Skip to content

Latest commit

 

History

History

regional_proxy_lb

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

README.md

External regional proxy Network Load Balancer Terraform Module

Modular regional proxy Network Load Balancer is a reverse proxy load balancer that distributes TCP traffic coming from the internet to virtual machine (VM) instances in your Google Cloud Virtual Private Cloud (VPC) network.

This submodule allows for configuring dynamic backend outside Terraform. As such, any changes to the backends.groups variable after creation will be ignored.

Compatibility

This module is meant for use with Terraform 1.3+ and tested using Terraform 1.3. If you find incompatibilities using Terraform >=1.3, please open an issue. If you haven't upgraded and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.12.x is v4.5.0.

Usage

module "gce-lb-tcp" {
  source                   = "GoogleCloudPlatform/GoogleCloudPlatform/lb/google//modules/regional_proxy_lb"
  name                     = "my-tcp-lb"
  region                   = var.region
  project                  = var.project
  network_project          = var.project
  network                  = google_compute_network.default.id
  target_tags              = local.tags
  port_front_end           = 101
  create_proxy_only_subnet = false
  proxy_only_subnet_cidr   = "10.129.0.0/23"
  health_check = {
    tcp_health_check = {
      port_specification = "USE_SERVING_PORT"
    }
  }

  backend = {
    port_name    = local.port_name
    backend_type = "INSTANCE_GROUP"

    log_config = {
      enable = true
    }

    groups = [{
      group           = module.mig.instance_group
      capacity_scaler = 0.5
    }]
  }
}

Resources created

Figure 1. diagram of terraform resources

architecture diagram

Inputs

Name Description Type Default Required
address IP address of the external load balancer, if not provided, an ephemeral address will be created string null no
backend backend attributes 
object({
    port             = optional(number)
    port_name        = optional(string)
    description      = optional(string)
    backend_type     = string #INSTANCE_GROUP, NETWORK_ENDPOINT_GROUP
    session_affinity = optional(string)
    timeout_sec      = optional(number)

    log_config = object({
      enable      = optional(bool)
      sample_rate = optional(number)
    })

    groups = list(object({
      group = string

      balancing_mode               = optional(string)
      capacity_scaler              = optional(number)
      description                  = optional(string)
      max_connections              = optional(number)
      max_connections_per_instance = optional(number)
      max_connections_per_endpoint = optional(number)
      max_rate                     = optional(number)
      max_rate_per_instance        = optional(number)
      max_rate_per_endpoint        = optional(number)
      max_utilization              = optional(number)
    }))
  })
 n/a yes
create_firewall_rules Whether to create firewall rules for health check and proxy bool false no
create_proxy_only_subnet Whether to create the proxy only subnet for the region bool false no
health_check Health check to determine whether instances are responsive and able to do work 
object({
    check_interval_sec  = optional(number)
    healthy_threshold   = optional(number)
    timeout_sec         = optional(number)
    unhealthy_threshold = optional(number)
    tcp_health_check = object({
      request            = optional(string)
      response           = optional(string)
      port               = optional(number)
      port_name          = optional(string)
      port_specification = optional(string)
      proxy_header       = optional(string)
      }
    )
    }
  )
 n/a yes
name Name of the load balancer and prefix for supporting resources. string n/a yes
network Name of the network to create resources in. string n/a yes
network_project Name of the project where the network resides. Useful for shared VPC. Default is var.project. string n/a yes
port_front_end Port of the load balancer front end number n/a yes
project The project to deploy to, if not set the default provider project is used. string null no
proxy_only_subnet_cidr The CIDR block of the proxy only subnet string n/a yes
region Region of the created GCP resources from this module. string n/a yes
target_tags List of target tags to allow traffic using firewall rule. list(string) n/a yes

Outputs

Name Description
backend_services The backend service resources.
forwarding_rule The forwarding rule of the load balancer.
tcp_proxy The TCP proxy used by this module.