Skip to content
Snippets Groups Projects
Commit f7b87b50 authored by Nuwan Rajika Kumarasiri's avatar Nuwan Rajika Kumarasiri
Browse files

Update Secure Agent's EC2 instance for a better instance - WISCALERTS-2 

* Adjusted the instance to be a `t2.xlarge` since we are going to have more load.
* Increased container memory to 15 GiB.
* Increased EC2 instance's EBS root volume to 40 GB.
* Re-named the profile to indicate the environment it's associated to.
parent b66d2006
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
terraform/autoscaling-group.tf
+ 4
1
View file @ f7b87b50
...@@ -34,13 +34,16 @@ resource "aws_launch_configuration" "secure-agent-launch-config" { ...@@ -34,13 +34,16 @@ resource "aws_launch_configuration" "secure-agent-launch-config" {
enable_monitoring = false enable_monitoring = false
iam_instance_profile = aws_iam_instance_profile.ecs-instance-profile.name iam_instance_profile = aws_iam_instance_profile.ecs-instance-profile.name
security_groups = [data.aws_security_group.sec-group.id] security_groups = [data.aws_security_group.sec-group.id, data.aws_security_group.default.id]
user_data = <<EOF user_data = <<EOF
#!/bin/bash #!/bin/bash
echo ECS_CLUSTER=${var.ecs_cluster_name} >> /etc/ecs/ecs.config echo ECS_CLUSTER=${var.ecs_cluster_name} >> /etc/ecs/ecs.config
sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm sudo yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
EOF EOF
instance_type = var.instance_type instance_type = var.instance_type
root_block_device {
volume_size = var.instance_ebs_size
}
lifecycle { lifecycle {
create_before_destroy = true create_before_destroy = true
} }
......
terraform/security.tf
+ 5
0
View file @ f7b87b50
...@@ -3,6 +3,11 @@ data "aws_security_group" "sec-group" { ...@@ -3,6 +3,11 @@ data "aws_security_group" "sec-group" {
tags = var.security_group tags = var.security_group
} }
data "aws_security_group" "default" {
vpc_id = data.aws_vpc.vpc.id
name = "default"
}
// open port 2049 for NFSv4 // open port 2049 for NFSv4
resource "aws_security_group" "secure-agent-efs-sg" { resource "aws_security_group" "secure-agent-efs-sg" {
name = var.secure_agent_efs_sg name = var.secure_agent_efs_sg
......
terraform/variables.tf
+ 13
9
View file @ f7b87b50
...@@ -61,7 +61,18 @@ variable "container_hostname" { ...@@ -61,7 +61,18 @@ variable "container_hostname" {
} }
variable "container_memory" { variable "container_memory" {
default = 5120 # 5GB default = 15360 # 15GiB
}
variable "instance_ebs_size" {
default = 40 # 40GB
}
# see Secure Agent system requirements, before changing instance type, see the
# supported instance types for launch configuration. See `container_memory` above for
# configuring memory for container process.
variable "instance_type" {
default = "t2.xlarge" # 4 vCPU, 16 GB
} }
variable "container_app_port" { variable "container_app_port" {
...@@ -78,15 +89,8 @@ variable "container_count" { ...@@ -78,15 +89,8 @@ variable "container_count" {
default = 1 default = 1
} }
# see Secure Agent system requirements, before changing instance type, see the
# supported instance types for launch configuration. See `container_memory` above for
# configuring memory for container process.
variable "instance_type" {
default = "t2.large" # 2 vCPU, 8 GB
}
variable "ecs_iam_role" { variable "ecs_iam_role" {
default = "iics-secure-agent-iam-role" default = "iics-secure-agent-iam-role-test"
} }
variable "ecs_cluster_name" { variable "ecs_cluster_name" {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment