[#137] Implement the auto-scaling for ECS service

nimblehq · Apr 23, 2023 · e10c826 · e10c826
1 parent 70d93d4
commit e10c826
Show file tree

Hide file tree

Showing 2 changed files with 118 additions and 0 deletions.
diff --git a/skeleton/aws/modules/ecs/main.tf b/skeleton/aws/modules/ecs/main.tf
@@ -42,6 +42,37 @@ locals {
       }
     ]
   }
+
+  # Required IAM permissions from
+  # https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-auto-scaling.html#auto-scaling-IAM
+  ecs_service_scaling_policy = {
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Effect = "Allow",
+        Action = [
+          "application-autoscaling:*",
+          "ecs:DescribeServices",
+          "ecs:UpdateService",
+          "cloudwatch:DescribeAlarms",
+          "cloudwatch:PutMetricAlarm",
+          "cloudwatch:DeleteAlarms",
+          "cloudwatch:DescribeAlarmHistory",
+          "cloudwatch:DescribeAlarmsForMetric",
+          "cloudwatch:GetMetricStatistics",
+          "cloudwatch:ListMetrics",
+          "cloudwatch:DisableAlarmActions",
+          "cloudwatch:EnableAlarmActions",
+          "iam:CreateServiceLinkedRole",
+          "sns:CreateTopic",
+          "sns:Subscribe",
+          "sns:Get*",
+          "sns:List*"
+        ],
+        Resource = "*"
+      }
+    ]
+  }
 }
 
 # Current task definition on AWS including deployments outside terraform (e.g. CI deployments)
@@ -64,9 +95,15 @@ data "aws_iam_policy_document" "ecs_task_execution_role" {
 }
 
 resource "aws_iam_policy" "ecs_task_execution_ssm" {
+  name   = "ECSTaskExecutionAccessSSMPolicy"
   policy = jsonencode(local.ecs_task_execution_ssm_policy)
 }
 
+resource "aws_iam_policy" "ecs_task_excution_service_scaling" {
+  name   = "ECSAutoScalingPolicy"
+  policy = jsonencode(local.ecs_service_scaling_policy)
+}
+
 resource "aws_iam_role" "ecs_task_execution_role" {
   name               = "${var.namespace}-ecs-execution-role"
   assume_role_policy = data.aws_iam_policy_document.ecs_task_execution_role.json
@@ -82,6 +119,11 @@ resource "aws_iam_role_policy_attachment" "ecs_task_execution_ssm_policy" {
   policy_arn = aws_iam_policy.ecs_task_execution_ssm.arn
 }
 
+resource "aws_iam_role_policy_attachment" "ecs_task_excution_service_scaling_policy" {
+  role       = aws_iam_role.ecs_task_execution_role.name
+  policy_arn = aws_iam_policy.ecs_task_excution_service_scaling.arn
+}
+
 resource "aws_ecs_cluster" "main" {
   name = "${var.namespace}-ecs-cluster"
 }
@@ -121,3 +163,49 @@ resource "aws_ecs_service" "main" {
     container_port   = var.app_port
   }
 }
+
+resource "aws_appautoscaling_target" "main" {
+  max_capacity       = var.max_instance_count
+  min_capacity       = var.min_instance_count
+  resource_id        = "service/${aws_ecs_cluster.main.name}/${aws_ecs_service.main.name}"
+  scalable_dimension = "ecs:service:DesiredCount"
+  service_namespace  = "ecs"
+}
+
+resource "aws_appautoscaling_policy" "memory_policy" {
+  name               = "${var.namespace}-appautoscaling-memory-policy"
+  policy_type        = "TargetTrackingScaling"
+  resource_id        = aws_appautoscaling_target.main.resource_id
+  scalable_dimension = aws_appautoscaling_target.main.scalable_dimension
+  service_namespace  = aws_appautoscaling_target.main.service_namespace
+
+  target_tracking_scaling_policy_configuration {
+    predefined_metric_specification {
+      predefined_metric_type = "ECSServiceAverageMemoryUtilization"
+    }
+
+    scale_in_cooldown  = 300
+    scale_out_cooldown = 300
+
+    target_value = var.autoscaling_target_memory_percentage
+  }
+}
+
+resource "aws_appautoscaling_policy" "cpu_policy" {
+  name               = "${var.namespace}-appautoscaling-cpu-policy"
+  policy_type        = "TargetTrackingScaling"
+  resource_id        = aws_appautoscaling_target.main.resource_id
+  scalable_dimension = aws_appautoscaling_target.main.scalable_dimension
+  service_namespace  = aws_appautoscaling_target.main.service_namespace
+
+  target_tracking_scaling_policy_configuration {
+    predefined_metric_specification {
+      predefined_metric_type = "ECSServiceAverageCPUUtilization"
+    }
+
+    scale_in_cooldown  = 300
+    scale_out_cooldown = 300
+
+    target_value = var.autoscaling_target_cpu_percentage
+  }
+}
diff --git a/skeleton/aws/modules/ecs/variables.tf b/skeleton/aws/modules/ecs/variables.tf
@@ -94,3 +94,33 @@ variable "secrets_arns" {
   description = "The ARNs of the SSM Parameter Store parameters"
   type        = list(string)
 }
+
+variable "deployment_minimum_healthy_percent" {
+  description = "Lower limit of the number of running tasks running during deployment"
+  type        = number
+}
+
+variable "deployment_maximum_percent" {
+  description = "Upper limit of the number of running tasks running during deployment"
+  type        = number
+}
+
+variable "min_instance_count" {
+  description = "Autoscaling minimum instance count"
+  type        = number
+}
+
+variable "max_instance_count" {
+  description = "Autoscaling maximum instance count"
+  type        = number
+}
+
+variable "autoscaling_target_cpu_percentage" {
+  description = "Autoscaling target CPU percentage"
+  type        = number
+}
+
+variable "autoscaling_target_memory_percentage" {
+  description = "Autoscaling target memory percentage"
+  type        = number
+}