93fe2fe89f
* IaaS Volume (#541) * Onboard IaaS Volume * Labels mapping * Add acceptance test * Remove source field * Fix lint * Add examples and docs * Fix lint * Fix lint * Fix lint * Volume source field (#542) * Onboard IaaS Volume * Labels mapping * Add acceptance test * Remove source field * Fix lint * Add examples and docs * Fix lint * Fix lint * Fix lint * Add source field supoort * Fix labels and source mapping * Remove unecessary source mapping * Move methods to conversion pkg * Revert change * Update stackit/internal/services/iaas/volume/datasource.go Co-authored-by: João Palet <joao.palet@outlook.com> * Update stackit/internal/services/iaas/volume/resource.go Co-authored-by: João Palet <joao.palet@outlook.com> * Update stackit/internal/services/iaas/volume/resource.go Co-authored-by: João Palet <joao.palet@outlook.com> * Update stackit/internal/services/iaas/volume/resource.go Co-authored-by: João Palet <joao.palet@outlook.com> * Changes after review * Change after revie --------- Co-authored-by: João Palet <joao.palet@outlook.com> * Onboard IaaS security groups (#545) * onboard iaas security group * add examples and generate docs * fix linter issues * fix deletion * Update stackit/internal/services/iaas/securitygroup/resource.go Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * rename data source example file * update docs * remove field * remove field * remove plan modifier from the name field * refactor labels in mapFields * change function from utils to conversion * remove rules from the security group * update docs * add security group acceptance test * add plan modifiers to stateful field * sort imports * change stateful description --------- Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud> Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * IaaS Server baseline configuration (#546) * Server resource schema * Implemente CRUD methods and unit testsg * Bug fixes * Bug fix * Make variable private * Remove delete_on_termination and update descriptions * Add security_group field to initial networking * Add examples and acc test * Generate docs * Fix lint * Fix lint issue * Fix unit test * Update desc * Gen docs * Onboard IaaS network interface (#544) * implement network interface * handle labels * add CIDR validation * fix linter issues and generate docs * remove computed from the allowed addresses and fix the conditions * Update stackit/internal/services/iaas/networkinterface/resource.go Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * Update stackit/internal/services/iaas/networkinterface/datasource.go Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * apply code review changes * remove status from schema * remove unnecessary GET call * Update stackit/internal/services/iaas/networkinterface/resource.go Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * Update stackit/internal/services/iaas/networkinterface/resource.go Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * rename nic_security to security * add beta markdown description * use existing validateIP function * use utils function for the options listing * refactor labels * change function from utils to conversion * make allowed addresses a list of strings * add acceptance test for network interfaces * fix acceptance test * rename security_groups as security_group_ids * extend descriptions * fix acc test --------- Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud> Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * rename volume data source example (#552) Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud> * add requires replace to ipv4 and ipv6 fields (#549) Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud> Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * Server resource improvements (#548) * Improvements to server resource * Fix example * Remove useStateForUnknown * Update SDK modules * Update iaasalpha moduel (#555) * Remove initial networking field (#556) * Server attachment resources (#557) * Server attachemnt resources * Add examples * Update volume datasource example * Fix linting issues * Fix linting * Fix examples formatting * Update go.mod * Revert iaas to v0.11 * Onboard iaas public ip (#551) * onboard public ip * onboard public ip * add public ip acceptance test * Update examples/data-sources/stackit_public_ip/data-source.tf Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * add plan modifier to IP * change type in the volume data source * add network_interface field to public ip resource * rename network_interface to network_interface_id * remove obsolete checks * extend unit tests * add network_interface_id in example * extend unit test * extend acceptance test * sort imports --------- Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * Add