zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add support for service_label property in internal load balancer (#834) 

Co-authored-by: Krzysztof Mucha <kmuch@softserveinc.com>
This commit is contained in:
Krzysiek Mucha 2022-09-21 23:30:35 +02:00 committed by GitHub
parent d0aad6f95c
commit 6e90af2bc3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 26 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
modules/net-ilb-l7/README.md
View File

@ -403,18 +403,18 @@ An Internal HTTP Load Balancer is made of multiple components, that change depen
|---|---|:---:|:---:|:---:|
| [name](variables.tf#L17) | Load balancer name. | <code>string</code> | ✓ | |
| [project_id](variables.tf#L22) | Project id. | <code>string</code> | ✓ | |
| [region](variables.tf#L157) | The region where to allocate the ILB resources. | <code>string</code> | ✓ | |
| [subnetwork](variables.tf#L187) | The subnetwork where the ILB VIP is allocated. | <code>string</code> | ✓ | |
| [region](variables.tf#L159) | The region where to allocate the ILB resources. | <code>string</code> | ✓ | |
| [subnetwork](variables.tf#L189) | The subnetwork where the ILB VIP is allocated. | <code>string</code> | ✓ | |
| [backend_services_config](variables.tf#L27) | The backends services configuration. | <code title="map&#40;object&#40;&#123;&#10; backends &#61; list&#40;object&#40;&#123;&#10; group &#61; string &#35; The instance group link id&#10; options &#61; object&#40;&#123;&#10; balancing_mode &#61; string &#35; Can be UTILIZATION, RATE&#10; capacity_scaler &#61; number &#35; Valid range is &#91;0.0,1.0&#93;&#10; max_connections &#61; number&#10; max_connections_per_instance &#61; number&#10; max_connections_per_endpoint &#61; number&#10; max_rate &#61; number&#10; max_rate_per_instance &#61; number&#10; max_rate_per_endpoint &#61; number&#10; max_utilization &#61; number&#10; &#125;&#41;&#10; &#125;&#41;&#41;&#10; health_checks &#61; list&#40;string&#41;&#10;&#10;&#10; log_config &#61; object&#40;&#123;&#10; enable &#61; bool&#10; sample_rate &#61; number &#35; must be in &#91;0, 1&#93;&#10; &#125;&#41;&#10;&#10;&#10; options &#61; object&#40;&#123;&#10; affinity_cookie_ttl_sec &#61; number&#10; custom_request_headers &#61; list&#40;string&#41;&#10; custom_response_headers &#61; list&#40;string&#41;&#10; connection_draining_timeout_sec &#61; number&#10; locality_lb_policy &#61; string&#10; port_name &#61; string&#10; protocol &#61; string&#10; session_affinity &#61; string&#10; timeout_sec &#61; number&#10;&#10;&#10; circuits_breakers &#61; object&#40;&#123;&#10; max_requests_per_connection &#61; number &#35; Set to 1 to disable keep-alive&#10; max_connections &#61; number &#35; Defaults to 1024&#10; max_pending_requests &#61; number &#35; Defaults to 1024&#10; max_requests &#61; number &#35; Defaults to 1024&#10; max_retries &#61; number &#35; Defaults to 3&#10; &#125;&#41;&#10;&#10;&#10; consistent_hash &#61; object&#40;&#123;&#10; http_header_name &#61; string&#10; minimum_ring_size &#61; string&#10; http_cookie &#61; object&#40;&#123;&#10; name &#61; string&#10; path &#61; string&#10; ttl &#61; object&#40;&#123;&#10; seconds &#61; number&#10; nanos &#61; number&#10; &#125;&#41;&#10; &#125;&#41;&#10; &#125;&#41;&#10;&#10;&#10; iap &#61; object&#40;&#123;&#10; oauth2_client_id &#61; string&#10; oauth2_client_secret &#61; string&#10; oauth2_client_secret_sha256 &#61; string&#10; &#125;&#41;&#10; &#125;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [forwarding_rule_config](variables.tf#L98) | Forwarding rule configurations. | <code title="object&#40;&#123;&#10; ip_version &#61; string&#10; labels &#61; map&#40;string&#41;&#10; network_tier &#61; string&#10; port_range &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; allow_global_access &#61; true&#10; ip_version &#61; &#34;IPV4&#34;&#10; labels &#61; &#123;&#125;&#10; network_tier &#61; &#34;PREMIUM&#34;&#10; port_range &#61; null&#10;&#125;">&#123;&#8230;&#125;</code> |
| [health_checks_config](variables.tf#L116) | Custom health checks configuration. | <code title="map&#40;object&#40;&#123;&#10; type &#61; string &#35; http https tcp ssl http2&#10; check &#61; map&#40;any&#41; &#35; actual health check block attributes&#10; options &#61; map&#40;number&#41; &#35; interval, thresholds, timeout&#10; logging &#61; bool&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [health_checks_config_defaults](variables.tf#L127) | Auto-created health check default configuration. | <code title="object&#40;&#123;&#10; check &#61; map&#40;any&#41; &#35; actual health check block attributes&#10; logging &#61; bool&#10; options &#61; map&#40;number&#41; &#35; interval, thresholds, timeout&#10; type &#61; string &#35; http https tcp ssl http2&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; type &#61; &#34;http&#34;&#10; logging &#61; false&#10; options &#61; &#123;&#125;&#10; check &#61; &#123;&#10; port_specification &#61; &#34;USE_SERVING_PORT&#34;&#10; &#125;&#10;&#125;">&#123;&#8230;&#125;</code> |
