Last active
March 4, 2019 19:48
-
-
Save jrussett/e4b571ea660e0176adbb5871d9a7a0ed to your computer and use it in GitHub Desktop.
Example Terraform file for creating NSX-T Load Balancer to handle ingress traffic into a CF deployment. Warning: This file assumes that the other NSX-T resources required for a CF install, such as the T0/T1 routers, IP pools, etc.., have already been created. Without those primitives, terraform apply will not succeed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ############# | |
| # Resources # | |
| ############# | |
| # Active Health Monitors | |
| resource "nsxt_lb_http_monitor" "lb_web_monitor" { | |
| description = "The Active Health Monitor (healthcheck) for Web (HTTP(S)) traffic." | |
| display_name = "${var.nsxt_lb_web_monitor_name}" | |
| monitor_port = 8080 | |
| request_method = "GET" | |
| request_url = "/health" | |
| request_version = "HTTP_VERSION_1_1" | |
| response_status_codes = [200] | |
| } | |
| resource "nsxt_lb_http_monitor" "lb_tcp_monitor" { | |
| description = "The Active Health Monitor (healthcheck) for TCP traffic." | |
| display_name = "${var.nsxt_lb_tcp_monitor_name}" | |
| monitor_port = 80 | |
| request_method = "GET" | |
| request_url = "/health" | |
| request_version = "HTTP_VERSION_1_1" | |
| response_status_codes = [200] | |
| } | |
| resource "nsxt_lb_tcp_monitor" "lb_ssh_monitor" { | |
| description = "The Active Health Monitor (healthcheck) for SSH traffic." | |
| display_name = "${var.nsxt_lb_ssh_monitor_name}" | |
| monitor_port = 2222 | |
| } | |
| # Server Pools | |
| resource "nsxt_lb_pool" "lb_web_pool" { | |
| description = "The Server Pool of Web (HTTP(S)) traffic handling VMs" | |
| display_name = "${var.nsxt_lb_web_server_pool_name}" | |
| algorithm = "ROUND_ROBIN" | |
| tcp_multiplexing_enabled = false | |
| active_monitor_id = "${nsxt_lb_http_monitor.lb_web_monitor.id}" | |
| snat_translation { | |
| type = "SNAT_AUTO_MAP" | |
| } | |
| } | |
| resource "nsxt_lb_pool" "lb_tcp_pool" { | |
| description = "The Server Pool of TCP traffic handling VMs" | |
| display_name = "${var.nsxt_lb_tcp_server_pool_name}" | |
| algorithm = "ROUND_ROBIN" | |
| tcp_multiplexing_enabled = false | |
| active_monitor_id = "${nsxt_lb_http_monitor.lb_tcp_monitor.id}" | |
| snat_translation { | |
| type = "TRANSPARENT" | |
| } | |
| } | |
| resource "nsxt_lb_pool" "lb_ssh_pool" { | |
| description = "The Server Pool of SSH traffic handling VMs" | |
| display_name = "${var.nsxt_lb_ssh_server_pool_name}" | |
| algorithm = "ROUND_ROBIN" | |
| tcp_multiplexing_enabled = false | |
| active_monitor_id = "${nsxt_lb_tcp_monitor.lb_ssh_monitor.id}" | |
| snat_translation { | |
| type = "TRANSPARENT" | |
| } | |
| } | |
| # Virtual Servers | |
| resource "nsxt_lb_fast_tcp_application_profile" "pcf_lb_tcp_application_profile" { | |
| display_name = "pcf-lb-tcp-application-profile" | |
| close_timeout = "8" | |
| idle_timeout = "1800" | |
| } | |
| resource "nsxt_lb_tcp_virtual_server" "lb_web_virtual_server" { | |
| description = "The Virtual Server for Web (HTTP(S)) traffic" | |
| display_name = "${var.nsxt_lb_web_virtual_server_name}" | |
| application_profile_id = "${nsxt_lb_fast_tcp_application_profile.pcf_lb_tcp_application_profile.id}" | |
| ip_address = "${var.nsxt_lb_web_virtual_server_ip_address}" | |
| ports = "${var.nsxt_lb_web_virtual_server_ports}" | |
| pool_id = "${nsxt_lb_pool.lb_web_pool.id}" | |
| } | |
| resource "nsxt_lb_tcp_virtual_server" "lb_tcp_virtual_server" { | |
| description = "The Virtual Server for TCP traffic" | |
| display_name = "${var.nsxt_lb_tcp_virtual_server_name}" | |
| application_profile_id = "${nsxt_lb_fast_tcp_application_profile.pcf_lb_tcp_application_profile.id}" | |
| ip_address = "${var.nsxt_lb_tcp_virtual_server_ip_address}" | |
| ports = "${var.nsxt_lb_tcp_virtual_server_ports}" | |
| pool_id = "${nsxt_lb_pool.lb_tcp_pool.id}" | |
| } | |
| resource "nsxt_lb_tcp_virtual_server" "lb_ssh_virtual_server" { | |
| description = "The Virtual Server for SSH traffic" | |
| display_name = "${var.nsxt_lb_ssh_virtual_server_name}" | |
| application_profile_id = "${nsxt_lb_fast_tcp_application_profile.pcf_lb_tcp_application_profile.id}" | |
| ip_address = "${var.nsxt_lb_ssh_virtual_server_ip_address}" | |
| ports = "${var.nsxt_lb_ssh_virtual_server_ports}" | |
| pool_id = "${nsxt_lb_pool.lb_ssh_pool.id}" | |
| } | |
| # (the) Load Balancer (itself) | |
| data "nsxt_logical_tier1_router" "deployment_t1" { | |
| display_name = "${var.nsxt_logical_tier1_deployment_router_name}" | |
| } | |
| resource "nsxt_lb_service" "pcf_lb" { | |
| description = "The Load Balancer for handling Web (HTTP(S)), TCP, and SSH traffic." | |
