FAQ | This is a LIVE service | Changelog

Skip to content
Snippets Groups Projects
Commit 80605d89 authored by Roy Harrington's avatar Roy Harrington
Browse files

feat: added load_balancer_backend variable to provide any custom options

parent 80996d65
No related branches found
No related tags found
1 merge request!67feat: added load_balancer_backend variable to provide any custom options
Pipeline #558174 passed
......@@ -3,3 +3,5 @@
.terraform/
terraform.*
.terraform.lock.hcl
builds/
......@@ -72,6 +72,7 @@ For more information on how the pre-deploy Cloud Run job works see the
| <a name="input_grant_sql_client_role_to_webapp_sa"></a> [grant\_sql\_client\_role\_to\_webapp\_sa](#input\_grant\_sql\_client\_role\_to\_webapp\_sa) | When set to true the roles/cloudsql.client role will be granted to the webapp<br>service account at the project level to allow it to connect to Cloud SQL. | `bool` | `false` | no |
| <a name="input_ingress"></a> [ingress](#input\_ingress) | The ingress setting for the Cloud Run service. Possible values are<br>INGRESS\_TRAFFIC\_ALL, INGRESS\_TRAFFIC\_INTERNAL\_ONLY, and<br>INGRESS\_TRAFFIC\_INTERNAL\_LOAD\_BALANCER. | `string` | `null` | no |
| <a name="input_launch_stage"></a> [launch\_stage](#input\_launch\_stage) | The launch stage for the Cloud Run service. Possible values are UNIMPLEMENTED,<br>PRELAUNCH, EARLY\_ACCESS, ALPHA, BETA, GA, and DEPRECATED. | `string` | `"GA"` | no |
| <a name="input_load_balancer_backend"></a> [load\_balancer\_backend](#input\_load\_balancer\_backend) | Optional. Custom options for the backend load balancer.<br>Defaults to {}. | <pre>object({<br> port_name = optional(string)<br> description = optional(string)<br> enable_cdn = optional(bool, false)<br> compression_mode = optional(string)<br> security_policy = optional(string, null)<br> edge_security_policy = optional(string, null)<br> custom_request_headers = optional(list(string))<br> custom_response_headers = optional(list(string))<br><br> connection_draining_timeout_sec = optional(number)<br> session_affinity = optional(string)<br> affinity_cookie_ttl_sec = optional(number)<br> locality_lb_policy = optional(string)<br><br> log_config = optional(object({<br> enable = optional(bool)<br> sample_rate = optional(number)<br> }))<br><br> cdn_policy = optional(object({<br> cache_mode = optional(string)<br> signed_url_cache_max_age_sec = optional(string)<br> default_ttl = optional(number)<br> max_ttl = optional(number)<br> client_ttl = optional(number)<br> negative_caching = optional(bool)<br> negative_caching_policy = optional(object({<br> code = optional(number)<br> ttl = optional(number)<br> }))<br> serve_while_stale = optional(number)<br> cache_key_policy = optional(object({<br> include_host = optional(bool)<br> include_protocol = optional(bool)<br> include_query_string = optional(bool)<br> query_string_blacklist = optional(list(string))<br> query_string_whitelist = optional(list(string))<br> include_http_headers = optional(list(string))<br> include_named_cookies = optional(list(string))<br> }))<br> bypass_cache_on_request_headers = optional(list(string))<br> }))<br><br> outlier_detection = optional(object({<br> base_ejection_time = optional(object({<br> seconds = number<br> nanos = optional(number)<br> }))<br> consecutive_errors = optional(number)<br> consecutive_gateway_failure = optional(number)<br> enforcing_consecutive_errors = optional(number)<br> enforcing_consecutive_gateway_failure = optional(number)<br> enforcing_success_rate = optional(number)<br> interval = optional(object({<br> seconds = number<br> nanos = optional(number)<br> }))<br> max_ejection_percent = optional(number)<br> success_rate_minimum_hosts = optional(number)<br> success_rate_request_volume = optional(number)<br> success_rate_stdev_factor = optional(number)<br> }))<br> })</pre> | `{}` | no |
| <a name="input_max_instance_request_concurrency"></a> [max\_instance\_request\_concurrency](#input\_max\_instance\_request\_concurrency) | Sets the maximum number of requests that each serving instance can receive. | `number` | `null` | no |
| <a name="input_min_ports_per_vm"></a> [min\_ports\_per\_vm](#input\_min\_ports\_per\_vm) | When using Cloud NAT to provide an egress route, Cloud NAT's minimum ports per<br>VM can be configured to determine how many concurrent connections can be<br>established to the same destination IP address and port. | `number` | `64` | no |
| <a name="input_monitoring_path"></a> [monitoring\_path](#input\_monitoring\_path) | Path component of url to be monitored. | `string` | `"/"` | no |
......
......@@ -52,18 +52,7 @@ module "webapp_http_load_balancer" {
backends = {
default = {
description = null
