Skip to content

Commit

Permalink
Rename lb-http-backend to backend and similar for frontend
Browse files Browse the repository at this point in the history
  • Loading branch information
@q2w
q2w committed Oct 29, 2024
1 parent 1c3069b commit 8c35737
Show file tree
Hide file tree
Showing 27 changed files with 2,063 additions and 68 deletions.
8 changes: 2 additions & 6 deletions examples/lb-http-separate-frontend-and-backend/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@

[![button](http://gstatic.com/cloudssh/images/open-btn.png)](https://console.cloud.google.com/cloudshell/open?git_repo=https://github.com/GoogleCloudPlatform/terraform-google-lb-http&working_dir=examples/lb-http-separate-frontend-and-backend&page=shell&tutorial=README.md)

This example creates a global HTTP forwarding rule to forward traffic to instance groups in the us-west1 and us-east1 regions. The `google_compute_backend_service` and its dependencies are created as part of `lb-http-backend` module.
The forwarding rules and its dependecies are created as part of `lb-http-frontend` modules.
This example creates a global HTTP forwarding rule to forward traffic to instance groups in the us-west1 and us-east1 regions. The `google_compute_backend_service` and its dependencies are created as part of `backend` module.
The forwarding rules and its dependecies are created as part of `frontend` modules.

## Change to the example directory

Expand Down Expand Up @@ -83,11 +83,7 @@ terraform destroy

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| group1\_region | n/a | `string` | `"us-west1"` | no |
| group2\_region | n/a | `string` | `"us-east1"` | no |
| network\_prefix | n/a | `string` | `"lb-http-separate-frontend-and-backend"` | no |
| project\_id | n/a | `string` | n/a | yes |
| target\_size | n/a | `number` | `2` | no |

## Outputs

Expand Down
36 changes: 18 additions & 18 deletions examples/lb-http-separate-frontend-and-backend/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2017 Google LLC
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -15,67 +15,67 @@
*/

resource "google_compute_network" "default" {
name = var.network_prefix
name = "lb-http-separate-frontend-and-backend"
auto_create_subnetworks = "false"
}

resource "google_compute_subnetwork" "group1" {
name = "${var.network_prefix}-group1"
name = "lb-http-separate-frontend-and-backend-group1"
ip_cidr_range = "10.126.0.0/20"
network = google_compute_network.default.self_link
region = var.group1_region
region = "us-west1"
private_ip_google_access = true
}

# Router and Cloud NAT are required for installing packages from repos (apache, php etc)
resource "google_compute_router" "group1" {
name = "${var.network_prefix}-gw-group1"
name = "lb-http-separate-frontend-and-backend-gw-group1"
network = google_compute_network.default.self_link
region = var.group1_region
region = "us-west1"
}

module "cloud-nat-group1" {
source = "terraform-google-modules/cloud-nat/google"
version = "~> 5.0"
router = google_compute_router.group1.name
project_id = var.project_id
region = var.group1_region
name = "${var.network_prefix}-cloud-nat-group1"
region = "us-west1"
name = "lb-http-separate-frontend-and-backend-cloud-nat-group1"
}

resource "google_compute_subnetwork" "group2" {
name = "${var.network_prefix}-group2"
name = "lb-http-separate-frontend-and-backend-group2"
ip_cidr_range = "10.127.0.0/20"
network = google_compute_network.default.self_link
region = var.group2_region
region = "us-east1"
private_ip_google_access = true
}

# Router and Cloud NAT are required for installing packages from repos (apache, php etc)
resource "google_compute_router" "group2" {
name = "${var.network_prefix}-gw-group2"
name = "lb-http-separate-frontend-and-backend-gw-group2"
network = google_compute_network.default.self_link
region = var.group2_region
region = "us-east1"
}

module "cloud-nat-group2" {
source = "terraform-google-modules/cloud-nat/google"
version = "~> 5.0"
router = google_compute_router.group2.name
project_id = var.project_id
region = var.group2_region
name = "${var.network_prefix}-cloud-nat-group2"
region = "us-east1"
name = "lb-http-separate-frontend-and-backend-cloud-nat-group2"
}

