feat(*): add statsd-exporter variables (#100)

Signed-off-by: Alvaro Lopez Hernandez <alvaro.lopezhernandez@engineering.digital.dwp.gov.uk>
dwp · Feb 14, 2023 · 749d6a3 · 749d6a3
1 parent 5c89bb1
commit 749d6a3
Show file tree

Hide file tree

Showing 9 changed files with 149 additions and 46 deletions.
diff --git a/main.tf b/main.tf
@@ -94,6 +94,8 @@ module "kong_ec2" {
   min_healthy_percentage            = var.min_healthy_percentage
   role                              = var.role
   security_group_name               = var.security_group_name
+  kong_vitals_enabled               = var.kong_vitals_enabled
+  vitals_endpoint                   = var.vitals_endpoint
 }
 
 
@@ -180,4 +182,7 @@ module "kong_ecs" {
   clustering_endpoint = var.clustering_endpoint
   telemetry_endpoint  = var.telemetry_endpoint
   cluster_server_name = var.cluster_server_name
+
+  vitals_endpoint = var.vitals_endpoint
+
 }
diff --git a/modules/ec2/main.tf b/modules/ec2/main.tf
@@ -38,48 +38,60 @@ locals {
   }
   user_data_script = {
     amazon-linux = templatefile("${path.module}/../../templates/amazon-linux/cloud-init.sh", {
-      proxy_config       = var.proxy_config
-      db_user            = var.kong_database_config.user
-      db_host            = local.db_info.endpoint
-      db_name            = local.db_info.database_name
-      ce_pkg             = var.ce_pkg
-      ee_pkg             = var.ee_pkg
-      ee_creds_ssm_param = var.ee_creds_ssm_param
-      parameter_path     = local.ssm_parameter_path
-      region             = var.region
-      vpc_cidr_block     = var.vpc_cidr_block
-      deck_version       = var.deck_version
-      manager_host       = var.manager_host
-      portal_host        = var.portal_host
-      session_secret     = random_string.session_secret.result
-      kong_config        = var.kong_config
-      kong_ports         = var.kong_ports
-      kong_ssl_uris      = var.kong_ssl_uris
-      kong_hybrid_conf   = var.kong_hybrid_conf
-      clear_database     = var.kong_clear_database
-      kong_plugins       = join(",", concat(["bundled"], var.kong_plugins))
+      proxy_config        = var.proxy_config
+      db_user             = var.kong_database_config.user
+      db_host             = local.db_info.endpoint
+      db_name             = local.db_info.database_name
+      ce_pkg              = var.ce_pkg
+      ee_pkg              = var.ee_pkg
+      ee_creds_ssm_param  = var.ee_creds_ssm_param
+      parameter_path      = local.ssm_parameter_path
+      region              = var.region
+      vpc_cidr_block      = var.vpc_cidr_block
+      deck_version        = var.deck_version
+      manager_host        = var.manager_host
+      portal_host         = var.portal_host
+      session_secret      = random_string.session_secret.result
+      kong_config         = var.kong_config
+      kong_ports          = var.kong_ports
+      kong_ssl_uris       = var.kong_ssl_uris
+      kong_hybrid_conf    = var.kong_hybrid_conf
+      clear_database      = var.kong_clear_database
+      kong_plugins        = join(",", concat(["bundled"], var.kong_plugins))
+      kong_vitals_enabled = var.kong_vitals_enabled
+      vitals_endpoint = var.vitals_endpoint != null ? format("%s:%g %s",
+        var.vitals_endpoint.fqdn,
+        var.vitals_endpoint.port,
+        lower(var.vitals_endpoint.protocol)
+      ) : ""
     })
     ubuntu = templatefile("${path.module}/../../templates/ubuntu/cloud-init.sh", {
-      proxy_config       = var.proxy_config
-      db_user            = var.kong_database_config.user
-      db_host            = local.db_info.endpoint
-      db_name            = local.db_info.database_name
-      ce_pkg             = var.ce_pkg
-      ee_pkg             = var.ee_pkg
-      ee_creds_ssm_param = var.ee_creds_ssm_param
-      parameter_path     = local.ssm_parameter_path
-      region             = var.region
-      vpc_cidr_block     = var.vpc_cidr_block
-      deck_version       = var.deck_version
-      manager_host       = var.manager_host
-      portal_host        = var.portal_host
-      session_secret     = random_string.session_secret.result
-      kong_config        = var.kong_config
-      kong_ports         = var.kong_ports
-      kong_ssl_uris      = var.kong_ssl_uris
-      kong_hybrid_conf   = var.kong_hybrid_conf
-      clear_database     = var.kong_clear_database
-      kong_plugins       = join(",", concat(["bundled"], var.kong_plugins))
+      proxy_config        = var.proxy_config
+      db_user             = var.kong_database_config.user
+      db_host             = local.db_info.endpoint
+      db_name             = local.db_info.database_name
+      ce_pkg              = var.ce_pkg
+      ee_pkg              = var.ee_pkg
+      ee_creds_ssm_param  = var.ee_creds_ssm_param
+      parameter_path      = local.ssm_parameter_path
+      region              = var.region
+      vpc_cidr_block      = var.vpc_cidr_block
+      deck_version        = var.deck_version
+      manager_host        = var.manager_host
+      portal_host         = var.portal_host
+      session_secret      = random_string.session_secret.result
+      kong_config         = var.kong_config
+      kong_ports          = var.kong_ports
+      kong_ssl_uris       = var.kong_ssl_uris
+      kong_hybrid_conf    = var.kong_hybrid_conf
+      clear_database      = var.kong_clear_database
+      kong_plugins        = join(",", concat(["bundled"], var.kong_plugins))
+      kong_vitals_enabled = var.kong_vitals_enabled
+      vitals_endpoint = var.vitals_endpoint != null ? format("%s:%g %s",
+        var.vitals_endpoint.fqdn,
+        var.vitals_endpoint.port,
+        lower(var.vitals_endpoint.protocol)
+      ) : ""
     })
   }
 

