diff --git a/modules/loadbalancer/README.md b/modules/loadbalancer/README.md
index db62667e..a57c4552 100644
--- a/modules/loadbalancer/README.md
+++ b/modules/loadbalancer/README.md
@@ -94,7 +94,7 @@ No modules.
| [avzones](#input\_avzones) | After provider version 3.x you need to specify in which availability zone(s) you want to place IP.
ie: for zone-redundant with 3 availability zone in current region value will be:["1","2","3"]
| `list(string)` | `[]` | no |
| [backend\_name](#input\_backend\_name) | The name of the backend pool to create. If an empty name is provided, it will be auto-generated.
All the frontends of the load balancer always use the same single backend. | `string` | `""` | no |
| [enable\_zones](#input\_enable\_zones) | If false, all the subnet-associated frontends and also all created Public IP addresses default to not to use Availability Zones (the `No-Zone` setting). It is intended for the regions that do not yet support Availability Zones. | `bool` | `true` | no |
-| [frontend\_ips](#input\_frontend\_ips) | A map of objects describing LB frontend IP configurations. Used for both public or private load balancers.
Keys of the map are the names of the created load balancers.
Public LB
- `create_public_ip` : Optional. Set to `true` to create a public IP.
- `public_ip_name` : Ignored if `create_public_ip` is `true`. The existing public IP resource name to use.
- `public_ip_resource_group` : Ignored if `create_public_ip` is `true` or if `public_ip_name` is null. The name of the resource group which holds `public_ip_name`.
Examplefrontend_ips = {
pip_existing = {
create_public_ip = false
public_ip_name = "my_ip"
public_ip_resource_group = "my_rg_name"
rules = {
HTTP = {
port = 80
protocol = "Tcp"
}
}
}
}Private LB
- `subnet_id` : Identifier of an existing subnet.
- `private_ip_address_allocation` : Type of private allocation: `Static` or `Dynamic`.
- `private_ip_address` : If `Static`, the private IP address.
Examplefrontend_ips = {
internal_fe = {
subnet_id = azurerm_subnet.this.id
private_ip_address_allocation = "Static"
private_ip_address = "192.168.0.10"
rules = {
HA_PORTS = {
port = 0
protocol = "All"
}
}
}
}Zone usage
You can specifies a list of Availability Zones in which the IP Address for this Load Balancer should be located.
- `zones` : Specify in which zones you want to create frontend IP address. Pass list with zone coverage, ie: `["1","2","3"]`
Examplefrontend_ips = {
internal = {
subnet_id = azurerm_subnet.this.id
private_ip_address_allocation = "Static"
private_ip_address = "192.168.0.10"
zones = ["1","2","3"]
}
} | `any` | n/a | yes |
+| [frontend\_ips](#input\_frontend\_ips) | A map of objects describing LB frontend IP configurations. Used for both public or private load balancers.
Keys of the map are the names of the created load balancers.
Public LB
- `create_public_ip` : Optional. Set to `true` to create a public IP.
- `public_ip_name` : Ignored if `create_public_ip` is `true`. The existing public IP resource name to use.
- `public_ip_resource_group` : Ignored if `create_public_ip` is `true` or if `public_ip_name` is null. The name of the resource group which holds `public_ip_name`.
Examplefrontend_ips = {
pip_existing = {
create_public_ip = false
public_ip_name = "my_ip"
public_ip_resource_group = "my_rg_name"
rules = {
HTTP = {
port = 80
protocol = "Tcp"
}
}
}
}Private LB
- `subnet_id` : Identifier of an existing subnet.
- `private_ip_address_allocation` : Type of private allocation: `Static` or `Dynamic`.
- `private_ip_address` : If `Static`, the private IP address.
Examplefrontend_ips = {
internal_fe = {
subnet_id = azurerm_subnet.this.id
private_ip_address_allocation = "Static"
private_ip_address = "192.168.0.10"
rules = {
HA_PORTS = {
port = 0
protocol = "All"
}
}
}
}Zone usage
You can specifies a list of Availability Zones in which the IP Address for this Load Balancer should be located.
- `zones` : Specify in which zones you want to create frontend IP address. Pass list with zone coverage, ie: `["1","2","3"]`
Examplefrontend_ips = {
internal = {
subnet_id = azurerm_subnet.this.id
private_ip_address_allocation = "Static"
private_ip_address = "192.168.0.10"
zones = ["1","2","3"]
}
}Session persistence/Load distribution
By default the Load Balancer uses a 5 tuple hash to map traffic to available servers. This can be controlled using `session_persistence` property defined inside a role. Available values are:
- `Default` : this is the 5 tuple hash - this method is also used when no property is defined
- `SourceIP` : a 2 tuple hash is used
- `SourceIPProtocol` : a 3 tuple hash is used
Examplefrontend_ips = {
rule_1 = {
create_public_ip = true
rules = {
HTTP = {
port = 80
protocol = "Tcp"
session_persistence = "SourceIP"
}
}
}
} | `any` | n/a | yes |
| [location](#input\_location) | Region to deploy load balancer and dependencies. | `string` | n/a | yes |
| [name](#input\_name) | The name of the load balancer. | `string` | n/a | yes |
| [network\_security\_allow\_source\_ips](#input\_network\_security\_allow\_source\_ips) | List of IP CIDR ranges (such as `["192.168.0.0/16"]` or `["*"]`) from which the inbound traffic to all frontends should be allowed.
If it's empty, user is responsible for configuring a Network Security Group separately, possibly using the `frontend_combined_rules` output.
The list cannot include Azure tags like "Internet" or "Sql.EastUS". | `list(string)` | `[]` | no |
diff --git a/modules/loadbalancer/main.tf b/modules/loadbalancer/main.tf
index 37fc2d13..e0799f3a 100644
--- a/modules/loadbalancer/main.tf
+++ b/modules/loadbalancer/main.tf
@@ -140,6 +140,7 @@ resource "azurerm_lb_rule" "lb_rules" {
frontend_port = each.value.rule.port
enable_floating_ip = true
disable_outbound_snat = local.disable_outbound_snat
+ load_distribution = try(each.value.rule.session_persistence, null)
}
resource "azurerm_lb_outbound_rule" "outb_rules" {
diff --git a/modules/loadbalancer/variables.tf b/modules/loadbalancer/variables.tf
index 2f233ee0..bb0f0791 100644
--- a/modules/loadbalancer/variables.tf
+++ b/modules/loadbalancer/variables.tf
@@ -69,6 +69,31 @@ variable "frontend_ips" {
}
}
```
+
+ Session persistence/Load distribution
+
+ By default the Load Balancer uses a 5 tuple hash to map traffic to available servers. This can be controlled using `session_persistence` property defined inside a role. Available values are:
+
+ - `Default` : this is the 5 tuple hash - this method is also used when no property is defined
+ - `SourceIP` : a 2 tuple hash is used
+ - `SourceIPProtocol` : a 3 tuple hash is used
+
+ Example
+
+ ```
+ frontend_ips = {
+ rule_1 = {
+ create_public_ip = true
+ rules = {
+ HTTP = {
+ port = 80
+ protocol = "Tcp"
+ session_persistence = "SourceIP"
+ }
+ }
+ }
+ }
+ ```
EOF
}
variable "outbound_rules" {