How is an ECS service in Terraform connected to an AWS autoscaling group

5
votes

I'm new to Terraform and ECS and I'm using this example to create an ECS EC2 type cluster that will autoscale and use an application load balancer.

My question is: How does this code snippet in main.tf 

resource "aws_ecs_service" "test" {
  name            = "tf-example-ecs-ghost"
  cluster         = "${aws_ecs_cluster.main.id}"
  task_definition = "${aws_ecs_task_definition.ghost.arn}"
  desired_count   = "${var.service_desired}"   
  iam_role        = "${aws_iam_role.ecs_service.name}"

  load_balancer {
    target_group_arn = "${aws_alb_target_group.test.id}"
    container_name   = "ghost"
    container_port   = "2368"
  }

  depends_on = [
    "aws_iam_role_policy.ecs_service",
    "aws_alb_listener.front_end",
  ]
}

connected to the resource aws_autoscaling_group.app: 

resource "aws_autoscaling_group" "app" {
  name                 = "tf-test-asg"
  vpc_zone_identifier  = ["${aws_subnet.main.*.id}"]
  min_size             = "${var.asg_min}"
  max_size             = "${var.asg_max}"
  desired_capacity     = "${var.asg_desired}"
  launch_configuration = "${aws_launch_configuration.app.name}"
}

How does an ECS service definition know where to find this autoscaling group as there are no interpolation variables in the aws_ecs_service resource definition pointing to the aws_autoscaling_group resource? It references a target group but target group doesn't reference an autoscaling group. That's why I'm confused as there's no apparent reference between resource "ecs-service" and resource "aws-autoscaling". Or maybe the code is missing smth? Please, provide a thorough explanation if possible.

1
amazon-web-servicesterraformamazon-ecsautoscaling

1 Answers

4
votes

It doesn't.

ECS services are scheduled on an ECS cluster which is a logical grouping of instances, either EC2 or Fargate (or not even on AWS with ECS Anywhere!) or mixed.

If you want to join EC2 instances to the ECS cluster then you need to install the ECS agent, configure it to join the correct cluster and provide the necessary IAM permissions for the instance to be able to interact with ECS. You can either do this with standalone EC2 instances or an autoscaling group.

As for target groups, this is how a load balancer knows what things to send traffic to. In the case of straight EC2 instances you would register the EC2 instance with the target group in some way. With ECS services these can be configured to register all the tasks in the service with the target group. Then when traffic that should be sent to the target group reaches the load balancer that traffic is sent on to the relevant ECS task. Note that a load balancer can have multiple target groups with different load balancer listener rules configured to send traffic to different target groups (or perform fixed responses or redirects etc) so that a load balancer can support multiple ECS services.