Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.
Awesome Lists | Featured Topics | Projects
https://github.com/memes/terraform-google-f5-bigip

Terraform modules for deploying F5 BIG-IP on Google Cloud Platform. Community supported.
https://github.com/memes/terraform-google-f5-bigip
bigip f5 f5-bigip gcp google-cloud google-cloud-platform terraform terraform-modules
Last synced: 7 days ago
JSON representation
Terraform modules for deploying F5 BIG-IP on Google Cloud Platform. Community supported.
Host: GitHub
URL: https://github.com/memes/terraform-google-f5-bigip
Owner: memes
License: apache-2.0
Created: 2020-08-20T21:51:07.000Z (over 4 years ago)
Default Branch: main
Last Pushed: 2021-05-26T17:50:39.000Z (over 3 years ago)
Last Synced: 2024-07-30T18:52:45.814Z (6 months ago)
Topics: bigip, f5, f5-bigip, gcp, google-cloud, google-cloud-platform, terraform, terraform-modules
Language: HCL
Homepage:
Size: 1.58 MB
Stars: 3
Watchers: 3
Forks: 4
Open Issues: 17
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project

README

        # Unofficial F5 BIG-IP Terraform modules for Google Cloud Platform

> You are viewing a **2.x release** of the modules, which supports

> **Terraform 0.13 and 0.14** only. *For modules compatible with Terraform 0.12,

> use a 1.x release.* Functionality is identical, but separate releases are

> required due to the difference in *variable validation* between Terraform 0.12

> and 0.13+.

This repo contains unofficial and unsupported¹ Terraform modules to

deploy F5 BIG-IP Virtual Edition on Google Cloud Platform, using a modular

approach that can be composed into a solution that is consistent for each variant

of a product.

> *TIP:* If you require assistance please join our

> [Slack GCP channel](https://f5cloudsolutions.slack.com/messages/gcp) and ask!

These modules support deploying supported BIG-IP versions instances to Google

Cloud in an opinionated manner. By themselves they do not implement a full stack

or solution, and additional setup will be needed for firewall rules, service

account creation and role assignments.

> **NOTE:** The modules do not include setup and configuration of supporting

> resources, such as ingress firewall rules or service accounts. Where required,

> the examples will include the bare-minimum setup to demonstrate usage.

Examples are provided for standalone, HA and CFE deployments.

## Rationale

The intent is allow for integration of BIG-IP with GCP infrastructure that is

managed using Google's

[Cloud Foundation Toolkit](https://cloud.google.com/foundation-toolkit)

Terraform modules or an equivalent. The modules here are not fully-baked

solutions, but can be integrated with foundational elements to build a reusable

deployment pipeline.

For example, the modules do not include ingress firewall rule resources as core

module components. This is because some organizations may mandate use of service

account based rules, where others prefer tag based, or a combination of both where

interfaces are attached to peered VPCs. The exception to this is the firewall

module to support ConfigSync for HA and CFE clusters; since the BIG-IPs will be

deployed to the same VPC networks, it is reasonably safe to assume a service

account based rule will be universally applicable.

## BIG-IP module options

The BIG-IP module will create standalone BIG-IP VMs that include default

[AS3](https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/)

and [DO](https://clouddocs.f5.com/products/extensions/f5-declarative-onboarding/latest/)

declarations (unless overridden). The sub-modules extend the standalone

functionality while retaining an the same API (implemented as Terraform input

variables) where possible. This promotes consistency and reuse when your project

calls for a CFE or Autoscaling approach. For more information about these see

the README files in each sub-module.

* Standalone BIG-IP instances

  * Support 1-8 network interfaces

  * Opinionated startup scripts

  * Override default gateway when needed; e.g. for bootstrapping in a restricted

     VPC where data-plane does not have egress

  * [Applications Services 3](https://clouddocs.f5.com/products/extensions/f5-appsvcs-extension/latest/) extension support

  * [Declarative Onboarding](https://clouddocs.f5.com/products/extensions/f5-declarative-onboarding/latest/) extension support

* High-availability BIG-IP clusters

  * **configsync-fw** helper sub-module to create required firewall rules for ConfigSync on control and data-plane networks

  * [Cloud Failover Extension](https://clouddocs.f5.com/products/extensions/f5-cloud-failover/latest/) support

  * **cfe-role** helper sub-module to create a custom role which satisfies the

    minimum privileges required for CFE to interact with GCP APIs

## Dependencies

The BIG-IP modules all have a common set of requirements.

