scottk/terraform-talos
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/terraform-talos.git synced 2025-10-31 02:08:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Contolplane LB

Browse Source
This commit is contained in:
Serge Logvinov
2022-01-29 19:52:31 +02:00
parent 6d2098a8cf
commit 3b858e7171
1 changed files with 35 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
scaleway/network-lb.tf
View File

@@ -12,38 +12,46 @@ resource "scaleway_lb_ip" "lb" {
resource "scaleway_lb" "lb" {
count = local.lb_enable ? 1 : 0
name = "lb"
name = "controlplane"
ip_id = scaleway_lb_ip.lb[0].id
type = lookup(var.controlplane, "type_lb", "LB-S")
tags = concat(var.tags, ["infra"])
tags = concat(var.tags, ["infra"])
private_network {
private_network_id = scaleway_vpc_private_network.main.id
static_config = [cidrhost(local.main_subnet, 3), cidrhost(local.main_subnet, 4)]
}
}
# resource "scaleway_lb_backend" "api" {
# count = local.lb_enable ? 1 : 0
# lb_id = scaleway_lb.lb[0].id
# name = "api"
# forward_protocol = "tcp"
# forward_port = "6443"
# server_ips = scaleway_instance_server.controlplane[*].private_ip
resource "scaleway_lb_backend" "api" {
count = local.lb_enable ? 1 : 0
lb_id = scaleway_lb.lb[0].id
name = "api"
forward_protocol = "tcp"
forward_port = "6443"
server_ips = scaleway_instance_server.controlplane[*].private_ip
# health_check_tcp {}
# }
health_check_timeout = "5s"
health_check_delay = "30s"
health_check_https {
uri = "/readyz"
}
}
# resource "scaleway_lb_frontend" "api" {
# count = local.lb_enable ? 1 : 0
# lb_id = scaleway_lb.lb[0].id
# backend_id = scaleway_lb_backend.api[0].id
# name = "api"
# inbound_port = "6443"
resource "scaleway_lb_frontend" "api" {
count = local.lb_enable ? 1 : 0
lb_id = scaleway_lb.lb[0].id
backend_id = scaleway_lb_backend.api[0].id
name = "api"
inbound_port = "6443"
# acl {
# name = "Allow whitlist IPs"
# action {
# type = "allow"
# }
# match {
# ip_subnet = var.whitelist_admins
# }
# }
# }
acl {
name = "Allow whitlist IPs"
action {
type = "allow"
}
match {
ip_subnet = var.whitelist_admins
}
}
}