Add L7 ILB in preparation for custom domain

2023-02-23 17:41:50 +01:00 · 2023-02-23 17:41:50 +01:00 · edece34342
parent 91bd44f5d5
commit edece34342
3 changed files with 53 additions and 2 deletions
--- a/blueprints/serverless/cloud-run-corporate/main.tf
+++ b/blueprints/serverless/cloud-run-corporate/main.tf
@ -139,6 +139,14 @@ module "vpc_main" {
      region        = var.region
    }
  ]
+  subnets_proxy_only = [
+    {
+      ip_cidr_range = var.ip_ranges["main"].subnet_proxy
+      name          = "subnet-proxy"
+      region        = var.region
+      active        = true
+    }
+  ]
 }

 # Main VPC Firewall with default config, IAP for SSH enabled
@ -256,6 +264,43 @@ resource "google_compute_global_forwarding_rule" "psc_endpoint_prj1" {
  load_balancing_scheme = ""
 }

+###############################################################################
+#                                   L7 ILB                                    #
+###############################################################################
+
+module "ilb-l7" {
+  source     = "../../../modules/net-ilb-l7"
+  count      = var.custom_domain != null ? 1 : 0
+  project_id = module.project_main.project_id
+  name       = "ilb-l7-cr"
+  region     = var.region
+  backend_service_configs = {
+    default = {
+      project_id = module.project_svc1[0].project_id
+      backends = [{
+        group = "cr1"
+      }]
+      health_checks = []
+    }
+  }
+  health_check_configs = {}
+  neg_configs = {
+    cr1 = {
+      project_id = module.project_svc1[0].project_id
+      cloudrun = {
+        region = var.region
+        target_service = {
+          name = module.cloud_run.service_name
+        }
+      }
+    }
+  }
+  vpc_config = {
+    network    = module.vpc_main.self_link
+    subnetwork = module.vpc_main.subnet_self_links["${var.region}/subnet-main"]
+  }
+}
+
 ###############################################################################
 #                                    VMs                                      #
 ###############################################################################
--- a/blueprints/serverless/cloud-run-corporate/outputs.tf
+++ b/blueprints/serverless/cloud-run-corporate/outputs.tf
@ -18,3 +18,8 @@ output "default_URL" {
  description = "Cloud Run service default URL."
  value       = module.cloud_run.service.status[0].url
 }
+
+output "load_balancer_ip" {
+  description = "Load Balancer IP address"
+  value       = var.custom_domain != null ? module.ilb-l7[0].address : "none"
+}
--- a/blueprints/serverless/cloud-run-corporate/variables.tf
+++ b/blueprints/serverless/cloud-run-corporate/variables.tf
@ -52,8 +52,9 @@ variable "ip_ranges" {
  type        = map(map(string))
  default = {
    main = {
-      subnet   = "10.0.1.0/24"
-      psc_addr = "10.0.0.100"
+      subnet       = "10.0.1.0/24"
+      subnet_proxy = "10.10.0.0/24"
+      psc_addr     = "10.0.0.100"
    }
    onprem = {
      subnet = "172.16.1.0/24"