FAQ | This is a LIVE service | Changelog

Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • uis/devops/infra/terraform/gcp-cloud-run-app
1 result
Show changes
Commits on Source (3)
......@@ -3,3 +3,5 @@
.terraform/
terraform.*
.terraform.lock.hcl
builds/
# Changelog
## [9.1.0](https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/compare/9.0.1...9.1.0) (2024-07-15)
### Features
* added load_balancer_backend variable to provide any custom options ([80605d8](https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/commit/80605d893a34c4d7b27e23fc4b1e42487fe709bf))
## [9.0.1](https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/compare/9.0.0...9.0.1) (2024-06-13)
......
......@@ -72,6 +72,7 @@ For more information on how the pre-deploy Cloud Run job works see the
| <a name="input_grant_sql_client_role_to_webapp_sa"></a> [grant\_sql\_client\_role\_to\_webapp\_sa](#input\_grant\_sql\_client\_role\_to\_webapp\_sa) | When set to true the roles/cloudsql.client role will be granted to the webapp<br>service account at the project level to allow it to connect to Cloud SQL. | `bool` | `false` | no |
| <a name="input_ingress"></a> [ingress](#input\_ingress) | The ingress setting for the Cloud Run service. Possible values are<br>INGRESS\_TRAFFIC\_ALL, INGRESS\_TRAFFIC\_INTERNAL\_ONLY, and<br>INGRESS\_TRAFFIC\_INTERNAL\_LOAD\_BALANCER. | `string` | `null` | no |
| <a name="input_launch_stage"></a> [launch\_stage](#input\_launch\_stage) | The launch stage for the Cloud Run service. Possible values are UNIMPLEMENTED,<br>PRELAUNCH, EARLY\_ACCESS, ALPHA, BETA, GA, and DEPRECATED. | `string` | `"GA"` | no |
| <a name="input_load_balancer_backend"></a> [load\_balancer\_backend](#input\_load\_balancer\_backend) | Optional. Custom options for the backend load balancer.<br>Defaults to {}. | <pre>object({<br> port_name = optional(string)<br> description = optional(string)<br> enable_cdn = optional(bool, false)<br> compression_mode = optional(string)<br> security_policy = optional(string, null)<br> edge_security_policy = optional(string, null)<br> custom_request_headers = optional(list(string))<br> custom_response_headers = optional(list(string))<br><br> connection_draining_timeout_sec = optional(number)<br> session_affinity = optional(string)<br> affinity_cookie_ttl_sec = optional(number)<br> locality_lb_policy = optional(string)<br><br> log_config = optional(object({<br> enable = optional(bool)<br> sample_rate = optional(number)<br> }))<br><br> cdn_policy = optional(object({<br> cache_mode = optional(string)<br> signed_url_cache_max_age_sec = optional(string)<br> default_ttl = optional(number)<br> max_ttl = optional(number)<br> client_ttl = optional(number)<br> negative_caching = optional(bool)<br> negative_caching_policy = optional(object({<br> code = optional(number)<br> ttl = optional(number)<br> }))<br> serve_while_stale = optional(number)<br> cache_key_policy = optional(object({<br> include_host = optional(bool)<br> include_protocol = optional(bool)<br> include_query_string = optional(bool)<br> query_string_blacklist = optional(list(string))<br> query_string_whitelist = optional(list(string))<br> include_http_headers = optional(list(string))<br> include_named_cookies = optional(list(string))<br> }))<br> bypass_cache_on_request_headers = optional(list(string))<br> }))<br><br> outlier_detection = optional(object({<br> base_ejection_time = optional(object({<br> seconds = number<br> nanos = optional(number)<br> }))<br> consecutive_errors = optional(number)<br> consecutive_gateway_failure = optional(number)<br> enforcing_consecutive_errors = optional(number)<br> enforcing_consecutive_gateway_failure = optional(number)<br> enforcing_success_rate = optional(number)<br> interval = optional(object({<br> seconds = number<br> nanos = optional(number)<br> }))<br> max_ejection_percent = optional(number)<br> success_rate_minimum_hosts = optional(number)<br> success_rate_request_volume = optional(number)<br> success_rate_stdev_factor = optional(number)<br> }))<br> })</pre> | `{}` | no |
| <a name="input_max_instance_request_concurrency"></a> [max\_instance\_request\_concurrency](#input\_max\_instance\_request\_concurrency) | Sets the maximum number of requests that each serving instance can receive. | `number` | `null` | no |
| <a name="input_min_ports_per_vm"></a> [min\_ports\_per\_vm](#input\_min\_ports\_per\_vm) | When using Cloud NAT to provide an egress route, Cloud NAT's minimum ports per<br>VM can be configured to determine how many concurrent connections can be<br>established to the same destination IP address and port. | `number` | `64` | no |
| <a name="input_monitoring_path"></a> [monitoring\_path](#input\_monitoring\_path) | Path component of url to be monitored. | `string` | `"/"` | no |
......
