diff --git a/modules/net-lb-int/README.md b/modules/net-lb-int/README.md
index 3551c1a7d..aacd6e57a 100644
--- a/modules/net-lb-int/README.md
+++ b/modules/net-lb-int/README.md
@@ -10,6 +10,7 @@ This module allows managing a GCE Internal Load Balancer and integrates the forw
- [Multiple forwarding rules](#multiple-forwarding-rules)
- [Dual stack (IPv4 and IPv6)](#dual-stack-ipv4-and-ipv6)
- [PSC service attachments](#psc-service-attachments)
+ - [Regional health check](#regional-health-check)
- [End to end example](#end-to-end-example)
- [Deploying changes to load balancer configurations](#deploying-changes-to-load-balancer-configurations)
- [Issues](#issues)
@@ -280,6 +281,31 @@ module "ilb" {
# tftest modules=1 resources=7
```
+### Regional health check
+
+The `is_regional` flag in the `health_check_config` block allows creating a regional health check instead of a global one.
+
+```hcl
+module "ilb" {
+ source = "./fabric/modules/net-lb-int"
+ project_id = var.project_id
+ region = "europe-west1"
+ name = "ilb-test"
+ service_label = "ilb-test"
+ vpc_config = {
+ network = var.vpc.self_link
+ subnetwork = var.subnet.self_link
+ }
+ health_check_config = {
+ is_regional = true
+ http = {
+ port = 80
+ }
+ }
+}
+# tftest modules=1 resources=3
+```
+
### End to end example
This example spins up a simple HTTP server and combines four modules:
@@ -374,10 +400,10 @@ One other issue is a `Provider produced inconsistent final plan` error which is
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [name](variables.tf#L202) | Name used for all resources. | string | ✓ | |
-| [project_id](variables.tf#L207) | Project id where resources will be created. | string | ✓ | |
-| [region](variables.tf#L212) | GCP region. | string | ✓ | |
-| [vpc_config](variables.tf#L238) | VPC-level configuration. | object({…}) | ✓ | |
+| [name](variables.tf#L203) | Name used for all resources. | string | ✓ | |
+| [project_id](variables.tf#L208) | Project id where resources will be created. | string | ✓ | |
+| [region](variables.tf#L213) | GCP region. | string | ✓ | |
+| [vpc_config](variables.tf#L239) | VPC-level configuration. | object({…}) | ✓ | |
| [backend_service_config](variables.tf#L17) | Backend service level configuration. | object({…}) | | {} |
| [backends](variables.tf#L53) | Load balancer backends. | list(object({…})) | | [] |
| [context](variables.tf#L64) | Context-specific interpolations. | object({…}) | | {} |
@@ -385,10 +411,10 @@ One other issue is a `Provider produced inconsistent final plan` error which is
| [forwarding_rules_config](variables.tf#L83) | The optional forwarding rules configuration. | map(object({…})) | | {…} |
| [group_configs](variables.tf#L99) | Optional unmanaged groups to create. Can be referenced in backends via outputs. | map(object({…})) | | {} |
| [health_check](variables.tf#L112) | Name of existing health check to use, disables auto-created health check. Also set `health_check_config = null` when cross-referencing an health check from another load balancer module to avoid a Terraform error. | string | | null |
-| [health_check_config](variables.tf#L118) | Optional auto-created health check configuration, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | object({…}) | | {…} |
-| [labels](variables.tf#L196) | Labels set on resources. | map(string) | | {} |
-| [service_attachments](variables.tf#L217) | PSC service attachments, keyed by forwarding rule. | map(object({…})) | | null |
-| [service_label](variables.tf#L232) | Optional prefix of the fully qualified forwarding rule name. | string | | null |
+| [health_check_config](variables.tf#L118) | Optional auto-created health check configuration, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | object({…}) | | {…} |
+| [labels](variables.tf#L197) | Labels set on resources. | map(string) | | {} |
+| [service_attachments](variables.tf#L218) | PSC service attachments, keyed by forwarding rule. | map(object({…})) | | null |
+| [service_label](variables.tf#L233) | Optional prefix of the fully qualified forwarding rule name. | string | | null |
## Outputs
@@ -403,8 +429,8 @@ One other issue is a `Provider produced inconsistent final plan` error which is
| [group_self_links](outputs.tf#L57) | Optional unmanaged instance group self links. | |
| [groups](outputs.tf#L64) | Optional unmanaged instance group resources. | |
| [health_check](outputs.tf#L69) | Auto-created health-check resource. | |
-| [health_check_id](outputs.tf#L74) | Auto-created health-check id. | |
-| [health_check_self_link](outputs.tf#L79) | Auto-created health-check self link. | |
-| [id](outputs.tf#L84) | Fully qualified forwarding rule ids. | |
-| [service_attachment_ids](outputs.tf#L92) | Service attachment ids. | |
+| [health_check_id](outputs.tf#L78) | Auto-created health-check id. | |
+| [health_check_self_link](outputs.tf#L87) | Auto-created health-check self link. | |
+| [id](outputs.tf#L96) | Fully qualified forwarding rule ids. | |
+| [service_attachment_ids](outputs.tf#L104) | Service attachment ids. | |
diff --git a/modules/net-lb-int/health-check.tf b/modules/net-lb-int/health-check.tf
index 063c86824..16a3501dd 100644
--- a/modules/net-lb-int/health-check.tf
