This module creates virtual server instances (VSI) across multiple subnets with any number of block storage volumes that are connected by any number of load balancers.
- A VPC
- A VPC SSH key
This module creates virtual servers across any number of subnets in a single VPC that is connected by a single security group. You can specify the number of virtual servers to provision on each subnet by using the vsi_per_subnet
variable. Virtual servers use the prefix
variable to dynamically create names. These names are also used as the Terraform address for each virtual server, which allows for easy reference.
module.vsi["test-vsi"].ibm_is_instance.vsi["test-vsi-1"]
module.vsi["test-vsi"].ibm_is_instance.vsi["test-vsi-2"]
module.vsi["test-vsi"].ibm_is_instance.vsi["test-vsi-3"]
This module creates any number of identical block storage volumes. One storage volume that is specified in the volumes
variable is created and attached to each virtual server. These block storage volumes use the virtual server name and the volume name to create easily identifiable and manageable addresses within Terraform:
module.vsi["test-vsi"].ibm_is_volume.volume["test-vsi-1-one"]
module.vsi["test-vsi"].ibm_is_volume.volume["test-vsi-2-one"]
module.vsi["test-vsi"].ibm_is_volume.volume["test-vsi-3-one"]
module.vsi["test-vsi"].ibm_is_volume.volume["test-vsi-1-two"]
module.vsi["test-vsi"].ibm_is_volume.volume["test-vsi-2-two"]
module.vsi["test-vsi"].ibm_is_volume.volume["test-vsi-3-two"]
By using the enable_floating_ip
, a floating IP address is assigned to each VSI created by this module. This floating IP address is displayed in the output, if provisioned.
This module creates any number of application load balancers to balance traffic between all virtual servers that are created by this module. Each load balancer can optionally be added to its own security group. Use the load_balancers
variable to configure the back-end pool and front-end listener for each load balancer.
module vsi {
# Replace "main" with a GIT release version to lock into a specific release
source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-landing-zone-vsi.git?ref=main"
resource_group_id = var.resource_group_id
prefix = var.prefix
tags = var.tags
vpc_id = var.vpc_id
subnets = var.subnets
image_id = var.image_id
ssh_key_ids = var.ssh_key_ids
machine_type = var.machine_type
vsi_per_subnet = var.vsi_per_subnet
user_data = var.user_data
boot_volume_encryption_key = var.boot_volume_encryption_key
enable_floating_ip = var.enable_floating_ip
allow_ip_spoofing = var.allow_ip_spoofing
create_security_group = var.create_security_group
security_group = var.security_group
security_group_ids = var.security_group_ids
block_storage_volumes = var.block_storage_volumes
load_balancers = var.load_balancers
secondary_subnets = var.secondary_subnets
secondary_use_vsi_security_group = var.secondary_use_vsi_security_group
secondary_security_group_ids = var.secondary_security_group_ids
secondary_allow_ip_spoofing = var.secondary_allow_ip_spoofing
}
You need the following permissions to run this module.
- Account Management
- Resource Group service
Viewer
platform access
- Resource Group service
- IAM Services
- VPC Infrastructure Services service
Editor
platform access
- VPC Infrastructure Services service
Name | Version |
---|---|
terraform | >= 1.0.0 |
ibm | >= 1.45.0 |
No modules.
Name | Type |
---|---|
ibm_is_floating_ip.secondary_fip | resource |
ibm_is_floating_ip.vsi_fip | resource |
ibm_is_instance.vsi | resource |
ibm_is_lb.lb | resource |
ibm_is_lb_listener.listener | resource |
ibm_is_lb_pool.pool | resource |
ibm_is_lb_pool_member.pool_members | resource |
ibm_is_security_group.security_group | resource |
ibm_is_security_group_rule.security_group_rules | resource |
ibm_is_volume.volume | resource |
ibm_is_vpc.vpc | data source |
ibm_is_vpcs.vpcs | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
allow_ip_spoofing | Allow IP spoofing on the primary network interface | bool |
false |
no |
block_storage_volumes | List describing the block storage volumes that will be attached to each vsi | list( |
[] |
no |
boot_volume_encryption_key | CRN of boot volume encryption key | string |
n/a | yes |
create_security_group | Create security group for VSI. If this is passed as false, the default will be used | bool |
n/a | yes |
enable_floating_ip | Create a floating IP for each virtual server created | bool |
false |
no |
image_id | Image ID used for VSI. Run 'ibmcloud is images' to find available images in a region | string |
n/a | yes |
load_balancers | Load balancers to add to VSI | list( |
[] |
no |
machine_type | VSI machine type. Run 'ibmcloud is instance-profiles' to get a list of regional profiles | string |
n/a | yes |
prefix | The IBM Cloud platform API key needed to deploy IAM enabled resources | string |
n/a | yes |
resource_group_id | id of resource group to create VPC | string |
n/a | yes |
secondary_allow_ip_spoofing | Allow IP spoofing on additional network interfaces | bool |
false |
no |
secondary_floating_ips | List of secondary interfaces to add floating ips | list(string) |
[] |
no |
secondary_security_groups | IDs of additional security groups to be added to VSI deployment secondary interfaces. A VSI interface can have a maximum of 5 security groups. | list( |
[] |
no |
secondary_subnets | List of secondary network interfaces to add to vsi secondary subnets must be in the same zone as VSI. This is only recommended for use with a deployment of 1 VSI. | list( |
[] |
no |
secondary_use_vsi_security_group | Use the security group created by this module in the secondary interface | bool |
false |
no |
security_group | Security group created for VSI | object({ |
n/a | yes |
security_group_ids | IDs of additional security groups to be added to VSI deployment primary interface. A VSI interface can have a maximum of 5 security groups. | list(string) |
[] |
no |
ssh_key_ids | ssh key ids to use in creating vsi | list(string) |
n/a | yes |
subnets | A list of subnet IDs where VSI will be deployed | list( |
n/a | yes |
tags | List of tags to apply to resources created by this module. | list(string) |
[] |
no |
user_data | User data to initialize VSI deployment | string |
n/a | yes |
vpc_id | ID of VPC | string |
n/a | yes |
vsi_per_subnet | Number of VSI instances for each subnet | number |
n/a | yes |
Name | Description |
---|---|
fip_list | A list of VSI with name, id, zone, and primary ipv4 address, and floating IP. This list only contains instances with a floating IP attached. |
ids | The IDs of the VSI |
lb_hostnames | Hostnames for the Load Balancer created |
lb_security_groups | Load Balancer security groups |
list | A list of VSI with name, id, zone, and primary ipv4 address |
vsi_security_group | Security group for the VSI |
You can report issues and request features for this module in the terraform-ibm-issue-tracker repo. See Report an issue or request a feature.
To set up your local development environment, see Local development setup in the project documentation.