1. Terraform 0.13.x or 0.14.x

   > You are viewing a **2.x release** of the modules, which supports

   > **Terraform 0.13 or 0.14** only. *For modules compatible with Terraform 0.12,

   > use a 1.x release.* Functionality is identical, but separate releases are required

   > due to the difference in *variable validation* between Terraform 0.12 and 0.13+.

2. Google Cloud [Secret Manager](https://cloud.google.com/secret-manager)

   There are many good options for run-time secret injection but this module is

   supporting Google's Secret Manager only at this time.

3. APIs to enable

   * Compute Engine `compute.googleapis.com`

   

   * Secret Manager `secretmanager.googleapis.com`

   * Storage (required for CFE) `storage-api.googleapis.com`

## Run-time setup

The BIG-IP modules in this repo support [cloud-init](https://cloudinit.readthedocs.io/en/latest/)

and [metadata-startup-script](https://cloud.google.com/compute/docs/startupscript)

boot options, defaulting to the metadata startup-script for compatibility with

BIG-IP versions 13.x, 14.x, and 15.x. Set the `use_cloud_init` input variable to

`true` to force the use of cloud-init on BIG-IP v15+.

Fundamentally both approaches launch the same shell scripts; the difference is

that `cloud-init` script installs a systemd service unit with dependencies to

prevent early execution, and automatically disables the service unit after

success. The simple metadata startup-script will execute on every boot.

For more information on how run-time configuration is applied to each BIG-IP

instance through the use of Terraform variables see

[CONFIGURATION](https://github.com/memes/terraform-google-f5-bigip/blob/main/CONFIGURATION.md).

For guidelines and steps to diagnose deployment and run-time issues see

[TROUBLESHOOTING](https://github.com/memes/terraform-google-f5-bigip/blob/main/TROUBLESHOOTING.md).

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | > 0.12 |

|  [google](#requirement\_google) | >= 3.48 |

## Providers

| Name | Version |

|------|---------|

|  [google](#provider\_google) | >= 3.48 |

## Modules

| Name | Source | Version |

|------|--------|---------|

|  [do\_payloads](#module\_do\_payloads) | ./modules/do-builder/ |  |

|  [metadata](#module\_metadata) | ./modules/metadata/ |  |

## Resources

| Name | Type |

|------|------|

| [google_compute_instance.bigip](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance) | resource |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [admin\_password\_secret\_manager\_key](#input\_admin\_password\_secret\_manager\_key) | The Secret Manager key for BIG-IP admin password; during initialisation, the
BIG-IP admin account's password will be changed to the value retrieved from GCP
Secret Manager (or other implementor - see `secret_implementor`) using this key.

NOTE: if the secret does not exist, is misidentified, or if the VM cannot read
the secret value associated with this key, then the BIG-IP onboarding will fail
to complete, and onboarding will require manual intervention. | `string` | n/a | yes |

|  [external\_subnetwork](#input\_external\_subnetwork) | The fully-qualified self-link of the subnet that will be used for external ingress
(2+ NIC deployment), or for all traffic in a 1NIC deployment. | `string` | n/a | yes |

|  [image](#input\_image) | The self-link URI for a BIG-IP image to use as a base for the VM cluster. This
can be an official F5 image from GCP Marketplace, or a customised image. | `string` | n/a | yes |

|  [project\_id](#input\_project\_id) | The GCP project identifier where the cluster will be created. | `string` | n/a | yes |

|  [service\_account](#input\_service\_account) | The service account that will be used for the BIG-IP VMs. | `string` | n/a | yes |

