release of target_group create_before_destroy to allow target_group changes in flight (#59)

brandonjbjelland · web-flow · commit abd62652a7f0 · 2018-03-28T21:11:22.000-07:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/) and this
 project adheres to [Semantic Versioning](http://semver.org/).
 
+## [v3.2.0] - 2018-03-28
+
+### Changed
+
+* `create_before_destroy` lifecycle policy added to the target groups. This allows target groups to be modified, though means they're recreated anytime they're changed. A change MUST include a change to the `name` value or will fail on duplicates. (nice work, @egarbi 🦄)
+
 ## [v3.1.0] - 2018-03-22
 
 ### Added
diff --git a/README.md b/README.md
@@ -16,13 +16,19 @@ Balancer (ALB) running over HTTP/HTTPS. Available through the [terraform registr
 
 The module supports both (mutually exclusive):
 
-* Internal IP ALBs
-* External IP ALBs
+* Internal ALBs
+* External ALBs
 
 It's recommended you use this module with [terraform-aws-vpc](https://registry.terraform.io/modules/terraform-aws-modules/vpc/aws),
 [terraform-aws-security-group](https://registry.terraform.io/modules/terraform-aws-modules/security-group/aws), and
 [terraform-aws-autoscaling](https://registry.terraform.io/modules/terraform-aws-modules/autoscaling/aws/).
 
+Note:
+
+It's strongly recommended that the autoscaling module is instantiated in the same
+state as the ALB module as in flight changes to active target groups need to be propagated
+to the ASG immediately or will result in failure. The value of `target_group[n][name]` also must change any time there are modifications to existing `target_groups`.
+
 ## Why ALB instead of ELB
 
