diff --git a/modules/net-lb-int/README.md b/modules/net-lb-int/README.md
index c5773883c8..02c4fbc847 100644
--- a/modules/net-lb-int/README.md
+++ b/modules/net-lb-int/README.md
@@ -14,6 +14,7 @@ One other issue is a `Provider produced inconsistent final plan` error which is
- [Referencing existing MIGs](#referencing-existing-migs)
- [Externally managed instances](#externally-managed-instances)
+- [Passing multiple protocols through the load balancers](#passing-multiple-protocols-through-the-load-balancers)
- [End to end example](#end-to-end-example)
### Referencing existing MIGs
@@ -108,6 +109,38 @@ module "ilb" {
# tftest modules=1 resources=4
```
+### Passing multiple protocols through the load balancers
+
+The example shows how to send multiple protocols through the same internal network passthrough load balancer.
+
+```hcl
+module "ilb" {
+ source = "./fabric/modules/net-lb-int"
+ project_id = var.project_id
+ region = "europe-west1"
+ name = "ilb-test"
+ protocol = "L3_DEFAULT"
+ service_label = "ilb-test"
+ vpc_config = {
+ network = var.vpc.self_link
+ subnetwork = var.subnet.self_link
+ }
+ group_configs = {
+ my-group = {
+ zone = "europe-west1-b"
+ instances = [
+ "instance-1-self-link",
+ "instance-2-self-link"
+ ]
+ }
+ }
+ backends = [{
+ group = module.ilb.groups.my-group.self_link
+ }]
+}
+# tftest modules=1 resources=4
+```
+
### End to end example
This example spins up a simple HTTP server and combines four modules:
@@ -179,22 +212,22 @@ module "ilb" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [name](variables.tf#L188) | Name used for all resources. | string | ✓ | |
-| [project_id](variables.tf#L199) | Project id where resources will be created. | string | ✓ | |
-| [region](variables.tf#L210) | GCP region. | string | ✓ | |
-| [vpc_config](variables.tf#L221) | VPC-level configuration. | object({…}) | ✓ | |
+| [name](variables.tf#L189) | Name used for all resources. | string | ✓ | |
+| [project_id](variables.tf#L200) | Project id where resources will be created. | string | ✓ | |
+| [region](variables.tf#L211) | GCP region. | string | ✓ | |
+| [vpc_config](variables.tf#L222) | VPC-level configuration. | object({…}) | ✓ | |
| [address](variables.tf#L17) | Optional IP address used for the forwarding rule. | string | | null |
-| [backend_service_config](variables.tf#L23) | Backend service level configuration. | object({…}) | | {} |
-| [backends](variables.tf#L56) | Load balancer backends, balancing mode is one of 'CONNECTION' or 'UTILIZATION'. | list(object({…})) | | [] |
-| [description](variables.tf#L75) | Optional description used for resources. | string | | "Terraform managed." |
-| [global_access](variables.tf#L81) | Global access, defaults to false if not set. | bool | | null |
-| [group_configs](variables.tf#L87) | Optional unmanaged groups to create. Can be referenced in backends via outputs. | map(object({…})) | | {} |
-| [health_check](variables.tf#L99) | Name of existing health check to use, disables auto-created health check. | string | | null |
-| [health_check_config](variables.tf#L105) | Optional auto-created health check configuration, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | object({…}) | | {…} |
-| [labels](variables.tf#L182) | Labels set on resources. | map(string) | | {} |
-| [ports](variables.tf#L193) | Comma-separated ports, leave null to use all ports. | list(string) | | null |
-| [protocol](variables.tf#L204) | IP protocol used, defaults to TCP. | string | | "TCP" |
-| [service_label](variables.tf#L215) | Optional prefix of the fully qualified forwarding rule name. | string | | null |
+| [backend_service_config](variables.tf#L23) | Backend service level configuration. | object({…}) | | {} |
+| [backends](variables.tf#L57) | Load balancer backends, balancing mode is one of 'CONNECTION' or 'UTILIZATION'. | list(object({…})) | | [] |
+| [description](variables.tf#L76) | Optional description used for resources. | string | | "Terraform managed." |
+| [global_access](variables.tf#L82) | Global access, defaults to false if not set. | bool | | null |
+| [group_configs](variables.tf#L88) | Optional unmanaged groups to create. Can be referenced in backends via outputs. | map(object({…})) | | {} |
+| [health_check](variables.tf#L100) | Name of existing health check to use, disables auto-created health check. | string | | null |
+| [health_check_config](variables.tf#L106) | Optional auto-created health check configuration, use the output self-link to set it in the auto healing policy. Refer to examples for usage. | object({…}) | | {…} |
+| [labels](variables.tf#L183) | Labels set on resources. | map(string) | | {} |
+| [ports](variables.tf#L194) | Comma-separated ports, leave null to use all ports. | list(string) | | null |
+| [protocol](variables.tf#L205) | Forwarding rule protocol used, defaults to TCP. | string | | "TCP" |
+| [service_label](variables.tf#L216) | Optional prefix of the fully qualified forwarding rule name. | string | | null |
## Outputs
diff --git a/modules/net-lb-int/main.tf b/modules/net-lb-int/main.tf
index 698293a57f..eccb536ef4 100644
--- a/modules/net-lb-int/main.tf
+++ b/modules/net-lb-int/main.tf
@@ -32,7 +32,7 @@ resource "google_compute_forwarding_rule" "default" {
name = var.name
description = var.description
ip_address = var.address
- ip_protocol = var.protocol # TCP | UDP
+ ip_protocol = var.protocol
backend_service = (
google_compute_region_backend_service.default.self_link
)
@@ -54,7 +54,7 @@ resource "google_compute_region_backend_service" "default" {
name = var.name
description = var.description
load_balancing_scheme = "INTERNAL"
- protocol = var.protocol
+ protocol = var.backend_service_config.protocol
network = var.vpc_config.network
health_checks = [local.health_check]
connection_draining_timeout_sec = var.backend_service_config.connection_draining_timeout_sec
diff --git a/modules/net-lb-int/variables.tf b/modules/net-lb-int/variables.tf
index 9e90c1db35..d10f6dbd70 100644
--- a/modules/net-lb-int/variables.tf
+++ b/modules/net-lb-int/variables.tf
@@ -36,6 +36,7 @@ variable "backend_service_config" {
ratio = optional(number)
}))
log_sample_rate = optional(number)
+ protocol = optional(string, "UNSPECIFIED")
session_affinity = optional(string)
timeout_sec = optional(number)
})
@@ -202,7 +203,7 @@ variable "project_id" {
}
variable "protocol" {
- description = "IP protocol used, defaults to TCP."
+ description = "Forwarding rule protocol used, defaults to TCP."
type = string
default = "TCP"
}
diff --git a/tests/modules/net_lb_int/defaults.yaml b/tests/modules/net_lb_int/defaults.yaml
index f66ea2a888..dcbc12d043 100644
--- a/tests/modules/net_lb_int/defaults.yaml
+++ b/tests/modules/net_lb_int/defaults.yaml
@@ -54,7 +54,7 @@ values:
name: ilb-test
network: default
project: my-project
- protocol: TCP
+ protocol: UNSPECIFIED
region: europe-west1
counts: