This is a terraform module to create Volterra's Application Delivery Network usecase. Read the Application Delivery Network usecase guide to learn more.
-
Signup For Volterra Account
If you don't have a Volterra account. Please follow this link to signup
-
Download Volterra API credentials file
Follow how to generate API Certificate to create API credentials
-
Setup domain delegation
Follow steps from this link to create domain delegation.
-
Install terraform
For homebrew installed on macos, run below command to install terraform. For rest of the os follow the instructions from this link to install terraform
$ brew tap hashicorp/tap $ brew install hashicorp/tap/terraform # to update $ brew upgrade hashicorp/tap/terraform -
Export the API certificate password, path to your local p12 file and your api url as environment variables, this is needed for volterra provider to work
export VES_P12_PASSWORD=<your credential password> export VOLT_API_P12_FILE=<path to your local p12 file> export VOLT_API_URL=<team or org tenant api url>
variable "api_url" {
#--- UNCOMMENT FOR TEAM OR ORG TENANTS
# default = "https://<TENANT-NAME>.console.ves.volterra.io/api"
#--- UNCOMMENT FOR INDIVIDUAL/FREEMIUM
# default = "https://console.ves.volterra.io/api"
}
# This points the absolute path of the api credentials file you downloaded from Volterra
variable "api_p12_file" {
default = "path/to/your/api-creds.p12"
}
variable "app_fqdn" {}
variable "namespace" {
default = ""
}
variable "disable_js_challenge" {
default = false
}
variable "name" {}
locals{
namespace = var.namespace != "" ? var.namespace : var.name
}
terraform {
required_providers {
volterra = {
source = "volterraedge/volterra"
version = "0.4.0"
}
}
}
module "app-delivery-network" {
source = "volterraedge/app-delivery-network/volterra"
adn_name = var.name
volterra_namespace = local.namespace
app_domain = var.app_fqdn
disable_js_challenge = var.disable_js_challenge
}
output "adn_app_url" {
value = module.app-delivery-network.app_url
}| Name | Version |
|---|---|
| terraform | >= 0.13.1 |
| local | >= 2.0 |
| null | >= 3.0 |
| volterra | >= 0.11.5 |
| Name | Version |
|---|---|
| local | >= 2.0 |
| null | >= 3.0 |
| volterra | >= 0.11.5 |
No modules.
| Name | Type |
|---|---|
| local_file.hipster_manifest | resource |
| local_file.this_kubeconfig | resource |
| null_resource.apply_manifest | resource |
| volterra_api_credential.this | resource |
| volterra_app_firewall.this | resource |
| volterra_http_loadbalancer.this | resource |
| volterra_namespace.this | resource |
| volterra_origin_pool.this | resource |
| volterra_virtual_k8s.this | resource |
| volterra_namespace.this | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| adn_name | ADN Name. Also used as a prefix in names of related resources. | string |
n/a | yes |
| app_domain | FQDN for the app. If you have delegated domain prod.example.com, then your app_domain can be <app_name>.prod.example.com |
string |
n/a | yes |
| blocking | Enable blocking mode for app_firewall | bool |
true |
no |
| disable_js_challenge | disable javascript challenge | bool |
false |
no |
| enable_hsts | Flag to enable hsts for HTTPS loadbalancer | bool |
false |
no |
| enable_redirect | Flag to enable http redirect to HTTPS loadbalancer | bool |
true |
no |
| js_cookie_expiry | Javascript cookie expiry time in seconds | number |
3600 |
no |
| js_script_delay | Javascript challenge delay in miliseconds | number |
5000 |
no |
| volterra_namespace | Volterra app namespace where the object will be created. This cannot be system or shared ns. | string |
n/a | yes |
| volterra_namespace_exists | Flag to create or use existing volterra namespace | string |
false |
no |
| Name | Description |
|---|---|
| app_url | Domain VIP to access the application, running on ADN |