module "lb-http-backend" {
source = "terraform-google-modules/lb-http/google//modules/lb-http-backend"
source = "terraform-google-modules/lb-http/google//modules/backend"
version = "~> 12.0"
project_id = var.project_id
name = "backend-lb"
target_tags = [
"${var.network_prefix}-group1",
"lb-http-separate-frontend-and-backend-group1",
module.cloud-nat-group1.router_name,
"${var.network_prefix}-group2",
"lb-http-separate-frontend-and-backend-group2",
module.cloud-nat-group2.router_name
]
firewall_networks = [google_compute_network.default.name]
Expand Down Expand Up @@ -109,7 +109,7 @@ module "lb-http-backend" {
}

module "lb-http-frontend" {
source = "terraform-google-modules/lb-http/google//modules/lb-http-frontend"
source = "terraform-google-modules/lb-http/google//modules/frontend"
version = "~> 12.0"
project_id = var.project_id
name = "frontend-lb"
Expand Down
22 changes: 11 additions & 11 deletions examples/lb-http-separate-frontend-and-backend/mig.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2017 Google LLC
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -39,12 +39,12 @@ module "mig1_template" {
email = ""
scopes = ["cloud-platform"]
}
name_prefix = "${var.network_prefix}-group1"
name_prefix = "lb-http-separate-frontend-and-backend-group1"
startup_script = data.template_file.group-startup-script.rendered
source_image_family = "ubuntu-2004-lts"
source_image_project = "ubuntu-os-cloud"
tags = [
"${var.network_prefix}-group1",
"lb-http-separate-frontend-and-backend-group1",
module.cloud-nat-group1.router_name
]
}
Expand All @@ -53,9 +53,9 @@ module "mig1" {
source = "terraform-google-modules/vm/google//modules/mig"
version = "~> 12.0"
instance_template = module.mig1_template.self_link
region = var.group1_region
hostname = "${var.network_prefix}-group1"
target_size = var.target_size
region = "us-west1"
hostname = "lb-http-separate-frontend-and-backend-group1"
target_size = 2
named_ports = [{
name = "http",
port = 80
Expand All @@ -71,10 +71,10 @@ module "mig2_template" {
email = ""
scopes = ["cloud-platform"]
}
name_prefix = "${var.network_prefix}-group2"
name_prefix = "lb-http-separate-frontend-and-backend-group2"
startup_script = data.template_file.group-startup-script.rendered
tags = [
"${var.network_prefix}-group2",
"lb-http-separate-frontend-and-backend-group2",
module.cloud-nat-group2.router_name
]
}
Expand All @@ -83,9 +83,9 @@ module "mig2" {
source = "terraform-google-modules/vm/google//modules/mig"
version = "~> 12.0"
instance_template = module.mig2_template.self_link
region = var.group2_region
hostname = "${var.network_prefix}-group2"
target_size = var.target_size
region = "us-east1"
hostname = "lb-http-separate-frontend-and-backend-group2"
target_size = 2
named_ports = [{
name = "http",
port = 80
Expand Down
2 changes: 1 addition & 1 deletion examples/lb-http-separate-frontend-and-backend/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2019 Google LLC
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down
22 changes: 1 addition & 21 deletions examples/lb-http-separate-frontend-and-backend/variables.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2019 Google LLC
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -17,23 +17,3 @@
variable "project_id" {
type = string
}

