zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7.../README.md

4.0 KiB
Raw Blame History

Apigee X - Northbound: External Application LB with PSC Neg, Southbouth: PSC with Internal Application LB and Hybrid NEG

The following blueprint shows how to expose an on-prem target backend to clients in the Internet.

The architecture is the one depicted below.

Diagram

To emulate an service deployed on-premise, we have used a managed instance group of instances running Nginx exposed via a regional internalload balancer (L7). The service is accessible through VPN.

Running the blueprint

  1. Clone this repository or open it in cloud shell, then go through the following steps to create resources:

  2. Copy the file terraform.tfvars.sample to a file called terraform.tfvars and update the values if required.

  3. Initialize the terraform configuration

    terraform init

  4. Apply the terraform configuration

    terraform apply

Once the resources have been created, do the following:

Create an A record in your DNS registrar to point the environment group hostname to the public IP address returned after the terraform configuration was applied. You might need to wait some time until the certificate is provisioned.

Testing the blueprint

Do the following to verify that everything works as expected.

  1. Deploy the API proxy

     ./deploy-apiproxy.sh

  2. Send a request

     curl -v https://HOSTNAME/test/

    You should get back an HTTP 200 OK response.

Variables

name description type required default
apigee_project_id Project ID. string
billing_account_id Parameters for the creation of the new project. string
hostname Host name. string
onprem_project_id Project ID. string
parent Parent (organizations/organizationID or folders/folderID). string
apigee_proxy_only_subnet_ip_cidr_range Subnet IP CIDR range. string "10.2.1.0/24"
apigee_psc_subnet_ip_cidr_range Subnet IP CIDR range. string "10.2.2.0/24"
apigee_runtime_ip_cidr_range Apigee PSA IP CIDR range. string "10.0.4.0/22"
apigee_subnet_ip_cidr_range Subnet IP CIDR range. string "10.2.0.0/24"
apigee_troubleshooting_ip_cidr_range Apigee PSA IP CIDR range. string "10.1.0.0/28"
onprem_proxy_only_subnet_ip_cidr_range Subnet IP CIDR range. string "10.1.1.0/24"
onprem_subnet_ip_cidr_range Subnet IP CIDR range. string "10.1.0.0/24"
region Region. string "europe-west1"
zone Zone. string "europe-west1-c"

Outputs

name description sensitive
ip_address GLB IP address.

Test

module "test" {
  source             = "./fabric/blueprints/apigee/network-patterns/nb-glb-psc-neg-sb-psc-ilbl7-hybrid-neg"
  billing_account_id = "12345-12345-12345"
  parent             = "folders/123456789"
  apigee_project_id  = "my-apigee-project"
  onprem_project_id  = "my-onprem-project"
  hostname           = "test.myorg.org"
}
# tftest modules=14 resources=78