From e89a0532cbbeab7b79e4bb57fef8556d2c905d70 Mon Sep 17 00:00:00 2001 From: xss Date: Sat, 19 Mar 2022 15:56:02 +1100 Subject: [PATCH] add health check to tawhiri --- predictor.tf | 14 +++++++++++++- websockets.tf | 23 +++++++++++++++++++++++ 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/predictor.tf b/predictor.tf index f343197..51d0793 100644 --- a/predictor.tf +++ b/predictor.tf @@ -205,6 +205,17 @@ resource "aws_ecs_task_definition" "tawhiri" { container_definitions = jsonencode( [ { + healthCheck = { + retries = 3 + command = [ + "/usr/bin/python3.7", + "-c", + "import urllib.request; import json; import datetime; import sys; sys.exit(0) if len(json.loads(urllib.request.urlopen(f'http://localhost:8000/api/v1/?launch_latitude=51.77542999852449&launch_longitude=15.553199937567115&launch_datetime={datetime.datetime.now().strftime(\"%Y-%m-%dT%H:%M:%SZ\")}&launch_altitude=0&ascent_rate=5.00&burst_altitude=14030.77&descent_rate=5.28').read())['prediction'][0]['trajectory']) > 0 else sys.exit(1)" + ] + timeout = 20 + interval = 60 + startPeriod = 30 + } command = [ "/root/.local/bin/gunicorn", "-b", @@ -437,7 +448,8 @@ resource "aws_ecs_service" "tawhiri" { launch_type = "FARGATE" platform_version = "LATEST" desired_count = 1 - + enable_execute_command = true + load_balancer { container_name = "tawhiri" container_port = 8000 diff --git a/websockets.tf b/websockets.tf index cd8e9fa..1281883 100644 --- a/websockets.tf +++ b/websockets.tf @@ -720,6 +720,29 @@ resource "aws_iam_role_policy" "efs" { EOF } +resource "aws_iam_role_policy" "ssm" { + name = "SSM" + role = aws_iam_role.ecs_execution.id + + policy = jsonencode( + { + Statement = [ + { + Action = [ + "ssmmessages:CreateControlChannel", + "ssmmessages:CreateDataChannel", + "ssmmessages:OpenControlChannel", + "ssmmessages:OpenDataChannel", + ] + Effect = "Allow" + Resource = "*" + } + ] + Version = "2012-10-17" + } + ) +} + resource "aws_iam_role_policy" "kms" { name = "kms" role = aws_iam_role.ecs_execution.id