-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
139 lines (115 loc) · 3.57 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
############
# VIP level
# required
variable "vip_name" {
type = string
description = "the name of the VIP/virtual server"
}
variable "vip_destination_ip" {
type = string
description = "target IP that the VIP will listen on"
}
variable "vip_description" {
type = string
description = "vip description (ticket, owner, etc), automatically gets tf- appended"
}
variable "vip_port" {
type = number
description = "the port that the VIP listens on"
}
variable "vip_partition" {
type = string
description = "the partition/namespace inside the F5 device where the VIP lives"
}
# note that I have "vlans_enabled = true" hardcoded in the VIP resource for now, which means they need passed in
variable "vip_enabled_vlans" {
type = list(string)
description = "list of vlans, including partition, on which to enable traffic for VIP listener"
}
# optional
variable "vip_client_profiles_list" {
type = list(string)
default = ["/Common/clientssl"]
description = "list of profiles, including partition"
}
variable "vip_server_profiles_list" {
type = list(string)
default = ["/Common/serverssl"]
description = "list of profiles, including partition"
}
# Note: If you override this, you MUST include /Common/tcp among the rest of your list.
# docs: "(Optional) List of profiles associated both client and server contexts
# on the virtual server. This includes protocol, ssl, http, etc."
variable "vip_profiles_list" {
type = list(string)
default = ["/Common/tcp"]
description = "These get applied to both client and server. list of profiles, including partition"
}
variable "vip_sec_log_profiles_list" {
type = list(string)
default = ["/Common/global-network"]
description = "list of profiles, including partition"
}
variable "vip_source_address_translation" {
type = string
validation {
condition = contains(["snat", "automap", "none"], var.vip_source_address_translation)
error_message = "vip_source_address_translation should be one of: snat, automap, none"
}
description = "the type of translatio to be used, if any. snat, automap, none"
default = "automap"
}
variable "vip_irule_list" {
type = list(string)
default = ["/Common/Drop-Non-Tufts-Connections"]
description = "list of irules, including partition"
}
####
# pool level
variable "pool_name" {
type = string
description = "name of the pool, node_listen_port gets automatically appended"
}
variable "pool_description" {
type = string
description = "name of the pool, automatically gets tf- prepended"
}
variable "pool_load_balancing_mode" {
type = string
default = "round-robin"
description = "Load balancing mode. Valid values TBD."
}
variable "pool_minimum_active_members" {
type = number
default = 1
}
variable "pool_monitors_list" {
# docs: "List of monitor names to associate with the pool"
type = list(string)
default = []
description = "List of monitor names to associate with the pool"
}
####
# node level
variable "node_map" {
type = map(object({
name = string,
description = string,
address = string,
pool_state = string,
}))
default = {}
description = "object containing the nodes to add to the pool"
}
variable "node_listen_port" {
type = number
description = "the port that the nodes will listen on. Can be different than vip_port."
}
# variable "node_connection_limit" {
# type = string
# default = "0"
# }
# variable "node_dynamic_ratio" {
# type = number
# default = 1
# }