Modular Global HTTP Load Balancer for GCE using forwarding rules.
This module is meant for use with Terraform 0.12. If you haven't upgraded and need a Terraform 0.11.x-compatible version of this module, the last released version intended for Terraform 0.11.x is 1.0.10.
module "gce-lb-http" {
source = "GoogleCloudPlatform/lb-http/google"
name = "group-http-lb"
target_tags = [module.mig1.target_tags, module.mig2.target_tags]
backends = {
"0" = [
{
group = module.mig1.instance_group
balancing_mode = null
capacity_scaler = null
description = null
max_connections = null
max_connections_per_instance = null
max_rate = null
max_rate_per_instance = null
max_utilization = null
},
{
group = module.mig2.instance_group
balancing_mode = null
capacity_scaler = null
description = null
max_connections = null
max_connections_per_instance = null
max_rate = null
max_rate_per_instance = null
max_utilization = null
}
],
}
backend_params = [
# health check path, port name, port number, timeout seconds.
"/,http,80,10"
]
}Figure 1. diagram of terraform resources
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| backend_params | Comma-separated encoded list of parameters in order: health check path, service port name, service port, backend timeout seconds | list(string) | n/a | yes |
| backend_protocol | The protocol with which to talk to the backend service | string | "HTTP" |
no |
| backends | Map backend indices to list of backend maps. | object | n/a | yes |
| cdn | Set to true to enable cdn on backend. |
bool | "false" |
no |
| certificate | Content of the SSL certificate. Required if ssl is true and ssl_certificates is empty. |
string | "" |
no |
| create_url_map | Set to false if url_map variable is provided. |
bool | "true" |
no |
| firewall_networks | Names of the networks to create firewall rules in | list(string) | <list> |
no |
| firewall_projects | Names of the projects to create firewall rules in | list(string) | <list> |
no |
| http_forward | Set to false to disable HTTP port 80 forward |
bool | "true" |
no |
| ip_version | IP version for the Global address (IPv4 or v6) - Empty defaults to IPV4 | string | "" |
no |
| name | Name for the forwarding rule and prefix for supporting resources | string | n/a | yes |
| private_key | Content of the private SSL key. Required if ssl is true and ssl_certificates is empty. |
string | "" |
no |
| project | The project to deploy to, if not set the default provider project is used. | string | n/a | yes |
| region | Region for cloud resources | string | "us-central1" |
no |
| security_policy | The resource URL for the security policy to associate with the backend service | string | "" |
no |
| ssl | Set to true to enable SSL support, requires variable ssl_certificates - a list of self_link certs |
bool | "false" |
no |
| ssl_certificates | SSL cert self_link list. Required if ssl is true and no private_key and certificate is provided. |
list(string) | <list> |
no |
| target_tags | List of target tags for health check firewall rule. | list(string) | n/a | yes |
| url_map | The url_map resource to use. Default is to send all traffic to first backend. | string | "" |
no |
| use_ssl_certificates | If true, use the certificates provided by ssl_certificates, otherwise, create cert from private_key and certificate |
bool | "false" |
no |
| Name | Description |
|---|---|
| backend_services | The backend service resources. |
| external_ip | The external IP assigned to the global fowarding rule. |
google_compute_global_forwarding_rule.http: The global HTTP forwarding rule.google_compute_global_forwarding_rule.https: The global HTTPS forwarding rule created whensslistrue.google_compute_target_http_proxy.default: The HTTP proxy resource that binds the url map. Created when inputsslisfalse.google_compute_target_https_proxy.default: The HTTPS proxy resource that binds the url map. Created when inputsslistrue.google_compute_ssl_certificate.default: The certificate resource created when inputsslistrue.google_compute_url_map.default: The default URL map resource when inputurl_mapis not provided.google_compute_backend_service.default.*: The backend services created for each of thebackend_paramselements.google_compute_http_health_check.default.*: Health check resources create for each of the backend services whenbackend_protocolis not "HTTPS".google_compute_https_health_check.default.*: Health check resources create for each of the backend services whenbackend_protocolis "HTTPS".google_compute_firewall.default-hc: Firewall rule created for each of the backed services to alllow health checks to the instance group.