UNPKG

21.7 kBTypeScriptView Raw
1import * as autoscaling from '@aws-cdk/aws-autoscaling';
2import * as cloudwatch from '@aws-cdk/aws-cloudwatch';
3import * as ec2 from '@aws-cdk/aws-ec2';
4import * as kms from '@aws-cdk/aws-kms';
5import * as logs from '@aws-cdk/aws-logs';
6import * as s3 from '@aws-cdk/aws-s3';
7import * as cloudmap from '@aws-cdk/aws-servicediscovery';
8import { Duration, IResource, Resource } from '@aws-cdk/core';
9import { Construct } from 'constructs';
10import { Construct as CoreConstruct } from '@aws-cdk/core';
11/**
12 * The properties used to define an ECS cluster.
13 */
14export interface ClusterProps {
15 /**
16 * The name for the cluster.
17 *
18 * @default CloudFormation-generated name
19 */
20 readonly clusterName?: string;
21 /**
22 * The VPC where your ECS instances will be running or your ENIs will be deployed
23 *
24 * @default - creates a new VPC with two AZs
25 */
26 readonly vpc?: ec2.IVpc;
27 /**
28 * The service discovery namespace created in this cluster
29 *
30 * @default - no service discovery namespace created, you can use `addDefaultCloudMapNamespace` to add a
31 * default service discovery namespace later.
32 */
33 readonly defaultCloudMapNamespace?: CloudMapNamespaceOptions;
34 /**
35 * The ec2 capacity to add to the cluster
36 *
37 * @default - no EC2 capacity will be added, you can use `addCapacity` to add capacity later.
38 */
39 readonly capacity?: AddCapacityOptions;
40 /**
41 * The capacity providers to add to the cluster
42 *
43 * @default - None. Currently only FARGATE and FARGATE_SPOT are supported.
44 * @deprecated Use {@link ClusterProps.enableFargateCapacityProviders} instead.
45 */
46 readonly capacityProviders?: string[];
47 /**
48 * Whether to enable Fargate Capacity Providers
49 *
50 * @default false
51 */
52 readonly enableFargateCapacityProviders?: boolean;
53 /**
54 * If true CloudWatch Container Insights will be enabled for the cluster
55 *
56 * @default - Container Insights will be disabled for this cluser.
57 */
58 readonly containerInsights?: boolean;
59 /**
60 * The execute command configuration for the cluster
61 *
62 * @default - no configuration will be provided.
63 */
64 readonly executeCommandConfiguration?: ExecuteCommandConfiguration;
65}
66/**
67 * The machine image type
68 */
69export declare enum MachineImageType {
70 /**
71 * Amazon ECS-optimized Amazon Linux 2 AMI
72 */
73 AMAZON_LINUX_2 = 0,
74 /**
75 * Bottlerocket AMI
76 */
77 BOTTLEROCKET = 1
78}
79/**
80 * A regional grouping of one or more container instances on which you can run tasks and services.
81 */
82export declare class Cluster extends Resource implements ICluster {
83 /**
84 * Import an existing cluster to the stack from its attributes.
85 */
86 static fromClusterAttributes(scope: Construct, id: string, attrs: ClusterAttributes): ICluster;
87 /**
88 * Import an existing cluster to the stack from the cluster ARN.
89 * This does not provide access to the vpc, hasEc2Capacity, or connections -
90 * use the `fromClusterAttributes` method to access those properties.
91 */
92 static fromClusterArn(scope: Construct, id: string, clusterArn: string): ICluster;
93 /**
94 * Manage the allowed network connections for the cluster with Security Groups.
95 */
96 readonly connections: ec2.Connections;
97 /**
98 * The VPC associated with the cluster.
99 */
100 readonly vpc: ec2.IVpc;
101 /**
102 * The Amazon Resource Name (ARN) that identifies the cluster.
103 */
104 readonly clusterArn: string;
105 /**
106 * The name of the cluster.
107 */
108 readonly clusterName: string;
109 /**
110 * The names of both ASG and Fargate capacity providers associated with the cluster.
111 */
112 private _capacityProviderNames;
113 /**
114 * The AWS Cloud Map namespace to associate with the cluster.
115 */
116 private _defaultCloudMapNamespace?;
117 /**
118 * Specifies whether the cluster has EC2 instance capacity.
