mirror of
https://github.com/google/nomulus.git
synced 2025-05-15 00:47:11 +02:00
Add networking settings for canary proxies
Canary proxies are not receiving real traffic but can be useful when testing Nomulus deployment (probers will probe canary proxy and compare metrics with production proxy). This CL added a separate load balancer for a canary proxy, running on the same clusters as production proxy. The canary proxies have their own IP addresses, but are not assigned domain names. Probers will directly connect to these endpoints by IP. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=193234937
This commit is contained in:
jianglai
parent
d036d72dda
commit
eab6fcc8e6
8 changed files with 38 additions and 152 deletions
|
|
@ -1,129 +1,12 @@
|
|||
resource "google_compute_global_address" "proxy_ipv4_address" {
|
||||
name = "proxy-ipv4-address"
|
||||
ip_version = "IPV4"
|
||||
module "proxy_networking" {
|
||||
source = "./networking"
|
||||
proxy_instance_groups = "${local.proxy_instance_groups}"
|
||||
proxy_ports = "${var.proxy_ports}"
|
||||
}
|
||||
|
||||
resource "google_compute_global_address" "proxy_ipv6_address" {
|
||||
name = "proxy-ipv6-address"
|
||||
ip_version = "IPV6"
|
||||
}
|
||||
|
||||
resource "google_compute_firewall" "proxy_firewall" {
|
||||
name = "proxy-firewall"
|
||||
network = "default"
|
||||
|
||||
allow {
|
||||
protocol = "tcp"
|
||||
|
||||
ports = [
|
||||
"${var.proxy_ports["epp"]}",
|
||||
"${var.proxy_ports["whois"]}",
|
||||
"${var.proxy_ports["health_check"]}",
|
||||
]
|
||||
}
|
||||
|
||||
source_ranges = [
|
||||
"130.211.0.0/22",
|
||||
"35.191.0.0/16",
|
||||
]
|
||||
|
||||
target_tags = [
|
||||
"proxy-cluster",
|
||||
]
|
||||
}
|
||||
|
||||
resource "google_compute_health_check" "proxy_health_check" {
|
||||
name = "proxy-health-check"
|
||||
|
||||
tcp_health_check {
|
||||
port = "${var.proxy_ports["health_check"]}"
|
||||
request = "HEALTH_CHECK_REQUEST"
|
||||
response = "HEALTH_CHECK_RESPONSE"
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_backend_service" "epp_backend_service" {
|
||||
name = "epp-backend-service"
|
||||
protocol = "TCP"
|
||||
timeout_sec = 3600
|
||||
port_name = "epp"
|
||||
|
||||
backend {
|
||||
group = "${local.proxy_instance_groups["americas"]}"
|
||||
}
|
||||
|
||||
backend {
|
||||
group = "${local.proxy_instance_groups["emea"]}"
|
||||
}
|
||||
|
||||
backend {
|
||||
group = "${local.proxy_instance_groups["apac"]}"
|
||||
}
|
||||
|
||||
health_checks = [
|
||||
"${google_compute_health_check.proxy_health_check.self_link}",
|
||||
]
|
||||
}
|
||||
|
||||
resource "google_compute_backend_service" "whois_backend_service" {
|
||||
name = "whois-backend-service"
|
||||
protocol = "TCP"
|
||||
timeout_sec = 60
|
||||
port_name = "whois"
|
||||
|
||||
backend {
|
||||
group = "${local.proxy_instance_groups["americas"]}"
|
||||
}
|
||||
|
||||
backend {
|
||||
group = "${local.proxy_instance_groups["emea"]}"
|
||||
}
|
||||
|
||||
backend {
|
||||
group = "${local.proxy_instance_groups["apac"]}"
|
||||
}
|
||||
|
||||
health_checks = [
|
||||
"${google_compute_health_check.proxy_health_check.self_link}",
|
||||
]
|
||||
}
|
||||
|
||||
resource "google_compute_target_tcp_proxy" "epp_tcp_proxy" {
|
||||
name = "epp-tcp-proxy"
|
||||
proxy_header = "PROXY_V1"
|
||||
backend_service = "${google_compute_backend_service.epp_backend_service.self_link}"
|
||||
}
|
||||
|
||||
resource "google_compute_target_tcp_proxy" "whois_tcp_proxy" {
|
||||
name = "whois-tcp-proxy"
|
||||
proxy_header = "PROXY_V1"
|
||||
backend_service = "${google_compute_backend_service.whois_backend_service.self_link}"
|
||||
}
|
||||
|
||||
resource "google_compute_global_forwarding_rule" "epp_ipv4_forwarding_rule" {
|
||||
name = "epp-ipv4-forwarding-rule"
|
||||
ip_address = "${google_compute_global_address.proxy_ipv4_address.address}"
|
||||
target = "${google_compute_target_tcp_proxy.epp_tcp_proxy.self_link}"
|
||||
port_range = "700"
|
||||
}
|
||||
|
||||
resource "google_compute_global_forwarding_rule" "epp_ipv6_forwarding_rule" {
|
||||
name = "epp-ipv6-forwarding-rule"
|
||||
ip_address = "${google_compute_global_address.proxy_ipv6_address.address}"
|
||||
target = "${google_compute_target_tcp_proxy.epp_tcp_proxy.self_link}"
|
||||
port_range = "700"
|
||||
}
|
||||
|
||||
resource "google_compute_global_forwarding_rule" "whois_ipv4_forwarding_rule" {
|
||||
name = "whois-ipv4-forwarding-rule"
|
||||
ip_address = "${google_compute_global_address.proxy_ipv4_address.address}"
|
||||
target = "${google_compute_target_tcp_proxy.whois_tcp_proxy.self_link}"
|
||||
port_range = "43"
|
||||
}
|
||||
|
||||
resource "google_compute_global_forwarding_rule" "whois_ipv6_forwarding_rule" {
|
||||
name = "whois-ipv6-forwarding-rule"
|
||||
ip_address = "${google_compute_global_address.proxy_ipv6_address.address}"
|
||||
target = "${google_compute_target_tcp_proxy.whois_tcp_proxy.self_link}"
|
||||
port_range = "43"
|
||||
module "proxy_networking_canary" {
|
||||
source = "./networking"
|
||||
proxy_instance_groups = "${local.proxy_instance_groups}"
|
||||
suffix = "-canary"
|
||||
proxy_ports = "${var.proxy_ports_canary}"
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue