Merge pull request #19 from liatrio/add-lb

liatrio · Sep 22, 2023 · 1272db0 · 1272db0
2 parents de8f8c4 + fce3e1b
commit 1272db0
Show file tree

Hide file tree

Showing 3 changed files with 65 additions and 0 deletions.
diff --git a/terraform/_outputs.tf b/terraform/_outputs.tf
@@ -22,3 +22,8 @@ output "ecs_service_arn" {
   value       = aws_ecs_service.knowledgeshare_ui_service.id
   description = "ARN of the ECS Service"
 }
+
+output "front_end_dns_name" {
+  description = "The DNS name of the front end load balancer"
+  value = aws_lb.front_end.dns_name
+}
diff --git a/terraform/ecs.tf b/terraform/ecs.tf
@@ -78,4 +78,10 @@ resource "aws_ecs_service" "knowledgeshare_ui_service" {
     security_groups  = [aws_security_group.keyless_workflow_demo_sg.id]
     assign_public_ip = true
   }
+
+  load_balancer {
+    target_group_arn = aws_lb_target_group.front_end_target_group.arn
+    container_name = "knowledgeshare-ui"
+    container_port = 3000
+  }
 }
diff --git a/terraform/load_balancer.tf b/terraform/load_balancer.tf
@@ -0,0 +1,54 @@
+resource "aws_security_group" "allow_80" {
+  name = "allow_80"
+  description = "Allows HTTP traffic on 80"
+
+  vpc_id = aws_vpc.keyless_workflow_demo_vpc.id
+
+  ingress {
+        description = "HTTP from VPC"
+        from_port = 80
+        to_port = 80
+        protocol = "tcp"
+        cidr_blocks = ["0.0.0.0/0"] # Allow inbound traffic on 80 from any ip
+        ipv6_cidr_blocks = ["::/0"]
+    }
+
+
+  egress {
+        from_port = 0
+        to_port = 0
+        protocol = "-1"
+        cidr_blocks = ["0.0.0.0/0"]
+        ipv6_cidr_blocks = ["::/0"]
+    }
+}
+
+resource "aws_lb" "front_end" {
+  name = "front-end"
+  internal = false
+  load_balancer_type = "application"
+  security_groups = [aws_security_group.allow_80.id]
+  subnets = [ aws_subnet.public_subnet_a.id, aws_subnet.public_subnet_b.id ]
+}
+
+resource "aws_lb_target_group" "front_end_target_group" {
+  name = "keyless-workflow-tg"
+  port = 3000
+  protocol = "HTTP"
+  target_type = "ip"
+  vpc_id = aws_vpc.keyless_workflow_demo_vpc.id
+  health_check {
+    path = "/about"
+  }
+}
+
+resource "aws_lb_listener" "front_end_listener" {
+  load_balancer_arn = aws_lb.front_end.arn
+  port = 80
+  protocol = "HTTP"
+
+  default_action {
+    type = "forward"
+    target_group_arn = aws_lb_target_group.front_end_target_group.arn
+  }
+}