+++ b/modules/net-lb-int/health-check.tf
@@ -30,7 +30,7 @@ locals {
resource "google_compute_health_check" "default" {
provider = google-beta
- count = local.hc != null ? 1 : 0
+ count = local.hc != null && !try(local.hc.is_regional, false) ? 1 : 0
project = local.project_id
name = coalesce(local.hc.name, var.name)
description = local.hc.description
@@ -119,3 +119,95 @@ resource "google_compute_health_check" "default" {
}
}
}
+
+resource "google_compute_region_health_check" "default" {
+ count = local.hc != null && try(local.hc.is_regional, false) ? 1 : 0
+ project = local.project_id
+ region = local.region
+ name = coalesce(local.hc.name, var.name)
+ description = local.hc.description
+ check_interval_sec = local.hc.check_interval_sec
+ healthy_threshold = local.hc.healthy_threshold
+ timeout_sec = local.hc.timeout_sec
+ unhealthy_threshold = local.hc.unhealthy_threshold
+
+ dynamic "grpc_health_check" {
+ for_each = local.hc_grpc ? [""] : []
+ content {
+ port = local.hc.grpc.port
+ port_name = local.hc.grpc.port_name
+ port_specification = local.hc.grpc.port_specification
+ grpc_service_name = local.hc.grpc.service_name
+ }
+ }
+
+ dynamic "http_health_check" {
+ for_each = local.hc_http ? [""] : []
+ content {
+ host = local.hc.http.host
+ port = local.hc.http.port
+ port_name = local.hc.http.port_name
+ port_specification = local.hc.http.port_specification
+ proxy_header = local.hc.http.proxy_header
+ request_path = local.hc.http.request_path
+ response = local.hc.http.response
+ }
+ }
+
+ dynamic "http2_health_check" {
+ for_each = local.hc_http2 ? [""] : []
+ content {
+ host = local.hc.http2.host
+ port = local.hc.http2.port
+ port_name = local.hc.http2.port_name
+ port_specification = local.hc.http2.port_specification
+ proxy_header = local.hc.http2.proxy_header
+ request_path = local.hc.http2.request_path
+ response = local.hc.http2.response
+ }
+ }
+
+ dynamic "https_health_check" {
+ for_each = local.hc_https ? [""] : []
+ content {
+ host = local.hc.https.host
+ port = local.hc.https.port
+ port_name = local.hc.https.port_name
+ port_specification = local.hc.https.port_specification
+ proxy_header = local.hc.https.proxy_header
+ request_path = local.hc.https.request_path
+ response = local.hc.https.response
+ }
+ }
+
+ dynamic "ssl_health_check" {
+ for_each = local.hc_ssl ? [""] : []
+ content {
+ port = local.hc.ssl.port
+ port_name = local.hc.ssl.port_name
+ port_specification = local.hc.ssl.port_specification
+ proxy_header = local.hc.ssl.proxy_header
+ request = local.hc.ssl.request
+ response = local.hc.ssl.response
+ }
+ }
+
+ dynamic "tcp_health_check" {
+ for_each = local.hc_tcp ? [""] : []
+ content {
+ port = local.hc.tcp.port
+ port_name = local.hc.tcp.port_name
+ port_specification = local.hc.tcp.port_specification
+ proxy_header = local.hc.tcp.proxy_header
+ request = local.hc.tcp.request
+ response = local.hc.tcp.response
+ }
+ }
+
+ dynamic "log_config" {
+ for_each = try(local.hc.enable_logging, null) == true ? [""] : []
+ content {
+ enable = true
+ }
+ }
+}
diff --git a/modules/net-lb-int/main.tf b/modules/net-lb-int/main.tf
index c517c662b..93a2b0fb6 100644
--- a/modules/net-lb-int/main.tf
+++ b/modules/net-lb-int/main.tf
@@ -31,10 +31,10 @@ locals {
}
}
ctx_p = "$"
- health_check = (
- var.health_check != null
- ? var.health_check
- : google_compute_health_check.default[0].self_link
+ health_check = coalesce(
+ var.health_check,
+ try(google_compute_health_check.default[0].self_link, null),
+ try(google_compute_region_health_check.default[0].self_link, null)
)
network = lookup(
local.ctx.networks, var.vpc_config.network, var.vpc_config.network
diff --git a/modules/net-lb-int/outputs.tf b/modules/net-lb-int/outputs.tf
index 29c925443..a4d33b2ff 100644
--- a/modules/net-lb-int/outputs.tf
+++ b/modules/net-lb-int/outputs.tf
@@ -68,17 +68,29 @@ output "groups" {
output "health_check" {
description = "Auto-created health-check resource."
- value = try(google_compute_health_check.default[0], null)
+ value = try(
+ google_compute_health_check.default[0],
+ google_compute_region_health_check.default[0],
+ null
+ )
}
output "health_check_id" {
description = "Auto-created health-check id."
- value = try(google_compute_health_check.default[0].id, null)
+ value = try(
+ google_compute_health_check.default[0].id,
+ google_compute_region_health_check.default[0].id,
+ null
+ )
}
output "health_check_self_link" {
description = "Auto-created health-check self link."
- value = try(google_compute_health_check.default[0].self_link, null)
+ value = try(
+ google_compute_health_check.default[0].self_link,
+ google_compute_region_health_check.default[0].self_link,
+ null
+ )
}
output "id" {
diff --git a/modules/net-lb-int/variables.tf b/modules/net-lb-int/variables.tf
index a897b0408..8f21ad5e6 100644
--- a/modules/net-lb-int/variables.tf
+++ b/modules/net-lb-int/variables.tf
@@ -122,6 +122,7 @@ variable "health_check_config" {
description = optional(string, "Terraform managed.")
enable_logging = optional(bool, false)
healthy_threshold = optional(number)
+ is_regional = optional(bool, false)
name = optional(string)
timeout_sec = optional(number)
unhealthy_threshold = optional(number)