-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathvariables.tf
More file actions
192 lines (174 loc) · 5.72 KB
/
Copy pathvariables.tf
File metadata and controls
192 lines (174 loc) · 5.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
#####################
### Load balancer ###
#####################
variable "lb_name" {
description = "Human-readable name for the load balancer"
type = string
}
variable "lb_description" {
description = "Human-readable description for the load balancer"
type = string
default = ""
}
variable "lb_vip_subnet_id" {
description = "The network's subnet on which to allocate the load balancer's address"
type = string
default = null
}
variable "lb_vip_network_id" {
description = "The network on which to allocate the load balancer's address"
type = string
default = null
}
variable "lb_vip_port_id" {
description = "The network's port on which want to connect the loadbalancer"
type = string
default = null
}
variable "lb_vip_address" {
description = "The fixed VIP IP address of the load balancer"
type = string
default = null
}
variable "lb_loadbalancer_provider" {
description = "The Octavia provider driver name"
type = string
default = null
}
variable "lb_availability_zone" {
description = "The availability zone of the load balancer"
type = string
default = null
}
variable "lb_flavor_id" {
description = "Load balancer flavor (HA, stand-alone)"
type = string
default = null
}
variable "lb_vip_qos_policy_id" {
description = "The ID of the QoS Policy which will be applied to the VIP port"
type = string
default = null
}
variable "admin_state_up" {
description = "Load balancer admin state"
type = bool
default = true
}
variable "tags" {
description = "A list of strings to add to the load balancer"
type = list(string)
default = []
nullable = false
}
###################
### Listener(s) ###
###################
variable "listeners" {
description = <<EOT
Map of listeners to create, keyed by a logical listener name
- default_pool_key (optional) must reference a key in var.pools map
EOT
type = map(object({
name = optional(string)
description = optional(string)
protocol = string
protocol_port = number
connection_limit = optional(number)
timeout_client_data = optional(number)
timeout_member_connect = optional(number)
timeout_member_data = optional(number)
timeout_tcp_inspect = optional(number)
default_tls_container_ref = optional(string)
sni_container_refs = optional(list(string), [])
insert_headers = optional(map(string), {})
allowed_cidrs = optional(list(string), [])
client_authentication = optional(string)
client_ca_tls_container_ref = optional(string)
client_crl_container_ref = optional(string)
tls_ciphers = optional(string)
tls_versions = optional(list(string), [])
tags = optional(list(string), [])
default_pool_key = optional(string)
admin_state_up = optional(bool, true)
}))
default = {}
}
#############
### Pools ###
#############
variable "pools" {
description = <<EOT
Map of pools keyed where each key represents a unique pool name
- Each pool may define session_persistence, an optional monitor, and a map of members.
- The members map keys are logical identifiers for each member.
EOT
type = map(object({
name = optional(string)
description = optional(string)
protocol = string
lb_method = optional(string, "ROUND_ROBIN")
persistence = optional(object({
type = string
cookie_name = optional(string)
}))
monitor = optional(object({
name = optional(string)
type = string
delay = number
timeout = number
max_retries = number
max_retries_down = optional(number)
url_path = optional(string)
http_method = optional(string)
http_version = optional(string)
expected_codes = optional(string)
admin_state_up = optional(bool, true)
}))
members = optional(map(object({
name = optional(string)
address = string
protocol_port = number
subnet_id = optional(string)
weight = optional(number)
monitor_port = optional(number)
monitor_address = optional(string)
backup = optional(bool)
tags = optional(list(string), [])
})), {})
}))
default = {}
nullable = false
}
###################
### L7 policies ###
###################
variable "l7policies" {
description = <<EOT
Map of listener-key => map of L7 policies. Policies can redirect to URL or to a pool (by pool key).
- The listener_key must match a key from var.listeners map.
- The policy_key is a logical identifier for the policy (e.g., redirect-rule).
- redirect_pool_key (optional) must reference a valid key from var.pools map.
- Each policy can contain a nested map of rules, where each key is a logical identifier for the rule.
EOT
type = map(map(object({
name = optional(string)
description = optional(string)
action = string
position = number
redirect_url = optional(string)
redirect_pool_key = optional(string)
redirect_prefix = optional(string)
redirect_http_code = optional(number)
admin_state_up = optional(bool, true)
rules = optional(map(object({
type = string
compare_type = string
value = string
key = optional(string)
invert = optional(bool, false)
admin_state_up = optional(bool, true)
})), {})
})))
default = {}
}