fpco · Magicloud · Nov 28, 2019
diff --git a/examples/nlb-test/main.tf b/examples/nlb-test/main.tf
@@ -0,0 +1,77 @@
+provider "aws" {
+  region = "us-west-2"
+}
+
+data "aws_availability_zones" "azs" {
+  state = "available"
+}
+
+module "vpc" {
+  source              = "fpco/foundation/aws//modules/vpc-scenario-1"
+  cidr                = "10.0.0.0/16"
+  public_subnet_cidrs = ["10.0.0.0/24", "10.0.1.0/24", "10.0.2.0/24"]
+  region              = "us-west-2"
+  azs                 = data.aws_availability_zones.azs.names
+  name_prefix         = "nlb-poc"
+}
+
+module "ubuntu" {
+  source  = "fpco/foundation/aws//modules/ami-ubuntu"
+  release = "18.04"
+}
+
+module "asg" {
+  source                = "fpco/foundation/aws//modules/asg"
+  azs                   = []
+  key_name              = "shida-west-2"
+  subnet_ids            = [module.vpc.public_subnet_ids[0], module.vpc.public_subnet_ids[2]]
+  name_prefix           = "nlb-poc"
+  min_nodes             = 2
+  ami                   = module.ubuntu.id
+  max_nodes             = 2
+  security_group_ids    = [aws_security_group.sg-asg.id]
+  alb_target_group_arns = module.nlb.target_group_arns
+  user_data             = <<EOF
+#!/bin/bash -
+apt update
+apt install python3
+wget -O hostname.py https://gist.githubusercontent.com/Magicloud/120357225843eeebcb70205a79f61999/raw/91ac3f205aa4812834f08dd82ea639dd0b5d1cfc/hostname.py
+chmod a+x hostname.py
+./hostname.py &
+EOF
+}
+
+resource "aws_security_group" "sg-asg" {
+  vpc_id = module.vpc.vpc_id
+  ingress {
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  ingress {
+    from_port   = 10000
+    to_port     = 10000
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}
+
+module "nlb" {
+  name_prefix = "nlb-poc"
+  source      = "../../modules/nlb"
+  internal    = false
+  subnet_ids  = [module.vpc.public_subnet_ids[0], module.vpc.public_subnet_ids[2]]
+  ports       = [[10000, 10000]]
+  vpc_id      = module.vpc.vpc_id
+}
+
+output "lb" {
+  value = module.nlb.lb_dns_name
+}
diff --git a/modules/nlb/README.md b/modules/nlb/README.md
@@ -0,0 +1,5 @@
+# NLB
+
+Setup basic aws_lb/aws_lb_listener/aws_lb_target_group resources for TCP forward function.
+
+Checkout example/nlb-test for usage.
diff --git a/modules/nlb/main.tf b/modules/nlb/main.tf
@@ -0,0 +1,27 @@
+resource "aws_lb" "nlb" {
+  name               = "${var.name_prefix}-nlb"
+  internal           = var.internal
+  load_balancer_type = "network"
+  subnets            = var.subnet_ids
+  tags               = var.tags
+}
+
+resource "aws_lb_listener" "lb-listener" {
+  count             = length(var.ports)
+  load_balancer_arn = aws_lb.nlb.arn
+  port              = var.ports[count.index][0]
+  protocol          = "TCP"
+  default_action {
+    type             = "forward"
+    target_group_arn = aws_lb_target_group.lb-tg[count.index].arn
+  }
+}
+
+resource "aws_lb_target_group" "lb-tg" {
+  count    = length(var.ports)
+  name     = "${var.name_prefix}-tg-${count.index}"
+  port     = var.ports[count.index][1]
+  protocol = "TCP"
+  vpc_id   = var.vpc_id
+  tags     = var.tags
+}
diff --git a/modules/nlb/outputs.tf b/modules/nlb/outputs.tf
@@ -0,0 +1,7 @@
+output "lb_dns_name" {
+  value = aws_lb.nlb.dns_name
+}
+
+output "target_group_arns" {
+  value = aws_lb_target_group.lb-tg.*.arn
+}
diff --git a/modules/nlb/variables.tf b/modules/nlb/variables.tf
@@ -0,0 +1,30 @@
+variable "internal" {
+  default     = true
+  type        = bool
+  description = "Whether the LB should face Internet."
+}
+
+variable "subnet_ids" {
+  type        = list(string)
+  description = "The subnets for LBs to live in."
+}
+
+variable "ports" {
+  type        = list(tuple([number, number]))
+  description = "The port pair of TCP services. The first of each pair is the port opened on NLB, that clients access. The second of each pair is the port opened on service. The parameter is in form of \"[[80, 8000], [8123, 8123]]\"."
+}
+
+variable "vpc_id" {
+  type        = string
+  description = "The identifier of the VPC in which to create the target groups."
+}
+
+variable "tags" {
+  type        = map(string)
+  default     = {}
+  description = "Tags for aws_lb resource."
+}
+
+variable "name_prefix" {
+  type = string
+}