Eugene Istrati

Proud Father. Lucky Husband. DevOps | Automation | Serverless @MitocGroup. Former @AWScloud and @HearstCorp.

Terraform for Serverless Series: Enhanced Management of AWS Fargate Tasks

October 19th, 2018 / 5 min read

Couple of weeks ago I started Terraform for Serverless Series by describing Enhanced Management of AWS Lambda Functions. A week later, I dived deeper into Enhanced Management of Amazon S3 Websites. Today I would like to continue this blog posts series with another service: AWS Fargate.

According to official website AWS Fargate is a compute engine for Amazon ECS that allows you to run containers without having to manage servers or clusters. In other words, it is a serverless implementation of containers on AWS. In this article I will provide some magic around how to build terraform configurations that provision and deploy serverless containers.

So, let's get started.

Terraform for Amazon ECS

Similar to previous blog posts, it should go without saying (or at least stated up front): My personal preference is to separate terraform configurations into group / type / service / function specific .tf files. So, normally, I would define my providers in provider.tf, setup my data in data.tf, specify my variables in variables.tf, configure my resources in main.tf and so on. But, for the purpose of this article, I'm putting everything all together into one single .tf file, ignoring best practices as long as it works:

For simplicity, I chose to use default Subnets linked to default VPC. When the ECS service is created, all subnets are used as part of network_configuration. Also, the cluster is setup with no extra fine tuning. There is no need to create a new cluster if you already have one. Last, but not the least, container's task definition referenced in the code above is stored in task-definitions folder, application.json file and looks like this:


 [{
  "name": "${ecs_name}",
  "image": "${ecs_image}",
  "cpu": ${ecs_cpu},
  "memory": ${ecs_memory},
  "essential": true,
  "networkMode": "awsvpc",
  "portMappings": [{
    "containerPort": ${ecs_port},
    "hostPort": ${app_port}
  }]
}]
        

Every time when I update my task definition, terraform will update my AWS Fargate task. But what happens when I update my image? Specifically, will my serverless container be updated as well? It depends. The answer is yes if you publish it as latest, otherwise the answer is no. Luckily, we are developers and can do something about it.

Terraform for Container Builder

I am excited to introduce terraform for containers building process.

Still Needs Improvements

Unfortunately, above code is not perfect. We are aware of the following issues:

  • build.sh will be executed at every terraform plan action (as well as apply or destroy if plan is not passed as input variable); we are working to optimize it and improve it by checking if any file in build_path was recently changed in comparison with timestamp of corresponding file (or files) in s3_path
  • this implementation triggers builds on timestamp; we are working to optimize and improve it by comparing the timestamp of previous build with triggers value generated by terraform

Spoiler Alert: all steps and work-arounds described in this article are carefully crafted into language agnostic functionality that will be released soon as a new feature in our open source project TerraHub CLI.

We would love to hear thoughts and comments on what could be done better.

Final Thoughts

TerraHub.io is the DevOps Hub for Terraform Automation. We provide managed services that simplify cloud resources management using terraform. If this is of your interest and you’d like to learn more, please feel free to reach out over Email, Twitter or LinkedIn. We’d be happy to help!