Merge pull request #9 from Geartrixy/hotfix/multiple_targets

Hotfix/multiple targets

CHANGELOG.md

@@ -7,12 +7,18 @@ BACKWARDS INCOMPATIBILITIES / NOTES:
 NEW FEATURES:
 
 * The HTTPS listener now supports offloading to HTTP target groups.
-Activated by setting parameter "lb_https_offloading=true"
+(Activated by setting parameter "lb_https_offloading=true")
+* Ability to add multiple targets to target groups
 
 IMPROVEMENTS:
 
-* Added the following output values:  lb_name, lb_arn, lb_arn_suffix, lb_dns_name, lb_zone_id
+* Added the following output values:  
+ * lb_name
+ * lb_arn
+ * lb_arn_suffix
+ * lb_dns_name
+ * lb_zone_id
 
 BUG FIXES:
 
-* N/A
+* Corrected "lb_security_group_ids" typo in README.md

README.md

@@ -66,12 +66,13 @@ https_health_check_matcher = "200-299" #default = 200 (Success codes)
 https_target_group_deregistration_delay = 30 #default = 300 (seconds)
 https_target_group_stickiness_enabled = true #default set to false
 https_target_group_stickiness_cookie_duration = 8640 #default 8640 seconds (1 day)
+```
 
-# VPC ID and the target instance are valid for both target groups and need only be set once:
-
+### VPC ID and Target Instance
+Are valid for both target groups and need only be set once. Multiple targets should be specified in a comma separated string without spaces. A maximum of 8 targets are currently supported in this module:
+```hcl
 vpc_id = "vpc-a01234bc"
-target_id = "i-00123456789123abc"
-
+target_id = "i-00123456789123aaa,i-00123456789123bbb,i-00123456789123ccc"
 ```
 
 
@@ -184,12 +185,13 @@ By default **all IP addresses are permitted** for both the HTTP and HTTPS securi
     rule_allow_lb_https_listener_traffic_in_cidr_blocks = ["172.16.0.0/16", "192.168.0.0/24"]
 ```
 
-#### Load Balancer Optional Arguments
+### Load Balancer Optional Arguments
+#### Adding Already Existing Security Groups
 
