=b
+ elif ((160<=${NETWORK}))
+ then
+ zone=c
+ else
+ zone=unknown
+ fi
+fi 
+
+if [[ ${orchestrator} == 'unknown' ]]; then
+ zone=$(curl -m2 -s http:https://169.254.169.254/latest/dynamic/instance-identity/document | jq -r '.availabilityZone' | grep -o .$)
+fi 
+
+# Am I on ec2 instances?
+if [[ ${zone} == "unknown" ]]; then
+ zone=$(curl -m2 -s http:https://169.254.169.254/latest/dynamic/instance-identity/document | jq -r '.availabilityZone' | grep -o .$)
+fi
+
+# Still no luck? Perhaps we're running fargate!
+if [[ -z ${zone} ]]; then
+ export AWS_DEFAULT_REGION=$REGION
+ ip_addr=$(curl -m2 -s ${ECS_CONTAINER_METADATA_URI} | jq '.Networks[].IPv4Addresses[]')
+ declare -a subnets=( $(aws ec2 describe-subnets | jq .Subnets[].CidrBlock| sed ':a;N;$!ba;s/\n/ /g') )
+ for sub in "${subnets[@]}"; do
+ if $(ruby -e "puts(IPAddr.new($sub.to_s).include? $ip_addr.to_s)") == 'true'; then
+ zone=$(aws ec2 describe-subnets | jq -r ".Subnets[] | select(.CidrBlock==$sub) | .AvailabilityZone" | grep -o .$)
+ fi
+ done
+fi
+
+export CODE_HASH="$(cat code_hash.txt)"
+export AZ="${IP} in AZ-${zone}"
+
+# exec bundle exec thin start
+RAILS_ENV=production rake assets:precompile
+exec rails s -e production -b 0.0.0.0