protocol = "HTTP"
enable_cdn = false
custom_request_headers = null
custom_response_headers = null
security_policy = null
compression_mode = null
log_config = {
enable = true
sample_rate = 1.0
}
protocol = "HTTP"
groups = [
{
......@@ -78,6 +67,33 @@ module "webapp_http_load_balancer" {
oauth2_client_id = null
oauth2_client_secret = null
}
#
# Optional settings for the backend service.
#
port_name = var.load_balancer_backend.port_name
description = var.load_balancer_backend.description
enable_cdn = var.load_balancer_backend.enable_cdn
compression_mode = var.load_balancer_backend.compression_mode
security_policy = var.load_balancer_backend.security_policy
edge_security_policy = var.load_balancer_backend.edge_security_policy
custom_request_headers = var.load_balancer_backend.custom_request_headers
custom_response_headers = var.load_balancer_backend.custom_response_headers
connection_draining_timeout_sec = var.load_balancer_backend.connection_draining_timeout_sec
session_affinity = var.load_balancer_backend.session_affinity
affinity_cookie_ttl_sec = var.load_balancer_backend.affinity_cookie_ttl_sec
locality_lb_policy = var.load_balancer_backend.locality_lb_policy
log_config = coalesce(var.load_balancer_backend.log_config,
{
enable = true
sample_rate = 1.0
}
)
cdn_policy = var.load_balancer_backend.cdn_policy
outlier_detection = var.load_balancer_backend.outlier_detection
}
}
}
......@@ -122,3 +122,34 @@ run "test_service_with_load_balancer_enabled_and_ingress_set_to_allow_all" {
error_message = "Ingress should be 'INGRESS_TRAFFIC_ALL'."
}
}
run "test_service_with_load_balancer_enabled_and_load_balancer_backend_overrides" {
variables {
name = run.setup.random_name
enable_load_balancer = true
dns_names = {
webapp = "${run.setup.random_name}.test.example.gcp.uis.cam.ac.uk"
}
load_balancer_backend = {
description = "Lift, Load, Balance!"
log_config = {
enable = true
sample_rate = 0.5
}
}
containers = {
webapp = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
}
assert {
condition = module.webapp_http_load_balancer[0].backend_services["default"].log_config[0].sample_rate == 0.5
error_message = "The default backend service log sample rate should be '0.5'."
}
assert {
condition = module.webapp_http_load_balancer[0].backend_services["default"].description == "Lift, Load, Balance!"
error_message = "The default backend service description should be 'Lift, Load, Balance!'."
}
}
......@@ -725,3 +725,75 @@ Optional. The maximum throughput of the connector in megabytes per second.
Defaults to 300.
EOI
}
variable "load_balancer_backend" {
type = object({
port_name = optional(string)
description = optional(string)
enable_cdn = optional(bool, false)
compression_mode = optional(string)
security_policy = optional(string, null)
edge_security_policy = optional(string, null)
custom_request_headers = optional(list(string))
custom_response_headers = optional(list(string))
connection_draining_timeout_sec = optional(number)
session_affinity = optional(string)
affinity_cookie_ttl_sec = optional(number)
locality_lb_policy = optional(string)
log_config = optional(object({
enable = optional(bool)
sample_rate = optional(number)
}))
cdn_policy = optional(object({
cache_mode = optional(string)
signed_url_cache_max_age_sec = optional(string)
default_ttl = optional(number)
max_ttl = optional(number)
client_ttl = optional(number)
negative_caching = optional(bool)
negative_caching_policy = optional(object({
code = optional(number)
ttl = optional(number)
}))
serve_while_stale = optional(number)
cache_key_policy = optional(object({
include_host = optional(bool)
include_protocol = optional(bool)
include_query_string = optional(bool)
query_string_blacklist = optional(list(string))
query_string_whitelist = optional(list(string))
include_http_headers = optional(list(string))
include_named_cookies = optional(list(string))
}))
bypass_cache_on_request_headers = optional(list(string))
}))
outlier_detection = optional(object({
base_ejection_time = optional(object({
seconds = number
nanos = optional(number)
}))
consecutive_errors = optional(number)
consecutive_gateway_failure = optional(number)
enforcing_consecutive_errors = optional(number)
enforcing_consecutive_gateway_failure = optional(number)
enforcing_success_rate = optional(number)
interval = optional(object({
seconds = number
nanos = optional(number)
}))
max_ejection_percent = optional(number)
success_rate_minimum_hosts = optional(number)
success_rate_request_volume = optional(number)
success_rate_stdev_factor = optional(number)
}))
})
default = {}
description = <<EOI
Optional. Custom options for the backend load balancer.
Defaults to {}.
EOI
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment