kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' into endpoints

Browse Source
This commit is contained in:
lcaggio
2020-06-24 18:19:03 +02:00
committed by GitHub
parent 72c2b9a54a 3c60af506f
commit c5fc3798c6
6 changed files with 106 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
modules/compute-vm/main.tf
View File

@@ -175,6 +175,7 @@ resource "google_compute_instance_iam_binding" "default" {
instance_name = each.value.name
role = each.value.role
members = lookup(var.iam_members, each.value.role, [])
depends_on = [google_compute_instance.default]
}
resource "google_compute_instance_template" "default" {

42
modules/net-ilb/README.md
View File

@@ -4,7 +4,6 @@ This module allows managing a GCE Internal Load Balancer and integrates the forw
## TODO
- [ ] do not create health check resource if `var.health_check` is not `null` (workaround is to set `var.health_check_config` to `null`
- [ ] add a variable for setting address purpose to `SHARED_LOADBALANCER_VIP` and an output for the address once the [provider support has been implemented](https://github.com/terraform-providers/terraform-provider-google/issues/6499)
## Issues
@@ -15,7 +14,40 @@ There are some corner cases (eg when switching the instance template from intern
One other issue is a `Provider produced inconsistent final plan` error which is sometimes raised when switching template version. This seems to be related to this [open provider issue](https://github.com/terraform-providers/terraform-provider-google/issues/3937), but it's relatively harmless since the resource is updated, and subsequent applies raise no errors.
## Example
## Examples
### Externally managed instances
This examples shows how to create an ILB by combining externally managed instances (in a custom module or even outside of the current root module) in an unmanaged group. When using internally managed groups, remember to run `terraform apply` each time group instances change.
```hcl
module "ilb" {
source = "./modules/net-ilb"
project_id = "my-project"
region = "europe-west1"
name = "ilb-test"
service_label = "ilb-test"
network = local.network_self_link
subnetwork = local.subnetwork_self_link
group_configs = {
my-group = {
zone = europe-west1-b, named_ports = null, instances = [
local.instance1_self_link, local.instance2_self_link
]
}
}
backends = [{
failover = false
group = module.ilb.groups.my-group.self_link
balancing_mode = "CONNECTION"
}]
health_check_config = {
type = "http", check = { port = 80 }, config = {}, logging = true
}
}
```
### End to end example
This example spins up a simple HTTP server and combines four modules:
@@ -81,6 +113,7 @@ module "ilb" {
| name | description | type | required | default |
|---|---|:---: |:---:|:---:|
| backends | Load balancer backends, balancing mode is one of 'CONNECTION' or 'UTILIZATION'. | <code title="list&#40;object&#40;&#123;&#10;failover &#61; bool&#10;group &#61; string&#10;balancing_mode &#61; string&#10;&#125;&#41;&#41;">list(object({...}))</code> | ✓ | |
| group_configs | Optional unmanaged groups to create. Can be referenced in backends via outputs. | <code title="map&#40;object&#40;&#123;&#10;instances &#61; list&#40;string&#41;&#10;named_ports &#61; map&#40;number&#41;&#10;zone &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> | ✓ | |
| name | Name used for all resources. | <code title="">string</code> | ✓ | |
| network | Network used for resources. | <code title="">string</code> | ✓ | |
| project_id | Project id where resources will be created. | <code title="">string</code> | ✓ | |
@@ -91,9 +124,8 @@ module "ilb" {
| *failover_config* | Optional failover configuration. | <code title="object&#40;&#123;&#10;disable_connection_drain &#61; bool&#10;drop_traffic_if_unhealthy &#61; bool&#10;ratio &#61; number&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *global_access* | Global access, defaults to false if not set. | <code title="">bool</code> | | <code title="">null</code> |
| *health_check* | Name of existing health check to use, disables auto-created health check. | <code title="">string</code> | | <code title="">null</code> |
| *health_check_config* | Configuration of the auto-created helth check. | <code title="object&#40;&#123;&#10;type &#61; string &#35; http https tcp ssl http2&#10;check &#61; map&#40;any&#41; &#35; actual health check block attributes&#10;config &#61; map&#40;number&#41; &#35; interval, thresholds, timeout&#10;&#125;&#41;">object({...})</code> | | <code title="&#123;&#10;type &#61; &#34;http&#34;&#10;check &#61; &#123;&#10;port_specification &#61; &#34;USE_SERVING_PORT&#34;&#10;&#125;&#10;config &#61; &#123;&#125;&#10;&#125;">...</code> |
| *health_check_config* | Configuration of the auto-created helth check. | <code title="object&#40;&#123;&#10;type &#61; string &#35; http https tcp ssl http2&#10;check &#61; map&#40;any&#41; &#35; actual health check block attributes&#10;config &#61; map&#40;number&#41; &#35; interval, thresholds, timeout&#10;logging &#61; bool&#10;&#125;&#41;">object({...})</code> | | <code title="&#123;&#10;type &#61; &#34;http&#34;&#10;check &#61; &#123;&#10;port_specification &#61; &#34;USE_SERVING_PORT&#34;&#10;&#125;&#10;config &#61; &#123;&#125;&#10;logging &#61; false&#10;&#125;">...</code> |
| *labels* | Labels set on resources. | <code title="map&#40;string&#41;">map(string)</code> | | <code title="">{}</code> |
| *log_sample_rate* | Set a value between 0 and 1 to enable logging for resources, and set the sampling rate for backend logging. | <code title="">number</code> | | <code title="">null</code> |
| *ports* | Comma-separated ports, leave null to use all ports. | <code title="list&#40;string&#41;">list(string)</code> | | <code title="">null</code> |
| *protocol* | IP protocol used, defaults to TCP. | <code title="">string</code> | | <code title="">TCP</code> |
| *service_label* | Optional prefix of the fully qualified forwarding rule name. | <code title="">string</code> | | <code title="">null</code> |
@@ -109,6 +141,8 @@ module "ilb" {
| forwarding_rule_address | Forwarding rule address. | |
| forwarding_rule_id | Forwarding rule id. | |
| forwarding_rule_self_link | Forwarding rule self link. | |
| group_self_links | Optional unmanaged instance group self links. | |
| groups | Optional unmanaged instance group resources. | |
| health_check | Auto-created health-check resource. | |
| health_check_self_id | Auto-created health-check self id. | |
| health_check_self_link | Auto-created health-check self link. | |