 The use-case presented here appears almost identical to how one would use an ELB
@@ -43,17 +49,17 @@ A full example leveraging other community modules is contained in the [examples/
 module "alb" {
   source                        = "terraform-aws-modules/alb/aws"
   load_balancer_name            = "my-alb"
-  load_balancer_security_groups = ["sg-edcd9784", "sg-edcd9785"]
+  security_groups               = ["sg-edcd9784", "sg-edcd9785"]
   log_bucket_name               = "logs-us-east-2-123456789012"
   log_location_prefix           = "my-alb-logs"
   subnets                       = ["subnet-abcde012", subnet-bcde012a"]
   tags                          = "${map("Environment", "test")}"
   vpc_id                        = "vpc-abcde012"
   https_listeners               = "${list(map("certificate_arn", "arn:aws:iam::123456789012:server-certificate/test_cert-123456789012", "port", 443))}"
   https_listeners_count         = "1"
-  target_groups                 = "${list(map("name", "foo", "backend_protocol", "HTTP", "backend_port", "80"))}"
-  http_tcp_listeners_count      = "1"
   http_tcp_listeners            = "${list(map("port", "80", "protocol", "HTTP"))}"
+  http_tcp_listeners_count      = "1"
+  target_groups                 = "${list(map("name", "foo", "backend_protocol", "HTTP", "backend_port", "80"))}"
   target_groups_count           = "1"
 }
 ```
diff --git a/examples/alb_test_fixture/README.md b/examples/alb_test_fixture/README.md
@@ -17,6 +17,11 @@ The following IAM policy is the minimum needed to execute the module from the te
             "Sid": "Stmt1507789535000",
             "Effect": "Allow",
             "Action": [
+                "autoscaling:*LoadBalancerTargetGroups",
+                "autoscaling:*AutoScalingGroup",
+                "autoscaling:*LaunchConfiguration",
+                "autoscaling:*AutoScalingGroups",
+                "autoscaling:*LaunchConfigurations",
                 "ec2:AllocateAddress",
                 "ec2:AssignIpv6Addresses",
                 "ec2:AssignPrivateIpAddresses",
diff --git a/examples/alb_test_fixture/data.tf b/examples/alb_test_fixture/data.tf
@@ -18,3 +18,19 @@ data "aws_iam_policy_document" "bucket_policy" {
     }
   }
 }
+
+data "aws_ami" "ubuntu" {
+  most_recent = true
+
+  filter {
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"]
+  }
+
+  filter {
+    name   = "virtualization-type"
+    values = ["hvm"]
+  }
+
+  owners = ["099720109477"] # Canonical
+}
diff --git a/examples/alb_test_fixture/main.tf b/examples/alb_test_fixture/main.tf
@@ -65,6 +65,23 @@ module "security_group" {
   tags    = "${local.tags}"
 }
 
+resource "aws_autoscaling_group" "test" {
+  name_prefix          = "test-alb"
+  max_size             = 1
+  min_size             = 1
+  launch_configuration = "${aws_launch_configuration.as_conf.name}"
+  health_check_type    = "EC2"
+  target_group_arns    = ["${module.alb.target_group_arns}"]
+  force_delete         = true
+  vpc_zone_identifier  = ["${module.vpc.public_subnets}"]
+}
+
+resource "aws_launch_configuration" "as_conf" {
+  name          = "web_config"
+  image_id      = "${data.aws_ami.ubuntu.id}"
+  instance_type = "t2.micro"
+}
+
 module "alb" {
   source                   = "../.."
   load_balancer_name       = "test-alb-${random_string.suffix.result}"
diff --git a/main.tf b/main.tf
@@ -48,9 +48,8 @@ resource "aws_lb_target_group" "main" {
     enabled         = "${lookup(var.target_groups[count.index], "stickiness_enabled", lookup(var.target_groups_defaults, "stickiness_enabled"))}"
   }
 
-  tags  = "${merge(var.tags, map("Name", lookup(var.target_groups[count.index], "name")))}"
-  count = "${var.target_groups_count}"
-
+  tags       = "${merge(var.tags, map("Name", lookup(var.target_groups[count.index], "name")))}"
+  count      = "${var.target_groups_count}"
   depends_on = ["aws_lb.application"]
 
   lifecycle {
diff --git a/outputs.tf b/outputs.tf
@@ -14,12 +14,12 @@ output "http_tcp_listener_ids" {
 }
 
 output "https_listener_arns" {
-  description = "The ARN of the HTTPS load balancer listeners created."
+  description = "The ARNs of the HTTPS load balancer listeners created."
   value       = "${slice(concat(aws_lb_listener.frontend_https.*.arn, list("")), 0, var.https_listeners_count)}"
 }
 
 output "https_listener_ids" {
-  description = "The ID of the load balancer listeners created."
+  description = "The IDs of the load balancer listeners created."
   value       = "${slice(concat(aws_lb_listener.frontend_https.*.id, list("")), 0, var.https_listeners_count)}"
 }
 
@@ -39,7 +39,7 @@ output "load_balancer_zone_id" {
 }
 
 output "target_group_arns" {
-  description = "ARN of the target group. Useful for passing to your Auto Scaling group module."
+  description = "ARNs of the target groups. Useful for passing to your Auto Scaling group."
   value       = "${slice(concat(aws_lb_target_group.main.*.arn, list("")), 0, var.target_groups_count)}"
 }
 
diff --git a/version b/version
@@ -1 +1 @@
-v3.1.0
+v3.2.0

Original file line number	Diff line number	Diff line change
`@@ -14,12 +14,12 @@ output "http_tcp_listener_ids" {`
`14`	`14`	`}`
`15`	`15`
`16`	`16`	`output "https_listener_arns" {`
`17`		`- description = "The ARN of the HTTPS load balancer listeners created."`
	`17`	`+ description = "The ARNs of the HTTPS load balancer listeners created."`
`18`	`18`	`value = "${slice(concat(aws_lb_listener.frontend_https.*.arn, list("")), 0, var.https_listeners_count)}"`
`19`	`19`	`}`
`20`	`20`
`21`	`21`	`output "https_listener_ids" {`
`22`		`- description = "The ID of the load balancer listeners created."`
	`22`	`+ description = "The IDs of the load balancer listeners created."`
`23`	`23`	`value = "${slice(concat(aws_lb_listener.frontend_https.*.id, list("")), 0, var.https_listeners_count)}"`
`24`	`24`	`}`
`25`	`25`
`@@ -39,7 +39,7 @@ output "load_balancer_zone_id" {`
`39`	`39`	`}`
`40`	`40`
`41`	`41`	`output "target_group_arns" {`
`42`		`- description = "ARN of the target group. Useful for passing to your Auto Scaling group module."`
	`42`	`+ description = "ARNs of the target groups. Useful for passing to your Auto Scaling group."`
`43`	`43`	`value = "${slice(concat(aws_lb_target_group.main.*.arn, list("")), 0, var.target_groups_count)}"`
`44`	`44`	`}`
`45`	`45`