diff --git a/modules/net-glb/README.md b/modules/net-glb/README.md
index 0b3dada4de..4b6d243508 100644
--- a/modules/net-glb/README.md
+++ b/modules/net-glb/README.md
@@ -285,11 +285,13 @@ module "glb-0" {
network = "projects/myprj-host/global/networks/svpc"
subnetwork = "projects/myprj-host/regions/europe-west8/subnetworks/gce"
zone = "europe-west8-b"
- endpoints = [{
- instance = "myinstance-b-0"
- ip_address = "10.24.32.25"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ instance = "myinstance-b-0"
+ ip_address = "10.24.32.25"
+ port = 80
+ }
+ }
}
}
}
@@ -322,10 +324,12 @@ module "glb-0" {
hybrid = {
network = "projects/myprj-host/global/networks/svpc"
zone = "europe-west8-b"
- endpoints = [{
- ip_address = "10.0.0.10"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ ip_address = "10.0.0.10"
+ port = 80
+ }
+ }
}
}
}
@@ -356,10 +360,12 @@ module "glb-0" {
neg-0 = {
internet = {
use_fqdn = true
- endpoints = [{
- destination = "www.example.org"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ destination = "www.example.org"
+ port = 80
+ }
+ }
}
}
}
@@ -601,21 +607,25 @@ module "glb-0" {
network = "projects/myprj-host/global/networks/svpc"
subnetwork = "projects/myprj-host/regions/europe-west8/subnetworks/gce"
zone = "europe-west8-c"
- endpoints = [{
- instance = "nginx-ew8-c"
- ip_address = "10.24.32.26"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ instance = "nginx-ew8-c"
+ ip_address = "10.24.32.26"
+ port = 80
+ }
+ }
}
}
neg-hello = {
hybrid = {
network = "projects/myprj-host/global/networks/svpc"
zone = "europe-west8-b"
- endpoints = [{
- ip_address = "192.168.0.3"
- port = 443
- }]
+ endpoints = {
+ e-0 = {
+ ip_address = "192.168.0.3"
+ port = 443
+ }
+ }
}
}
}
@@ -691,7 +701,7 @@ module "glb-0" {
| [health_check_configs](variables-health-check.tf#L19) | Optional auto-created health check configurations, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | map(object({…})) | | {…} |
| [https_proxy_config](variables.tf#L74) | HTTPS proxy connfiguration. | object({…}) | | {} |
| [labels](variables.tf#L85) | Labels set on resources. | map(string) | | {} |
-| [neg_configs](variables.tf#L96) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
+| [neg_configs](variables.tf#L96) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
| [ports](variables.tf#L187) | Optional ports for HTTP load balancer, valid ports are 80 and 8080. | list(string) | | null |
| [protocol](variables.tf#L198) | Protocol supported by this load balancer. | string | | "HTTP" |
| [ssl_certificates](variables.tf#L211) | SSL target proxy certificates (only if protocol is HTTPS) for existing, custom, and managed certificates. | object({…}) | | {} |
diff --git a/modules/net-glb/negs.tf b/modules/net-glb/negs.tf
index 9edae1cd81..0011968d52 100644
--- a/modules/net-glb/negs.tf
+++ b/modules/net-glb/negs.tf
@@ -19,23 +19,23 @@
locals {
_neg_endpoints_global = flatten([
for k, v in local.neg_global : [
- for vv in v.internet.endpoints :
- merge(vv, { neg = k, use_fqdn = v.internet.use_fqdn })
+ for kk, vv in v.internet.endpoints : merge(vv, {
+ key = "${k}-${kk}", neg = k, use_fqdn = v.internet.use_fqdn
+ })
]
])
_neg_endpoints_zonal = flatten([
for k, v in local.neg_zonal : [
- for vv in v.endpoints :
- merge(vv, { neg = k, zone = v.zone })
+ for kk, vv in v.endpoints : merge(vv, {
+ key = "${k}-${kk}", neg = k, zone = v.zone
+ })
]
])
neg_endpoints_global = {
- for v in local._neg_endpoints_global :
- "${v.neg}-${v.destination}-${coalesce(v.port, "none")}" => v
+ for v in local._neg_endpoints_global : (v.key) => v
}
neg_endpoints_zonal = {
- for v in local._neg_endpoints_zonal :
- "${v.neg}-${v.ip_address}-${coalesce(v.port, "none")}" => v
+ for v in local._neg_endpoints_zonal : (v.key) => v
}
neg_global = {
for k, v in var.neg_configs :
diff --git a/modules/net-glb/variables.tf b/modules/net-glb/variables.tf
index 523b8f5f4d..72e6c0c402 100644
--- a/modules/net-glb/variables.tf
+++ b/modules/net-glb/variables.tf
@@ -115,7 +115,7 @@ variable "neg_configs" {
subnetwork = string
zone = string
# default_port = optional(number)
- endpoints = optional(list(object({
+ endpoints = optional(map(object({
instance = string
ip_address = string
port = number
@@ -126,7 +126,7 @@ variable "neg_configs" {
zone = string
# re-enable once provider properly support this
# default_port = optional(number)
- endpoints = optional(list(object({
+ endpoints = optional(map(object({
ip_address = string
port = number
})))
@@ -135,7 +135,7 @@ variable "neg_configs" {
use_fqdn = optional(bool, true)
# re-enable once provider properly support this
# default_port = optional(number)
- endpoints = optional(list(object({
+ endpoints = optional(map(object({
destination = string
port = number
})))
diff --git a/modules/net-ilb-l7/README.md b/modules/net-ilb-l7/README.md
index 1ba2c33dd2..b5862f31e6 100644
--- a/modules/net-ilb-l7/README.md
+++ b/modules/net-ilb-l7/README.md
@@ -228,6 +228,14 @@ module "ilb-l7" {
Similarly to instance groups, NEGs can also be managed by this module which supports GCE, hybrid, and serverless NEGs:
```hcl
+resource "google_compute_address" "test" {
+ name = "neg-test"
+ subnetwork = var.subnet.self_link
+ address_type = "INTERNAL"
+ address = "10.0.0.10"
+ region = "europe-west1"
+}
+
module "ilb-l7" {
source = "./fabric/modules/net-ilb-l7"
name = "ilb-test"
@@ -246,11 +254,14 @@ module "ilb-l7" {
my-neg = {
gce = {
zone = "europe-west1-b"
- endpoints = [{
- instance = "test-1"
- ip_address = "10.0.0.10"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ instance = "test-1"
+ ip_address = google_compute_address.test.address
+ # ip_address = "10.0.0.10"
+ port = 80
+ }
+ }
}
}
}
@@ -259,7 +270,7 @@ module "ilb-l7" {
subnetwork = var.subnet.self_link
}
}
-# tftest modules=1 resources=7
+# tftest modules=1 resources=8
```
Hybrid NEGs are also supported:
@@ -283,10 +294,12 @@ module "ilb-l7" {
my-neg = {
hybrid = {
zone = "europe-west1-b"
- endpoints = [{
- ip_address = "10.0.0.10"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ ip_address = "10.0.0.10"
+ port = 80
+ }
+ }
}
}
}
@@ -512,20 +525,24 @@ module "ilb-l7" {
neg-nginx-ew8-c = {
gce = {
zone = "europe-west8-c"
- endpoints = [{
- instance = "nginx-ew8-c"
- ip_address = "10.24.32.26"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ instance = "nginx-ew8-c"
+ ip_address = "10.24.32.26"
+ port = 80
+ }
+ }
}
}
neg-home-hello = {
hybrid = {
zone = "europe-west8-b"
- endpoints = [{
- ip_address = "192.168.0.3"
- port = 443
- }]
+ endpoints = {
+ e-0 = {
+ ip_address = "192.168.0.3"
+ port = 443
+ }
+ }
}
}
}
@@ -597,7 +614,7 @@ module "ilb-l7" {
| [group_configs](variables.tf#L36) | Optional unmanaged groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
| [health_check_configs](variables-health-check.tf#L19) | Optional auto-created health check configurations, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | map(object({…})) | | {…} |
| [labels](variables.tf#L48) | Labels set on resources. | map(string) | | {} |
-| [neg_configs](variables.tf#L59) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