48
modules/net-ilb/main.tf
View File

@@ -29,6 +29,7 @@ locals {
google_compute_health_check.http2.0,
{}
)
health_check_type = try(var.health_check_config.type, null)
}
resource "google_compute_forwarding_rule" "default" {
@@ -89,9 +90,28 @@ resource "google_compute_region_backend_service" "default" {
}
resource "google_compute_instance_group" "unmanaged" {
for_each = var.group_configs
project = var.project_id
zone = each.value.zone
name = each.key
description = "Terraform-managed."
instances = each.value.instances
dynamic named_port {
for_each = each.value.named_ports != null ? each.value.named_ports : {}
iterator = config
content {
name = config.key
port = config.value
}
}
}
resource "google_compute_health_check" "http" {
provider = google-beta
count = try(var.health_check_config.type, null) == "http" ? 1 : 0
provider = google-beta
count = (
var.health_check == null && local.health_check_type == "http" ? 1 : 0
)
project = var.project_id
name = var.name
description = "Terraform managed."
@@ -120,8 +140,10 @@ resource "google_compute_health_check" "http" {
}
resource "google_compute_health_check" "https" {
provider = google-beta
count = try(var.health_check_config.type, null) == "https" ? 1 : 0
provider = google-beta
count = (
var.health_check == null && local.health_check_type == "https" ? 1 : 0
)
project = var.project_id
name = var.name
description = "Terraform managed."
@@ -150,8 +172,10 @@ resource "google_compute_health_check" "https" {
}
resource "google_compute_health_check" "tcp" {
provider = google-beta
count = try(var.health_check_config.type, null) == "tcp" ? 1 : 0
provider = google-beta
count = (
var.health_check == null && local.health_check_type == "tcp" ? 1 : 0
)
project = var.project_id
name = var.name
description = "Terraform managed."
@@ -179,8 +203,10 @@ resource "google_compute_health_check" "tcp" {
}
resource "google_compute_health_check" "ssl" {
provider = google-beta
count = try(var.health_check_config.type, null) == "ssl" ? 1 : 0
provider = google-beta
count = (
var.health_check == null && local.health_check_type == "ssl" ? 1 : 0
)
project = var.project_id
name = var.name
description = "Terraform managed."
@@ -208,8 +234,10 @@ resource "google_compute_health_check" "ssl" {
}
resource "google_compute_health_check" "http2" {
provider = google-beta
count = try(var.health_check_config.type, null) == "http2" ? 1 : 0
provider = google-beta
count = (
var.health_check == null && local.health_check_type == "http2" ? 1 : 0
)
project = var.project_id
name = var.name
description = "Terraform managed."

12
modules/net-ilb/outputs.tf
View File

@@ -49,6 +49,18 @@ output "forwarding_rule_self_link" {
value = google_compute_forwarding_rule.default.self_link
}
output "groups" {
description = "Optional unmanaged instance group resources."
value = google_compute_instance_group.unmanaged
}
output "group_self_links" {
description = "Optional unmanaged instance group self links."
value = {
for k, v in google_compute_instance_group.unmanaged : k => v.self_link
}
}
output "health_check" {
description = "Auto-created health-check resource."
value = local.health_check_resource

10
modules/net-ilb/variables.tf
View File

@@ -55,6 +55,16 @@ variable "global_access" {
default = null
}
variable "group_configs" {
description = "Optional unmanaged groups to create. Can be referenced in backends via outputs."
type = map(object({
instances = list(string)
named_ports = map(number)
zone = string
}))
default = {}
}
variable "health_check" {
description = "Name of existing health check to use, disables auto-created health check."
type = string