feat: additional load balancer config #536
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # Complete Example | ||
|
|
||
| An end-to-end basic example that will provision the following: | ||
|
|
||
| - A new resource group if one is not passed in. | ||
| - A new public SSH key if one is not passed in. | ||
| - A new VPC with 3 subnets | ||
| - A new placement group | ||
| - A VSI in each subnet | ||
|
|
||
| - A new Application Load Balancer | ||
|
There was a problem hiding this comment. A new Application Load Balancer to balance traffic between all virtual servers that are created by this example |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,109 @@ | ||
| ############################################################################## | ||
| # Locals | ||
| ############################################################################## | ||
|
|
||
| locals { | ||
| resource_group_id = var.resource_group != null ? data.ibm_resource_group.existing_resource_group[0].id : ibm_resource_group.resource_group[0].id | ||
| ssh_key_id = var.ssh_key != null ? data.ibm_is_ssh_key.existing_ssh_key[0].id : resource.ibm_is_ssh_key.ssh_key[0].id | ||
| } | ||
|
|
||
| ############################################################################## | ||
| # Resource Group | ||
| # (if var.resource_group is null, create a new RG using var.prefix) | ||
| ############################################################################## | ||
|
|
||
| resource "ibm_resource_group" "resource_group" { | ||
| count = var.resource_group != null ? 0 : 1 | ||
| name = "${var.prefix}-rg" | ||
| quota_id = null | ||
| } | ||
|
|
||
| data "ibm_resource_group" "existing_resource_group" { | ||
| count = var.resource_group != null ? 1 : 0 | ||
| name = var.resource_group | ||
| } | ||
rajatagarwal-ibm marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| ############################################################################## | ||
| # Create new SSH key | ||
| ############################################################################## | ||
|
|
||
| resource "tls_private_key" "tls_key" { | ||
| count = var.ssh_key != null ? 0 : 1 | ||
| algorithm = "RSA" | ||
| rsa_bits = 4096 | ||
| } | ||
|
|
||
| resource "ibm_is_ssh_key" "ssh_key" { | ||
| count = var.ssh_key != null ? 0 : 1 | ||
| name = "${var.prefix}-ssh-key" | ||
| public_key = resource.tls_private_key.tls_key[0].public_key_openssh | ||
| } | ||
|
|
||
| data "ibm_is_ssh_key" "existing_ssh_key" { | ||
| count = var.ssh_key != null ? 1 : 0 | ||
| name = var.ssh_key | ||
| } | ||
|
|
||
| ############################################################################# | ||
| # Provision VPC | ||
| ############################################################################# | ||
|
|
||
| module "slz_vpc" { | ||
| source = "terraform-ibm-modules/landing-zone-vpc/ibm" | ||
| version = "7.5.0" | ||
| resource_group_id = local.resource_group_id | ||
| region = var.region | ||
| prefix = var.prefix | ||
| tags = var.resource_tags | ||
| name = var.vpc_name | ||
| } | ||
|
|
||
| ############################################################################# | ||
| # Placement group | ||
| ############################################################################# | ||
|
|
||
| resource "ibm_is_placement_group" "placement_group" { | ||
| name = "${var.prefix}-host-spread" | ||
| resource_group = local.resource_group_id | ||
| strategy = "host_spread" | ||
| tags = var.resource_tags | ||
| } | ||
|
|
||
| ############################################################################# | ||
| # Provision VSI | ||
| ############################################################################# | ||
|
|
||
| module "slz_vsi" { | ||
| source = "../../" | ||
| resource_group_id = local.resource_group_id | ||
| image_id = var.image_id | ||
| create_security_group = var.create_security_group | ||
| security_group = var.security_group | ||
| tags = var.resource_tags | ||
| access_tags = var.access_tags | ||
| subnets = module.slz_vpc.subnet_zone_list | ||
| vpc_id = module.slz_vpc.vpc_id | ||
| prefix = var.prefix | ||
| placement_group_id = ibm_is_placement_group.placement_group.id | ||
| machine_type = var.machine_type | ||
| user_data = var.user_data | ||
| boot_volume_encryption_key = var.boot_volume_encryption_key | ||
| vsi_per_subnet = var.vsi_per_subnet | ||
| ssh_key_ids = [local.ssh_key_id] | ||
ocofaigh marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| load_balancers = [ | ||
| { | ||
| name = "${var.prefix}-lb" | ||
| type = "public" | ||
| listener_port = 9080 | ||
| listener_protocol = "http" | ||
| connection_limit = 100 | ||
| algorithm = "round_robin" | ||
| protocol = "http" | ||
| health_delay = 60 | ||
| health_retries = 5 | ||
| health_timeout = 30 | ||
| health_type = "http" | ||
| pool_member_port = 8080 | ||
| } | ||
| ] | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,9 @@ | ||
| output "slz_vpc" { | ||
| value = module.slz_vpc | ||
| description = "VPC module values" | ||
| } | ||
|
|
||
| output "slz_vsi" { | ||