diff --git a/modules/ec2/variables.tf b/modules/ec2/variables.tf
@@ -579,3 +579,18 @@ variable "kong_plugins" {
   type        = list(string)
   default     = []
 }
+
+variable "kong_vitals_enabled" {
+  description = "Define whether or not Kong Vitals should be enabled."
+  type        = string
+}
+
+variable "vitals_endpoint" {
+  description = "(Optional) The DNS name for the Vitals endpoint that Gateways should send their metrics to"
+  type = object({
+    fqdn     = string
+    port     = number
+    protocol = string
+  })
+  default = null
+}
diff --git a/modules/ecs/main.tf b/modules/ecs/main.tf
@@ -28,7 +28,7 @@ resource "aws_ecs_task_definition" "kong" {
   memory                   = var.fargate_memory
   task_role_arn            = aws_iam_role.kong_task_role.arn
   execution_role_arn       = var.execution_role_arn
-    container_definitions    = var.role == "control_plane" ? templatefile("${path.module}/../../templates/ecs/kong_control_plane.tpl",
+  container_definitions = var.role == "control_plane" ? templatefile("${path.module}/../../templates/ecs/kong_control_plane.tpl",
     {
       name                        = local.name
       group_name                  = local.name
@@ -66,6 +66,11 @@ resource "aws_ecs_task_definition" "kong" {
       kong_plugins                = join(",", concat(["bundled"], var.kong_plugins))
       entrypoint                  = var.entrypoint
       nginx_custom_config         = base64encode(var.nginx_custom_config)
+      vitals_endpoint = var.vitals_endpoint != null ? format("%s:%g %s",
+        var.vitals_endpoint.fqdn,
+        var.vitals_endpoint.port,
+        lower(var.vitals_endpoint.protocol)
+      ) : ""
     }) : var.role == "data_plane" ? templatefile("${path.module}/../../templates/ecs/kong_data_plane.tpl",
     {
       name                = local.name
@@ -93,6 +98,12 @@ resource "aws_ecs_task_definition" "kong" {
       kong_plugins        = join(",", concat(["bundled"], var.kong_plugins))
       entrypoint          = var.entrypoint
       nginx_custom_config = base64encode(var.nginx_custom_config)
+      kong_vitals_enabled = var.kong_vitals_enabled
+      vitals_endpoint = var.vitals_endpoint != null ? format("%s:%g %s",
+        var.vitals_endpoint.fqdn,
+        var.vitals_endpoint.port,
+        lower(var.vitals_endpoint.protocol)
+      ) : ""
     }) : var.role == "portal" ? templatefile("${path.module}/../../templates/ecs/kong_portal.tpl",
     {
       name                     = local.name
@@ -125,7 +136,7 @@ resource "aws_ecs_task_definition" "kong" {
       kong_plugins             = join(",", concat(["bundled"], var.kong_plugins))
       entrypoint               = var.entrypoint
       nginx_custom_config      = base64encode(var.nginx_custom_config)
-    }) : null
+  }) : null
 
