From 8e391fe6086b83f1d17184f997f7ab88f6ce523d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Wed, 19 Nov 2025 11:04:43 +0100 Subject: [PATCH 01/24] Working on ecs autoscaling --- tf/modules/ooniapi_service/main.tf | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/tf/modules/ooniapi_service/main.tf b/tf/modules/ooniapi_service/main.tf index f19e08f0..8fe243ec 100644 --- a/tf/modules/ooniapi_service/main.tf +++ b/tf/modules/ooniapi_service/main.tf @@ -145,3 +145,12 @@ resource "aws_alb_target_group" "ooniapi_service" { tags = var.tags } + +resource "aws_appautoscaling_target" "ecs_target" { + service_namespace = "ecs" + scalable_dimension = "ecs:service:DesiredCount" + resource_id = "${var.ecs_cluster_id}" + + min_capacity = 2 + max_capacity = 10 +} From 00449446b361364c8814dbbc5ae5473673176ed6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Wed, 19 Nov 2025 13:45:51 +0100 Subject: [PATCH 02/24] Add autoscaling configs to ooniapi service --- tf/modules/ooniapi_service/main.tf | 32 +++++++++++++++++++++++-- tf/modules/ooniapi_service/variables.tf | 23 ++++++++++++++++++ 2 files changed, 53 insertions(+), 2 deletions(-) diff --git a/tf/modules/ooniapi_service/main.tf b/tf/modules/ooniapi_service/main.tf index 8fe243ec..3c299697 100644 --- a/tf/modules/ooniapi_service/main.tf +++ b/tf/modules/ooniapi_service/main.tf @@ -147,10 +147,38 @@ resource "aws_alb_target_group" "ooniapi_service" { } resource "aws_appautoscaling_target" "ecs_target" { + // Use count to support conditional resource creation + count = var.use_autoscaling ? 1 : 0 service_namespace = "ecs" scalable_dimension = "ecs:service:DesiredCount" resource_id = "${var.ecs_cluster_id}" - min_capacity = 2 - max_capacity = 10 + min_capacity = var.service_desired_count + max_capacity = var.max_desired_count +} + +resource "aws_appautoscaling_policy" "policies" { + for_each = toset(var.autoscale_policies) + + name = each.value.name + service_namespace = "ecs" + scalable_dimension = aws_appautoscaling_target.ecs_target[0].scalable_dimension + resource_id = aws_appautoscaling_target.ecs_target[0].resource_id + policy_type = "TargetTrackingScaling" + + target_tracking_scaling_policy_configuration { + predefined_metric_specification { + predefined_metric_type = lookup({ + cpu = "ECSServiceAverageCPUUtilization" + memory = "ECSServiceAverageMemoryUtilization" + }, + each.value.resource_type, + "ECSServiceAverageMemoryUtilization" + ) + } + + target_value = each.value.scaleout_threshold + scale_in_cooldown = 60 + scale_out_cooldown = 60 + } } diff --git a/tf/modules/ooniapi_service/variables.tf b/tf/modules/ooniapi_service/variables.tf index 0dfaf4bf..50c4c642 100644 --- a/tf/modules/ooniapi_service/variables.tf +++ b/tf/modules/ooniapi_service/variables.tf @@ -65,3 +65,26 @@ variable "ooniapi_service_security_groups" { description = "the shared web security group from the ecs cluster" type = list(string) } + +// Autoscaling +variable "use_autoscaling" { + description = "Whether this service should use autoscaling to modify task count at runtime" + type = bool + default = false +} + +variable "max_desired_count" { + description = "Desired numbers of instances in the ecs service" + default = 1 +} + +variable "autoscale_policies" { + description = "Policies used for autoscaling resources, only valid if `use_autoscaling` == true" + type = list(object({ + resource_type = string // memory | cpu + scalein_treshold = number // from 0 to 100, number used to trigger a scale in. Should be lower than scaleout_treshold + scaleout_treshold = number // from 0 to 100, number used to trigger a scale in. Should be higher than scalein_treshold + name = string + })) + default = [] +} From 7bfa9373ef172aadd6383dd250bcc2edbd8131bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Wed, 19 Nov 2025 14:52:33 +0100 Subject: [PATCH 03/24] Setting up ooniprobe to use autoscaling --- tf/environments/dev/main.tf | 14 +++++++++++++- tf/modules/ooniapi_service/main.tf | 9 ++++++--- tf/modules/ooniapi_service/variables.tf | 7 +++++-- 3 files changed, 24 insertions(+), 6 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 