Need help with terraform-google-lb-http?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

terraform-google-modules
137 Stars 171 Forks Apache License 2.0 184 Commits 18 Opened issues

Description

Modular Global HTTP Load Balancer for GCE using forwarding rules.

Services available

!
?

Need anything else?

Contributors list

Global HTTP Load Balancer Terraform Module

Modular Global HTTP Load Balancer for GCE using forwarding rules.

  • If you would like to allow for backend groups to be managed outside Terraform, such as via GKE services, see the dynamic backends submodule.
  • If you would like to use load balancing with serverless backends (Cloud Run, Cloud Functions or App Engine), see the serverless_negs submodule and cloudrun example.

Load Balancer Types

Compatibility

This module is meant for use with Terraform 0.12. If you haven't upgraded and need a Terraform 0.11.x-compatible version of this module, the last released version intended for Terraform 0.11.x is 1.0.10.

Usage

module "gce-lb-http" {
  source            = "GoogleCloudPlatform/lb-http/google"
  version           = "~> 4.4"

project = "my-project-id" name = "group-http-lb" target_tags = [module.mig1.target_tags, module.mig2.target_tags] backends = { default = { description = null protocol = "HTTP" port = var.service_port port_name = var.service_port_name timeout_sec = 10 enable_cdn = false custom_request_headers = null security_policy = null

  connection_draining_timeout_sec = null
  session_affinity                = null
  affinity_cookie_ttl_sec         = null

  health_check = {
    check_interval_sec  = null
    timeout_sec         = null
    healthy_threshold   = null
    unhealthy_threshold = null
    request_path        = "/"
    port                = var.service_port
    host                = null
    logging             = null
  }

  log_config = {
    enable = true
    sample_rate = 1.0
  }

  groups = [
    {
      # Each node pool instance group should be added to the backend.
      group                        = var.backend
      balancing_mode               = null
      capacity_scaler              = null
      description                  = null
      max_connections              = null
      max_connections_per_instance = null
      max_connections_per_endpoint = null
      max_rate                     = null
      max_rate_per_instance        = null
      max_rate_per_endpoint        = null
      max_utilization              = null
    },
  ]

  iap_config = {
    enable               = false
    oauth2_client_id     = null
    oauth2_client_secret = null
  }
}

} }

Resources created

Figure 1. diagram of terraform resources

architecture diagram

Version

Current version is 3.0. Upgrade guides:

Inputs

| Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | address | IP address self link | string |

"null"
| no | | backends | Map backend indices to list of backend maps. | object | n/a | yes | | cdn | Set to
true
to enable cdn on backend. | bool |
"false"
| no | | certificate | Content of the SSL certificate. Required if
ssl
is
true
and
ssl_certificates
is empty. | string |
"null"
| no | | create_address | Create a new global address | bool |
"true"
| no | | create_url_map | Set to
false
if urlmap variable is provided. | bool |
"true"
| no | | firewall_networks | Names of the networks to create firewall rules in | list(string) |
 | no |
| firewall_projects | Names of the projects to create firewall rules in | list(string) | 
 | no |
| http_forward | Set to 
false
to disable HTTP port 80 forward | bool |
"true"
| no | | https_redirect | Set to
true
to enable https redirect on the lb. | bool |
"false"
| no | | ip_version | IP version for the Global address (IPv4 or v6) - Empty defaults to IPV4 | string |
"null"
| no | | managed_ssl_certificate_domains | Create Google-managed SSL certificates for specified domains. Requires
ssl
to be set to
true
and `use
sslcertificates
set to
false
. | list(string) |
| no |
| name | Name for the forwarding rule and prefix for supporting resources | string | n/a | yes |
| private\_key | Content of the private SSL key. Required if
ssl
is
true
and
ssl
certificates
is empty. | string |
"null"
| no |
| project | The project to deploy to, if not set the default provider project is used. | string | n/a | yes |
| quic | Set to
true
to enable QUIC support | bool |
"false"
| no |
| security\_policy | The resource URL for the security policy to associate with the backend service | string |
"null"
| no |
| ssl | Set to
true
to enable SSL support, requires variable
sslcertificates` - a list of selflink certs | bool |
"false"
| no | | ssl_certificates | SSL cert selflink list. Required if
ssl
is
true
and no `private
key
and
certificate
is provided. | list(string) |
| no |
| ssl\_policy | Selfink to SSL Policy | string |
"null"
| no |
| target\_service\_accounts | List of target service accounts for health check firewall rule. Exactly one of target_tags or target_service_accounts should be specified. | list(string) |
| no |
| target\_tags | List of target tags for health check firewall rule. Exactly one of target_tags or target_service_accounts should be specified. | list(string) |
| no |
| url\_map | The url_map resource to use. Default is to send all traffic to first backend. | string |
"null"
| no |
| use\_ssl\_certificates | If true, use the certificates provided by
sslcertificates
, otherwise, create cert from
private
key
and
certificate
| bool |
"false"` | no |

Outputs

| Name | Description | |------|-------------| | backend_services | The backend service resources. | | external_ip | The external IP assigned to the global forwarding rule. | | http_proxy | The HTTP proxy used by this module. | | https_proxy | The HTTPS proxy used by this module. |

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.