119 */
120 private _hasEc2Capacity;
121 /**
122 * The autoscaling group for added Ec2 capacity
123 */
124 private _autoscalingGroup?;
125 /**
126 * The execute command configuration for the cluster
127 */
128 private _executeCommandConfiguration?;
129 /**
130 * Constructs a new instance of the Cluster class.
131 */
132 constructor(scope: Construct, id: string, props?: ClusterProps);
133 /**
134 * Enable the Fargate capacity providers for this cluster.
135 */
136 enableFargateCapacityProviders(): void;
137 private renderExecuteCommandConfiguration;
138 private renderExecuteCommandLogConfiguration;
139 /**
140 * Add an AWS Cloud Map DNS namespace for this cluster.
141 * NOTE: HttpNamespaces are not supported, as ECS always requires a DNSConfig when registering an instance to a Cloud
142 * Map service.
143 */
144 addDefaultCloudMapNamespace(options: CloudMapNamespaceOptions): cloudmap.INamespace;
145 /**
146 * Getter for namespace added to cluster
147 */
148 get defaultCloudMapNamespace(): cloudmap.INamespace | undefined;
149 /**
150 * It is highly recommended to use {@link Cluster.addAsgCapacityProvider} instead of this method.
151 *
152 * This method adds compute capacity to a cluster by creating an AutoScalingGroup with the specified options.
153 *
154 * Returns the AutoScalingGroup so you can add autoscaling settings to it.
155 */
156 addCapacity(id: string, options: AddCapacityOptions): autoscaling.AutoScalingGroup;
157 /**
158 * This method adds an Auto Scaling Group Capacity Provider to a cluster.
159 *
160 * @param provider the capacity provider to add to this cluster.
161 */
162 addAsgCapacityProvider(provider: AsgCapacityProvider, options?: AddAutoScalingGroupCapacityOptions): void;
163 /**
164 * This method adds compute capacity to a cluster using the specified AutoScalingGroup.
165 *
166 * @deprecated Use {@link Cluster.addAsgCapacityProvider} instead.
167 * @param autoScalingGroup the ASG to add to this cluster.
168 * [disable-awslint:ref-via-interface] is needed in order to install the ECS
169 * agent by updating the ASGs user data.
170 */
171 addAutoScalingGroup(autoScalingGroup: autoscaling.AutoScalingGroup, options?: AddAutoScalingGroupCapacityOptions): void;
172 private configureAutoScalingGroup;
173 /**
174 * This method enables the Fargate or Fargate Spot capacity providers on the cluster.
175 *
176 * @param provider the capacity provider to add to this cluster.
177 * @deprecated Use {@link enableFargateCapacityProviders} instead.
178 * @see {@link addAsgCapacityProvider} to add an Auto Scaling Group capacity provider to the cluster.
179 */
180 addCapacityProvider(provider: string): void;
181 private configureWindowsAutoScalingGroup;
182 /**
183 * Getter for autoscaling group added to cluster
184 */
185 get autoscalingGroup(): autoscaling.IAutoScalingGroup | undefined;
186 /**
187 * Whether the cluster has EC2 capacity associated with it
188 */
189 get hasEc2Capacity(): boolean;
190 /**
191 * Getter for execute command configuration associated with the cluster.
192 */
193 get executeCommandConfiguration(): ExecuteCommandConfiguration | undefined;
194 /**
195 * This method returns the CloudWatch metric for this clusters CPU reservation.
196 *
197 * @default average over 5 minutes
198 */
199 metricCpuReservation(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
200 /**
201 * This method returns the CloudWatch metric for this clusters CPU utilization.
202 *
203 * @default average over 5 minutes
204 */
205 metricCpuUtilization(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
206 /**
207 * This method returns the CloudWatch metric for this clusters memory reservation.
208 *
209 * @default average over 5 minutes
210 */
211 metricMemoryReservation(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
212 /**
213 * This method returns the CloudWatch metric for this clusters memory utilization.
214 *
215 * @default average over 5 minutes
216 */
217 metricMemoryUtilization(props?: cloudwatch.MetricOptions): cloudwatch.Metric;
218 /**
219 * This method returns the specifed CloudWatch metric for this cluster.