2b86ffe7..1a56c6c7 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -392,7 +392,7 @@ module "ooniapi_ooniprobe_deployer" { module "ooniapi_ooniprobe" { source = "../../modules/ooniapi_service" - task_memory = 64 + task_memory = 256 # First run should be set on first run to bootstrap the task definition # first_run = true @@ -423,6 +423,18 @@ module "ooniapi_ooniprobe" { # module.ooniapi_cluster.web_security_group_id ] + service_desired_count = 2 + use_autoscaling = true + max_desired_count = 10 + autoscale_policies = [ + { + resource_type = "memory" + name = "memory" + scaleout_treshold = 60 + scalein_treshold = 20 + } + ] + tags = merge( local.tags, { Name = "ooni-tier0-ooniprobe" } diff --git a/tf/modules/ooniapi_service/main.tf b/tf/modules/ooniapi_service/main.tf index 3c299697..f0e459cc 100644 --- a/tf/modules/ooniapi_service/main.tf +++ b/tf/modules/ooniapi_service/main.tf @@ -151,14 +151,17 @@ resource "aws_appautoscaling_target" "ecs_target" { count = var.use_autoscaling ? 1 : 0 service_namespace = "ecs" scalable_dimension = "ecs:service:DesiredCount" - resource_id = "${var.ecs_cluster_id}" + resource_id = "${reverse(split(":", aws_ecs_service.ooniapi_service.id))[0]}" min_capacity = var.service_desired_count max_capacity = var.max_desired_count } resource "aws_appautoscaling_policy" "policies" { - for_each = toset(var.autoscale_policies) + for_each = { + for p in var.autoscale_policies : + p.name => p + } name = each.value.name service_namespace = "ecs" @@ -177,7 +180,7 @@ resource "aws_appautoscaling_policy" "policies" { ) } - target_value = each.value.scaleout_threshold + target_value = each.value.scaleout_treshold scale_in_cooldown = 60 scale_out_cooldown = 60 } diff --git a/tf/modules/ooniapi_service/variables.tf b/tf/modules/ooniapi_service/variables.tf index 50c4c642..eafdcdfb 100644 --- a/tf/modules/ooniapi_service/variables.tf +++ b/tf/modules/ooniapi_service/variables.tf @@ -30,7 +30,11 @@ variable "tags" { } variable "service_desired_count" { - description = "Desired numbers of instances in the ecs service" + description = <<-EOF + Desired numbers of instances in the ecs service. + When `use_autoscaling == true` this will be the minimum amount of + spawned services + EOF default = 1 } @@ -82,7 +86,6 @@ variable "autoscale_policies" { description = "Policies used for autoscaling resources, only valid if `use_autoscaling` == true" type = list(object({ resource_type = string // memory | cpu - scalein_treshold = number // from 0 to 100, number used to trigger a scale in. Should be lower than scaleout_treshold scaleout_treshold = number // from 0 to 100, number used to trigger a scale in. Should be higher than scalein_treshold name = string })) From 68768d68beb28e6ad5ab37496746c7ed2ab2721d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Wed, 19 Nov 2025 15:29:44 +0100 Subject: [PATCH 04/24] Add autoscaling to oonimeasurements --- tf/environments/dev/main.tf | 12 +++++++++++- tf/modules/ooniapi_service/variables.tf | 2 ++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 1a56c6c7..7791ee43 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -917,7 +917,7 @@ module "ooniapi_oonimeasurements_deployer" { module "ooniapi_oonimeasurements" { source = "../../modules/ooniapi_service" - task_memory = 64 + task_memory = 128 first_run = true vpc_id = module.network.vpc_id @@ -948,6 +948,16 @@ module "ooniapi_oonimeasurements" { module.oonitier1plus_cluster.web_security_group_id ] + use_autoscaling = true + max_desired_count = 4 + autoscale_policies = [ + { + name = "memory" + resource_type = "memory" + scaleout_treshold = 60 + } + ] + tags = merge( local.tags, { Name = "ooni-tier0-oonimeasurements" } diff --git a/tf/modules/ooniapi_service/variables.tf b/tf/modules/ooniapi_service/variables.tf index eafdcdfb..c0e42b66 100644 --- a/tf/modules/ooniapi_service/variables.tf +++ b/tf/modules/ooniapi_service/variables.tf @@ -84,10 +84,12 @@ variable "max_desired_count" { variable "autoscale_policies" { description = "Policies used for autoscaling resources, only valid if `use_autoscaling` == true" + type = list(object({ resource_type = string // memory | cpu scaleout_treshold = number // from 0 to 100, number used to trigger a scale in. Should be higher than scalein_treshold name = string })) + default = [] } From dd5bcd6b45432c3c169bffb03037d559ed1d1c37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Wed, 19 Nov 2025 16:37:53 +0100 Subject: [PATCH 05/24] remove invalid parameter --- tf/environments/dev/main.