labels to network, network are and network area route resources (#559) * Fix network_interface example * Extend network, network area and network area route with labels * Revert iaas to v0.11.0 --------- Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com> * Onboard iaas security group rule (#553) * onboard security group rule * add security group rule to acceptance test * change type in examples * fix acc test issues * extend example with objects * remove obsolete field from acceptance test * remove unnecessary plan modifier * adapt schema fields * adapt schema fields * add requires replace to all fields * extend descriptions with protocol limitations * rename subfield protocol to number * add requires replace to objects * make icmp_parameters fields required * add empty field checks for nested objects * make max and min fields required in the port_range object * make number field computed in the protocol object * add UseStateForUnknown in protocol number * remove obsolete unit test * add checks for empty protocol and adapt unit test * add atLeastOneOf validation in protocol fields * fix linter issues * Add project existence check before deleting SNA (#561) * add project list check and error in network area deletion * Update stackit/internal/services/iaas/networkarea/resource.go Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> --------- Co-authored-by: Vicente Pinto <vicente.pinto@freiheit.com> * Example server use cases and other fixes (#560) * Add example usage to server resource * Update examples * Fix beta warning * Update docs and examples * Remove size from example * Fix server description, fix security group rule error message * Other fixes * remove field from datasource --------- Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com> * Security group rule fixes (#562) * Add example usage to server resource * Update examples * Fix beta warning * Update docs and examples * Remove size from example * Fix server description, fix security group rule error message * Other fixes * Fixes to sec group rule * Fix lint * Change after review --------- Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com> * Fix server example (#565) * Fix server example * Fixes to examples, add CIDR validation to nic * Migrate iaasalpha to iaas (#568) * Migrate iaasalpha to iaas * Fix lint * Update example * Improvements to security group rule (#569) * Improvements to security group rule * Fix lint * Fix example and remove computed from description * Fix formatting * Update description --------- Co-authored-by: João Palet <joao.palet@outlook.com> Co-authored-by: GokceGK <161626272+GokceGK@users.noreply.github.com> Co-authored-by: Gökçe Gök Klingel <goekce.goek_klingel@stackit.cloud>
9.3 KiB
9.3 KiB
| page_title | subcategory | description |
|---|---|---|
| stackit_loadbalancer Resource - stackit | Setting up supporting infrastructure Configuring an OpenStack provider To automate the creation of load balancers, OpenStack can be used to setup the supporting infrastructure. To set up the OpenStack provider, you can create a token through the STACKIT Portal, in your project's Infrastructure API page. There, the OpenStack user domain name, username, and password are generated and can be obtained. The provider can then be configured as follows: terraform { required_providers { (...) openstack = { source = "terraform-provider-openstack/openstack" } } } provider "openstack" { user_domain_name = "{OpenStack user domain name}" user_name = "{OpenStack username}" password = "{OpenStack password}" region = "RegionOne" auth_url = "https://keystone.api.iaas.eu01.stackit.cloud/v3" } Configuring the supporting infrastructure The example below uses OpenStack to create the network, router, a public IP address and a compute instance. |
stackit_loadbalancer (Resource)
Setting up supporting infrastructure
Configuring an OpenStack provider
To automate the creation of load balancers, OpenStack can be used to setup the supporting infrastructure. To set up the OpenStack provider, you can create a token through the STACKIT Portal, in your project's Infrastructure API page. There, the OpenStack user domain name, username, and password are generated and can be obtained. The provider can then be configured as follows:
terraform {
required_providers {
(...)
openstack = {
source = "terraform-provider-openstack/openstack"
}
}
}
provider "openstack" {
user_domain_name = "{OpenStack user domain name}"
user_name = "{OpenStack username}"
password = "{OpenStack password}"
region = "RegionOne"
auth_url = "https://keystone.api.iaas.eu01.stackit.cloud/v3"
}
Configuring the supporting infrastructure
The example below uses OpenStack to create the network, router, a public IP address and a compute instance.