| value = module.slz_vsi | ||
| description = "VSI module values" | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| provider "ibm" { | ||
| ibmcloud_api_key = var.ibmcloud_api_key | ||
| region = var.region | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,116 @@ | ||
| variable "ibmcloud_api_key" { | ||
| description = "APIkey that's associated with the account to provision resources to" | ||
| type = string | ||
| sensitive = true | ||
| } | ||
|
|
||
| variable "resource_group" { | ||
| type = string | ||
| description = "An existing resource group name to use for this example, if unset a new resource group will be created" | ||
| default = null | ||
| } | ||
|
|
||
| variable "region" { | ||
| description = "The region to which to deploy the VPC" | ||
|
There was a problem hiding this comment. deploy the VPC -> deploy all resources in this example |
||
| type = string | ||
| default = "us-south" | ||
| } | ||
|
|
||
| variable "prefix" { | ||
| description = "The prefix that you would like to append to your resources" | ||
| type = string | ||
| default = "rajat-vsi" | ||
|
There was a problem hiding this comment. don't use your name in the prefix :) |
||
| } | ||
|
|
||
| variable "resource_tags" { | ||
| description = "List of Tags for the resource created" | ||
| type = list(string) | ||
| default = null | ||
| } | ||
|
|
||
| variable "access_tags" { | ||
| type = list(string) | ||
| description = "A list of access tags to apply to the VSI resources created by the module." | ||
| default = [] | ||
| } | ||
|
|
||
| variable "image_id" { | ||
| description = "Image ID used for VSI. Run 'ibmcloud is images' to find available images. Be aware that region is important for the image since the id's are different in each region." | ||
| type = string | ||
| default = "r006-1366d3e6-bf5b-49a0-b69a-8efd93cc225f" | ||
| } | ||
|
|
||
| variable "machine_type" { | ||
| description = "VSI machine type" | ||
| type = string | ||
| default = "cx2-2x4" | ||
| } | ||
|
There was a problem hiding this comment. can we just pass this in directly to in the example main.tf - no need to expose as a variable in the example |
||
|
|
||
| variable "create_security_group" { | ||
| description = "Create security group for VSI" | ||
| type = string | ||
| default = false | ||
| } | ||
|
There was a problem hiding this comment. can we just pass this in directly to in the example main.tf - no need to expose as a variable in the example |
||
|
|
||
| variable "security_group" { | ||
| description = "Security group created for VSI" | ||
| type = object({ | ||
| name = string | ||
| rules = list( | ||
| object({ | ||
| name = string | ||
| direction = string | ||
| source = string | ||
| tcp = optional( | ||
| object({ | ||
| port_max = number | ||
| port_min = number | ||
| }) | ||
| ) | ||
| udp = optional( | ||
| object({ | ||
| port_max = number | ||
| port_min = number | ||
| }) | ||
| ) | ||
| icmp = optional( | ||
| object({ | ||
| type = number | ||
| code = number | ||
| }) | ||
| ) | ||
| }) | ||
| ) | ||
| }) | ||
| default = null | ||
| } | ||
|
There was a problem hiding this comment. I would just remove this from the example if we are not passing any value for it |
||
|
|
||
| variable "user_data" { | ||
| description = "User data to initialize VSI deployment" | ||
| type = string | ||
| default = null | ||
| } | ||
|
There was a problem hiding this comment. I would just remove this from the example if we are not passing any value for it |
||
|
|
||
| variable "boot_volume_encryption_key" { | ||
| description = "CRN of boot volume encryption key" | ||
| type = string | ||
| default = null | ||
| } | ||
|
|
||
|
|
||
| variable "vsi_per_subnet" { | ||
| description = "Number of VSI instances for each subnet" | ||
| type = number | ||
| default = 1 | ||
| } | ||
|
There was a problem hiding this comment. can we just pass this in directly to in the example main.tf - no need to expose as a variable in the example |
||
|
|
||
| variable "ssh_key" { | ||
| type = string | ||
| description = "An existing ssh key name to use for this example, if unset a new ssh key will be created" | ||
| default = null | ||
| } | ||
|
|
||
| variable "vpc_name" { | ||
| type = string | ||
| description = "Name for VPC" | ||
| default = "vpc" | ||
| } | ||
|
There was a problem hiding this comment. remove this from here - use the prefix variable for vpc name |
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| terraform { | ||
| required_version = ">= 1.3.0" | ||
| required_providers { | ||
| ibm = { | ||
| source = "IBM-Cloud/ibm" | ||
| version = ">= 1.54.0" | ||
| } | ||
| tls = { | ||
| source = "hashicorp/tls" | ||
| version = ">= 4.0.4" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Complete Example using a placement group, attaching a load balancer, and adding additional data volumes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rajatagarwal-ibm The title was not updated here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah its below - it needs to be in title so its exposed in main readme