Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Application Gateway Redirect Rules #552

Closed
kha7 opened this issue Nov 13, 2017 · 7 comments
Closed

Feature Request: Application Gateway Redirect Rules #552

kha7 opened this issue Nov 13, 2017 · 7 comments
Labels
enhancement service/application-gateway upstream/microsoft Indicates that there's an upstream issue blocking this issue/PR

Comments

@kha7
Copy link

kha7 commented Nov 13, 2017

Terraform Version: 0.10.8
Affected Resource(s): Azurerm Application gateway

In the request_routing_rule block, can you please add support for redirectConfiguration? (That's the Azurerm json label) We would like to create HTTP to HTTPS redirect rules.

This feature was added to Azure App Gateways in July 2017:
https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-configure-redirect-powershell
@tombuildsstuff tombuildsstuff added this to the 1.0.1 milestone Dec 18, 2017
@tombuildsstuff tombuildsstuff self-assigned this Dec 18, 2017
@tombuildsstuff tombuildsstuff modified the milestones: 1.0.1, Future Jan 10, 2018
@tombuildsstuff tombuildsstuff removed their assignment Feb 13, 2018
@tombuildsstuff tombuildsstuff mentioned this issue Feb 26, 2018
Closed
@achandmsft achandmsft added the M3 label Apr 26, 2018
@katbyte katbyte added the upstream/microsoft Indicates that there's an upstream issue blocking this issue/PR label May 18, 2018
@tombuildsstuff tombuildsstuff mentioned this issue Jun 1, 2018
Closed
@tombuildsstuff
Copy link
Contributor

👋

To give an update here: we're still waiting for the Application Gateway API to be fixed before proceeding with any enhancements or bug fixes for this resource; once the API is fixed (I've just requested an update). As such I've de-prioritised this issue for the moment, but we'll circle around and take another look once the API's in a usable state - sorry for the inconvenience here!

Thanks!

@tombuildsstuff tombuildsstuff removed the M3 label Jun 1, 2018
@tombuildsstuff tombuildsstuff mentioned this issue Jun 19, 2018
Closed
@tombuildsstuff tombuildsstuff mentioned this issue Jul 15, 2018
Closed
@tombuildsstuff
Copy link
Contributor

hi @kha7

Given this issue is blocked on an upstream issue in the Azure API rather than keeping multiple issues open and trying to ensure they all remain up to date - I'm going to close this in favour of #1576 which is the Meta-Issue tracking the Bugs and Enhancements for the Application Gateway Resource. Once the bug in the API is fixed we should be able to take a look into this, but we'll keep track of the status of this issue there for the moment.

Thanks!

@ichwill100
Copy link

Could this be a work around until this new feature is released?

resource "azurerm_public_ip" "app-gw-pip" {
    name                         = "${azurerm_resource_group.k8s.name}-apw-pip"
    location                     = "${azurerm_resource_group.k8s.location}"
    resource_group_name          = "${azurerm_resource_group.k8s.name}"
    public_ip_address_allocation = "Dynamic"
}

resource "azurerm_application_gateway" "app-gw-k8s" {
    name                = "${azurerm_virtual_network.k8s_vnet.name}-apw"
    location            = "${azurerm_resource_group.k8s.location}"
    resource_group_name = "${azurerm_resource_group.k8s.name}"
    sku {
        name           = "Standard_Small"
        tier           = "Standard"
        capacity       = 2
    }
    gateway_ip_configuration {
        name         = "${azurerm_virtual_network.k8s_vnet.name}-gwip-cfg"
        subnet_id    = "${azurerm_virtual_network.k8s_vnet.id}/subnets/${azurerm_subnet.k8s_gw_subnet.name}"
    }
    ssl_certificate {
        name     = "${azurerm_virtual_network.k8s_vnet.name}-ssl"
        data     = "${base64encode(file("cert/public.pfx"))}"
        password = "test1234"
    }
    frontend_port {
        name         = "${azurerm_virtual_network.k8s_vnet.name}-feport-http"
        port         = 80
    }
    frontend_port {
        name         = "${azurerm_virtual_network.k8s_vnet.name}-feport-https"
        port         = 443
    }
    frontend_ip_configuration {
        name         = "${azurerm_virtual_network.k8s_vnet.name}-feip"  
        public_ip_address_id = "${azurerm_public_ip.app-gw-pip.id}"
    }
    backend_address_pool {
        name = "${azurerm_virtual_network.k8s_vnet.name}-beap"
        # ip_address_list = ["${element(azurerm_network_interface.app-gw-nic.*.private_ip_address, count.index)}"] 
        ip_address_list = ["172.16.1.7"] 
    }
    backend_http_settings {
        name                  = "${azurerm_virtual_network.k8s_vnet.name}-be-htst"
        cookie_based_affinity = "Disabled"
        port                  = 80
        protocol              = "Http"
        request_timeout        = 1
    }
// As there is not support for redirecction rules in Azure for terraform yet. HTTPS is the only listener configured
    http_listener {
        name                                  = "${azurerm_virtual_network.k8s_vnet.name}-httplstn-http"
        frontend_ip_configuration_name        = "${azurerm_virtual_network.k8s_vnet.name}-feip"
        frontend_port_name                    = "${azurerm_virtual_network.k8s_vnet.name}-feport-http"
        protocol                              = "Http"
    }
    # request_routing_rule {
    #     name                       = "${azurerm_virtual_network.k8s_vnet.name}-rqrt"
    #     rule_type                  = "Basic"
    #     http_listener_name         = "${azurerm_virtual_network.k8s_vnet.name}-httplstn"
    #     backend_address_pool_name  = "${azurerm_virtual_network.k8s_vnet.name}-beap"
    #     backend_http_settings_name = "${azurerm_virtual_network.k8s_vnet.name}-be-htst"
    # }
    http_listener {
        name                                  = "${azurerm_virtual_network.k8s_vnet.name}-httplstn-https"
        frontend_ip_configuration_name        = "${azurerm_virtual_network.k8s_vnet.name}-feip"
        frontend_port_name                    = "${azurerm_virtual_network.k8s_vnet.name}-feport-https"
        protocol                              = "Https"
        ssl_certificate_name                  = "${azurerm_virtual_network.k8s_vnet.name}-ssl"
    }
    request_routing_rule {
        name                       = "${azurerm_virtual_network.k8s_vnet.name}-rqrt"
        rule_type                  = "Basic"
        http_listener_name         = "${azurerm_virtual_network.k8s_vnet.name}-httplstn-https"
        backend_address_pool_name  = "${azurerm_virtual_network.k8s_vnet.name}-beap"
        backend_http_settings_name = "${azurerm_virtual_network.k8s_vnet.name}-be-htst"
    }

    depends_on  = [ "null_resource.deploy_echoserver" ]
}

// As there is not support for redirecction rules in Azure for terraform yet. HTTPS is the only listener configured
resource "null_resource" "config_redirect_rule_http_to_https" {
    provisioner "local-exec" {
        command     = "az network application-gateway redirect-config create --gateway-name ${azurerm_application_gateway.app-gw-k8s.name} --name ${azurerm_virtual_network.k8s_vnet.name}-rcfg-http-to-https --resource-group ${azurerm_resource_group.k8s.name} --type Permanent --target-listener ${azurerm_virtual_network.k8s_vnet.name}-httplstn-https"
    }

    lifecycle {
      ignore_changes = ["provisioner"]
    }
}

@tombuildsstuff tombuildsstuff modified the milestones: Future, Being Sorted Oct 25, 2018
@jaredallard
Copy link

This API has since been fixed, any idea when this will be implemented?

@jamiejackson
Copy link

Once the bug in the API is fixed we should be able to take a look into this, but we'll keep track of the status of this issue [in #1576] for the moment.

@tombuildsstuff: I'm confused; please shed some light? If a solution is still pending, which ticket should I be watching? Alternatively, if a solution has been implemented, where is the documentation?

@mangeshparanjape
Copy link

Is this functionality going to be available in near future

@tombuildsstuff
Copy link
Contributor

This feature request is being tracked in #1576 - rather than trying to track the conversations across multiple issues since this issue is closed I'm going to lock this issue for the moment; please subscribe to #1576 for updates

@hashicorp hashicorp locked and limited conversation to collaborators Dec 12, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement service/application-gateway upstream/microsoft Indicates that there's an upstream issue blocking this issue/PR
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@jamiejackson @tombuildsstuff @katbyte @jaredallard @mangeshparanjape @achandmsft @ichwill100 @kha7