|  [zones](#input\_zones) | The compute zones which will host the BIG-IP VMs. | `list(string)` | n/a | yes |

|  [allow\_phone\_home](#input\_allow\_phone\_home) | Allow the BIG-IP VMs to send high-level device use information to help F5
optimize development resources. If set to false the information is not sent. | `bool` | `true` | no |

|  [as3\_payloads](#input\_as3\_payloads) | An optional, but recommended, list of AS3 JSON files that can be used to setup
the BIG-IP instances. If left empty (default), the module will use a simple
no-op AS3 declaration. | `list(string)` | `[]` | no |

|  [automatic\_restart](#input\_automatic\_restart) | Determines if the BIG-IP VMs should be automatically restarted if terminated by
GCE. Defaults to true to match expected GCE behaviour. | `bool` | `true` | no |

|  [custom\_script](#input\_custom\_script) | An optional, custom shell script that will be executed during BIG-IP
initialisation, after BIG-IP networking is auto-configured, admin password is set from Secret
Manager (if possible), etc. Declarative Onboarding offers a better approach,
where suitable (see `do_payload`).

NOTE: this value should contain the script contents, not a file path. | `string` | `""` | no |

|  [default\_gateway](#input\_default\_gateway) | Set this to the value to use as the default gateway for BIG-IP instances. This
must be a valid IP address or an empty string. If left blank (default), the
generated Declarative Onboarding JSON will use the gateway associated with nic0
at run-time. | `string` | `""` | no |

|  [delete\_disk\_on\_destroy](#input\_delete\_disk\_on\_destroy) | Set this flag to false if you want the boot disk associated with the launched VMs
to survive when instances are destroyed. The default value of true will ensure the
boot disk is destroyed when the instance is destroyed. | `bool` | `true` | no |

|  [disk\_size\_gb](#input\_disk\_size\_gb) | Use this flag to set the boot volume size in GB. If left at the default value
the boot disk will have the same size as specified in 'bigip\_image'. | `number` | `null` | no |

|  [disk\_type](#input\_disk\_type) | The boot disk type to use with instances; can be 'pd-ssd' (default), or
'pd-standard'.
*Note:* Choosing 'pd-standard' will reduce operating cost, but at the expense of
network performance. | `string` | `"pd-ssd"` | no |

|  [dns\_servers](#input\_dns\_servers) | An optional list of DNS servers for BIG-IP instances to use if custom DO payloads
are not provided. The default is ["169.254.169.254"] to use GCE metadata server. | `list(string)` | 
[
  "169.254.169.254"
] | no |

|  [do\_payloads](#input\_do\_payloads) | The Declarative Onboarding contents to apply to the instances. Required. This
module has migrated to use of Declarative Onboarding for module activation,
licensing, NTP, DNS, and other basic configurations. Sample payloads are in the
examples folder.

Note: if left empty, the module will use a simple JSON that sets NTP and DNS,
and enables LTM. | `list(string)` | `[]` | no |

|  [domain\_name](#input\_domain\_name) | An optional domain name to append to generated instance names to fully-qualify
them. If an empty string (default), then the instances will be qualified as-per
Google Cloud internal naming conventions ".ZONE.c.PROJECT\_ID.internal". | `string` | `""` | no |

|  [enable\_serial\_console](#input\_enable\_serial\_console) | Set to true to enable serial port console on the VMs. Default value is false. | `bool` | `false` | no |

|  [external\_subnetwork\_network\_ips](#input\_external\_subnetwork\_network\_ips) | An optional list of private IP addresses to assign to BIG-IP instances on their
externa interface. The list may be empty, or contain empty strings, to selectively
applies addresses to instances. | `list(string)` | `[]` | no |

|  [external\_subnetwork\_public\_ips](#input\_external\_subnetwork\_public\_ips) | An optional list of public IP addresses to assign to BIG-IP instances on their
external interface. The list may be empty, or contain empty strings, to selectively
applies addresses to instances.

