From 8a595e4dd27f6f9e93d33cabff12a3012e6ecdf3 Mon Sep 17 00:00:00 2001 From: Igor Serko Date: Fri, 5 May 2017 17:51:16 +0100 Subject: [PATCH] Set Load Balancer internal/external per process instead of per application Introduces EMPIRE_X_EXPOSURE which needs to be either `internal` or `internet-facing` (kept AWS terminology here). If that environment variable is not set, we fallback to the default selection via application (where you use `domain-add`). Fixes #1076 --- .gitignore | 2 ++ procfile/README.md | 10 ++++++++++ releases.go | 18 ++++++++++++++---- scheduler/cloudformation/template.go | 4 +++- 4 files changed, 29 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 2a8d72219..ebcf9a945 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,5 @@ build *.dump *.key *.cert +\#*\# +.\#* diff --git a/procfile/README.md b/procfile/README.md index decab6dec..2f56cd313 100644 --- a/procfile/README.md +++ b/procfile/README.md @@ -78,3 +78,13 @@ This allows you to set process specific environment variables. If these are set environment: EMPIRE_X_LOAD_BALANCER_TYPE: "alb" ``` + +Supported environment variables that can either be set via `emp set` for the whole application or +inside the `Procfile` for a specific process. + +Name | Default value | Available options | Description +-----|---------------|-------------------|------------ +`EMPIRE_X_LOAD_BALANCER_TYPE` | `elb` | `alb`, `elb`| Determines whether you will use an ALB or ELB +`EMPIRE_X_EXPOSURE` | `private` | `private`, `public` | Sets whether your ALB or ELB will be public (internet-facing) or private (internal), the default is private, however if you have used the deprecated `domain-add` command then the load balancer will become public. +`EMPIRE_X_TASK_DEFINITION_TYPE` | not set | `custom` | Determines whether we use the Custom::ECSTaskDefinition (better explanation needed) +`EMPIRE_X_TASK_ROLE_ARN` | not set | any IAM role ARN | Sets the IAM role for that app/process. **Your ECS cluster MUST have this enabled!** diff --git a/releases.go b/releases.go index 845044f0b..33ab7ccda 100644 --- a/releases.go +++ b/releases.go @@ -367,12 +367,12 @@ func newSchedulerProcess(release *Release, name string, p Process) (*twelvefacto ) // For `web` processes defined in the standard procfile, we'll // generate a default exposure setting and also set the PORT - // environment variable for backwards compatability. + // environment variable for backwards compatibility. if name == webProcessType && len(p.Ports) == 0 { exposure = standardWebExposure(release.App) env["PORT"] = "8080" } else { - exposure, err = processExposure(release.App, name, p) + exposure, err = processExposure(release.App, name, p, env) if err != nil { return nil, err } @@ -437,7 +437,7 @@ func standardWebExposure(app *App) *twelvefactor.Exposure { } } -func processExposure(app *App, name string, process Process) (*twelvefactor.Exposure, error) { +func processExposure(app *App, name string, process Process, env map[string]string) (*twelvefactor.Exposure, error) { // No ports == not exposed if len(process.Ports) == 0 { return nil, nil @@ -474,8 +474,18 @@ func processExposure(app *App, name string, process Process) (*twelvefactor.Expo Protocol: protocol, }) } + + external := app.Exposure == exposePublic + if v, ok := env["EMPIRE_X_EXPOSURE"]; ok { + if v == exposePublic { + external = true + } else if v == exposePrivate { + external = false + } + } + return &twelvefactor.Exposure{ - External: app.Exposure == exposePublic, + External: external, Ports: ports, }, nil } diff --git a/scheduler/cloudformation/template.go b/scheduler/cloudformation/template.go index 484d1f078..f0a1cd1f3 100644 --- a/scheduler/cloudformation/template.go +++ b/scheduler/cloudformation/template.go @@ -403,11 +403,13 @@ func (t *EmpireTemplate) addService(tmpl *troposphere.Template, app *twelvefacto scheme := schemeInternal sg := t.InternalSecurityGroupID subnets := t.InternalSubnetIDs + targetGroupPrefix := "Internal" if p.Exposure.External { scheme = schemeExternal sg = t.ExternalSecurityGroupID subnets = t.ExternalSubnetIDs + targetGroupPrefix = "External" } loadBalancerType := loadBalancerType(app, p) @@ -435,7 +437,7 @@ func (t *EmpireTemplate) addService(tmpl *troposphere.Template, app *twelvefacto tmpl.AddResource(loadBalancer) - targetGroup := fmt.Sprintf("%sTargetGroup", key) + targetGroup := fmt.Sprintf("%s%sTargetGroup", key, targetGroupPrefix) tmpl.Resources[targetGroup] = troposphere.Resource{ Type: "AWS::ElasticLoadBalancingV2::TargetGroup", Properties: map[string]interface{}{