Modular Regional TCP Load Balancer for GCE using target pool and forwarding rule.
- TCP load balancer
- HTTP/S load balancer
- Internal load balancer
This module is meant for use with Terraform 0.12. If you haven't upgraded and need a Terraform 0.11.x-compatible version of this module, the last released version intended for Terraform 0.11.x is 1.0.3
Basic usage is as follows:
module "load_balancer" {
source = "terraform-google-modules/lb/google"
version = "~> 2.0.0"
region = var.region
name = "load-balancer"
service_port = 80
target_tags = ["allow-lb-service"]
network = var.network
}
module "managed_instance_group" {
source = "terraform-google-modules/vm/google//modules/mig"
version = "~> 1.0.0"
region = var.region
target_size = 2
hostname = "mig-simple"
instance_template = module.instance_template.self_link
target_pools = [module.load_balancer.target_pool]
named_ports = [{
name = "http"
port = 80
}]
}Full functional examples are located in the examples directory.
Figure 1. Diagram of Terraform resources created by module (in green).
google_compute_forwarding_rule.default: TCP Forwarding rule to the service port on the instances.google_compute_target_pool.default: The target pool created for the instance group.google_compute_http_health_check.default: The health check for the instance group targeted at the service port.google_compute_firewall.default-lb-fw: Firewall that allows traffic from anywhere to instances service port.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| disable_health_check | Disables the health check on the target pool. | bool | "false" |
no |
| firewall_project | Name of the project to create the firewall rule in. Useful for shared VPC. Default is var.project. | string | "" |
no |
| health_check | Health check to determine whether instances are responsive and able to do work | object | <map> |
no |
| ip_address | IP address of the external load balancer, if empty one will be assigned. Default is empty. | string | "" |
no |
| ip_protocol | The IP protocol for the frontend forwarding rule and firewall rule. TCP, UDP, ESP, AH, SCTP or ICMP. | string | "TCP" |
no |
| name | Name for the forwarding rule and prefix for supporting resources. | string | n/a | yes |
| network | Name of the network to create resources in. | string | "default" |
no |
| project | The project to deploy to, if not set the default provider project is used. | string | "" |
no |
| region | Region used for GCP resources. | string | n/a | yes |
| service_port | TCP port your service is listening on. | number | n/a | yes |
| session_affinity | How to distribute load. Options are NONE, CLIENT_IP and CLIENT_IP_PROTO |
string | "NONE" |
no |
| target_tags | List of target tags to allow traffic using firewall rule. | list(string) | null | no |
| target_service_accounts | List of target service accounts to allow traffic using firewall rule. | list(string) | null | no |
| Name | Description |
|---|---|
| external_ip | The external ip address of the forwarding rule. |
| target_pool | The self_link to the target pool resource created. |
The health_check variable values are passed on to the google_compute_http_health_check resource. Setting values to null will use google_compute_http_health_check defaults. It takes the following parameters:
| Name | Description | Default | Requirement |
|---|---|---|---|
| check_interval_sec | How often (in seconds) to send a health check | 5 |
no |
| healthy_threshold | A so-far unhealthy instance will be marked healthy after this many consecutive successes | 2 |
no |
| host | The value of the host header in the HTTP health check request | "" |
no |
| port | The TCP port number for the HTTP health check request | 80 |
no |
| request_path | The request path of the HTTP health check request | / |
no |
| timeout_sec | How long (in seconds) to wait before claiming failure | 5 |
no |
| unhealthy_threshold | A so-far healthy instance will be marked unhealthy after this many consecutive failures | 2 |
no |