Skip to content

Terraform module which deploys Docker services on Traefik with zero downtime (red/black).

License

Notifications You must be signed in to change notification settings

lifeofguenter/terraform-docker-traefik

Repository files navigation

Docker Traefik Terraform module

pre-commit

Terraform module which deploys a Docker service on Traefik with zero downtime (red/black).

Usage

module "service" {
  source  = "lifeofguenter/traefik/docker"

  name          = "foobar-service"
  image         = "nginx"
  memory        = 256
  listener_rule = "Host(`foobar.mydomain.com`)"
  revision      = var.build_number

  service_network = docker_network.service.name
  traefik_network = "services"

  certresolver = "basic"

  http_entrypoints = ["web"]
  http_middlewares = ["https_redirect@file"]

  https_entrypoints = ["web_secure"]
  https_middlewares = ["compression@file"]

  environment = {
    VERSION = var.build_number
  }

  healthcheck = {
    command      = ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/ || exit 1"]
    retries      = 3
    interval     = 20
    start_period = 60
    timeout      = 5
  }
}

Requirements

Name Version
terraform >= 1.3.0

Providers

Name Version
docker 3.0.2
time 0.12.1

Resources

Name Type
docker_container.main resource
docker_image.main resource
time_sleep.grace resource
docker_registry_image.main data source

Inputs

Name Description Type Default Required
basic_auth_users List of authorized users. list(string) [] no
cert_sans List of SANs for the cert. list(string) [] no
certresolver Name of certificate resolver. string null no
command The command to use to start the container. list(string) [] no
container_port Explicit container port to forward traffic to. number null no
cpu_set A comma-separated list or hyphen-separated range of CPUs a container can use. string null no
cpu_shares CPU shares (relative weight) for the container. number null no
deregistration_delay Amount of seconds to wait for open connections to drain before stopping the container. number 60 no
entrypoint The command to use as the Entrypoint for the container. list(string) [] no
environment The environment variables to pass to a container. map(string) {} no
header_sts Add the Strict-Transport-Security header to the response.
object({
seconds = optional(number, 0)
include_subdomains = optional(bool, false)
preload = optional(bool, false)
})
null no
healthcheck The container health check command and associated configuration parameters for the container.
object({
command = list(string)
interval = optional(number, 30)
timeout = optional(number, 30)
start_period = optional(number, 0)
retries = optional(number, 3)
})
null no
http_entrypoints List of HTTP entrypoints. list(string) [] no
http_middlewares List of HTTP middlewares. list(string) [] no
https_entrypoints List of HTTPS entrypoints. list(string) [] no
https_middlewares List of HTTPS middlewares. list(string) [] no
image The image used to start a container. string n/a yes
labels Additional lables to set. map(string) {} no
listener_rule Sets the routing rule. string n/a yes
memory The amount (in MiB) of memory to present to the container. number n/a yes
mounts List for mounts to be added to containers created as part of the service.
list(object({
type = string
target = string
source = optional(string, null)
read_only = optional(bool, false)
}))
[] no
name The name of the service. string n/a yes
networks List of networks to connect to. list(string) [] no
publish List of ports to publish.
list(object({
internal = number
external = number
ip = optional(string, null)
protocol = optional(string, "tcp")
}))
[] no
revision Revision number of this service. number n/a yes
service_network Name of the service docker network. string null no
traefik_network Name of the Traefik docker network. string null no
volumes List for mounting volumes in the container.
list(object({
container_path = optional(string, null)
from_container = optional(string, null)
host_path = optional(string, null)
read_only = optional(bool, false)
volume_name = optional(string, null)
}))
[] no

Outputs

Name Description
docker_image_id The ID of the image.
docker_image_name The name of the Docker image.

Contribute

Setup

Mac

$ brew install pre-commit terraform-docs

Linux

$ pip install --user pre-commit
$ ver="$(curl -sSLf https://api.github.com/repos/terraform-docs/terraform-docs/releases/latest | jq -r '.tag_name')"; \
  curl -sSLO \
  "https://terraform-docs.io/dl/${ver}/terraform-docs-${ver}-$(uname)-amd64.tar.gz" && \
  tar xf terraform-docs*.tar.gz && \
  chmod +x terraform-docs && \
  sudo mv terraform-docs /usr/local/bin/

Pre-commit

Run once in this directory:

$ pre-commit install

Optionally you can trigger the hooks before committing:

$ pre-commit run -a