variable "target_size" {
type = number
default = 2
}

variable "group1_region" {
type = string
default = "us-west1"
}

variable "group2_region" {
type = string
default = "us-east1"
}

variable "network_prefix" {
type = string
default = "lb-http-separate-frontend-and-backend"
}
2 changes: 1 addition & 1 deletion examples/lb-http-separate-frontend-and-backend/versions.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/**
* Copyright 2020 Google LLC
* Copyright 2024 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down
10 changes: 6 additions & 4 deletions metadata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,12 +31,12 @@ spec:
description: {}
content:
subBlueprints:
- name: backend
location: modules/backend
- name: dynamic_backends
location: modules/dynamic_backends
- name: lb-http-backend
location: modules/lb-http-backend
- name: lb-http-frontend
location: modules/lb-http-frontend
- name: frontend
location: modules/frontend
- name: serverless_negs
location: modules/serverless_negs
examples:
Expand All @@ -58,6 +58,8 @@ spec:
location: examples/https-gke
- name: https-redirect
location: examples/https-redirect
- name: lb-http-separate-frontend-and-backend
location: examples/lb-http-separate-frontend-and-backend
- name: mig-nat-http-lb
location: examples/mig-nat-http-lb
- name: multi-backend-multi-mig-bucket-https-lb
Expand Down
45 changes: 45 additions & 0 deletions modules/backend/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# HTTP Load balancer backend module
This module creates `google_compute_backend_service` resource and its dependencies. This module can be used with `modules/frontend`. The separation of the modules makes it easier for creating backend and frontend resources independent of each other. The logical separation helps in improved maintainability.

