From dae6d09495b063374067e29171b6b1467357af23 Mon Sep 17 00:00:00 2001 From: Steve Steiner Date: Thu, 15 Aug 2024 13:27:36 -0400 Subject: [PATCH 1/3] update gwlb deregistration behavior Signed-off-by: Steve Steiner --- modules/gwlb/main.tf | 5 +++++ modules/gwlb/variables.tf | 12 ++++++++++++ 2 files changed, 17 insertions(+) diff --git a/modules/gwlb/main.tf b/modules/gwlb/main.tf index 198494e..438a1d0 100644 --- a/modules/gwlb/main.tf +++ b/modules/gwlb/main.tf @@ -60,6 +60,11 @@ resource "aws_lb_target_group" "this" { # # tags = merge(var.global_tags, { Name = var.name }, var.lb_target_group_tags) tags = var.lb_target_group_tags + target_failover { + on_deregistration = var.on_deregistration + on_unhealthy = var.on_unhealthy + } + health_check { enabled = var.health_check_enabled diff --git a/modules/gwlb/variables.tf b/modules/gwlb/variables.tf index 3469afd..c24356d 100644 --- a/modules/gwlb/variables.tf +++ b/modules/gwlb/variables.tf @@ -117,6 +117,18 @@ variable "unhealthy_threshold" { type = number } +variable "on_deregistration" { + description = "Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_unhealthy`. Default: `no_rebalance`" + default = "no_rebalance" + type = string +} + +variable "on_unhealthy" { + description = "Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_deregistration`. Default: `no_rebalance`" + default = "no_rebalance" + type = string +} + variable "stickiness_type" { description = <<-EOF If `stickiness_type` is `null`, then attribute `enabled` is set to `false` in stickiness configuration block, From bc0a64136f552ec2a2e9bd17201441c6840170ee Mon Sep 17 00:00:00 2001 From: Steve Steiner Date: Thu, 15 Aug 2024 14:01:47 -0400 Subject: [PATCH 2/3] precommit Signed-off-by: Steve Steiner --- modules/gwlb/README.md | 2 ++ modules/gwlb/main.tf | 4 ++-- modules/gwlb/variables.tf | 8 ++++---- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/modules/gwlb/README.md b/modules/gwlb/README.md index f24dabb..7fbd32a 100644 --- a/modules/gwlb/README.md +++ b/modules/gwlb/README.md @@ -68,6 +68,8 @@ No modules. | [lb\_tags](#input\_lb\_tags) | Map of AWS tags to apply to the created Load Balancer object. These tags are applied after the `global_tags`. | `map(string)` | `{}` | no | | [lb\_target\_group\_tags](#input\_lb\_target\_group\_tags) | Map of AWS tags to apply to the created GWLB Target Group. These tags are applied after the `global_tags`. | `map(string)` | `{}` | no | | [name](#input\_name) | Name of the created GWLB. Must be unique per AWS region per AWS account. | `string` | n/a | yes | +| [on\_deregistration](#input\_on\_deregistration) | Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_unhealthy`. Default: `no_rebalance` | `string` | `"no_rebalance"` | no | +| [on\_unhealthy](#input\_on\_unhealthy) | Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_deregistration`. Default: `no_rebalance` | `string` | `"no_rebalance"` | no | | [stickiness\_type](#input\_stickiness\_type) | If `stickiness_type` is `null`, then attribute `enabled` is set to `false` in stickiness configuration block,
value provided in `type` is ignored and by default the Gateway Load Balancer uses 5-tuple to maintain flow stickiness to a specific target appliance.
If `stickiness_type` is not `null`, then attribute `enabled` is set to `true` in stickiness configuration block
and the stickiness `type` can be then customized by using value:
- `source_ip_dest_ip_proto` for 3-tuple (Source IP, Destination IP and Transport Protocol)
- `source_ip_dest_ip` for 2-tuple (Source IP and Destination IP)
 | `string` | `null` | no |
 |  [subnets](#input\_subnets) | Map of subnets where to create the GWLB. Each map's key is the availability zone name and each map's object has an attribute
`id` identifying AWS subnet.
Example for users of module `subnet_set`:
subnets = module.subnet_set.subnets
Example:
subnets = {
  "us-east-1a" = { id = "snet-123007" }
  "us-east-1b" = { id = "snet-123008" }
}
 | 
map(object({
    id = string
  }))
 | n/a | yes |
 |  [target\_instances](#input\_target\_instances) | Map of instances to attach to the GWLB Target Group. | 
map(object({
    id = string
  }))
 | `{}` | no |
diff --git a/modules/gwlb/main.tf b/modules/gwlb/main.tf
index 438a1d0..fdeef9c 100644
--- a/modules/gwlb/main.tf
+++ b/modules/gwlb/main.tf
@@ -62,9 +62,9 @@ resource "aws_lb_target_group" "this" {
   tags = var.lb_target_group_tags
   target_failover {
     on_deregistration = var.on_deregistration
-    on_unhealthy = var.on_unhealthy
+    on_unhealthy      = var.on_unhealthy
   }
-  
+
 