220 */
221 metric(metricName: string, props?: cloudwatch.MetricOptions): cloudwatch.Metric;
222 private cannedMetric;
223}
224/**
225 * A regional grouping of one or more container instances on which you can run tasks and services.
226 */
227export interface ICluster extends IResource {
228 /**
229 * The name of the cluster.
230 * @attribute
231 */
232 readonly clusterName: string;
233 /**
234 * The Amazon Resource Name (ARN) that identifies the cluster.
235 * @attribute
236 */
237 readonly clusterArn: string;
238 /**
239 * The VPC associated with the cluster.
240 */
241 readonly vpc: ec2.IVpc;
242 /**
243 * Manage the allowed network connections for the cluster with Security Groups.
244 */
245 readonly connections: ec2.Connections;
246 /**
247 * Specifies whether the cluster has EC2 instance capacity.
248 */
249 readonly hasEc2Capacity: boolean;
250 /**
251 * The AWS Cloud Map namespace to associate with the cluster.
252 */
253 readonly defaultCloudMapNamespace?: cloudmap.INamespace;
254 /**
255 * The autoscaling group added to the cluster if capacity is associated to the cluster
256 */
257 readonly autoscalingGroup?: autoscaling.IAutoScalingGroup;
258 /**
259 * The execute command configuration for the cluster
260 */
261 readonly executeCommandConfiguration?: ExecuteCommandConfiguration;
262}
263/**
264 * The properties to import from the ECS cluster.
265 */
266export interface ClusterAttributes {
267 /**
268 * The name of the cluster.
269 */
270 readonly clusterName: string;
271 /**
272 * The Amazon Resource Name (ARN) that identifies the cluster.
273 *
274 * @default Derived from clusterName
275 */
276 readonly clusterArn?: string;
277 /**
278 * The VPC associated with the cluster.
279 */
280 readonly vpc: ec2.IVpc;
281 /**
282 * The security groups associated with the container instances registered to the cluster.
283 */
284 readonly securityGroups: ec2.ISecurityGroup[];
285 /**
286 * Specifies whether the cluster has EC2 instance capacity.
287 *
288 * @default true
289 */
290 readonly hasEc2Capacity?: boolean;
291 /**
292 * The AWS Cloud Map namespace to associate with the cluster.
293 *
294 * @default - No default namespace
295 */
296 readonly defaultCloudMapNamespace?: cloudmap.INamespace;
297 /**
298 * Autoscaling group added to the cluster if capacity is added
299 *
300 * @default - No default autoscaling group
301 */
302 readonly autoscalingGroup?: autoscaling.IAutoScalingGroup;
303 /**
304 * The execute command configuration for the cluster
305 *
306 * @default - none.
307 */
308 readonly executeCommandConfiguration?: ExecuteCommandConfiguration;
309}
310/**
311 * The properties for adding an AutoScalingGroup.
312 */
313export interface AddAutoScalingGroupCapacityOptions {
314 /**
315 * Specifies whether the containers can access the container instance role.
316 *
317 * @default false
318 */
319 readonly canContainersAccessInstanceRole?: boolean;
320 /**
321 * The time period to wait before force terminating an instance that is draining.
322 *
323 * This creates a Lambda function that is used by a lifecycle hook for the
324 * AutoScalingGroup that will delay instance termination until all ECS tasks
325 * have drained from the instance. Set to 0 to disable task draining.
326 *
327 * Set to 0 to disable task draining.
328 *
329 * @deprecated The lifecycle draining hook is not configured if using the EC2 Capacity Provider. Enable managed termination protection instead.
330 * @default Duration.minutes(5)
331 */
332 readonly taskDrainTime?: Duration;
333 /**
334 * Specify whether to enable Automated Draining for Spot Instances running Amazon ECS Services.
335 * For more information, see [Using Spot Instances](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-instance-spot.html).
336 *
337 * @default false
338 */
339 readonly spotInstanceDraining?: boolean;
340 /**
341 * If {@link AddAutoScalingGroupCapacityOptions.taskDrainTime} is non-zero, then the ECS cluster creates an
342 * SNS Topic to as part of a system to drain instances of tasks when the instance is being shut down.
343 * If this property is provided, then this key will be used to encrypt the contents of that SNS Topic.
344 * See [SNS Data Encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-data-encryption.html) for more information.
345 *
346 * @default The SNS Topic will not be encrypted.
