kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
99f53d37f003ef534bea8127c0fbffd5b4a8e8a2
hunfabric/modules/cloud-config-container/envoy-sni-dyn-fwd-proxy/README.md
Ludovico Magnocavallo a4eb4d24fd Compute VM module refactor (#3805) 
* add ad for compute-vm refactor

* Exclue nic_type from validated fields, add split of main.tf and template.tf

* boot disk

* fix examples and fixtures

* attached disks

* fix further examples and module-level tests

* remove extra file

* fix mig examples

* finish refactoring variables

* align fast and other modules

* refactor(compute-vm): align examples and ADR with the newly implemented interface

This commit addresses the remaining references of the `instance_type` and `confidential_compute` parameters in the testing environment and updates the ADR.

* feat(compute-vm): add network_performance_config to instance and templates

This change implements the usage of the `network_performance_tier` variable we added earlier into the actual Terraform resources.

---------

Co-authored-by: Wiktor Niesiobędzki <wiktorn@google.com>
2026-03-26 11:31:40 +00:00

60 lines
2.2 KiB
Markdown
Raw Blame History

# Containerized Envoy as SNI dynamic forward proxy on Container Optimized OS
This module manages a `cloud-config` configuration that starts a containerized [Envoy SNI Dynamic forward proxy]https://www.envoyproxy.io/docs/envoy/latest/configuration/listeners/network_filters/sni_dynamic_forward_proxy_filter) service on Container Optimized OS running on port 443.
This module depends on the cos-generic-metadata module being in the parent folder. If you change its location be sure to adjust the source attribute in main.tf.
Logging and monitoring are enabled via the [Google Cloud Logging agent](https://cloud.google.com/container-optimized-os/docs/how-to/logging) configured for the instance via the `google-logging-enabled` metadata property, and the [Node Problem Detector](https://cloud.google.com/container-optimized-os/docs/how-to/monitoring) service started by default on boot.
## Examples
### Default configuration
This example will create a `cloud-config` that uses the module's defaults, creating a simple hello web server showing host name and request id.
```hcl
module "cos-envoy-sni-dyn-fwd-proxy" {
source = "./fabric/modules/cloud-config-container/envoy-sni-dyn-fwd-proxy"
envoy_image = "envoyproxy/envoy:v1.28-latest"
}
module "vm-envoy-sni-dyn-fwd-proxy" {
source = "./fabric/modules/compute-vm"
project_id = "my-project"
zone = "europe-west8-b"
name = "cos-envoy-sni-dyn-fw-proxy"
network_interfaces = [{
network = "default"
subnetwork = "gce"
}]
metadata = {
user-data = module.cos-envoy-sni-dyn-fwd-proxy.cloud_config
google-logging-enabled = true
}
boot_disk = {
source = {
image = "projects/cos-cloud/global/images/family/cos-stable"
}
initialize_params = {
type = "pd-ssd"
size = 10
}
}
tags = ["https-server", "ssh"]
}
# tftest modules=1 resources=1
```
<!-- BEGIN TFDOC -->
## Variables
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [envoy_image](variables.tf#L17) | Image. | <code>string</code> | ✓ | |
## Outputs
| name | description | sensitive |
|---|---|:---:|
| [cloud_config](outputs.tf#L17) | Rendered cloud-config file to be passed as user-data instance metadata. | |
<!-- END TFDOC -->
Reference in New Issue View Git Blame Copy Permalink