feat(ecs): add restrictions on database connections to prevent max co…

…nnections error

Signed-off-by: Orla Dunlop <[email protected]>

main.tf

@@ -147,12 +147,14 @@ module "kong_ecs" {
   image_url             = var.image_url
   execution_role_arn    = var.execution_role_arn
 
-  skip_final_snapshot  = var.skip_final_snapshot
-  skip_rds_creation    = var.skip_rds_creation
-  kong_database_config = var.kong_database_config
-  postgres_config      = var.postgres_config
-  postgres_host        = var.postgres_host
-  db_password_arn      = var.db_password_arn
+  skip_final_snapshot       = var.skip_final_snapshot
+  skip_rds_creation         = var.skip_rds_creation
+  kong_database_config      = var.kong_database_config
+  postgres_config           = var.postgres_config
+  postgres_host             = var.postgres_host
+  db_password_arn           = var.db_password_arn
+  pg_max_concurrent_queries = var.pg_max_concurrent_queries
+  pg_keepalive_timeout      = var.pg_keepalive_timeout
 
   kong_vitals_enabled       = var.kong_vitals_enabled
   kong_portal_enabled       = var.kong_portal_enabled

modules/ecs/main.tf

@@ -40,6 +40,8 @@ resource "aws_ecs_task_definition" "kong" {
       db_host                     = local.db_info.endpoint
       db_name                     = local.db_info.database_name
       db_password_arn             = var.db_password_arn
+      pg_max_concurrent_queries   = var.pg_max_concurrent_queries
+      pg_keepalive_timeout        = var.pg_keepalive_timeout
       kong_admin_gui_session_conf = var.kong_admin_gui_session_conf
       log_group                   = var.log_group
       admin_api_port              = var.kong_ports.admin_api

modules/ecs/variables.tf

@@ -269,6 +269,16 @@ variable "db_password_arn" {
   type        = string
 }
 
+variable "pg_max_concurrent_queries" {
+  description = "The maximum number of concurrent queries that can be executing at any given time. The total number of concurrent queries for this node will be will be: pg_max_concurrent_queries * nginx_worker_processes. The default value of 0 removes this concurrency limitation."
+  type        = number
+}
+
+variable "pg_keepalive_timeout" {
+  description = "Specify the maximal idle timeout (in ms) for the postgres connections in the pool. If this value is set to 0 then the timeout interval is unlimited."
+  type        = number
+}
+
 variable "log_group" {
   description = "The Log Group for ECS to report out to"
   type        = string

templates/ecs/kong_control_plane.tpl

@@ -131,6 +131,18 @@
       "name": "KONG_PG_DATABASE",
       "value": "${db_name}"
     },
+    %{ if pg_max_concurrent_queries != null }
+    {
+      "name": "KONG_PG_MAX_CONCURRENT_QUERIES",
+      "value": "${pg_max_concurrent_queries}"
+    },
+    %{ endif }
+    %{ if pg_keepalive_timeout != null }
+    {
+      "name": "KONG_PG_KEEPALIVE_TIMEOUT",
+      "value": "${pg_keepalive_timeout}"
+    },
+    %{ endif }
     {
       "name": "KONG_NGINX_HTTP_INCLUDE",
       "value": "/usr/local/kong/custom-nginx.conf"

variables.tf

@@ -767,6 +767,18 @@ variable "db_password_arn" {
   default     = null
 }
 
+variable "pg_max_concurrent_queries" {
+  description = "The maximum number of concurrent queries that can be executing at any given time. The total number of concurrent queries for this node will be will be: pg_max_concurrent_queries * nginx_worker_processes. The default value of 0 removes this concurrency limitation."
+  type        = number
+  default     = null
+}
+
+variable "pg_keepalive_timeout" {
+  description = "Specify the maximal idle timeout (in ms) for the postgres connections in the pool. If this value is set to 0 then the timeout interval is unlimited."
+  type        = number
+  default     = null
+}
+
 variable "log_group" {
   description = "(Optional) The Log Group for ECS to report out to"
   type        = string