infrastructure-provisioning/terraform/aws/ssn-k8s/main/lb.tf - incubator-datalab - Git at Google

 # *****************************************************************************
 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 #
 # ******************************************************************************

 locals {
   ssn_nlb_name                 = "${var.service_base_name}-ssn-nlb"
   ssn_alb_name                 = "${var.service_base_name}-ssn-alb"
   ssn_k8s_nlb_api_tg_name      = "${var.service_base_name}-ssn-nlb-api-tg"
   ssn_k8s_nlb_step_ca_tg_name  = "${var.service_base_name}-ssn-nlb-step-ca-tg"
   ssn_k8s_alb_tg_name          = "${var.service_base_name}-ssn-alb-tg"
 }

 resource "aws_lb" "ssn_k8s_nlb" {
   name               = local.ssn_nlb_name
   load_balancer_type = "network"
   subnets            = compact([data.aws_subnet.k8s-subnet-a-data.id, data.aws_subnet.k8s-subnet-b-data.id,
                                 local.subnet_c_id])
   tags               = {
     Name                                          = local.ssn_nlb_name
     "${local.additional_tag[0]}"                  = local.additional_tag[1]
     "${var.tag_resource_id}"                      = "${var.service_base_name}:${local.ssn_nlb_name}"
     "${var.service_base_name}-tag"                = local.ssn_nlb_name
     "kubernetes.io/cluster/${local.cluster_name}" = "owned"
   }
 }

 resource "aws_lb_target_group" "ssn_k8s_nlb_api_target_group" {
   name     = local.ssn_k8s_nlb_api_tg_name
   port     = 6443
   protocol = "TCP"
   vpc_id   = data.aws_vpc.ssn_k8s_vpc_data.id
   tags     = {
     Name                                          = local.ssn_k8s_nlb_api_tg_name
     "${local.additional_tag[0]}"                  = local.additional_tag[1]
     "${var.tag_resource_id}"                      = "${var.service_base_name}:${local.ssn_k8s_nlb_api_tg_name}"
     "${var.service_base_name}-tag"                = local.ssn_k8s_nlb_api_tg_name
     "kubernetes.io/cluster/${local.cluster_name}" = "owned"
   }
 }

 resource "aws_lb_target_group" "ssn_k8s_nlb_step_ca_target_group" {
   name     = local.ssn_k8s_nlb_step_ca_tg_name
   port     = 32433
   protocol = "TCP"
   vpc_id   = data.aws_vpc.ssn_k8s_vpc_data.id
   tags     = {
     Name                                          = local.ssn_k8s_nlb_step_ca_tg_name
     "${local.additional_tag[0]}"                  = local.additional_tag[1]
     "${var.tag_resource_id}"                      = "${var.service_base_name}:${local.ssn_k8s_nlb_step_ca_tg_name}"
     "${var.service_base_name}-tag"                = local.ssn_k8s_nlb_step_ca_tg_name
     "kubernetes.io/cluster/${local.cluster_name}" = "owned"
   }
 }

 resource "aws_lb_listener" "ssn_k8s_nlb_api_listener" {
   load_balancer_arn = aws_lb.ssn_k8s_nlb.arn
   port              = "6443"
   protocol          = "TCP"

   default_action {
     type             = "forward"
     target_group_arn = aws_lb_target_group.ssn_k8s_nlb_api_target_group.arn
   }
 }

 resource "aws_lb_listener" "ssn_k8s_nlb_step_ca_listener" {
   load_balancer_arn = aws_lb.ssn_k8s_nlb.arn
   port              = "443"
   protocol          = "TCP"

   default_action {
     type             = "forward"
     target_group_arn = aws_lb_target_group.ssn_k8s_nlb_step_ca_target_group.arn
   }
 }
	# *****************************************************************************
	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#
	# ******************************************************************************

	locals {
	ssn_nlb_name = "${var.service_base_name}-ssn-nlb"
	ssn_alb_name = "${var.service_base_name}-ssn-alb"
	ssn_k8s_nlb_api_tg_name = "${var.service_base_name}-ssn-nlb-api-tg"
	ssn_k8s_nlb_step_ca_tg_name = "${var.service_base_name}-ssn-nlb-step-ca-tg"
	ssn_k8s_alb_tg_name = "${var.service_base_name}-ssn-alb-tg"
	}

	resource "aws_lb" "ssn_k8s_nlb" {
	name = local.ssn_nlb_name
	load_balancer_type = "network"
	subnets = compact([data.aws_subnet.k8s-subnet-a-data.id, data.aws_subnet.k8s-subnet-b-data.id,
	local.subnet_c_id])
	tags = {
	Name = local.ssn_nlb_name
	"${local.additional_tag[0]}" = local.additional_tag[1]
	"${var.tag_resource_id}" = "${var.service_base_name}:${local.ssn_nlb_name}"
	"${var.service_base_name}-tag" = local.ssn_nlb_name
	"kubernetes.io/cluster/${local.cluster_name}" = "owned"
	}
	}

	resource "aws_lb_target_group" "ssn_k8s_nlb_api_target_group" {
	name = local.ssn_k8s_nlb_api_tg_name
	port = 6443
	protocol = "TCP"
	vpc_id = data.aws_vpc.ssn_k8s_vpc_data.id
	tags = {
	Name = local.ssn_k8s_nlb_api_tg_name
	"${local.additional_tag[0]}" = local.additional_tag[1]
	"${var.tag_resource_id}" = "${var.service_base_name}:${local.ssn_k8s_nlb_api_tg_name}"
	"${var.service_base_name}-tag" = local.ssn_k8s_nlb_api_tg_name
	"kubernetes.io/cluster/${local.cluster_name}" = "owned"
	}
	}

	resource "aws_lb_target_group" "ssn_k8s_nlb_step_ca_target_group" {
	name = local.ssn_k8s_nlb_step_ca_tg_name
	port = 32433
	protocol = "TCP"
	vpc_id = data.aws_vpc.ssn_k8s_vpc_data.id
	tags = {
	Name = local.ssn_k8s_nlb_step_ca_tg_name
	"${local.additional_tag[0]}" = local.additional_tag[1]
	"${var.tag_resource_id}" = "${var.service_base_name}:${local.ssn_k8s_nlb_step_ca_tg_name}"
	"${var.service_base_name}-tag" = local.ssn_k8s_nlb_step_ca_tg_name
	"kubernetes.io/cluster/${local.cluster_name}" = "owned"
	}
	}

	resource "aws_lb_listener" "ssn_k8s_nlb_api_listener" {
	load_balancer_arn = aws_lb.ssn_k8s_nlb.arn
	port = "6443"
	protocol = "TCP"

	default_action {
	type = "forward"
	target_group_arn = aws_lb_target_group.ssn_k8s_nlb_api_target_group.arn
	}
	}

	resource "aws_lb_listener" "ssn_k8s_nlb_step_ca_listener" {
	load_balancer_arn = aws_lb.ssn_k8s_nlb.arn
	port = "443"
	protocol = "TCP"

	default_action {
	type = "forward"
	target_group_arn = aws_lb_target_group.ssn_k8s_nlb_step_ca_target_group.arn
	}
	}