......@@ -52,18 +52,7 @@ module "webapp_http_load_balancer" {
backends = {
default = {
description = null
protocol = "HTTP"
enable_cdn = false
custom_request_headers = null
custom_response_headers = null
security_policy = null
compression_mode = null
log_config = {
enable = true
sample_rate = 1.0
}
protocol = "HTTP"
groups = [
{
......@@ -78,6 +67,33 @@ module "webapp_http_load_balancer" {
oauth2_client_id = null
oauth2_client_secret = null
}
#
# Optional settings for the backend service.
#
port_name = var.load_balancer_backend.port_name
description = var.load_balancer_backend.description
enable_cdn = var.load_balancer_backend.enable_cdn
compression_mode = var.load_balancer_backend.compression_mode
security_policy = var.load_balancer_backend.security_policy
edge_security_policy = var.load_balancer_backend.edge_security_policy
custom_request_headers = var.load_balancer_backend.custom_request_headers
custom_response_headers = var.load_balancer_backend.custom_response_headers
connection_draining_timeout_sec = var.load_balancer_backend.connection_draining_timeout_sec
session_affinity = var.load_balancer_backend.session_affinity
affinity_cookie_ttl_sec = var.load_balancer_backend.affinity_cookie_ttl_sec
locality_lb_policy = var.load_balancer_backend.locality_lb_policy
log_config = coalesce(var.load_balancer_backend.log_config,
{
enable = true
sample_rate = 1.0
}
)
cdn_policy = var.load_balancer_backend.cdn_policy
outlier_detection = var.load_balancer_backend.outlier_detection
}
}
}
......@@ -122,3 +122,34 @@ run "test_service_with_load_balancer_enabled_and_ingress_set_to_allow_all" {
error_message = "Ingress should be 'INGRESS_TRAFFIC_ALL'."
}
}
run "test_service_with_load_balancer_enabled_and_load_balancer_backend_overrides" {
variables {
name = run.setup.random_name
enable_load_balancer = true
dns_names = {
webapp = "${run.setup.random_name}.test.example.gcp.uis.cam.ac.uk"
}
load_balancer_backend = {
description = "Lift, Load, Balance!"
log_config = {
enable = true
sample_rate = 0.5
}
}
containers = {
webapp = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
}
assert {
condition = module.webapp_http_load_balancer[0].backend_services["default"].log_config[0].sample_rate == 0.5
error_message = "The default backend service log sample rate should be '0.5'."
}
assert {
condition = module.webapp_http_load_balancer[0].backend_services["default"].description == "Lift, Load, Balance!"
error_message = "The default backend service description should be 'Lift, Load, Balance!'."
}
}
......@@ -725,3 +725,75 @@ Optional. The maximum throughput of the connector in megabytes per second.
Defaults to 300.
EOI
}
variable "load_balancer_backend" {
type = object({
port_name = optional(string)
description = optional(string)
enable_cdn = optional(bool, false)
compression_mode = optional(string)
security_policy = optional(string, null)
edge_security_policy = optional(string, null)
custom_request_headers = optional(list(string))
custom_response_headers = optional(list(string))
connection_draining_timeout_sec = optional(number)
session_affinity = optional(string)
affinity_cookie_ttl_sec = optional(number)
locality_lb_policy = optional(string)
log_config = optional(object({
enable = optional(bool)
sample_rate = optional(number)
}))
cdn_policy = optional(object({
cache_mode = optional(string)
signed_url_cache_max_age_sec = optional(string)
default_ttl = optional(number)
max_ttl = optional(number)
client_ttl = optional(number)
negative_caching = optional(bool)
negative_caching_policy = optional(object({
code = optional(number)
ttl = optional(number)
}))
serve_while_stale = optional(number)
cache_key_policy = optional(object({
include_host = optional(bool)
include_protocol = optional(bool)
include_query_string = optional(bool)
query_string_blacklist = optional(list(string))
query_string_whitelist = optional(list(string))
include_http_headers = optional(list(string))
include_named_cookies = optional(list(string))
}))
bypass_cache_on_request_headers = optional(list(string))
}))
outlier_detection = optional(object({
base_ejection_time = optional(object({
seconds = number
nanos = optional(number)
}))
consecutive_errors = optional(number)
consecutive_gateway_failure = optional(number)
enforcing_consecutive_errors = optional(number)
enforcing_consecutive_gateway_failure = optional(number)
enforcing_success_rate = optional(number)
interval = optional(object({
seconds = number
nanos = optional(number)
}))
max_ejection_percent = optional(number)
success_rate_minimum_hosts = optional(number)
success_rate_request_volume = optional(number)
success_rate_stdev_factor = optional(number)
}))
})
default = {}
description = <<EOI
Optional. Custom options for the backend load balancer.
Defaults to {}.
EOI
}