347 */
348 readonly topicEncryptionKey?: kms.IKey;
349 /**
350 * What type of machine image this is
351 *
352 * Depending on the setting, different UserData will automatically be added
353 * to the `AutoScalingGroup` to configure it properly for use with ECS.
354 *
355 * If you create an `AutoScalingGroup` yourself and are adding it via
356 * `addAutoScalingGroup()`, you must specify this value. If you are adding an
357 * `autoScalingGroup` via `addCapacity`, this value will be determined
358 * from the `machineImage` you pass.
359 *
360 * @default - Automatically determined from `machineImage`, if available, otherwise `MachineImageType.AMAZON_LINUX_2`.
361 */
362 readonly machineImageType?: MachineImageType;
363}
364/**
365 * The properties for adding instance capacity to an AutoScalingGroup.
366 */
367export interface AddCapacityOptions extends AddAutoScalingGroupCapacityOptions, autoscaling.CommonAutoScalingGroupProps {
368 /**
369 * The EC2 instance type to use when launching instances into the AutoScalingGroup.
370 */
371 readonly instanceType: ec2.InstanceType;
372 /**
373 * The ECS-optimized AMI variant to use
374 *
375 * The default is to use an ECS-optimized AMI of Amazon Linux 2 which is
376 * automatically updated to the latest version on every deployment. This will
377 * replace the instances in the AutoScalingGroup. Make sure you have not disabled
378 * task draining, to avoid downtime when the AMI updates.
379 *
380 * To use an image that does not update on every deployment, pass:
381 *
382 * ```ts
383 * const machineImage = ecs.EcsOptimizedImage.amazonLinux2(ecs.AmiHardwareType.STANDARD, {
384 * cachedInContext: true,
385 * });
386 * ```
387 *
388 * For more information, see [Amazon ECS-optimized
389 * AMIs](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html).
390 *
391 * You must define either `machineImage` or `machineImageType`, not both.
392 *
393 * @default - Automatically updated, ECS-optimized Amazon Linux 2
394 */
395 readonly machineImage?: ec2.IMachineImage;
396}
397/**
398 * The options for creating an AWS Cloud Map namespace.
399 */
400export interface CloudMapNamespaceOptions {
401 /**
402 * The name of the namespace, such as example.com.
403 */
404 readonly name: string;
405 /**
406 * The type of CloudMap Namespace to create.
407 *
408 * @default PrivateDns
409 */
410 readonly type?: cloudmap.NamespaceType;
411 /**
412 * The VPC to associate the namespace with. This property is required for private DNS namespaces.
413 *
414 * @default VPC of the cluster for Private DNS Namespace, otherwise none
415 */
416 readonly vpc?: ec2.IVpc;
417}
418/**
419 * A Capacity Provider strategy to use for the service.
420 *
421 * NOTE: defaultCapacityProviderStrategy on cluster not currently supported.
422 */
423export interface CapacityProviderStrategy {
424 /**
425 * The name of the capacity provider.
426 */
427 readonly capacityProvider: string;
428 /**
429 * The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one
430 * capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default
431 * value of 0 is used.
432 *
433 * @default - none
434 */
435 readonly base?: number;
436 /**
437 * The weight value designates the relative percentage of the total number of tasks launched that should use the
438 * specified
439 capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied.
440 *
441 * @default - 0
442 */
443 readonly weight?: number;
444}
445/**
446 * The details of the execute command configuration. For more information, see
447 * [ExecuteCommandConfiguration] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-cluster-executecommandconfiguration.html
448 */
449export interface ExecuteCommandConfiguration {
450 /**
451 * The AWS Key Management Service key ID to encrypt the data between the local client and the container.
452 *
453 * @default - none
454 */
455 readonly kmsKey?: kms.IKey;
456 /**
457 * The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket.
458 *
459 * @default - none
460 */
461 readonly logConfiguration?: ExecuteCommandLogConfiguration;
462 /**
463 * The log settings to use for logging the execute command session.
464 *
465 * @default - none
466 */
467 readonly logging?: ExecuteCommandLogging;
468}
469/**
470 * The log settings to use to for logging the execute command session. For more information, see
471 * [Logging] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-cluster-executecommandconfiguration.html#cfn-ecs-cluster-executecommandconfiguration-logging
472 */
473export declare enum ExecuteCommandLogging {
474 /**
475 * The execute command session is not logged.
476 */
477 NONE = "NONE",
478 /**
479 * The awslogs configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no awslogs log driver is configured in the task definition, the output won't be logged.
480 */
481 DEFAULT = "DEFAULT",
482 /**
483 * Specify the logging details as a part of logConfiguration.
484 */
485 OVERRIDE = "OVERRIDE"
486}
487/**
488 * The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs and/ or an Amazon S3 bucket.
489 * For more information, see [ExecuteCommandLogConfiguration] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-cluster-executecommandlogconfiguration.html
490 */
491export interface ExecuteCommandLogConfiguration {
492 /**
493 * Whether or not to enable encryption on the CloudWatch logs.
494 *
495 * @default - encryption will be disabled.
496 */
497 readonly cloudWatchEncryptionEnabled?: boolean;
498 /**
499 * The name of the CloudWatch log group to send logs to. The CloudWatch log group must already be created.
500 * @default - none
501 */
502 readonly cloudWatchLogGroup?: logs.ILogGroup;
503 /**
504 * The name of the S3 bucket to send logs to. The S3 bucket must already be created.
505 *
506 * @default - none
507 */
508 readonly s3Bucket?: s3.IBucket;
509 /**
510 * Whether or not to enable encryption on the CloudWatch logs.
511 *
512 * @default - encryption will be disabled.
513 */
514 readonly s3EncryptionEnabled?: boolean;
515 /**
516 * An optional folder in the S3 bucket to place logs in.
517 *
518 * @default - none
519 */
520 readonly s3KeyPrefix?: string;
521}
522/**
523 * The options for creating an Auto Scaling Group Capacity Provider.
524 */
525export interface AsgCapacityProviderProps extends AddAutoScalingGroupCapacityOptions {
526 /**
527 * The name of the capacity provider. If a name is specified,
528 * it cannot start with `aws`, `ecs`, or `fargate`. If no name is specified,
529 * a default name in the CFNStackName-CFNResourceName-RandomString format is used.
530 *
531 * @default CloudFormation-generated name
532 */
533 readonly capacityProviderName?: string;
534 /**
535 * The autoscaling group to add as a Capacity Provider.
536 */
537 readonly autoScalingGroup: autoscaling.IAutoScalingGroup;
538 /**
539 * Whether to enable managed scaling
540 *
541 * @default true
542 */
543 readonly enableManagedScaling?: boolean;
544 /**
545 * Whether to enable managed termination protection
546 *
547 * @default true
548 */
549 readonly enableManagedTerminationProtection?: boolean;
550 /**
551 * Maximum scaling step size. In most cases this should be left alone.
552 *
553 * @default 1000
554 */
555 readonly maximumScalingStepSize?: number;
556 /**
557 * Minimum scaling step size. In most cases this should be left alone.
558 *
559 * @default 1
560 */
561 readonly minimumScalingStepSize?: number;
562 /**
563 * Target capacity percent. In most cases this should be left alone.
564 *
565 * @default 100
566 */
567 readonly targetCapacityPercent?: number;
568}
569/**
570 * An Auto Scaling Group Capacity Provider. This allows an ECS cluster to target
571 * a specific EC2 Auto Scaling Group for the placement of tasks. Optionally (and
572 * recommended), ECS can manage the number of instances in the ASG to fit the
573 * tasks, and can ensure that instances are not prematurely terminated while
574 * there are still tasks running on them.
575 */
576export declare class AsgCapacityProvider extends CoreConstruct {
577 /**
578 * Capacity provider name
579 * @default Chosen by CloudFormation
580 */
581 readonly capacityProviderName: string;
582 /**
583 * Auto Scaling Group
584 */
585 readonly autoScalingGroup: autoscaling.AutoScalingGroup;
586 /**
587 * Auto Scaling Group machineImageType.
588 */
589 readonly machineImageType: MachineImageType;
590 /**
591 * Whether managed termination protection is enabled
592 */
593 readonly enableManagedTerminationProtection?: boolean;
594 /**
595 * Specifies whether the containers can access the container instance role.
596 *
597 * @default false
598 */
599 readonly canContainersAccessInstanceRole?: boolean;
600 constructor(scope: Construct, id: string, props: AsgCapacityProviderProps);
601}