<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| affinity\_cookie\_ttl\_sec | Lifetime of cookies in seconds if session\_affinity is GENERATED\_COOKIE. | `number` | `null` | no |
| cdn\_policy | Cloud CDN configuration for this BackendService. | <pre>object({<br> cache_mode = optional(string)<br> signed_url_cache_max_age_sec = optional(string)<br> default_ttl = optional(number)<br> max_ttl = optional(number)<br> client_ttl = optional(number)<br> negative_caching = optional(bool)<br> serve_while_stale = optional(number)<br> bypass_cache_on_request_headers = optional(list(string))<br> negative_caching_policy = optional(object({<br> code = optional(number)<br> ttl = optional(number)<br> }))<br> cache_key_policy = optional(object({<br> include_host = optional(bool)<br> include_protocol = optional(bool)<br> include_query_string = optional(bool)<br> query_string_blacklist = optional(list(string))<br> query_string_whitelist = optional(list(string))<br> include_http_headers = optional(list(string))<br> include_named_cookies = optional(list(string))<br> }))<br> })</pre> | `{}` | no |
| compression\_mode | Compress text responses using Brotli or gzip compression. | `string` | `"DISABLED"` | no |
| connection\_draining\_timeout\_sec | Time for which instance will be drained (not accept new connections, but still work to finish started). | `number` | `null` | no |
| custom\_request\_headers | Headers that the HTTP/S load balancer should add to proxied requests. | `list(string)` | `[]` | no |
| custom\_response\_headers | Headers that the HTTP/S load balancer should add to proxied responses. | `list(string)` | `[]` | no |
| description | Description of the backend service. | `string` | `null` | no |
| edge\_security\_policy | The resource URL for the edge security policy to associate with the backend service | `string` | `null` | no |
| enable\_cdn | Enable Cloud CDN for this BackendService. | `bool` | `false` | no |
| firewall\_networks | Names of the networks to create firewall rules in | `list(string)` | <pre>[<br> "default"<br>]</pre> | no |
| firewall\_projects | Names of the projects to create firewall rules in | `list(string)` | <pre>[<br> "default"<br>]</pre> | no |
| groups | The list of backend instance group which serves the traffic. | <pre>list(object({<br> group = string<br> description = optional(string)<br><br> balancing_mode = optional(string)<br> capacity_scaler = optional(number)<br> max_connections = optional(number)<br> max_connections_per_instance = optional(number)<br> max_connections_per_endpoint = optional(number)<br> max_rate = optional(number)<br> max_rate_per_instance = optional(number)<br> max_rate_per_endpoint = optional(number)<br> max_utilization = optional(number)<br> }))</pre> | `[]` | no |
| health\_check | Input for creating HttpHealthCheck or HttpsHealthCheck resource for health checking this BackendService. A health check must be specified unless the backend service uses an internet or serverless NEG as a backend. | <pre>object({<br> host = optional(string, null)<br> request_path = optional(string, null)<br> request = optional(string, null)<br> response = optional(string, null)<br> port = optional(number, null)<br> port_name = optional(string, null)<br> proxy_header = optional(string, null)<br> port_specification = optional(string, null)<br> protocol = optional(string, null)<br> check_interval_sec = optional(number, 5)<br> timeout_sec = optional(number, 5)<br> healthy_threshold = optional(number, 2)<br> unhealthy_threshold = optional(number, 2)<br> logging = optional(bool, false)<br> })</pre> | `null` | no |
| host\_path\_mappings | The list of host/path for which traffic could be sent to the backend service | `list(object({ host : string, path : string }))` | <pre>[<br> {<br> "host": "*",<br> "path": "/*"<br> }<br>]</pre> | no |
| iap\_config | Settings for enabling Cloud Identity Aware Proxy Structure. | <pre>object({<br> enable = bool<br> oauth2_client_id = optional(string)<br> oauth2_client_secret = optional(string)<br> })</pre> | <pre>{<br> "enable": false<br>}</pre> | no |
| load\_balancing\_scheme | Load balancing scheme type (EXTERNAL for classic external load balancer, EXTERNAL\_MANAGED for Envoy-based load balancer, and INTERNAL\_SELF\_MANAGED for traffic director). | `string` | `"EXTERNAL_MANAGED"` | no |
| locality\_lb\_policy | The load balancing algorithm used within the scope of the locality. | `string` | `null` | no |
| log\_config | This field denotes the logging options for the load balancer traffic served by this backend service. If logging is enabled, logs will be exported to Stackdriver. | <pre>object({<br> enable = bool<br> sample_rate = number<br> })</pre> | <pre>{<br> "enable": true,<br> "sample_rate": 1<br>}</pre> | no |
| name | Name for the backend service. | `string` | n/a | yes |
| outlier\_detection | Settings controlling eviction of unhealthy hosts from the load balancing pool. | <pre>object({<br> base_ejection_time = optional(object({<br> seconds = number<br> nanos = optional(number)<br> }))<br> consecutive_errors = optional(number)<br> consecutive_gateway_failure = optional(number)<br> enforcing_consecutive_errors = optional(number)<br> enforcing_consecutive_gateway_failure = optional(number)<br> enforcing_success_rate = optional(number)<br> interval = optional(object({<br> seconds = number<br> nanos = optional(number)<br> }))<br> max_ejection_percent = optional(number)<br> success_rate_minimum_hosts = optional(number)<br> success_rate_request_volume = optional(number)<br> success_rate_stdev_factor = optional(number)<br> })</pre> | `null` | no |
| port\_name | Name of backend port. The same name should appear in the instance groups referenced by this service. Required when the load balancing scheme is EXTERNAL. | `string` | `"http"` | no |
| project\_id | The project to deploy to, if not set the default provider project is used. | `string` | n/a | yes |
| protocol | The protocol this BackendService uses to communicate with backends. | `string` | `"HTTP"` | no |
| security\_policy | The resource URL for the security policy to associate with the backend service | `string` | `null` | no |
| serverless\_neg\_backends | The list of serverless backend which serves the traffic. | <pre>list(object({<br> region = string<br> type = string // cloud-run, cloud-function, and app-engine<br> service_name = string<br> service_version = optional(string)<br> }))</pre> | `[]` | no |
| session\_affinity | Type of session affinity to use. Possible values are: NONE, CLIENT\_IP, CLIENT\_IP\_PORT\_PROTO, CLIENT\_IP\_PROTO, GENERATED\_COOKIE, HEADER\_FIELD, HTTP\_COOKIE, STRONG\_COOKIE\_AFFINITY. | `string` | `null` | no |
| target\_service\_accounts | List of target service accounts for health check firewall rule. Exactly one of target\_tags or target\_service\_accounts should be specified. | `list(string)` | `[]` | no |
| target\_tags | List of target tags for health check firewall rule. Exactly one of target\_tags or target\_service\_accounts should be specified. | `list(string)` | `[]` | no |
| timeout\_sec | This has different meaning for different type of load balancing. Please refer https://cloud.google.com/load-balancing/docs/backend-service#timeout-setting | `number` | `null` | no |

## Outputs

| Name | Description |
|------|-------------|
| backend\_service\_info | Host, path and backend service mapping |

<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
Loading

0 comments on commit 8c35737

Please sign in to comment.