Note: these values are only applied if `provision_external_public_ip` is 'true'
and will be ignored if that value is false. | `list(string)` | `[]` | no |

|  [external\_subnetwork\_tier](#input\_external\_subnetwork\_tier) | The network tier to set for external subnetwork; must be one of 'PREMIUM'
(default) or 'STANDARD'. This setting only applies if the external interface is
permitted to have a public IP address (see `provision_external_public_ip`) | `string` | `"PREMIUM"` | no |

|  [external\_subnetwork\_vip\_cidrs](#input\_external\_subnetwork\_vip\_cidrs) | An optional list of VIP CIDR lists to assign to BIG-IP instances on their
external interface. E.g. to assign two CIDR blocks as VIPs on the first instance,
and a single IP address as a VIP on the second instance:-

external\_subnetwork\_vip\_cidrs = [
  [
    "10.1.0.0/16",
    "10.2.0.0/24",
  ],
  [
    "192.168.0.1/32",
  ]
] | `list(list(string))` | `[]` | no |

|  [external\_subnetwork\_vip\_cidrs\_named\_range](#input\_external\_subnetwork\_vip\_cidrs\_named\_range) | An optional named range to use when assigning CIDRs to BIG-IP instances as VIPs
on their external interface. E.g. to assign CIDRs from
secondary range 'dmz-bigip':-

external\_subnetwork\_vip\_cidrs\_named\_range = "dmz-bigip" | `string` | `""` | no |

|  [extramb](#input\_extramb) | The amount of extra RAM (in Mb) to allocate to BIG-IP administrative processes;
must be an integer between 0 and 2560. The default of 2048 is recommended for
BIG-IP instances on GCP; setting too low can cause issues when applying large DO
or AS3 payloads. | `number` | `2048` | no |

|  [install\_cloud\_libs](#input\_install\_cloud\_libs) | An optional list of cloud library URLs that will be downloaded and installed on
the BIG-IP VM during initial boot. The contents of each download will be compared
to the verifyHash file, and failure will cause the boot scripts to fail. Default
list will install F5 Cloud Libraries (w/GCE extension), AS3, Declarative
Onboarding, and Telemetry Streaming extensions. | `list(string)` | [
  "https://github.com/F5Networks/f5-appsvcs-extension/releases/download/v3.25.0/f5-appsvcs-3.25.0-3.noarch.rpm",
  "https://github.com/F5Networks/f5-declarative-onboarding/releases/download/v1.18.0/f5-declarative-onboarding-1.18.0-4.noarch.rpm",
  "https://github.com/F5Networks/f5-telemetry-streaming/releases/download/v1.17.0/f5-telemetry-1.17.0-4.noarch.rpm"
] | no |

|  [instance\_name\_template](#input\_instance\_name\_template) | A format string that will be used when naming instance, that should include a
format token for including integer ordinal numbers as defined in Go `fmt` package,
including support for zero-padding etc. Default value is 'bigip-%d' which will
generate names of 'bigip-0', 'bigip-1', through 'bigip-N', where N is the number
of instances - 1.

Examples:
instance\_name\_template = "bigip-%03d" will create instances named 'bigip-000',
'bigip-001', etc.
instance\_name\_template = "prod-ha-%x" will create instances using lower-case hex
, such as 'prod-ha-0' ... 'prod-ha-1f'.

See `instance_ordinal_offset` variable to change the lower bounds of the numbering
scheme. | `string` | `"bigip-%d"` | no |

|  [instance\_ordinal\_offset](#input\_instance\_ordinal\_offset) | An offset to apply to each instance ordinal when naming; use to change zero-based
instance ordinal to a different number when setting instance names and hostnames.
Default value is '0'.

