-
Notifications
You must be signed in to change notification settings - Fork 0
/
extensions.ts
111 lines (107 loc) · 3.06 KB
/
extensions.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
import { Duration, Stack } from 'aws-cdk-lib';
import {
AwsLogDriver,
Protocol,
ContainerImage,
ITaskDefinitionExtension,
TaskDefinition,
} from 'aws-cdk-lib/aws-ecs';
import { ManagedPolicy, PolicyStatement } from 'aws-cdk-lib/aws-iam';
import { ILogGroup } from 'aws-cdk-lib/aws-logs';
/**
* Task Definition Extension that are useful for this application
*/
export abstract class Extensions {
/**
* Add a CloudWatch agent sidecar
*
* @param logGroup - CloudWatch LogGroup that the cloudwatch agent should log to
* @returns a TaskDefinitionExtension
*/
public static cloudWatchAgent(logGroup: ILogGroup): ITaskDefinitionExtension {
return new CloudWatchAgentExtension(logGroup);
}
/**
* Add an Xray agent sidecar enabling sending traces to xray
*
* @param logGroup - CloudWatch LogGroup that the xray agent should log to
* @returns a TaskDefinitionExtension
*/
public static xray(logGroup: ILogGroup): ITaskDefinitionExtension {
return new XRayExtension(logGroup);
}
}
export class XRayExtension implements ITaskDefinitionExtension {
constructor(private readonly logGroup: ILogGroup) {}
extend(taskDefinition: TaskDefinition): void {
taskDefinition.addContainer('xray', {
image: ContainerImage.fromRegistry('amazon/aws-xray-daemon:latest'),
essential: true,
memoryReservationMiB: 256,
portMappings: [
{
containerPort: 2000,
protocol: Protocol.UDP,
},
],
environment: {
AWS_REGION: Stack.of(taskDefinition).region,
},
healthCheck: {
command: ['CMD-SHELL', 'curl -s http://localhost:2000'],
startPeriod: Duration.seconds(10),
interval: Duration.seconds(5),
timeout: Duration.seconds(2),
retries: 3,
},
logging: new AwsLogDriver({
streamPrefix: 'xray',
logGroup: this.logGroup,
}),
});
taskDefinition.taskRole.addManagedPolicy(
ManagedPolicy.fromAwsManagedPolicyName('AWSXRayDaemonWriteAccess'),
);
}
}
class CloudWatchAgentExtension implements ITaskDefinitionExtension {
constructor(private readonly logGroup: ILogGroup) {}
extend(taskDefinition: TaskDefinition): void {
taskDefinition.addContainer('cloudwatch-agent', {
image: ContainerImage.fromRegistry(
'public.ecr.aws/cloudwatch-agent/cloudwatch-agent:latest',
),
portMappings: [
{
containerPort: 25888,
},
],
essential: true,
environment: {
CW_CONFIG_CONTENT: JSON.stringify({
logs: {
metrics_collected: {
emf: {},
},
},
metrics: {
metrics_collected: {
statsd: {},
},
},
}),
},
logging: new AwsLogDriver({
streamPrefix: 'cloudwatch-agent',
logGroup: this.logGroup,
}),
memoryReservationMiB: 50,
});
taskDefinition.addToTaskRolePolicy(
new PolicyStatement({
resources: ['*'],
actions: ['cloudwatch:PutMetricData'],
}),
);
}
}