 Additional security groups can be added to the load balancer:
 
 ```hcl
-  lb_security_groups = ["sg-12345678", "sg-abc87654"]
+  lb_security_group_ids = ["sg-12345678", "sg-abc87654"]
 ```
 Idle timeout (default = 60) for the load balancer, defining if http2 is enabled (default = true) and enabling deletion protection (default = false) can also be set as follows:
 ```hcl

http_target_groups.tf

@@ -35,11 +35,54 @@ resource "aws_lb_target_group" "tg_http" {
   #tags = https://github.com/hashicorp/terraform/issues/15226
 }
 
-# Attach target to http target group(s)
-resource "aws_lb_target_group_attachment" "attach_http_tg" {
-  count = "${var.lb_http_listener ? "${length(var.http_target_group_names) == "${length(var.http_target_group_ports)}" ? "${length(var.http_target_group_names)}" : 0}" :0}"
-
+# Attach up to 8 targets to http target group(s)
+# aws_alb_target_group_attachment errors out when multiple instance id's used
+# Workaround until https://github.com/terraform-providers/terraform-provider-aws/issues/647 is solved
+resource "aws_lb_target_group_attachment" "attach_http_tg_target1" {
+  count = "${local.http_target_id_1}"
+  target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 0)}"
+  port             = "${element(var.http_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_http_tg_target2" {
+  count = "${local.http_target_id_2}"
+  target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 1)}"
+  port             = "${element(var.http_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_http_tg_target3" {
+  count = "${local.http_target_id_3}"
+  target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 2)}"
+  port             = "${element(var.http_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_http_tg_target4" {
+  count = "${local.http_target_id_4}"
+  target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 3)}"
+  port             = "${element(var.http_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_http_tg_target5" {
+  count = "${local.http_target_id_5}"
+  target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 4)}"
+  port             = "${element(var.http_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_http_tg_target6" {
+  count = "${local.http_target_id_6}"
+  target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 5)}"
+  port             = "${element(var.http_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_http_tg_target7" {
+  count = "${local.http_target_id_7}"
+  target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 6)}"
+  port             = "${element(var.http_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_http_tg_target8" {
+  count = "${local.http_target_id_8}"
   target_group_arn = "${element(aws_lb_target_group.tg_http.*.arn, count.index)}"
-  target_id        = "${var.target_id}"
+  target_id        = "${element(split(",", var.target_ids), 7)}"
   port             = "${element(var.http_target_group_ports, count.index)}"
 }

https_target_groups.tf

@@ -33,11 +33,54 @@ resource "aws_lb_target_group" "tg_https" {
   }
 }
 
-# Attach target to https target group(s)
-resource "aws_lb_target_group_attachment" "attach_https_tg" {
-  count = "${var.lb_https_listener ? "${!var.lb_https_offloading ? "${length(var.https_target_group_names) == "${length(var.https_target_group_ports)}" ? "${length(var.https_target_group_names)}" : 0}" :0}" :0}"
-
+# Attach up to 8 targets to https target group(s)
+# aws_alb_target_group_attachment errors out when multiple instance id's used
+# Workaround until https://github.com/terraform-providers/terraform-provider-aws/issues/647 is solved
+resource "aws_lb_target_group_attachment" "attach_https_tg_target1" {
+  count = "${local.https_target_id_1}"
+  target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 0)}"
+  port             = "${element(var.https_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_https_tg_target2" {
+  count = "${local.https_target_id_2}"
+  target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 1)}"
+  port             = "${element(var.https_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_https_tg_target3" {
+  count = "${local.https_target_id_3}"
+  target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 2)}"
+  port             = "${element(var.https_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_https_tg_target4" {
+  count = "${local.https_target_id_4}"
+  target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 3)}"
+  port             = "${element(var.https_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_https_tg_target5" {
+  count = "${local.https_target_id_5}"
+  target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 4)}"
+  port             = "${element(var.https_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_https_tg_target6" {
+  count = "${local.https_target_id_6}"
+  target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 5)}"
+  port             = "${element(var.https_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_https_tg_target7" {
+  count = "${local.https_target_id_7}"
+  target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
+  target_id        = "${element(split(",", var.target_ids), 6)}"
+  port             = "${element(var.https_target_group_ports, count.index)}"
+}
+resource "aws_lb_target_group_attachment" "attach_https_tg_target8" {
+  count = "${local.https_target_id_8}"
   target_group_arn = "${element(aws_lb_target_group.tg_https.*.arn, count.index)}"
-  target_id        = "${var.target_id}"
+  target_id        = "${element(split(",", var.target_ids), 7)}"
   port             = "${element(var.https_target_group_ports, count.index)}"
 }

locals.tf

@@ -9,4 +9,27 @@ locals {
   lb_private_subnet_ids = ["${var.lb_private_subnet_ids}"]
   lb_public_subnet_ids  = ["${var.lb_public_subnet_ids}"]
   lb_subnet_ids         = ["${split(",", var.lb_internal ? join(",", local.lb_private_subnet_ids) : join(",", local.lb_public_subnet_ids))}"]
+
+  # HTTP target group attachment
+  http_tg_attachment_conditionals =  "${var.lb_http_listener ?  "${length(var.http_target_group_names) == "${length(var.http_target_group_ports)}" ? "${length(var.http_target_group_names)}" : 0}" :0}"
+  http_target_id_1 = "${length(split(",", var.target_ids)) >= 1 ? "${local.http_tg_attachment_conditionals}" :0}"
+  http_target_id_2 = "${length(split(",", var.target_ids)) >= 2 ? "${local.http_tg_attachment_conditionals}" :0}"
+  http_target_id_3 = "${length(split(",", var.target_ids)) >= 3 ? "${local.http_tg_attachment_conditionals}" :0}"
+  http_target_id_4 = "${length(split(",", var.target_ids)) >= 4 ? "${local.http_tg_attachment_conditionals}" :0}"
+  http_target_id_5 = "${length(split(",", var.target_ids)) >= 5 ? "${local.http_tg_attachment_conditionals}" :0}"
+  http_target_id_6 = "${length(split(",", var.target_ids)) >= 6 ? "${local.http_tg_attachment_conditionals}" :0}"
+  http_target_id_7 = "${length(split(",", var.target_ids)) >= 7 ? "${local.http_tg_attachment_conditionals}" :0}"
+  http_target_id_8 = "${length(split(",", var.target_ids)) >= 8 ? "${local.http_tg_attachment_conditionals}" :0}"
+
+  # HTTPS target group attachment
+  https_tg_attachment_conditionals = "${var.lb_https_listener ? "${!var.lb_https_offloading ?  "${length(var.https_target_group_names) == "${length(var.https_target_group_ports)}" ? "${length(var.https_target_group_names)}" : 0}" :0}" :0}"
+
+  https_target_id_1 = "${length(split(",", var.target_ids)) >= 1 ? "${local.https_tg_attachment_conditionals}" :0}"
+  https_target_id_2 = "${length(split(",", var.target_ids)) >= 2 ? "${local.https_tg_attachment_conditionals}" :0}"
+  https_target_id_3 = "${length(split(",", var.target_ids)) >= 3 ? "${local.https_tg_attachment_conditionals}" :0}"
+  https_target_id_4 = "${length(split(",", var.target_ids)) >= 4 ? "${local.https_tg_attachment_conditionals}" :0}"
+  https_target_id_5 = "${length(split(",", var.target_ids)) >= 5 ? "${local.https_tg_attachment_conditionals}" :0}"
+  https_target_id_6 = "${length(split(",", var.target_ids)) >= 6 ? "${local.https_tg_attachment_conditionals}" :0}"
+  https_target_id_7 = "${length(split(",", var.target_ids)) >= 7 ? "${local.https_tg_attachment_conditionals}" :0}"
+  https_target_id_8 = "${length(split(",", var.target_ids)) >= 8 ? "${local.https_tg_attachment_conditionals}" :0}"
 }

variables_shared_target_group.tf

@@ -1,5 +1,5 @@
-# HTTP/HTTPS target group ID
-variable "target_id" {
-  description = "Instance ID for the target group"
+# HTTP/HTTPS target group IDs
+variable "target_ids" {
+  description = "Instance IDs for the target group(s)"
   default     = ""
 }