+| [neg_configs](variables.tf#L59) | Optional network endpoint groups to create. Can be referenced in backends via key or outputs. | map(object({…})) | | {} |
| [network_tier_premium](variables.tf#L119) | Use premium network tier. Defaults to true. | bool | | true |
| [ports](variables.tf#L126) | Optional ports for HTTP load balancer, valid ports are 80 and 8080. | list(string) | | null |
| [protocol](variables.tf#L137) | Protocol supported by this load balancer. | string | | "HTTP" |
diff --git a/modules/net-ilb-l7/main.tf b/modules/net-ilb-l7/main.tf
index 5b6211a393..803b3ff5c1 100644
--- a/modules/net-ilb-l7/main.tf
+++ b/modules/net-ilb-l7/main.tf
@@ -15,9 +15,12 @@
*/
locals {
+ # we need keys in the endpoint type to address issue #1055
_neg_endpoints = flatten([
for k, v in local.neg_zonal : [
- for vv in v.endpoints : merge(vv, { neg = k, zone = v.zone })
+ for kk, vv in v.endpoints : merge(vv, {
+ key = "${k}-${kk}", neg = k, zone = v.zone
+ })
]
])
fwd_rule_ports = (
@@ -29,8 +32,7 @@ locals {
: google_compute_region_target_http_proxy.default.0.id
)
neg_endpoints = {
- for v in local._neg_endpoints :
- "${v.neg}-${v.ip_address}-${coalesce(v.port, "none")}" => v
+ for v in local._neg_endpoints : (v.key) => v
}
neg_regional = {
for k, v in var.neg_configs :
diff --git a/modules/net-ilb-l7/variables.tf b/modules/net-ilb-l7/variables.tf
index 0577ddf6e6..09b3f7ac74 100644
--- a/modules/net-ilb-l7/variables.tf
+++ b/modules/net-ilb-l7/variables.tf
@@ -73,7 +73,7 @@ variable "neg_configs" {
# default_port = optional(number)
network = optional(string)
subnetwork = optional(string)
- endpoints = optional(list(object({
+ endpoints = optional(map(object({
instance = string
ip_address = string
port = number
@@ -85,7 +85,7 @@ variable "neg_configs" {
network = optional(string)
# re-enable once provider properly support this
# default_port = optional(number)
- endpoints = optional(list(object({
+ endpoints = optional(map(object({
ip_address = string
port = number
})))
diff --git a/tests/modules/net_glb/test-plan.tfvars b/tests/modules/net_glb/test-plan.tfvars
index f10667f17c..94cc5ab2ae 100644
--- a/tests/modules/net_glb/test-plan.tfvars
+++ b/tests/modules/net_glb/test-plan.tfvars
@@ -62,30 +62,36 @@ neg_configs = {
network = "projects/my-project/global/networks/shared-vpc"
subnetwork = "projects/my-project/regions/europe-west8/subnetworks/gce"
zone = "europe-west8-b"
- endpoints = [{
- instance = "nginx-ew8-b"
- ip_address = "10.24.32.25"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ instance = "nginx-ew8-b"
+ ip_address = "10.24.32.25"
+ port = 80
+ }
+ }
}
}
neg-hybrid = {
hybrid = {
network = "projects/my-project/global/networks/shared-vpc"
zone = "europe-west8-b"
- endpoints = [{
- ip_address = "192.168.0.3"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ ip_address = "192.168.0.3"
+ port = 80
+ }
+ }
}
}
neg-internet = {
internet = {
use_fqdn = true
- endpoints = [{
- destination = "hello.example.org"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ destination = "hello.example.org"
+ port = 80
+ }
+ }
}
}
}
diff --git a/tests/modules/net_ilb_l7/fixture/test.negs.tfvars b/tests/modules/net_ilb_l7/fixture/test.negs.tfvars
index 2f7f48d578..f6141a7ef6 100644
--- a/tests/modules/net_ilb_l7/fixture/test.negs.tfvars
+++ b/tests/modules/net_ilb_l7/fixture/test.negs.tfvars
@@ -9,11 +9,13 @@ neg_configs = {
custom = {
gce = {
zone = "europe-west1-b"
- endpoints = [{
- ip_address = "10.0.0.10"
- instance = "test-1"
- port = 80
- }]
+ endpoints = {
+ e-0 = {
+ ip_address = "10.0.0.10"
+ instance = "test-1"
+ port = 80
+ }
+ }
}
}
}