如何在EC2容器实例上运行多个服务并具有运行状况检查的健康目标?

时间:2020-01-29 04:04:00

标签: terraform amazon-elb

我有一个不寻常的问题(也许是一个简单的解决方案,但我尝试了几种方法都没有成功)。

我在ECS集群中的EC2容器实例上运行2个任务。 Task 1 is a DAEMON exposing port X Task 2 is an application exposing port Y 他们都在跑步。当我检查EC2实例的运行状况检查状态时,它将显示2个条目。 Entry 1 is Healthy for the DAEMON health check port at port X Entry 2 is Draining for the Application health check port at port Y

我想要一个EC2实例的单一条目(for the application health check port Y),并为其指定一个“健康”状态。

如何通过在其上运行的2个任务来完成此任务。我是否应该不为DAEMON任务公开运行状况检查端口?

编辑: 负载平衡器和目标组配置-

resource "aws_alb" "alb" {
  name            = "${var.alb_name}"
  subnets         = flatten(["${var.public_subnet_ids}"])
  security_groups = ["${aws_security_group.alb.id}"]

  access_logs {
    bucket  = "${aws_s3_bucket.alb-logs.bucket}"
    prefix  = "load-balancer-logs"
    enabled = true
  }

  tags = {
    Environment = "${var.environment}"
  }
}

resource "aws_alb_target_group" "lb_target_group_app" {
  name                 = "${var.alb_name}-default"
  /* port                 = 5555 */  /* DAMEON health check port */
  port                 = 5000 .   /* Application health check port */
  protocol             = "HTTP"
  vpc_id               = "${var.vpc_id}"
  deregistration_delay = "${var.deregistration_delay}"

  health_check {
    path     = "${var.health_check_path}"
    port = "5000"        /* Is this needed here ?  */
    interval = "300"
    timeout = "120"
  }

  lifecycle {
    create_before_destroy = true
  }

  depends_on = ["aws_alb.alb"]
}

resource "aws_alb_listener" "https_listener" {
  load_balancer_arn = "${aws_alb.alb.id}"
  port              = "443"
  protocol          = "HTTPS"
  ssl_policy        = "ELBSecurityPolicy-2016-08"
  certificate_arn = "${aws_acm_certificate.ssl_cert.arn}"

  default_action {
    target_group_arn = "${aws_alb_target_group.lb_target_group_app.arn}"
    type             = "forward"
  }
}

Container definition for dameon - 

  container_definitions = <<EOF
[
  {
    "name": "${var.environment}-${var.datadog-identifier}",
    "image": "datadog/agent:latest",
    "portMappings": [
      {
        "containerPort": 8126,
        "hostPort": 8126,
        "protocol": "TCP"
      },
      {
        "containerPort": 5555,
        "hostPort": 5555,
        "protocol": "TCP"
      },
      {
        "containerPort": 8125,
        "hostPort": 8125,
        "protocol": "UDP"
      }
    ],
    "environment": [
      { "name" : "DD_API_KEY", "value" : "xxxxxxxxx" },
      { "name" : "DD_APM_NON_LOCAL_TRAFFIC", "value" : "true" },
      { "name" : "DD_DOGSTATSD_NON_LOCAL_TRAFFIC", "value" : "true" },
      { "name": "DD_LOG_LEVEL", "value": "trace" },
      { "name": "DD_SITE", "value": "datadoghq.com" },
      { "name": "DD_HEALTH_PORT", "value": "5555" },
      { "name" : "DD_PROCESS_AGENT_ENABLED", "value" : "true" },
      { "name" : "DD_LOGS_ENABLED", "value" : "true" },
      { "name" : "DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL", "value" : "true" },
      { "name" : "DD_APM_ENABLED", "value" : "true" }
    ],

Container definition for app - 

    container_definitions = <<DEFINITION
[
  {
    "name": "app",
    "image": "quay.io/xxxxxxxx",
    "essential": true,
    "logConfiguration": {
      "logDriver": "awslogs",
      "options": {
        "awslogs-group": "/ec2/service/${var.cluster}",
        "awslogs-region": "us-west-2",
        "awslogs-stream-prefix": "ec2"
      }
    },
    "environment": [
      {
        "name": "APP_ENV",
        "value": "localhost"
      },
      {
        "name": "AUTH_JWT_SECRET",
        "value": "xxxxxxxx"
      }
    ],
    "portMappings": [
      {
        "containerPort": 5000,
        "hostPort": 5000,
        "protocol": "tcp"
      }
    ],

Service definition for dameon task - 
resource "aws_ecs_service" "datadog" {
  name            = "${var.environment}-${var.datadog-identifier}-datadog-ecs-service"
  cluster         = "${var.cluster}"
  task_definition = "${aws_ecs_task_definition.datadog.arn}"


  load_balancer {
    target_group_arn = "${element(var.default_alb_target_group,0)}"
    container_name   = "${var.environment}-${var.datadog-identifier}"
    container_port   = 5555 .   /* datadog health check port */
  }
  # This allows running one for every instance
  scheduling_strategy = "DAEMON"
}



Service definition for app task - 
resource "aws_ecs_service" "app-service" {
        name            = "app-service"
        cluster         = "${var.cluster}"
        task_definition = "${aws_ecs_task_definition.app.arn}"
        desired_count   = 2
        launch_type    = "EC2"

        load_balancer {
          target_group_arn  = "${element(var.default_alb_target_group,0)}"
          container_port    = 5000  /* app port exposed here */
          container_name    = "pared-somm"
        }

重现此方法的方法是-

1. Create ALB as below
2. Create 1 Target Group as below with a port to listen on. Add health check block to the Target Group (is port needed here or should I use Traffic port instead ?)
3. Create 2 tasks and service definitions (container definitions below) both pointing to the load balancer above. So when the tasks start running, they both run on the same targets in the above target group. 
4. Check the Targets and their health and you should see 2 entries per target.

0 个答案:

没有答案
相关问题
最新问题