   tags = {
     Name = local.name
@@ -163,6 +174,7 @@ resource "aws_ecs_service" "kong" {
     Name = local.name
   }
 }
+
 data "aws_iam_policy_document" "ecs_assume_role_policy" {
   statement {
     sid     = "EcsAssumeRole"

diff --git a/modules/ecs/variables.tf b/modules/ecs/variables.tf
@@ -342,3 +342,13 @@ variable "kong_plugins" {
   type        = list(string)
   default     = []
 }
+
+variable "vitals_endpoint" {
+  description = "(Optional) The DNS name for the Vitals endpoint that Gateways should send their metrics to"
+  type = object({
+    fqdn     = string
+    port     = number
+    protocol = string
+  })
+  default = null
+}
diff --git a/templates/amazon-linux/cloud-init.sh b/templates/amazon-linux/cloud-init.sh
@@ -397,6 +397,13 @@ KONG_CLUSTER_TELEMETRY_ENDPOINT="${kong_hybrid_conf.endpoint}:${kong_ports.telem
 
 KONG_PLUGINS="${kong_plugins}"
 
+%{ if vitals_endpoint != "" && kong_vitals_enabled == "on" }
+KONG_VITALS="on"
+KONG_VITALS_STRATEGY="prometheus"
+KONG_VITALS_STATSD_ADDRESS="${vitals_endpoint}"
+%{ endif }
+KONG_VITALS_TSDB_ADDRESS=127.0.0.1:443
+
 %{ for key, value in kong_config ~}
 ${key}="${value}"
 %{ endfor ~}

diff --git a/templates/ecs/kong_control_plane.tpl b/templates/ecs/kong_control_plane.tpl
@@ -139,10 +139,6 @@
       "name": "KONG_ROLE",
       "value": "control_plane"
     },
-    {
-      "name": "KONG_VITALS",
-      "value": "${kong_vitals_enabled}"
-    },
     {
       "name": "KONG_PORTAL",
       "value": "${kong_portal_enabled}"
@@ -166,6 +162,24 @@
     {
       "name": "KONG_TRUSTED_IPS",
       "value": "0.0.0.0/0"
+    },
+    %{ if vitals_endpoint != "" && kong_vitals_enabled == "on" }
+    {
+      "name": "KONG_VITALS",
+      "value": "${kong_vitals_enabled}"
+    },
+    {
+      "name": "KONG_VITALS_STRATEGY",
+      "value": "prometheus"
+    },
+    {
+      "name": "KONG_VITALS_STATSD_ADDRESS",
+      "value": "${vitals_endpoint}"
+    },
+    %{ endif }
+    {
+      "name": "KONG_VITALS_TSDB_ADDRESS",
+      "value": "127.0.0.1:443"
     }
   ],
   "secrets": [

diff --git a/templates/ecs/kong_data_plane.tpl b/templates/ecs/kong_data_plane.tpl
@@ -96,6 +96,24 @@
     {
       "name": "KONG_ANONYMOUS_REPORTS",
       "value": "off"
+    },
+    %{ if vitals_endpoint != "" && kong_vitals_enabled == "on" }
+    {
+      "name": "KONG_VITALS",
+      "value": "${kong_vitals_enabled}"
+    },
+    {
+      "name": "KONG_VITALS_STRATEGY",
+      "value": "prometheus"
+    },
+    {
+      "name": "KONG_VITALS_STATSD_ADDRESS",
+      "value": "${vitals_endpoint}"
+    },
+    %{ endif }
+    {
+      "name": "KONG_VITALS_TSDB_ADDRESS",
+      "value": "127.0.0.1:443"
     }
   ],
   "secrets": [

diff --git a/variables.tf b/variables.tf
@@ -829,6 +829,16 @@ variable "kong_portal_api_url" {
   default     = ""
 }
 
+variable "vitals_endpoint" {
+  description = "(Optional) The DNS name for the Vitals endpoint that Gateways should send their metrics to"
+  type = object({
+    fqdn     = string
+    port     = number
+    protocol = string
+  })
+  default = null
+}
+
 variable "kong_plugins" {
   description = "(Optional) List of Kong plugins, passed through the variable KONG_PLUGINS"
   type        = list(string)