-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f2fa4aa
commit d17e7b8
Showing
24 changed files
with
555 additions
and
68 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
# GraphDB Public IP Address Module |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
data "azurerm_resource_group" "graphdb" { | ||
name = var.resource_group_name | ||
} | ||
|
||
locals { | ||
resource_group = data.azurerm_resource_group.graphdb.name | ||
location = data.azurerm_resource_group.graphdb.location | ||
} | ||
|
||
resource "random_string" "fqdn" { | ||
length = 6 | ||
special = false | ||
upper = false | ||
numeric = true | ||
} | ||
|
||
resource "azurerm_public_ip" "graphdb-public-ip-address" { | ||
name = "${var.resource_name_prefix}-public-address" | ||
resource_group_name = local.resource_group | ||
location = local.location | ||
|
||
sku = "Standard" | ||
allocation_method = "Static" | ||
zones = var.zones | ||
|
||
# TODO: idle_timeout_in_minutes is between 4 and 30 minutes, gotta test if this affects our data loading | ||
|
||
# TODO: This could be conditional or provided | ||
# TODO: If we use a dedicated domain with TLS, this would not be needed | ||
domain_name_label = "${var.resource_name_prefix}-${random_string.fqdn.result}" | ||
|
||
tags = var.tags | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
output "public_ip_address_name" { | ||
description = "Name of the public IP address" | ||
value = azurerm_public_ip.graphdb-public-ip-address.name | ||
} | ||
|
||
output "public_ip_address_fqdn" { | ||
description = "The assigned FQDN of the public IP address" | ||
value = azurerm_public_ip.graphdb-public-ip-address.fqdn | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# General configurations | ||
|
||
variable "resource_name_prefix" { | ||
description = "Resource name prefix used for tagging and naming AWS resources" | ||
type = string | ||
} | ||
|
||
variable "zones" { | ||
description = "Availability zones for the public IP address." | ||
type = list(number) | ||
default = [1, 2, 3] | ||
} | ||
|
||
variable "tags" { | ||
description = "Common resource tags." | ||
type = map(string) | ||
default = {} | ||
} | ||
|
||
variable "resource_group_name" { | ||
description = "Name of the resource group where GraphDB will be deployed." | ||
type = string | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
terraform { | ||
required_version = ">= 1.3.1" | ||
|
||
required_providers { | ||
azurerm = { | ||
source = "hashicorp/azurerm" | ||
version = ">=3.71.0" | ||
} | ||
random = { | ||
source = "hashicorp/random" | ||
version = "~>3.0" | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
# GraphDB Application Gateway Module |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,126 @@ | ||
data "azurerm_resource_group" "graphdb" { | ||
name = var.resource_group_name | ||
} | ||
|
||
data "azurerm_subnet" "graphdb-gateway" { | ||
name = var.gateway_subnet_name | ||
resource_group_name = var.resource_group_name | ||
virtual_network_name = var.network_interface_name | ||
} | ||
|
||
data "azurerm_public_ip" "graphdb-gateway" { | ||
name = var.gateway_public_ip_name | ||
resource_group_name = var.resource_group_name | ||
} | ||
|
||
data "azurerm_user_assigned_identity" "graphdb-gateway-tls" { | ||
name = var.gateway_identity_name | ||
resource_group_name = var.resource_group_name | ||
} | ||
|
||
locals { | ||
resource_group = data.azurerm_resource_group.graphdb.name | ||
location = data.azurerm_resource_group.graphdb.location | ||
|
||
gateway_ip_configuration_name = "${var.resource_name_prefix}-gateway-ip-configuration" | ||
gateway_frontend_port_name = "${var.resource_name_prefix}-gateway-public-port-configuration" | ||
