Create an HTTPS Origin based on private IP for VoltMesh
Problem this snippet solves:
How to create an HTTPS Origin that could be used in a VoltMesh HTTP or HTTPS Load-Balancer.
This Origin is based on a private IP that can be reached with a Volterra node deployed on the same site as the ressource.
How to use this snippet:
Pre-requirements:
- Have a Volterra API Certificate. Please see this page for the API Certificate generation: https://volterra.io/docs/how-to/user-mgmt/credentials
- Extract the certificate and the key from the .p12:
openssl pkcs12 -info -in certificate.p12 -out private_key.key -nodes -nocerts openssl pkcs12 -info -in certificate.p12 -out certificate.cert -nokeys
- Create a variables.tf Terraform variables file:
variable "api_cert" { type = string default = "/<full path to>/certificate.cert" } variable "api_key" { type = string default = "/<full path to>/private_key.key" } variable "api_url" { type = string default = "https://<tenant_name>.console.ves.volterra.io/api" }
- Create a main.tf Terraform file:
terraform { required_version = ">= 0.12.9, != 0.13.0" required_providers { volterra = { source = "volterraedge/volterra" version = ">=0.0.6" } } } provider "volterra" { api_cert = var.api_cert api_key = var.api_key url = var.api_url }
In the directory where your terraform files are, run:
terraform init
Then:
terraform apply
Code :
resource "volterra_origin_pool" "sample-https-origin-pool" { name = "sample-https-origin-pool" //Name of the namespace where the origin pool must be deployed namespace = "mynamespace" origin_servers { private_ip { ip = "10.17.20.13" //From which interface of the node onsite the IP of the service is reachable. Value are inside_network / outside_network or both. outside_network = true //Site definition site_locator { site { name = "name-of-the-site" namespace = "system" tenant = "name-of-the-tenant" } } } labels = { } } use_tls { use_host_header_as_sni = true tls_config { default_security = true } skip_server_verification = true no_mtls = true } no_tls = false port = "443" endpoint_selection = "LOCALPREFERED" loadbalancer_algorithm = "LB_OVERRIDE" }
Tested this on version:
No Version FoundPublished Oct 18, 2021
Version 1.0Philippe_Veys
Employee
Joined October 13, 2021
Philippe_Veys
Employee
Joined October 13, 2021
No CommentsBe the first to comment