Merge pull request #63 from tryretool/vee/add-ecs-telemetry

Add telemetry support for ECS
tryretool · Dec 17, 2024 · 9e35a4d · 9e35a4d
2 parents 55344c7 + 21851b5
commit 9e35a4d
Show file tree

Hide file tree

Showing 7 changed files with 374 additions and 83 deletions.
diff --git a/modules/aws_ecs/README.md b/modules/aws_ecs/README.md
@@ -101,6 +101,15 @@ container_egress_rules = [
 ]
 ```
 
+### Telemetry
+**Note: telemetry collection is currently supported only on Fargate clusters.**
+
+To enable telemetry collection, set the variable `telemetry_enabled` to `true` (see [variables.tf](variables.tf#L340)).
+You may also enable forwarding telemetry data to Retool by setting the variable `telemetry_send_to_retool` to `true`.
+
+Similar to Helm deployments, [custom configuration](https://docs.retool.com/self-hosted/guides/telemetry#send-telemetry-data-to-custom-destinations) may be passed into the Retool telemetry collector.
+To use custom configuration, set [`telemetry_use_custom_config`](variables.tf#L352) to `true`, and supply your custom config in the file named in [`telemetry_custom_config_path`](variables.tf#L358).
+
 ### Environment Variables
 
 To add additional [Retool environment variables](https://docs.retool.com/docs/environment-variables) to your deployment, populate the `additional_env_vars` input variable into the module.

diff --git a/modules/aws_ecs/fluentbit/Dockerfile b/modules/aws_ecs/fluentbit/Dockerfile
@@ -0,0 +1,8 @@
+# This file is provided as an example of custom configuration on top of the AWS
+# fluent-bit sidecar image. The default image referenced in locals.tf is built
+# and supplied by Retool.
+
+FROM amazon/aws-for-fluent-bit:2.32.3 AS retool-aws-for-fluent-bit
+
+ADD retool-entrypoint.sh /retool-entrypoint.sh
+CMD /retool-entrypoint.sh
diff --git a/modules/aws_ecs/fluentbit/retool-entrypoint.sh b/modules/aws_ecs/fluentbit/retool-entrypoint.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+set -euf -o pipefail
+
+config=$(cat <<EOF
+[OUTPUT]
+    Name    forward
+    Match   retool-firelens*
+    Host    telemetry.${SERVICE_DISCOVERY_NAMESPACE}
+    Port    9000
+EOF
+)
+
+echo "$config" > /extra.conf
+exec /entrypoint.sh
diff --git a/modules/aws_ecs/locals.tf b/modules/aws_ecs/locals.tf
@@ -18,6 +18,10 @@ locals {
 
   // Use var.ecs_code_executor_image if defined, otherwise fallback to the same tag as var.ecs_retool_image
   ecs_code_executor_image = var.ecs_code_executor_image != "" ? var.ecs_code_executor_image : format("%s:%s", "tryretool/code-executor-service", split(":", var.ecs_retool_image)[1])
+  // Use var.ecs_telemetry_image if defined, otherwise fallback to the same tag as var.ecs_retool_image
+  ecs_telemetry_image = var.ecs_telemetry_image != "" ? var.ecs_telemetry_image : format("%s:%s", "tryretool/telemetry", split(":", var.ecs_retool_image)[1])
+  // Use var.ecs_telemetry_fluentbit_image if defined, otherwise fallback to the same tag as var.ecs_retool_image
+  ecs_telemetry_fluentbit_image = var.ecs_telemetry_fluentbit_image != "" ? var.ecs_telemetry_fluentbit_image : format("%s:%s", "tryretool/retool-aws-for-fluent-bit", split(":", var.ecs_retool_image)[1])
 
   environment_variables = concat(
     var.additional_env_vars, # add additional environment variables
@@ -29,6 +33,20 @@ locals {
         value = format("http://code-executor.%s:3004", local.service_discovery_namespace)
       }
     ] : [],
+    var.telemetry_enabled ? [
+      {
+        name  = "RTEL_ENABLED"
+        value = "true"
+      },
+      {
+        name  = "STATSD_HOST"
+        value = format("telemetry.%s", local.service_discovery_namespace)
+      },
+      {
+        name  = "STATSD_PORT"
+        value = "9125"
+      }
+    ] : [],
     [
       {
         name  = "FORCE_DEPLOYMENT"
@@ -94,6 +112,66 @@ locals {
     ]
   )
 
+  task_log_configuration = (
+    var.telemetry_enabled ? {
+      # Send logs to CloudWatch in addition to telemetry service:
+      logDriver = "awsfirelens"
+      options = {
+        Name              = "cloudwatch"
+        region            = var.aws_region
+        log_group_name    = aws_cloudwatch_log_group.this.id
+        auto_create_group = "true"
+        log_stream_prefix = "SERVICE_RETOOL/"
+      }
+    } : {
+      logDriver = "awslogs"
+      options = {
+        awslogs-group         = aws_cloudwatch_log_group.this.id
+        awslogs-region        = var.aws_region
+        awslogs-stream-prefix = "SERVICE_RETOOL"
+      }
+    }
+  )
+
+  common_containers = (
+    var.telemetry_enabled ? [
+      {
+        name      = "retool-fluentbit"
+        essential = true
+        image     = var.ecs_telemetry_fluentbit_image
+        cpu       = var.launch_type == "EC2" ? var.ecs_task_resource_map["fluentbit"]["cpu"] : null
+        memory    = var.launch_type == "EC2" ? var.ecs_task_resource_map["fluentbit"]["memory"] : null
+
+        firelensConfiguration = {
+          type    = "fluentbit"
+          options = {
+            config-file-type  = "file"
+            config-file-value = "/extra.conf"
+          }
+        }
+
+        logConfiguration = {
+          logDriver = "awslogs"
+          options   = {
+            awslogs-group         = aws_cloudwatch_log_group.this.id
+            awslogs-region        = var.aws_region
+            awslogs-stream-prefix = "SERVICE_RETOOL"
+            awslogs-create-group  = "true"
+            mode                  = "non-blocking"
+            max-buffer-size       = "25m"
+          }
+        }
+
+        environment = [
+          {
+            name  = "SERVICE_DISCOVERY_NAMESPACE"
+            value = local.service_discovery_namespace
+          }
+        ]
+      }
+    ] : []
+  )
+
   temporal_mtls_config = (
     var.temporal_cluster_config.tls_enabled && var.temporal_cluster_config.tls_crt != null && var.temporal_cluster_config.tls_key != null ?
     [