gateway_frontend_ip_configuration_name = "${var.resource_name_prefix}-gateway-public-ip-configuration" | ||
gateway_backend_address_pool_name = "${var.resource_name_prefix}-gateway-backend-address-pool" | ||
gateway_backend_http_settings_name = "${var.resource_name_prefix}-gateway-backend-http-settings" | ||
gateway_http_probe_name = "${var.resource_name_prefix}-gateway-http-probe" | ||
gateway_http_listener_name = "${var.resource_name_prefix}-gateway-http-listener" | ||
gateway_request_routing_rule_name = "${var.resource_name_prefix}-gateway-request-routing-rule" | ||
gateway_ssl_certificate_name = "${var.resource_name_prefix}-ssl" | ||
} | ||
|
||
resource "azurerm_application_gateway" "graphdb" { | ||
name = var.resource_name_prefix | ||
resource_group_name = local.resource_group | ||
location = local.location | ||
|
||
autoscale_configuration { | ||
min_capacity = var.gateway_min_capacity | ||
max_capacity = var.gateway_max_capacity | ||
} | ||
|
||
enable_http2 = true | ||
|
||
# TODO: Connection draining? | ||
|
||
sku { | ||
name = "Standard_v2" | ||
tier = "Standard_v2" | ||
} | ||
|
||
identity { | ||
type = "UserAssigned" | ||
identity_ids = [data.azurerm_user_assigned_identity.graphdb-gateway-tls.id] | ||
} | ||
|
||
ssl_certificate { | ||
name = local.gateway_ssl_certificate_name | ||
key_vault_secret_id = var.gateway_tls_certificate_secret_id | ||
} | ||
|
||
gateway_ip_configuration { | ||
name = local.gateway_ip_configuration_name | ||
subnet_id = data.azurerm_subnet.graphdb-gateway.id | ||
} | ||
|
||
frontend_port { | ||
name = local.gateway_frontend_port_name | ||
port = 443 | ||
} | ||
|
||
frontend_ip_configuration { | ||
name = local.gateway_frontend_ip_configuration_name | ||
public_ip_address_id = data.azurerm_public_ip.graphdb-gateway.id | ||
} | ||
|
||
backend_address_pool { | ||
name = local.gateway_backend_address_pool_name | ||
} | ||
|
||
probe { | ||
name = local.gateway_http_probe_name | ||
|
||
host = "127.0.0.1" | ||
path = var.gateway_probe_path | ||
protocol = var.gateway_backend_protocol | ||
interval = var.gateway_probe_interval | ||
timeout = var.gateway_probe_timeout | ||
unhealthy_threshold = var.gateway_probe_threshold | ||
} | ||
|
||
backend_http_settings { | ||
name = local.gateway_backend_http_settings_name | ||
path = var.gateway_backend_path | ||
port = var.gateway_backend_port | ||
protocol = var.gateway_backend_protocol | ||
request_timeout = var.gateway_backend_request_timeout | ||
|
||
# Use dedicated HTTP probe | ||
probe_name = local.gateway_http_probe_name | ||
|
||
cookie_based_affinity = "Disabled" | ||
} | ||
|
||
http_listener { | ||
name = local.gateway_http_listener_name | ||
frontend_ip_configuration_name = local.gateway_frontend_ip_configuration_name | ||
frontend_port_name = local.gateway_frontend_port_name | ||
protocol = "Https" | ||
ssl_certificate_name = local.gateway_ssl_certificate_name | ||
} | ||
|
||
request_routing_rule { | ||
name = local.gateway_request_routing_rule_name | ||
priority = 1 | ||
rule_type = "Basic" | ||
http_listener_name = local.gateway_http_listener_name | ||
backend_address_pool_name = local.gateway_backend_address_pool_name | ||
backend_http_settings_name = local.gateway_backend_http_settings_name | ||
} | ||
|
||
tags = var.tags | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
output "gateway_id" { | ||
description = "Identifier of the application gateway for GraphDB" | ||
value = azurerm_application_gateway.graphdb.id | ||
} | ||
|
||
output "gateway_backend_address_pool_id" { | ||
description = "Identifier of the application gateway backend address pool" | ||
value = one(azurerm_application_gateway.graphdb.backend_address_pool).id | ||
} |
Oops, something went wrong.