Skip to content

Basic web with SSL API 3.8

Jump to bottom
craig-duffin edited this page Dec 18, 2017 · 1 revision

Basic web with SSL example

The following template example shows a basic web configuration with SSL.

resource "brocadevtm_monitor" "example" {
  name = "example-monitor"
  back_off = true
  delay = 8
  timeout = 6
  failures = 4
  timeout = 6
  type = "http"
  http = [
    {
      path = "/health-check"
      body_regex = "^healthy"
      status_regex = "^[234][0-9][0-9]$"
    },
  ]
}

resource "brocadevtm_pool" "example" {
  name = "example-pool"
  max_connection_attempts = 3
  max_idle_connections_pernode = 100
  max_timed_out_connection_attempts = 4
  monitors = [ "${brocadevtm_monitor.example.name}" ]
  node_close_with_rst = true
  node_connection_attempts = 4
  node_delete_behaviour = "drain"
  node_drain_to_delete_timeout = 10
  nodes_table = [
    {
      node = "10.10.10.3:80"
      state = "active"
    },
    {
      node = "10.10.10.4:80"
      state = "draining"
    },
  ]
  note = "Example pool"
  pool_connection = [
    {
      max_connect_time = 6
      max_connections_per_node = 250
      max_queue_size = 50
      max_reply_time = 9
      queue_timeout = 20
    },
  ]
  http = [
    {
      keepalive = true
      keepalive_non_idempotent = true
    },
  ]
  load_balancing = [
    {
      algorithm = "least_connections"
    },
  ]
  node = [
    {
      close_on_death = true
      retry_fail_time = 30
    },
  ]
  tcp = [
    {
      nagle = true
    },
  ]
}

resource "brocadevtm_traffic_ip_group" "example" {
  name = "www.example.com"
  enabled = true
  ipaddresses = [ "10.23.45.134" ] 
  mode = "multihosted"
  multicast = "234.23.45.134"
  note = "Example Traffic IP Group"
}

resource "brocadevtm_ssl_server_key" "example" {
  name = "www.example.com"
  note = "www.example.com SSL service key"
  private = "${file("ssl/example.com.key")}"
  public = "${file("ssl/example.com.crt")}"
  request = "${file("ssl/example.com.csr")}"
}

resource "brocadevtm_rule" "example" {
  name = "example-rule"
  rule =<<RULE
if( http.responseHeaderExists( "Keep-Alive" ) == 0) {
    http.removeResponseHeader( "Keep-Alive" ); 
}
RULE
}

resource "brocadevtm_virtual_server" "example" {
  name = "www.example.com"
  add_x_forwarded_for = true
  close_with_rst = true
  connect_timeout = 9
  enabled = true
  listen_on_traffic_ips = [ "${brocadevtm_traffic_ip_group.example.name}" ]
  note = "Example Virtual Server"
  pool = "${brocadevtm_pool.example.name}"
  port = 443
  response_rules = [ "${brocadevtm_rule.example.name}" ]
  so_nagle = true
  ssl_decrypt = true
  ssl = [ 
    {
      server_cert_default = "${brocadevtm_ssl_server_key.example.name}"
      ssl_support_ssl2 = "disabled"
      ssl_support_ssl3 = "enabled"
      ssl_support_tls1 = "enabled"
      ssl_support_tls1_1 = "enabled"
      ssl_support_tls1_2 = "enabled"
   },
  ]
}

Resource References

API 3.8

API 5.1

Clone this wiki locally