Testing UDP protocol within AWS: VPC and NLB

main.tf

locals {
  tags = {
    "pete" : "is-testing"
  }
  ami    = "ami-053b0d53c279acc90" // Ubuntu
  size   = "m5.large"
  pubkey = "~/.ssh/id_ed25519.pub"
  networks = toset([
    {
      name        = "server"
      az          = "us-east-1a"
      vpc_cidr    = "10.0.0.0/16"
      subnet_cidr = "10.0.0.0/24"
    },
    {
      name        = "client"
      az          = "us-east-1b"
      vpc_cidr    = "10.1.0.0/16"
      subnet_cidr = "10.1.0.0/24"
    }
  ])
}

provider "aws" {
  region = "us-east-1"
}

resource "aws_key_pair" "ssh_key" {
  key_name   = "tester-keypair"
  public_key = file(local.pubkey)
  tags       = local.tags
}

// The respective client/server configurations:

resource "aws_vpc" "vpc" {
  for_each   = { for obj in local.networks : obj.name => obj }
  cidr_block = each.value.vpc_cidr
  tags       = local.tags
}

resource "aws_subnet" "subnet" {
  for_each          = { for obj in local.networks : obj.name => obj }
  vpc_id            = aws_vpc.vpc[each.key].id
  cidr_block        = each.value.subnet_cidr
  availability_zone = each.value.az
  tags              = local.tags
}

resource "aws_internet_gateway" "igw" {
  for_each = { for obj in local.networks : obj.name => obj }
  vpc_id   = aws_vpc.vpc[each.key].id
  tags     = local.tags
}

resource "aws_route_table" "route_table" {
  for_each = { for obj in local.networks : obj.name => obj }
  vpc_id   = aws_vpc.vpc[each.key].id
  tags     = local.tags

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.igw[each.key].id
  }
}

resource "aws_route_table_association" "rt_association" {
  for_each       = { for obj in local.networks : obj.name => obj }
  subnet_id      = aws_subnet.subnet[each.key].id
  route_table_id = aws_route_table.route_table[each.key].id
}

resource "aws_security_group" "sg" {
  for_each = { for obj in local.networks : obj.name => obj }
  vpc_id   = aws_vpc.vpc[each.key].id
  tags     = local.tags
  ingress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_instance" "instance" {
  for_each               = { for obj in local.networks : obj.name => obj }
  ami                    = local.ami
  instance_type          = local.size
  vpc_security_group_ids = [aws_security_group.sg[each.key].id]
  subnet_id              = aws_subnet.subnet[each.key].id
  tags                   = local.tags
  key_name               = aws_key_pair.ssh_key.key_name
}

resource "aws_eip" "eip" {
  for_each = { for obj in local.networks : obj.name => obj }
  instance = aws_instance.instance[each.key].id
  tags     = local.tags
}

// Load balancer:

resource "aws_lb" "nlb" {
  name               = "nlb"
  load_balancer_type = "network"
  subnets            = [values(aws_subnet.subnet)[1].id]

  enable_deletion_protection = false

  tags = local.tags
}

resource "aws_lb_target_group" "nlb_target_group" {
  name     = "nlb-target-group"
  port     = 80
  protocol = "UDP"
  vpc_id   = values(aws_vpc.vpc)[1].id
  tags     = local.tags
}

resource "aws_lb_target_group_attachment" "nlb_target_group_attachment" {
  target_group_arn = aws_lb_target_group.nlb_target_group.arn
  target_id        = values(aws_instance.instance)[1].id
  port             = 80
}


resource "aws_lb_listener" "my_listener_udp" {
  load_balancer_arn = aws_lb.nlb.arn
  port              = 80
  protocol          = "UDP"
  tags              = local.tags

  default_action {
    type             = "forward"
    target_group_arn = aws_lb_target_group.nlb_target_group.arn
  }
}


output "eips" {
  value = aws_eip.eip
}

output "nlb" {
  value = aws_lb.nlb
}

/*
ssh ubuntu@<ip>
sudo su
apt-get update && apt-get install iperf

# SERVER:
iperf -s -u -p 80

# CLIENT:
iperf -c <client-ip> -u -b 5000M -t 10 -p 80
*/