Skip to content
This repository was archived by the owner on Jul 3, 2023. It is now read-only.

Replace classic ELB with ALB #101

Closed
wants to merge 1 commit into from
Closed

Replace classic ELB with ALB #101

wants to merge 1 commit into from

Conversation

micahlmartin
Copy link

Replaces the classic ELB in the web-service module with the new ALB. This provides much better controls and has built-in support for websockets.

#100

@jalessio
Copy link
Contributor

jalessio commented Mar 7, 2017

I'm just an outside observer to this repo, but +1'd #100 because I want to use stack with an ALB instead of ELB and was happy to see someone beat me to implementing it! That said, wouldn't it be preferable to make the ALB an addition instead of a replacement? I suspect existing users with ELB's in their stack won't be too happy to see that option disappear and new users like myself won't mind having the option of ALB and ELB when spinning up new stacks.

@micahlmartin
Copy link
Author

This is a particular challenge in Terraform. The same problem exists if you want to use the web-service module without SSL configured. You can't set ssl_id="" or leave it off completely otherwise the underlying reference to it in the ELB throws an error because it's missing. There's no way to conditionally render this type of thing with Terraform (that I know of). The only other option I can think of is to have a new module called web-service-alb or web-service-ssl for explicitly wanting ssl enabled for example. Maybe there's a better way that I'm unaware of. Open to suggestions. .

@kc-dot-io
Copy link

kc-dot-io commented Mar 9, 2017
edited
Loading

@micahlmartin I'm gonna test this out right now and see how it works for me since I've been banging my head against the wall all night trying to get the web-service ELB to connect to my containers. I'll report back.

IMO, the approach you are mentioning for web-service-elb | web-service-albseems reasonable to me but it will still require people to change their existing configs which is a hard sell.

@kc-dot-io
Copy link

doesn't seem to be working for me, but that could definitely be on me - i'm new to this...

provider "aws" {
  region = "us-east-1"
}

module "stack" {
  source      = "./ops/stack"
  name        = "hc"
  environment = "staging"
  key_name    = "stack"
  availability_zones = ["us-east-1a","us-east-1b","us-east-1c"]
  region = "us-east-1"
}

module "domain" {
  source = "./ops/stack/dns"
  name = "hc.ai"
}

module "nginx_test" {
  source         = "./ops/stack/web-service"
  name           = "nginx-test"
  image          = "nginx"
  port           = 80
  container_port = 80
  desired_count  = 3

  ssl_certificate_id = ""

  environment       = "${module.stack.environment}"
  cluster           = "${module.stack.cluster}"
  iam_role          = "${module.stack.iam_role}"
  security_groups   = "${module.stack.internal_elb}"
  log_bucket        = "${module.stack.log_bucket_id}"
  internal_zone_id  = "${module.stack.zone_id}"
  external_zone_id  = "${module.domain.zone_id}"
  subnet_ids        = "${join(",", module.stack.external_subnets)}"
}


❯ terraform -v                                                                                                                                      [20:35:13]
Terraform v0.8.8

❯ terraform get                                                                                                                                     [20:46:10]
Get: file:///Users/slajax/repos/hc/ops/stack
Get: file:///Users/slajax/repos/hc/ops/stack/dns
Get: file:///Users/slajax/repos/hc/ops/stack/web-service
Get: file:///Users/slajax/repos/hc/ops/stack/task
Get: file:///Users/slajax/repos/hc/ops/stack/web-service/alb
Get: file:///Users/slajax/repos/hc/ops/stack/defaults
Get: file:///Users/slajax/repos/hc/ops/stack/vpc
Get: file:///Users/slajax/repos/hc/ops/stack/security-groups
Get: file:///Users/slajax/repos/hc/ops/stack/bastion
Get: file:///Users/slajax/repos/hc/ops/stack/dhcp
Get: file:///Users/slajax/repos/hc/ops/stack/dns
Get: file:///Users/slajax/repos/hc/ops/stack/iam-role
Get: file:///Users/slajax/repos/hc/ops/stack/ecs-cluster
Get: file:///Users/slajax/repos/hc/ops/stack/s3-logs
Get: git::https://github.com/terraform-community-modules/tf_aws_ubuntu_ami.git
Get: git::https://github.com/terraform-community-modules/tf_aws_virttype.git
Get: file:///Users/slajax/repos/hc/.terraform/modules/f462c59681aa46918ae703a34fbeac5d
Error loading Terraform: module nginx_test.root: module task: working_directory is not a valid parameter

@achille-roussel
Copy link
Contributor

Replacing is not possible as it is since it could alter everyone's infrastructure in unexpected ways. I'd be open to accept a PR that adds the option to use an ALB instead of an ELB, but the default behavior has to remain unchanged.

@cicloid
Copy link

cicloid commented May 31, 2017

I've been thinking on how to add this one, should the web-service/service offer an additional parameter for ALB/ELB or is it another type of service (module)?

This was referenced Jun 16, 2017
Merged
Open
@vorotech
Copy link

On my work (we use CloudFormation templates) while migrating to elb->alb we did both elb types attached to get transition without downtime for critical services, and later disable the elb.
For non-critical services switcing the elb->alb introduces only 2-4 mins of service downtime.
I'm keen on give it a try using terraform.

+1 to provide as an option (extra module parameter or two elb=true, alb=false ) rather than changing existing deployment method.

@webyneter webyneter mentioned this pull request Sep 25, 2018
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@micahlmartin @jalessio @kc-dot-io @achille-roussel @cicloid @vorotech