ECS任务/容器的Terraform AWS CloudWatch日志组

时间:2020-01-10 15:50:16

标签: terraform amazon-ecs amazon-cloudwatch terraform-provider-aws

我正在尝试使用Terraform创建一个AWS ECS任务,该任务会将日志放入CloudWatch上的特定日志组中。问题在于容器定义在JSON文件中,而我没有办法将CloudWatch组名称从.tf文件映射到该.json文件。

container_definition.json:

[
  {
    "name": "supreme-task",
    "image": "xxxx50690yyyy.dkr.ecr.eu-central-1.amazonaws.com/supreme-task",
    "essential": true,
    "portMappings": [
      {
        "containerPort": 5000,
        "hostPort": 5000
      }
    ],
    "logConfiguration": {
      "logDriver": "awslogs",
      "options": {
        "awslogs-group": "supreme-task-group",  <- This needs to be taken from variable.tf file.
        "awslogs-region": "eu-central-1",
        "awslogs-stream-prefix": "streaming"
      }
    }
  }
]

variable.tf:


variable "ecs_task_definition_name" {
  description = "Task definition name."
  type = string
  default = "supreme-task-def"
}

variable "task_role" {
  description = "Name of the task role."
  type = string
  default = "supreme-task-role"
}

variable "task_execution_role" {
  description = "Name of the task execution role."
  type = string
  default = "supreme-task-exec-role"
}

variable "cloudwatch_group" {
  description = "CloudWatch group name."
  type = string
  default = "supreme-task-group"
}

任务定义:

resource "aws_ecs_task_definition" "task_definition" {
  family = var.ecs_task_definition_name
  requires_compatibilities = ["FARGATE"]
  network_mode = "awsvpc"
  cpu = 1024
  memory = 4096
  container_definitions = file("modules/ecs-supreme-task/task-definition.json")
  execution_role_arn = aws_iam_role.task_execution_role.name
  task_role_arn = aws_iam_role.task_role.name
}

有没有办法做到这一点?还是应该以不同的方式进行?

2 个答案:

答案 0 :(得分:3)

通过关注@ydaetskcorR的评论来解决。

将容器定义作为内联参数。

<pre>
Lorem
    ipsum
        dolor
            sit
                amet
</pre>
<pre class="spaceless">
Lorem
    ipsum
        dolor
            sit
                amet
</pre>

答案 1 :(得分:1)

如果您想将容器定义作为模板加载以避免内联 tf 文件中的内容,那么您可以:

1- 将容器定义创建为带有变量的模板文件,请注意扩展名是 .tpl

container_definition.tpl

[
  {
    "name": "supreme-task",
    "image": "xxxx50690yyyy.dkr.ecr.eu-central-1.amazonaws.com/supreme-task",
    "essential": true,
    "portMappings": [
      {
        "containerPort": 5000,
        "hostPort": 5000
      }
    ],
    "logConfiguration": {
      "logDriver": "awslogs",
      "options": {
        "awslogs-group": "${cloudwatch_group}",
        "awslogs-region": "eu-central-1",
        "awslogs-stream-prefix": "streaming"
      }
    }
  }
]

2- 然后将文件作为模板加载并注入变量:

task_definition.tf

data template_file task_definition {
  template = file("${path.module}/container_definition.tpl")

  vars = {
    cloudwatch_group = var.cloudwatch_group
  }
}

resource "aws_ecs_task_definition" "task_definition" {
  family = var.ecs_task_definition_name
  requires_compatibilities = ["FARGATE"]
  network_mode = "awsvpc"
  cpu = 1024
  memory = 4096
  container_definitions = data.template_file.task_definition.rendered
  execution_role_arn = aws_iam_role.task_execution_role.name
  task_role_arn = aws_iam_role.task_role.name
}
相关问题
最新问题