/f5-bigip-tf-module

Primary LanguageHCL

F5 LTM Terraform Template

A Terraform module to provide a BIG-IQ licensed F5 BIG-IP device provisioned in a multi-arm configuration.

Desktop Picture

Requirements

Name Version
terraform >= 0.12.25
aws >= 2.68
random >= 2.3
template >= 2.1

Providers

Name Version
random >= 2.3
template >= 2.1
aws >= 2.68

Inputs

Name Description Type Default
vpc_id ID of the VPC where the F5 BIG-IP will reside. string n/a
key_pair Name of key pair to SSH into the F5 BIG-IP. string ""
instance_type Size of F5 BIG-IP's EC2 instance. string "t2.large"
management_subnet_id ID of F5 BIG-IP's management subnet. string n/a
external_subnet_id ID of F5 BIG-IP's external subnet. string n/a
internal_subnet_id ID of F5 BIG-IP's internal subnet. string n/a
management_ip Private IP Address of F5 BIG-IP's management interface. string n/a
external_ips List of private IP addresses used by F5 BIG-IP's external interface. list(string) n/a
internal_ips List of private IP addresses used by F5 BIG-IP's internal interface. list(string) n/a
hostname Hostname of F5 BIG-IP. string "demo-f5.example.com"
admin_password Admin password for F5 management console and SSH server. string ""
default_tags n/a map(any) {}
name_prefix n/a string ""
provisioned_modules List of provisioned BIG-IP modules configured on the F5 BIG-IP. list(string) 
[
  ""ltm": "nominal""
]
mgmt_sg_ports List of allowed ingress ports for management interface. list 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "port": 22,
    "protocol": "tcp"
  },
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "port": 443,
    "protocol": "tcp"
  },
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "port": 8443,
    "protocol": "tcp"
  }
]
external_sg_ports List of allowed ingress ports for external interface. list 
[
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "port": 80,
    "protocol": "tcp"
  },
  {
    "cidr_blocks": [
      "0.0.0.0/0"
    ],
    "port": 443,
    "protocol": "tcp"
  }
]
include_public_ip Adds an EIP to the F5 BIG-IP management interface. true or false. bool false

Outputs

Name Description
f5_management_ip Public IP of F5 BIG-IP's management interface.
f5_management_private_ips Private IPs of F5 BIG-IP's management interface.
f5_internal_private_ips Private IPs of F5 BIG-IP's internal interface.
f5_external_private_ips Private IPs of F5 BIG-IP's external interface.
f5_admin_password Password for F5 BIG-IP admin account.
f5_mgmt_mac_address MAC address for F5 management interface. Used for licensing purposes

Usage

module "f5_ltm_a" {
  source               = "git@github.com:wwt/f5-ltm-tf-template/"
  key_pair             = "test-key"
  name_prefix          = "${terraform.workspace}-"

  vpc_id               = "vpc-09072e62ba8e0dfc0"
  management_subnet_id = subnet-0c1c74a9b2a25646a
  external_subnet_id   = subnet-0c1c74a9b2a25646b
  internal_subnet_id   = subnet-0c1c74a9b2a25646c

  external_ips         = ["10.128.10.101"]
  internal_ips         = ["10.128.20.101"]
  management_ip        = "10.128.30.101"
  include_public_ip    = true
  
  bigiq_server         = "license.wwtlab.net"
  bigiq_username       = "admin"
  bigiq_password       = "admin"
  license_pool         = "license_server"
  provisioned_modules  = ["\"ltm\": \"nominal\"", "\"gtm\": \"nominal\""]
}

Authors

tyler.hatton@wwt.com