| [https](variables.tf#L145) | Whether to enable HTTPS. | <code>bool</code> | | <code>false</code> |
| [network](variables.tf#L151) | The network where the ILB is created. | <code>string</code> | | <code>&#34;default&#34;</code> |
| [ssl_certificates_config](variables.tf#L162) | The SSL certificates configuration. | <code title="map&#40;object&#40;&#123;&#10; domains &#61; list&#40;string&#41;&#10; tls_private_key &#61; string&#10; tls_self_signed_cert &#61; string&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [static_ip_config](variables.tf#L172) | Static IP address configuration. | <code title="object&#40;&#123;&#10; reserve &#61; bool&#10; options &#61; object&#40;&#123;&#10; address &#61; string&#10; subnetwork &#61; string &#35; The subnet id&#10; &#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; reserve &#61; false&#10; options &#61; null&#10;&#125;">&#123;&#8230;&#125;</code> |
| [target_proxy_https_config](variables.tf#L192) | The HTTPS target proxy configuration. | <code title="object&#40;&#123;&#10; ssl_certificates &#61; list&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [url_map_config](variables.tf#L200) | The url-map configuration. | <code title="object&#40;&#123;&#10; default_service &#61; string&#10; default_url_redirect &#61; map&#40;any&#41;&#10; host_rules &#61; list&#40;any&#41;&#10; path_matchers &#61; list&#40;any&#41;&#10; tests &#61; list&#40;map&#40;string&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [forwarding_rule_config](variables.tf#L98) | Forwarding rule configurations. | <code title="object&#40;&#123;&#10; ip_version &#61; string&#10; labels &#61; map&#40;string&#41;&#10; network_tier &#61; string&#10; port_range &#61; string&#10; service_label &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; allow_global_access &#61; true&#10; ip_version &#61; &#34;IPV4&#34;&#10; labels &#61; &#123;&#125;&#10; network_tier &#61; &#34;PREMIUM&#34;&#10; port_range &#61; null&#10; service_label &#61; null&#10;&#125;">&#123;&#8230;&#125;</code> |
| [health_checks_config](variables.tf#L118) | Custom health checks configuration. | <code title="map&#40;object&#40;&#123;&#10; type &#61; string &#35; http https tcp ssl http2&#10; check &#61; map&#40;any&#41; &#35; actual health check block attributes&#10; options &#61; map&#40;number&#41; &#35; interval, thresholds, timeout&#10; logging &#61; bool&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [health_checks_config_defaults](variables.tf#L129) | Auto-created health check default configuration. | <code title="object&#40;&#123;&#10; check &#61; map&#40;any&#41; &#35; actual health check block attributes&#10; logging &#61; bool&#10; options &#61; map&#40;number&#41; &#35; interval, thresholds, timeout&#10; type &#61; string &#35; http https tcp ssl http2&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; type &#61; &#34;http&#34;&#10; logging &#61; false&#10; options &#61; &#123;&#125;&#10; check &#61; &#123;&#10; port_specification &#61; &#34;USE_SERVING_PORT&#34;&#10; &#125;&#10;&#125;">&#123;&#8230;&#125;</code> |
| [https](variables.tf#L147) | Whether to enable HTTPS. | <code>bool</code> | | <code>false</code> |
| [network](variables.tf#L153) | The network where the ILB is created. | <code>string</code> | | <code>&#34;default&#34;</code> |
| [ssl_certificates_config](variables.tf#L164) | The SSL certificates configuration. | <code title="map&#40;object&#40;&#123;&#10; domains &#61; list&#40;string&#41;&#10; tls_private_key &#61; string&#10; tls_self_signed_cert &#61; string&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [static_ip_config](variables.tf#L174) | Static IP address configuration. | <code title="object&#40;&#123;&#10; reserve &#61; bool&#10; options &#61; object&#40;&#123;&#10; address &#61; string&#10; subnetwork &#61; string &#35; The subnet id&#10; &#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; reserve &#61; false&#10; options &#61; null&#10;&#125;">&#123;&#8230;&#125;</code> |
| [target_proxy_https_config](variables.tf#L194) | The HTTPS target proxy configuration. | <code title="object&#40;&#123;&#10; ssl_certificates &#61; list&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [url_map_config](variables.tf#L202) | The url-map configuration. | <code title="object&#40;&#123;&#10; default_service &#61; string&#10; default_url_redirect &#61; map&#40;any&#41;&#10; host_rules &#61; list&#40;any&#41;&#10; path_matchers &#61; list&#40;any&#41;&#10; tests &#61; list&#40;map&#40;string&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
## Outputs

1
modules/net-ilb-l7/forwarding-rule.tf
View File

@ -62,6 +62,7 @@ resource "google_compute_forwarding_rule" "forwarding_rule" {
port_range = local.port_range
ports = []
region = try(var.region, null)
service_label = try(var.forwarding_rule_config.service_label, null)
subnetwork = try(var.subnetwork, null)
target = local.target
}

12
modules/net-ilb-l7/variables.tf
View File

@ -98,10 +98,11 @@ variable "backend_services_config" {
variable "forwarding_rule_config" {
description = "Forwarding rule configurations."
type = object({
ip_version = string
labels = map(string)
network_tier = string
port_range = string
ip_version = string
labels = map(string)
network_tier = string
port_range = string
service_label = string
})
default = {
allow_global_access = true
@ -109,7 +110,8 @@ variable "forwarding_rule_config" {
labels = {}
network_tier = "PREMIUM"
# If not specified, 443 if var.https = true; 80 otherwise
port_range = null
port_range = null
service_label = null
}
}

12
tests/modules/net_ilb_l7/fixture/variables.tf
View File

@ -88,10 +88,11 @@ variable "backend_services_config" {
variable "forwarding_rule_config" {
description = "Forwarding rule configurations."
type = object({
ip_version = string
labels = map(string)
network_tier = string
port_range = string
ip_version = string
labels = map(string)
network_tier = string
port_range = string
service_label = string
})
default = {
allow_global_access = true
@ -99,7 +100,8 @@ variable "forwarding_rule_config" {
labels = {}
network_tier = "PREMIUM"
# If not specified, 443 if var.https = true; 80 otherwise
port_range = null
port_range = null
service_label = null
}
}