   health_check {
     enabled             = var.health_check_enabled
diff --git a/modules/gwlb/variables.tf b/modules/gwlb/variables.tf
index c24356d..44c613c 100644
--- a/modules/gwlb/variables.tf
+++ b/modules/gwlb/variables.tf
@@ -119,14 +119,14 @@ variable "unhealthy_threshold" {
 
 variable "on_deregistration" {
   description = "Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_unhealthy`. Default: `no_rebalance`"
-  default = "no_rebalance"
-  type = string
+  default     = "no_rebalance"
+  type        = string
 }
 
 variable "on_unhealthy" {
   description = "Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_deregistration`. Default: `no_rebalance`"
-  default = "no_rebalance"
-  type = string
+  default     = "no_rebalance"
+  type        = string
 }
 
 variable "stickiness_type" {

From 740491603e868b0be277daa0a3d186931ba34cfa Mon Sep 17 00:00:00 2001
From: Steve Steiner 
Date: Mon, 19 Aug 2024 10:26:09 -0400
Subject: [PATCH 3/3] Adding the ability to adjust the target deregistration
 behavior

Signed-off-by: Steve Steiner 
---
 modules/gwlb/main.tf      |  1 +
 modules/gwlb/variables.tf | 12 ++++++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/modules/gwlb/main.tf b/modules/gwlb/main.tf
index fdeef9c..0dde693 100644
--- a/modules/gwlb/main.tf
+++ b/modules/gwlb/main.tf
@@ -60,6 +60,7 @@ resource "aws_lb_target_group" "this" {
   #
   # tags = merge(var.global_tags, { Name = var.name }, var.lb_target_group_tags)
   tags = var.lb_target_group_tags
+
   target_failover {
     on_deregistration = var.on_deregistration
     on_unhealthy      = var.on_unhealthy
diff --git a/modules/gwlb/variables.tf b/modules/gwlb/variables.tf
index 44c613c..16ce2cc 100644
--- a/modules/gwlb/variables.tf
+++ b/modules/gwlb/variables.tf
@@ -120,13 +120,21 @@ variable "unhealthy_threshold" {
 variable "on_deregistration" {
   description = "Indicates how the GWLB handles existing flows when a target is deregistered. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_unhealthy`. Default: `no_rebalance`"
   default     = "no_rebalance"
-  type        = string
+  validation {
+    condition     = var.on_unhealthy == var.on_deregistration
+    error_message = "Variable on_deregistration must be the same as variable on_unhealthy"
+  }
+  type = string
 }
 
 variable "on_unhealthy" {
   description = "Indicates how the GWLB handles existing flows when a target is unhealthy. Possible values are `rebalance` and `no_rebalance`. Must match the attribute value set for `on_deregistration`. Default: `no_rebalance`"
   default     = "no_rebalance"
-  type        = string
+  validation {
+    condition     = var.on_deregistration == var.on_unhealthy
+    error_message = "Variable on_unhealthy must be the same as variable on_deregistration"
+  }
+  type = string
 }
 
 variable "stickiness_type" {