| display_name = "${var.nsxt_lb_name}" | |
| enabled = true | |
| logical_router_id = "${data.nsxt_logical_tier1_router.deployment_t1.id}" | |
| size = "${var.nsxt_lb_size}" | |
| virtual_server_ids = [ | |
| "${nsxt_lb_tcp_virtual_server.lb_web_virtual_server.id}", | |
| "${nsxt_lb_tcp_virtual_server.lb_tcp_virtual_server.id}", | |
| "${nsxt_lb_tcp_virtual_server.lb_ssh_virtual_server.id}" | |
| ] | |
| } | |
| ############# | |
| # Variables # | |
| ############# | |
| variable "nsxt_host" { | |
| description = "The nsx-t host." | |
| type = "string" | |
| } | |
| variable "nsxt_username" { | |
| description = "The nsx-t username." | |
| type = "string" | |
| } | |
| variable "nsxt_password" { | |
| description = "The nsx-t password." | |
| type = "string" | |
| } | |
| variable "allow_unverified_ssl" { | |
| default = false | |
| type = "string" | |
| } | |
| variable "nsxt_lb_web_monitor_name" { | |
| default = "pcf-web-monitor" | |
| description = "The name of the Active Health Monitor (healthcheck) for Web (HTTP(S)) traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_tcp_monitor_name" { | |
| default = "pcf-tcp-monitor" | |
| description = "The name of the Active Health Monitor (healthcheck) for TCP traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_ssh_monitor_name" { | |
| default = "pcf-ssh-monitor" | |
| description = "The name of the Active Health Monitor (healthcheck) for SSH traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_web_server_pool_name" { | |
| default = "pcf-web-pool" | |
| description = "The name of the Server Pool (collection of VMs which handle traffic) for Web (HTTP(S)) traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_tcp_server_pool_name" { | |
| default = "pcf-tcp-pool" | |
| description = "The name of the Server Pool (collection of VMs which handle traffic) for TCP traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_ssh_server_pool_name" { | |
| default = "pcf-ssh-pool" | |
| description = "The name of the Server Pool (collection of VMs which handle traffic) for SSH traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_web_virtual_server_name" { | |
| default = "pcf-web-vs" | |
| description = "The name of the Virtual Server for Web (HTTP(S)) traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_web_virtual_server_ip_address" { | |
| description = "The ip address on which the Virtual Server listens for Web (HTTP(S)) traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_web_virtual_server_ports" { | |
| default = ["80", "443"] | |
| description = "The list of port(s) on which the Virtual Server listens for Web (HTTP(S)) traffic." | |
| type = "list" | |
| } | |
| variable "nsxt_lb_tcp_virtual_server_name" { | |
| default = "pcf-tcp-vs" | |
| description = "The name of the Virtual Server for TCP traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_tcp_virtual_server_ip_address" { | |
| description = "The ip address on which the Virtual Server listens for TCP traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_tcp_virtual_server_ports" { | |
| description = "The list of port(s) on which the Virtual Server listens for TCP traffic." | |
| type = "list" | |
| } | |
| variable "nsxt_lb_ssh_virtual_server_name" { | |
| default = "pcf-ssh-vs" | |
| description = "The name of the Virtual Server for SSH traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_ssh_virtual_server_ip_address" { | |
| description = "The ip address on which the Virtual Server listens for SSH traffic." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_ssh_virtual_server_ports" { | |
| default = ["2222"] | |
| description = "The list of port(s) on which the Virtual Server listens for SSH traffic." | |
| type = "list" | |
| } | |
| variable "nsxt_logical_tier1_deployment_router_name" { | |
| description = "The name of the logical tier 1 deployment router." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_name" { | |
| default = "pcf-lb" | |
| description = "The name of the Load Balancer itself." | |
| type = "string" | |
| } | |
| variable "nsxt_lb_size" { | |
| default = "SMALL" | |
| description = "The size of the Load Balancer. Accepted values: SMALL, MEDIUM, or LARGE" | |
| type = "string" | |
| } | |
| ############# | |
| # Providers # | |
| ############# | |
| provider "nsxt" { | |
| username = "${var.nsxt_username}" | |
| password = "${var.nsxt_password}" | |
| host = "${var.nsxt_host}" | |
| allow_unverified_ssl = "${var.allow_unverified_ssl}" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Example
terraform.tfvarsthat would be used in conjunction withterraform_nsxt_lbs.tf:Note: there are also other configurable variables like
nsxt_lb_sizethat aren't present in this example.