E.g. to change 0-based instance names ('bigip-0', 'bigip-1', etc.) to 1-based
instance names ('bigip-1', 'bigip-2', etc.) use
instance\_ordinal\_offset = 1

See `instance_name_template` for more examples. | `number` | `0` | no |

|  [internal\_subnetwork\_network\_ips](#input\_internal\_subnetwork\_network\_ips) | An optional list of lists of private IP addresses to assign to BIG-IP instances
on their internal interface. The list may be empty, or contain empty strings, to
selectively applies addresses to instances. E.g. to assign addresses to two
internal networks:

internal\_subnetwork\_network\_ips = [
  # Will be assigned to first instance
  [
    "10.0.0.4", # first internal nic
    "10.0.1.4", # second internal nic
  ],
  # Will be assigned to second instance
  [
    ...
  ],
  ...
] | `list(list(string))` | `[]` | no |

|  [internal\_subnetwork\_public\_ips](#input\_internal\_subnetwork\_public\_ips) | An optional list of lists of public IP addresses to assign to BIG-IP instances
on their internal interface. The list may be empty, or contain empty strings, to
selectively applies addresses to instances.

Note: these values are only applied if `provision_internal_public_ip` is 'true'
and will be ignored if that value is false.

E.g. to assign addresses to two internal networks:

internal\_subnetwork\_network\_ips = [
  # Will be assigned to first instance
  [
    "x.x.x.x", # first internal nic
    "y.y.y.y", # second internal nic
  ],
  # Will be assigned to second instance
  [
    ...
  ],
  ...
] | `list(list(string))` | `[]` | no |

|  [internal\_subnetwork\_tier](#input\_internal\_subnetwork\_tier) | The network tier to set for internal subnetwork; must be one of 'PREMIUM'
(default) or 'STANDARD'. This setting only applies if the internal interface is
permitted to have a public IP address (see `provision_internal_public_ip`) | `string` | `"PREMIUM"` | no |

|  [internal\_subnetwork\_vip\_cidrs](#input\_internal\_subnetwork\_vip\_cidrs) | An optional list of CIDR lists to assign to BIG-IP instances as VIPs on their
internal interface. E.g. to assign two CIDR blocks as VIPs on the first
instance, and a single IP address as a VIP on the second instance:-

internal\_subnetwork\_vip\_cidrs = [
  # Will be assigned to first instance
  [
    ["10.1.0.0/16"], # first internal nic
    ["10.2.0.0/24"], # second internal nic
  ],
  # Will be assigned to second instance
  [
    ["192.168.0.1/32"], # first internal nic
  ]
] | `list(list(list(string)))` | `[]` | no |

|  [internal\_subnetwork\_vip\_cidrs\_named\_ranges](#input\_internal\_subnetwork\_vip\_cidrs\_named\_ranges) | An optional named range to use when assigning CIDRs to BIG-IP instances as VIPs
on their internal interfaces. E.g. to assign CIDRs from
secondary range 'internal-bigip' on first internal interface:-

internal\_subnetwork\_vip\_cidrs\_named\_ranges = [
  "internal-bigip",
] | `list(string)` | `[]` | no |

|  [internal\_subnetworks](#input\_internal\_subnetworks) | An optional list of fully-qualified subnet self-links that will be assigned as
internal traffic on NICs eth[2-8]. | `list(string)` | `[]` | no |

|  [labels](#input\_labels) | An optional map of *labels* to add to the instance template. | `map(string)` | `{}` | no |

|  [machine\_type](#input\_machine\_type) | The machine type to use for BIG-IP VMs; this may be a standard GCE machine type,
or a customised VM ('custom-VCPUS-MEM\_IN\_MB'). Default value is 'n1-standard-4'.
*Note:* machine\_type is highly-correlated with network bandwidth and performance;
an N2 or N2D machine type will give better performance but has limited availability. | `string` | `"n1-standard-4"` | no |

|  [management\_subnetwork](#input\_management\_subnetwork) | An optional fully-qualified self-link of the subnet that will be used for
management access (2+ NIC deployment). | `string` | `null` | no |

|  [management\_subnetwork\_network\_ips](#input\_management\_subnetwork\_network\_ips) | An optional list of private IP addresses to assign to BIG-IP instances on their
management interface. The list may be empty, or contain empty strings, to
selectively applies addresses to instances. | `list(string)` | `[]` | no |

|  [management\_subnetwork\_public\_ips](#input\_management\_subnetwork\_public\_ips) | An optional list of public IP addresses to assign to BIG-IP instances on their
management interface. The list may be empty, or contain empty strings, to
selectively applies addresses to instances.

