Merge branch 'ebs' into 'master'

Update Secure Agent's EC2 instance for a better instance - WISCALERTS-2 See merge request !13

Merge branch 'ebs' into 'master'
18015ade · Nuwan Rajika Kumarasiri · b66d2006 · f7b87b50 · 18015ade · 18015ade
Commit 18015ade authored 5 years ago by Nuwan Rajika Kumarasiri
--- a/terraform/autoscaling-group.tf
+++ b/terraform/autoscaling-group.tf
@@ -34,13 +34,16 @@ resource "aws_launch_configuration" "secure-agent-launch-config" {
  enable_monitoring = false

  iam_instance_profile = aws_iam_instance_profile.ecs-instance-profile.name
-  security_groups      = [data.aws_security_group.sec-group.id]
+  security_groups      = [data.aws_security_group.sec-group.id, data.aws_security_group.default.id]
  user_data            = <<EOF
              #!/bin/bash
              echo ECS_CLUSTER=${var.ecs_cluster_name} >> /etc/ecs/ecs.config
              sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
              EOF
  instance_type        = var.instance_type
+  root_block_device {
+    volume_size = var.instance_ebs_size
+  }
  lifecycle {
    create_before_destroy = true
  }

--- a/terraform/security.tf
+++ b/terraform/security.tf
@@ -3,6 +3,11 @@ data "aws_security_group" "sec-group" {
  tags   = var.security_group
 }

+data "aws_security_group" "default" {
+  vpc_id = data.aws_vpc.vpc.id
+  name = "default"
+}
+
 // open port 2049 for NFSv4
 resource "aws_security_group" "secure-agent-efs-sg" {
  name   = var.secure_agent_efs_sg

--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -61,7 +61,18 @@ variable "container_hostname" {
 }

 variable "container_memory" {
-  default = 5120 # 5GB
+  default = 15360 # 15GiB
+}
+
+variable "instance_ebs_size" {
+  default = 40 # 40GB
+}
+
+# see Secure Agent system requirements, before changing instance type, see the
+# supported instance types for launch configuration. See `container_memory` above for
+# configuring memory for container process.
+variable "instance_type" {
+  default = "t2.xlarge" # 4 vCPU, 16 GB
 }

 variable "container_app_port" {
@@ -78,15 +89,8 @@ variable "container_count" {
  default = 1
 }

-# see Secure Agent system requirements, before changing instance type, see the
-# supported instance types for launch configuration. See `container_memory` above for
-# configuring memory for container process.
-variable "instance_type" {
-  default = "t2.large" # 2 vCPU, 8 GB
-}
-
 variable "ecs_iam_role" {
-  default = "iics-secure-agent-iam-role"
+  default = "iics-secure-agent-iam-role-test"
 }

 variable "ecs_cluster_name" {