Example Usage
# Create a network
resource "openstack_networking_network_v2" "example" {
name = "example-network"
}
# Create a subnet
resource "openstack_networking_subnet_v2" "example" {
name = "example-subnet"
cidr = "192.168.0.0/25"
dns_nameservers = ["8.8.8.8"]
network_id = openstack_networking_network_v2.example.id
}
# Get public network
data "openstack_networking_network_v2" "public" {
name = "floating-net"
}
# Create a floating IP
resource "openstack_networking_floatingip_v2" "example" {
pool = data.openstack_networking_network_v2.public.name
}
# Get flavor for instance
data "openstack_compute_flavor_v2" "example" {
name = "g1.1"
}
# Create an instance
resource "openstack_compute_instance_v2" "example" {
depends_on = [openstack_networking_subnet_v2.example]
name = "example-instance"
flavor_id = data.openstack_compute_flavor_v2.example.id
admin_pass = "example"
security_groups = ["default"]
block_device {
uuid = "4364cdb2-dacd-429b-803e-f0f7cfde1c24" // Ubuntu 22.04
volume_size = 32
source_type = "image"
destination_type = "volume"
delete_on_termination = true
}
network {
name = openstack_networking_network_v2.example.name
}
}
# Create a router and attach it to the public network
resource "openstack_networking_router_v2" "example" {
name = "example-router"
admin_state_up = "true"
external_network_id = data.openstack_networking_network_v2.public.id
}
# Attach the subnet to the router
resource "openstack_networking_router_interface_v2" "example_interface" {
router_id = openstack_networking_router_v2.example.id
subnet_id = openstack_networking_subnet_v2.example.id
}
# Create a load balancer
resource "stackit_loadbalancer" "example" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
name = "example-load-balancer"
target_pools = [
{
name = "example-target-pool"
target_port = 80
targets = [
{
display_name = "example-target"
ip = openstack_compute_instance_v2.example.network.0.fixed_ip_v4
}
]
active_health_check = {
healthy_threshold = 10
interval = "3s"
interval_jitter = "3s"
timeout = "3s"
unhealthy_threshold = 10
}
}
]
listeners = [
{
display_name = "example-listener"
port = 80
protocol = "PROTOCOL_TCP"
target_pool = "example-target-pool"
}
]
networks = [
{
network_id = openstack_networking_network_v2.example.id
role = "ROLE_LISTENERS_AND_TARGETS"
}
]
external_address = openstack_networking_floatingip_v2.example.address
options = {
private_network_only = false
}
}
Schema
Required
listeners(Attributes List) List of all listeners which will accept traffic. Limited to 20. (see below for nested schema)name(String) Load balancer name.networks(Attributes List) List of networks that listeners and targets reside in. (see below for nested schema)project_id(String) STACKIT project ID to which the Load Balancer is associated.target_pools(Attributes List) List of all target pools which will be used in the Load Balancer. Limited to 20. (see below for nested schema)
Optional
external_address(String) External Load Balancer IP address where this Load Balancer is exposed.options(Attributes) Defines any optional functionality you want to have enabled on your load balancer. (see below for nested schema)
Read-Only
id(String) Terraform's internal resource ID. It is structured as "project_id","name".private_address(String) Transient private Load Balancer IP address. It can change any time.
Nested Schema for listeners
Optional:
display_name(String)port(Number) Port number where we listen for traffic.protocol(String) Protocol is the highest network protocol we understand to load balance. Supported values are:PROTOCOL_UNSPECIFIED,PROTOCOL_TCP,PROTOCOL_UDP,PROTOCOL_TCP_PROXY,PROTOCOL_TLS_PASSTHROUGH.server_name_indicators(Attributes List) A list of domain names to match in order to pass TLS traffic to the target pool in the current listener (see below for nested schema)target_pool(String) Reference target pool by target pool name.
Nested Schema for listeners.server_name_indicators
Optional:
name(String) A domain name to match in order to pass TLS traffic to the target pool in the current listener
Nested Schema for networks
Required:
network_id(String) Openstack network ID.
Optional:
role(String) The role defines how the load balancer is using the network. Supported values are:ROLE_UNSPECIFIED,ROLE_LISTENERS_AND_TARGETS,ROLE_LISTENERS,ROLE_TARGETS.
Nested Schema for target_pools
Required:
name(String) Target pool name.target_port(Number) Identical port number where each target listens for traffic.targets(Attributes List) List of all targets which will be used in the pool. Limited to 1000. (see below for nested schema)
Optional:
active_health_check(Attributes) (see below for nested schema)session_persistence(Attributes) Here you can setup various session persistence options, so far only "use_source_ip_address" is supported. (see below for nested schema)
Nested Schema for target_pools.targets
Required:
display_name(String) Target display nameip(String) Target IP
Nested Schema for target_pools.active_health_check
Optional:
healthy_threshold(Number) Healthy threshold of the health checking.interval(String) Interval duration of health checking in seconds.interval_jitter(String) Interval duration threshold of the health checking in seconds.timeout(String) Active health checking timeout duration in seconds.unhealthy_threshold(Number) Unhealthy threshold of the health checking.
Nested Schema for target_pools.session_persistence
Optional:
use_source_ip_address(Boolean) If true then all connections from one source IP address are redirected to the same target. This setting changes the load balancing algorithm to Maglev.
Nested Schema for options
Optional:
acl(Set of String) Load Balancer is accessible only from an IP address in this range.private_network_only(Boolean) If true, Load Balancer is accessible only via a private network IP address.