Loadbalancer terraform config

2023-09-12 21:20:24 +02:00 · 2023-09-12 21:20:24 +02:00 · 7763e347a7
commit 7763e347a7
parent 4b7591ffed
9 changed files with 90 additions and 20 deletions
--- a/terraform/main.tf
+++ b/terraform/main.tf
@ -4,12 +4,16 @@ module "private_server_group" {
  network_zone               = var.network_zone
  server_count               = var.server_count
  server_subnetwork_ip_range = var.subnetwork_ip_range
+  ssh_keys                   = var.ssh_keys
 }

 module "loadbalancer" {
  source         = "./modules/loadbalancer"
  location       = var.location
  subnet_id      = module.private_server_group.subnetwork_id
+  network_id     = module.private_server_group.network_id
  lb_internal_ip = var.lb_internal_ip
  lb_external_ip = var.lb_external_ip
+  lb_service_id  = var.lb_service_id
+  ssh_key_ids    = module.private_server_group.ssh_key_ids
 }
--- a/terraform/modules/loadbalancer/main.tf
+++ b/terraform/modules/loadbalancer/main.tf
@ -1,26 +1,39 @@
-resource "hcloud_load_balancer" "main" {
-  name               = "main"
-  load_balancer_type = var.lb_type
+resource "hcloud_server" "lb" {
+  name        = "LB"
+  image       = "ubuntu-22.04"
+  server_type = "cx21"
  location    = var.location
-  algorithm {
-    type = var.lb_algorithm
+  labels = {
+    app = "lb"
  }
+  ssh_keys = var.ssh_key_ids
+
+  public_net {
+    ipv4_enabled = true
+    ipv6_enabled = false
  }

-resource "hcloud_load_balancer_network" "main" {
-  load_balancer_id = hcloud_load_balancer.main.id
-  subnet_id        = var.subnet_id
+  network {
+    network_id = var.network_id
    ip         = var.lb_internal_ip
  }
+}

 resource "hcloud_load_balancer_target" "main" {
-  type             = "label_selector"
-  load_balancer_id = hcloud_load_balancer.main.id
-  label_selector   = "app=web"
+  type             = "server"
+  load_balancer_id = var.lb_service_id
  use_private_ip   = true
+  server_id        = hcloud_server.lb.id
 }

-resource "hcloud_load_balancer_service" "main" {
-  load_balancer_id = hcloud_load_balancer.main.id
-  protocol         = "http"
+resource "hcloud_load_balancer_network" "main" {
+  load_balancer_id = var.lb_service_id
+  network_id       = var.network_id
+}
+
+resource "hcloud_load_balancer_service" "load_balancer_service" {
+  load_balancer_id = var.lb_service_id
+  protocol         = "tcp"
+  listen_port      = 443
+  destination_port = 443
 }
--- a/terraform/modules/loadbalancer/outputs.tf
+++ b/terraform/modules/loadbalancer/outputs.tf
@ -0,0 +1,3 @@
+output "lb_public_ip" {
+  value = hcloud_server.lb.ipv4_address
+}
--- a/terraform/modules/loadbalancer/variables.tf
+++ b/terraform/modules/loadbalancer/variables.tf
@ -34,7 +34,22 @@ variable "lb_internal_ip" {
  type        = string
 }

+variable "lb_service_id" {
+  description = "ID of the loadbalancer service to attach to"
+  type        = number
+}
+
 variable "subnet_id" {
  description = "ID of the subnetwork to attach the loadbalancer to"
  type        = string
 }
+
+variable "network_id" {
+  description = "ID of the network to attach the loadbalancer to"
+  type        = string
+}
+
+variable "ssh_key_ids" {
+  description = "SSH key IDs to add to the loadbalancer server"
+  type        = list(number)
+}
--- a/terraform/modules/private-server-group/main.tf
+++ b/terraform/modules/private-server-group/main.tf
@ -8,14 +8,16 @@ resource "hcloud_server" "private_node" {
    app = "web"
  }

+  ssh_keys = hcloud_ssh_key.main[*].id
+
  public_net {
-    ipv4_enabled = false
+    ipv4_enabled = true
    ipv6_enabled = false
  }

  network {
    network_id = hcloud_network.main.id
-    ip         = cidrhost(hcloud_network_subnet.main.ip_range, count.index + 2)
+    ip         = cidrhost(hcloud_network_subnet.main.ip_range, count.index + 3)
  }
  depends_on = [
    hcloud_network_subnet.main
@ -33,3 +35,9 @@ resource "hcloud_network_subnet" "main" {
  network_zone = var.network_zone
  ip_range     = var.server_subnetwork_ip_range
 }
+
+resource "hcloud_ssh_key" "main" {
+  count      = length(var.ssh_keys)
+  name       = "ssh-key-${count.index}"
+  public_key = file(var.ssh_keys[count.index])
+}
--- a/terraform/modules/private-server-group/outputs.tf
+++ b/terraform/modules/private-server-group/outputs.tf
@ -13,3 +13,7 @@ output "server_name" {
 output "server_network" {
  value = hcloud_server.private_node[*].network
 }
+
+output "ssh_key_ids" {
+  value = hcloud_ssh_key.main[*].id
+}
--- a/terraform/modules/private-server-group/variables.tf
+++ b/terraform/modules/private-server-group/variables.tf
@ -42,3 +42,8 @@ variable "server_subnetwork_ip_range" {
  type        = string
  default     = "10.0.0.0/24"
 }
+
+variable "ssh_keys" {
+  description = "SSH keys to add to the servers"
+  type        = list(string)
+}
--- a/terraform/prod.tfvars
+++ b/terraform/prod.tfvars
@ -0,0 +1,8 @@
+location            = "nbg1"
+network_zone        = "eu-central"
+server_count        = 1
+subnetwork_ip_range = "10.0.0.0/24"
+lb_internal_ip      = "10.0.0.100"
+lb_external_ip      = "167.235.105.161"
+lb_service_id       = 1399502
+ssh_keys            = ["rothe.pub"]
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@ -33,3 +33,13 @@ variable "lb_internal_ip" {
  description = "Internal IP address of the loadbalancer"
  type        = string
 }
+
+variable "lb_service_id" {
+  description = "ID of the loadbalancer service to attach to"
+  type        = number
+}
+
+variable "ssh_keys" {
+  description = "SSH keys to add to servers"
+  type        = list(string)
+}