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 765077e0..7791ee43 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -394,8 +394,6 @@ module "ooniapi_ooniprobe" { task_memory = 256 - service_desired_count = 2 - # First run should be set on first run to bootstrap the task definition # first_run = true From 8bfefa17d217642f92e4f6964af90820a3003f37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Wed, 19 Nov 2025 16:42:04 +0100 Subject: [PATCH 06/24] remove unused parameter --- tf/environments/dev/main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 7791ee43..e6d23a73 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -431,7 +431,6 @@ module "ooniapi_ooniprobe" { resource_type = "memory" name = "memory" scaleout_treshold = 60 - scalein_treshold = 20 } ] From 6d75bdf210f28b01b3fe5465809c56e474ff0ff3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Wed, 19 Nov 2025 16:46:32 +0100 Subject: [PATCH 07/24] move parameter --- tf/environments/dev/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index e6d23a73..d21b2d79 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -423,8 +423,8 @@ module "ooniapi_ooniprobe" { # module.ooniapi_cluster.web_security_group_id ] - service_desired_count = 2 use_autoscaling = true + service_desired_count = 2 max_desired_count = 10 autoscale_policies = [ { @@ -927,7 +927,6 @@ module "ooniapi_oonimeasurements" { dns_zone_ooni_io = local.dns_zone_ooni_io key_name = module.adm_iam_roles.oonidevops_key_name ecs_cluster_id = module.oonitier1plus_cluster.cluster_id - service_desired_count = 2 task_secrets = { POSTGRESQL_URL = data.aws_ssm_parameter.oonipg_url.arn @@ -948,6 +947,7 @@ module "ooniapi_oonimeasurements" { ] use_autoscaling = true + service_desired_count = 2 max_desired_count = 4 autoscale_policies = [ { From 054ba30a5506fba2e14f87e8dd1b94fdae0d870d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Thu, 20 Nov 2025 10:43:21 +0100 Subject: [PATCH 08/24] Testing cluster autoscaling with more task instances for oonimeasurements --- tf/environments/dev/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index d21b2d79..e9f4d7fb 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -424,8 +424,8 @@ module "ooniapi_ooniprobe" { ] use_autoscaling = true - service_desired_count = 2 - max_desired_count = 10 + service_desired_count = 12 + max_desired_count = 20 autoscale_policies = [ { resource_type = "memory" From 889b3a21e0ecfc835b85bb780bd4b2e5910651dd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Thu, 20 Nov 2025 16:36:39 +0100 Subject: [PATCH 09/24] Set desired count to previous value --- tf/environments/dev/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index e9f4d7fb..de77c3c1 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -424,8 +424,8 @@ module "ooniapi_ooniprobe" { ] use_autoscaling = true - service_desired_count = 12 - max_desired_count = 20 + service_desired_count = 1 + max_desired_count = 4 autoscale_policies = [ { resource_type = "memory" From 23197209aa90ff1bb3a8654cad5f0549c8e66c16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Thu, 20 Nov 2025 16:47:45 +0100 Subject: [PATCH 10/24] add capacity provider to ecs clusters --- tf/modules/ecs_cluster/main.tf | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/tf/modules/ecs_cluster/main.tf b/tf/modules/ecs_cluster/main.tf index fa0557ef..6e23c756 100644 --- a/tf/modules/ecs_cluster/main.tf +++ b/tf/modules/ecs_cluster/main.tf @@ -117,7 +117,7 @@ resource "aws_security_group" "container_host" { security_groups = concat([ aws_security_group.web.id, - ], + ], var.monitoring_sg_ids) } @@ -213,3 +213,20 @@ resource "aws_autoscaling_group" "container_host" { triggers = ["tag"] } } + +resource "aws_ecs_capacity_provider" "capacity_provider" { + name = "${var.name}-capacity-provider" + + auto_scaling_group_provider { + auto_scaling_group_arn = aws_autoscaling_group.container_host.arn + managed_draining = "ENABLED" + managed_termination_protection = "ENABLED" + + managed_scaling { + maximum_scaling_step_size = 1000 + minimum_scaling_step_size = 1 + status = "ENABLED" + target_capacity = 100 + } + } +} From f687ba2faaee4a267e82bd9e2cc6c6906bdca747 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Fri, 21 Nov 2025 11:49:16 +0100 Subject: [PATCH 11/24] Link capacity provider to ECS cluster --- tf/modules/ecs_cluster/main.tf | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/tf/modules/ecs_cluster/main.tf b/tf/modules/ecs_cluster/main.tf index 6e23c756..394ed9c4 100644 --- a/tf/modules/ecs_cluster/main.tf +++ b/tf/modules/ecs_cluster/main.tf @@ -204,6 +204,8 @@ resource "aws_autoscaling_group" "container_host" { version = "$Latest" } + protect_from_scale_in = true + instance_refresh { strategy = "Rolling" preferences { @@ -212,6 +214,14 @@ resource "aws_autoscaling_group" "container_host" { triggers = ["tag"] } + + // This tag is required by the aws_ecs_capacity_provider resource + // See: https://registry.terraform.io/providers/hashicorp/aws/5.87.0/docs/resources/ecs_capacity_provider#example-usage + tag { + key = "AmazonECSManaged" + value = true + propagate_at_launch = true + } } resource "aws_ecs_capacity_provider" "capacity_provider" { @@ -219,8 +229,8 @@ resource "aws_ecs_capacity_provider" "capacity_provider" { auto_scaling_group_provider { auto_scaling_group_arn = aws_autoscaling_group.container_host.arn - managed_draining = "ENABLED" managed_termination_protection = "ENABLED" + # managed_draining = "ENABLED" managed_scaling { maximum_scaling_step_size = 1000 @@ -230,3 +240,16 @@ resource "aws_ecs_capacity_provider" "capacity_provider" { } } } + +// You also need to link the capacity provider to the cluster +resource "aws_ecs_cluster_capacity_providers" "cluster_capacity_providers" { + cluster_name = aws_ecs_cluster.main.name + + capacity_providers = [aws_ecs_capacity_provider.capacity_provider.name] + + default_capacity_provider_strategy { + base = 1 + weight = 100 + capacity_provider = aws_ecs_capacity_provider.capacity_provider.name + } +} From 258e0bdf09efa549d884ed6b3585133b8e0295ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Fri, 21 Nov 2025 11:52:01 +0100 Subject: [PATCH 12/24] test autoscaling with oonimeasurements --- tf/environments/dev/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index de77c3c1..936d8ec8 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -947,8 +947,8 @@ module "ooniapi_oonimeasurements" { ] use_autoscaling = true - service_desired_count = 2 - max_desired_count = 4 + service_desired_count = 12 + max_desired_count = 20 autoscale_policies = [ { name = "memory" From 3a6afe0360b0710835b54609d90e450b79bd33c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Fri, 21 Nov 2025 11:54:43 +0100 Subject: [PATCH 13/24] test autoscaling with oonimeasurements --- tf/environments/dev/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 936d8ec8..28ce18b2 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -947,7 +947,7 @@ module "ooniapi_oonimeasurements" { ] use_autoscaling = true - service_desired_count = 12 + service_desired_count = 16 max_desired_count = 20 autoscale_policies = [ { From e10692b7aaeeca2111847aabb7c7e36dd87b99dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Fri, 21 Nov 2025 11:58:49 +0100 Subject: [PATCH 14/24] adjusting target capacity --- tf/modules/ecs_cluster/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf/modules/ecs_cluster/main.tf b/tf/modules/ecs_cluster/main.tf index 394ed9c4..e2b6aa5a 100644 --- a/tf/modules/ecs_cluster/main.tf +++ b/tf/modules/ecs_cluster/main.tf @@ -236,7 +236,7 @@ resource "aws_ecs_capacity_provider" "capacity_provider" { maximum_scaling_step_size = 1000 minimum_scaling_step_size = 1 status = "ENABLED" - target_capacity = 100 + target_capacity = 90 } } } From 9437fbc415aa96602d97621187ea6d7d89c57748 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Fri, 21 Nov 2025 12:10:24 +0100 Subject: [PATCH 15/24] Roll back oonimeasurements desired task count --- tf/environments/dev/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 28ce18b2..73b612f2 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -947,8 +947,8 @@ module "ooniapi_oonimeasurements" { ] use_autoscaling = true - service_desired_count = 16 - max_desired_count = 20 + service_desired_count = 2 + max_desired_count = 8 autoscale_policies = [ { name = "memory" From c15bfcd66ea1ce2f10c06b838f296f94976ead14 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Fri, 21 Nov 2025 12:21:10 +0100 Subject: [PATCH 16/24] Remove scale in protection to instances to allow auto scaler to reduce capacity --- tf/modules/ecs_cluster/main.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/tf/modules/ecs_cluster/main.tf b/tf/modules/ecs_cluster/main.tf index e2b6aa5a..93268742 100644 --- a/tf/modules/ecs_cluster/main.tf +++ b/tf/modules/ecs_cluster/main.tf @@ -204,8 +204,6 @@ resource "aws_autoscaling_group" "container_host" { version = "$Latest" } - protect_from_scale_in = true - instance_refresh { strategy = "Rolling" preferences { From 0b75cfaad777bd009a74509106d68d1905210f0d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Fri, 21 Nov 2025 12:46:53 +0100 Subject: [PATCH 17/24] adjusting ooniprobe memory --- tf/environments/dev/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 73b612f2..f6a90f08 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -392,7 +392,7 @@ module "ooniapi_ooniprobe_deployer" { module "ooniapi_ooniprobe" { source = "../../modules/ooniapi_service" - task_memory = 256 + task_memory = 128 # First run should be set on first run to bootstrap the task definition # first_run = true From 38e22289046a3f9a1f23ae97dce479dcbea70d7f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Mon, 8 Dec 2025 13:47:22 +0100 Subject: [PATCH 18/24] Add more memory to oonimeasurements --- tf/environments/dev/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index f6a90f08..cb5eb451 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -916,7 +916,7 @@ module "ooniapi_oonimeasurements_deployer" { module "ooniapi_oonimeasurements" { source = "../../modules/ooniapi_service" - task_memory = 128 + task_memory = 256 first_run = true vpc_id = module.network.vpc_id From a6cbddd3b702e703c01a7f6e2c7fbca08e0c2ad9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Tue, 9 Dec 2025 12:28:26 +0100 Subject: [PATCH 19/24] Set target capacity to 100 to avoid unused machines --- tf/modules/ecs_cluster/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf/modules/ecs_cluster/main.tf b/tf/modules/ecs_cluster/main.tf index 93268742..19772081 100644 --- a/tf/modules/ecs_cluster/main.tf +++ b/tf/modules/ecs_cluster/main.tf @@ -234,7 +234,7 @@ resource "aws_ecs_capacity_provider" "capacity_provider" { maximum_scaling_step_size = 1000 minimum_scaling_step_size = 1 status = "ENABLED" - target_capacity = 90 + target_capacity = 100 } } } From 3d763d2465c8f63faf0b6c9e7a72aab178100c9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Tue, 9 Dec 2025 13:54:15 +0100 Subject: [PATCH 20/24] Increasing capacity for services according to their mem usage in aws --- tf/environments/dev/main.tf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index cb5eb451..ef82bf0c 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -392,7 +392,7 @@ module "ooniapi_ooniprobe_deployer" { module "ooniapi_ooniprobe" { source = "../../modules/ooniapi_service" - task_memory = 128 + task_memory = 256 # First run should be set on first run to bootstrap the task definition # first_run = true @@ -750,7 +750,7 @@ module "ooniapi_oonirun_deployer" { module "ooniapi_oonirun" { source = "../../modules/ooniapi_service" - task_memory = 64 + task_memory = 256 vpc_id = module.network.vpc_id @@ -799,7 +799,7 @@ module "ooniapi_oonifindings_deployer" { module "ooniapi_oonifindings" { source = "../../modules/ooniapi_service" - task_memory = 64 + task_memory = 256 vpc_id = module.network.vpc_id @@ -849,7 +849,7 @@ module "ooniapi_ooniauth_deployer" { module "ooniapi_ooniauth" { source = "../../modules/ooniapi_service" - task_memory = 64 + task_memory = 128 vpc_id = module.network.vpc_id From 2279d277f13a490aa1e842cedd1ca910b94fb920 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Tue, 9 Dec 2025 14:18:42 +0100 Subject: [PATCH 21/24] Remove desired capacity parameter as it's replaced by capacity provider --- tf/environments/dev/main.tf | 2 -- tf/modules/ecs_cluster/main.tf | 4 +++- tf/modules/ecs_cluster/variables.tf | 7 +------ 3 files changed, 4 insertions(+), 9 deletions(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index ef82bf0c..87a015cb 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -300,7 +300,6 @@ module "ooniapi_cluster" { asg_min = 2 asg_max = 4 - asg_desired = 2 instance_type = "t3a.micro" @@ -329,7 +328,6 @@ module "oonitier1plus_cluster" { asg_min = 2 asg_max = 4 - asg_desired = 2 instance_type = "t3a.micro" diff --git a/tf/modules/ecs_cluster/main.tf b/tf/modules/ecs_cluster/main.tf index 19772081..b95fb7ea 100644 --- a/tf/modules/ecs_cluster/main.tf +++ b/tf/modules/ecs_cluster/main.tf @@ -197,7 +197,9 @@ resource "aws_autoscaling_group" "container_host" { vpc_zone_identifier = var.subnet_ids min_size = var.asg_min max_size = var.asg_max - desired_capacity = var.asg_desired + # desired_capacity is usually managed by the capacity provider + # defined below. Note that this is an ECS cluster, so + # cluster capacity is directed by task load demands launch_template { id = aws_launch_template.container_host.id diff --git a/tf/modules/ecs_cluster/variables.tf b/tf/modules/ecs_cluster/variables.tf index 16e1592e..a9669ebf 100644 --- a/tf/modules/ecs_cluster/variables.tf +++ b/tf/modules/ecs_cluster/variables.tf @@ -45,11 +45,6 @@ variable "asg_max" { default = 6 } -variable "asg_desired" { - description = "Desired numbers of servers in ASG" - default = 1 -} - variable "admin_cidr_ingress" { default = "0.0.0.0/0" } @@ -75,4 +70,4 @@ variable "monitoring_active" { description = "If the monitoring system should consider cluster machines. Set it to 'true' to activate it, anything else to deactivate it" default = "true" type = string -} \ No newline at end of file +} From 1a7cbd96da3b6877bbb9f6b6cd10bdecec2ba225 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Tue, 9 Dec 2025 14:34:29 +0100 Subject: [PATCH 22/24] reduce min task count for oonimeasurements --- tf/environments/dev/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index 87a015cb..f6defd67 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -945,7 +945,7 @@ module "ooniapi_oonimeasurements" { ] use_autoscaling = true - service_desired_count = 2 + service_desired_count = 1 max_desired_count = 8 autoscale_policies = [ { From 97af32d9a30afecab9fa2751bdc14c1d3436657e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Tue, 9 Dec 2025 14:39:19 +0100 Subject: [PATCH 23/24] remove deprecated parameters from prod tf --- tf/environments/prod/main.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/tf/environments/prod/main.tf b/tf/environments/prod/main.tf index 0e3e1f15..202f6e21 100644 --- a/tf/environments/prod/main.tf +++ b/tf/environments/prod/main.tf @@ -523,7 +523,6 @@ module "ooniapi_cluster" { # You need be careful how these are tweaked. asg_min = 2 asg_max = 10 - asg_desired = 7 instance_type = "t3a.medium" @@ -552,7 +551,6 @@ module "oonitier1plus_cluster" { asg_min = 2 asg_max = 5 - asg_desired = 3 instance_type = "t3a.medium" From 438e22d98b21ec971e027deae1fa28d4b04b6bef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luis=20D=C3=ADaz?= Date: Tue, 9 Dec 2025 14:46:40 +0100 Subject: [PATCH 24/24] reduce min capacity of tier1 cluster to save costs --- tf/environments/dev/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tf/environments/dev/main.tf b/tf/environments/dev/main.tf index f6defd67..a428a514 100644 --- a/tf/environments/dev/main.tf +++ b/tf/environments/dev/main.tf @@ -326,7 +326,7 @@ module "oonitier1plus_cluster" { vpc_id = module.network.vpc_id subnet_ids = module.network.vpc_subnet_private[*].id - asg_min = 2 + asg_min = 1 asg_max = 4 instance_type = "t3a.micro"