Skip to content

Commit

Permalink
Revert "Revert "Feature/NetLB connection tracking"" (#5273) (#10243)
Browse files Browse the repository at this point in the history
* Revert "Revert "Feature/NetLB connection tracking (#5207)" (#5272)"

This reverts commit 2e54775.

* Marked connectionTrackingPolicy as beta-only

* Marked example as beta-only

Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
modular-magician authored Oct 4, 2021
1 parent 13ebe0d commit 53827db
Show file tree
Hide file tree
Showing 3 changed files with 83 additions and 3 deletions.
3 changes: 3 additions & 0 deletions .changelog/5273.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
compute: added NetLB support for Connection Tracking as `connectionTrackingPolicy` in `RegionBackendService`(beta)
```
4 changes: 2 additions & 2 deletions google/resource_compute_region_backend_service.go
Original file line number Diff line number Diff line change
Expand Up @@ -820,9 +820,9 @@ If it is not provided, the provider region is used.`,
Type: schema.TypeString,
Computed: true,
Optional: true,
ValidateFunc: validation.StringInSlice([]string{"NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE", ""}, false),
ValidateFunc: validation.StringInSlice([]string{"NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE", "CLIENT_IP_NO_DESTINATION", ""}, false),
Description: `Type of session affinity to use. The default is NONE. Session affinity is
not applicable if the protocol is UDP. Possible values: ["NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE"]`,
not applicable if the protocol is UDP. Possible values: ["NONE", "CLIENT_IP", "CLIENT_IP_PORT_PROTO", "CLIENT_IP_PROTO", "GENERATED_COOKIE", "HEADER_FIELD", "HTTP_COOKIE", "CLIENT_IP_NO_DESTINATION"]`,
},
"timeout_sec": {
Type: schema.TypeInt,
Expand Down
79 changes: 78 additions & 1 deletion website/docs/r/compute_region_backend_service.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,39 @@ resource "google_compute_subnetwork" "default" {
network = google_compute_network.default.id
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
<a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=region_backend_service_connection_tracking&cloudshell_image=gcr.io%2Fgraphite-cloud-shell-images%2Fterraform%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
<img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
</a>
</div>
## Example Usage - Region Backend Service Connection Tracking


```hcl
resource "google_compute_region_backend_service" "default" {
name = "region-service"
region = "us-central1"
health_checks = [google_compute_region_health_check.health_check.id]
connection_draining_timeout_sec = 10
session_affinity = "CLIENT_IP"
protocol = "TCP"
load_balancing_scheme = "EXTERNAL"
connection_tracking_policy {
tracking_mode = "PER_SESSION"
connection_persistence_on_unhealthy_backends = "NEVER_PERSIST"
idle_timeout_sec = 60
}
}
resource "google_compute_region_health_check" "health_check" {
name = "rbs-health-check"
region = "us-central1"
tcp_health_check {
port = 22
}
}
```

## Argument Reference

Expand Down Expand Up @@ -431,7 +464,14 @@ The following arguments are supported:
(Optional)
Type of session affinity to use. The default is NONE. Session affinity is
not applicable if the protocol is UDP.
Possible values are `NONE`, `CLIENT_IP`, `CLIENT_IP_PORT_PROTO`, `CLIENT_IP_PROTO`, `GENERATED_COOKIE`, `HEADER_FIELD`, and `HTTP_COOKIE`.
Possible values are `NONE`, `CLIENT_IP`, `CLIENT_IP_PORT_PROTO`, `CLIENT_IP_PROTO`, `GENERATED_COOKIE`, `HEADER_FIELD`, `HTTP_COOKIE`, and `CLIENT_IP_NO_DESTINATION`.

* `connection_tracking_policy` -
(Optional, [Beta](https://terraform.io/docs/providers/google/guides/provider_versions.html))
Connection Tracking configuration for this BackendService.
This is available only for Layer 4 Internal Load Balancing and
Network Load Balancing.
Structure is [documented below](#nested_connection_tracking_policy).

* `timeout_sec` -
(Optional)
Expand Down Expand Up @@ -917,6 +957,43 @@ The following arguments are supported:
less than one second are represented with a 0 `seconds` field and a positive
`nanos` field. Must be from 0 to 999,999,999 inclusive.

<a name="nested_connection_tracking_policy"></a>The `connection_tracking_policy` block supports:

* `idle_timeout_sec` -
(Optional)
Specifies how long to keep a Connection Tracking entry while there is
no matching traffic (in seconds).
For L4 ILB the minimum(default) is 10 minutes and maximum is 16 hours.
For NLB the minimum(default) is 60 seconds and the maximum is 16 hours.

* `tracking_mode` -
(Optional)
Specifies the key used for connection tracking. There are two options:
`PER_CONNECTION`: The Connection Tracking is performed as per the
Connection Key (default Hash Method) for the specific protocol.
`PER_SESSION`: The Connection Tracking is performed as per the
configured Session Affinity. It matches the configured Session Affinity.
Default value is `PER_CONNECTION`.
Possible values are `PER_CONNECTION` and `PER_SESSION`.

* `connection_persistence_on_unhealthy_backends` -
(Optional)
Specifies connection persistence when backends are unhealthy.
If set to `DEFAULT_FOR_PROTOCOL`, the existing connections persist on
unhealthy backends only for connection-oriented protocols (TCP and SCTP)
and only if the Tracking Mode is PER_CONNECTION (default tracking mode)
or the Session Affinity is configured for 5-tuple. They do not persist
for UDP.
If set to `NEVER_PERSIST`, after a backend becomes unhealthy, the existing
connections on the unhealthy backend are never persisted on the unhealthy
backend. They are always diverted to newly selected healthy backends
(unless all backends are unhealthy).
If set to `ALWAYS_PERSIST`, existing connections always persist on
unhealthy backends regardless of protocol and session affinity. It is
generally not recommended to use this mode overriding the default.
Default value is `DEFAULT_FOR_PROTOCOL`.
Possible values are `DEFAULT_FOR_PROTOCOL`, `NEVER_PERSIST`, and `ALWAYS_PERSIST`.

<a name="nested_log_config"></a>The `log_config` block supports:

* `enable` -
Expand Down

0 comments on commit 53827db

Please sign in to comment.