Note: these values are only applied if `provision_management_public_ip` is 'true'
and will be ignored if that value is false. | `list(string)` | `[]` | no |

|  [management\_subnetwork\_tier](#input\_management\_subnetwork\_tier) | The network tier to set for management subnetwork; must be one of 'PREMIUM'
(default) or 'STANDARD'. This setting only applies if the management interface is
permitted to have a public IP address (see `provision_management_public_ip`) | `string` | `"PREMIUM"` | no |

|  [management\_subnetwork\_vip\_cidrs](#input\_management\_subnetwork\_vip\_cidrs) | An optional list of CIDR lists to assign to BIG-IP instances as VIPs on their
management interface. E.g. to assign two CIDR blocks as VIPs on the first
instance, and a single IP address as an alias on the second instance:-

external\_subnetwork\_vip\_cidrs = [
  [
    "10.1.0.0/16",
    "10.2.0.0/24",
  ],
  [
    "192.168.0.1/32",
  ]
] | `list(list(string))` | `[]` | no |

|  [management\_subnetwork\_vip\_cidrs\_named\_range](#input\_management\_subnetwork\_vip\_cidrs\_named\_range) | An optional named range to use when assigning CIDRs to BIG-IP instances as VIPs
on their management interface. E.g. to assign CIDRs from
secondary range 'management-bigip':-

management\_subnetwork\_vip\_cidrs\_named\_range = "management-bigip" | `string` | `""` | no |

|  [metadata](#input\_metadata) | An optional map of metadata values that will be applied to the instances. | `map(string)` | `{}` | no |

|  [min\_cpu\_platform](#input\_min\_cpu\_platform) | An optional constraint used when scheduling the BIG-IP VMs; this value prevents
the VMs from being scheduled on hardware that doesn't meet the minimum CPU
micro-architecture. Default value is 'Intel Skylake'. | `string` | `"Intel Skylake"` | no |

|  [modules](#input\_modules) | A map of BIG-IP module = provisioning-level pairs to enable, where the module
name is key, and the provisioning-level is the value. This value is used with the
default Declaration Onboarding template; a better option for full control is to
explicitly declare the modules to be provisioned as part of a custom JSON file.
See `do_payloads`.

E.g. the default is
modules = {
  ltm = "nominal"
}

To provision ASM and LTM, the value might be:-
modules = {
  ltm = "nominal"
  asm = "nominal"
} | `map(string)` | {
  "ltm": "nominal"
} | no |

|  [ntp\_servers](#input\_ntp\_servers) | An optional list of NTP servers for BIG-IP instances to use if custom DO files
are not provided. The default is ["169.254.169.254"] to use GCE metadata server. | `list(string)` | [
  "169.254.169.254"
] | no |

|  [num\_instances](#input\_num\_instances) | The number of standalone BIG-IP instances to provision. Default value is 1. | `number` | `1` | no |

|  [preemptible](#input\_preemptible) | If set to true, the BIG-IP instances will be deployed on preemptible VMs, which
could be terminated at any time, and have a maximum lifetime of 24 hours. Default
value is false. | `string` | `false` | no |

|  [provision\_external\_public\_ip](#input\_provision\_external\_public\_ip) | If this flag is set to true (default), a publicly routable IP address WILL be
assigned to the external interface of instances. If set to false, the BIG-IP
instances will NOT have a public IP address assigned to the external interface. | `bool` | `true` | no |

|  [provision\_internal\_public\_ip](#input\_provision\_internal\_public\_ip) | If this flag is set to true, a publicly routable IP address WILL be assigned to
the internal interfaces of instances. If set to false (default), the BIG-IP
instances will NOT have a public IP address assigned to the internal interfaces. | `bool` | `false` | no |

|  [provision\_management\_public\_ip](#input\_provision\_management\_public\_ip) | If this flag is set to true, a publicly routable IP address WILL be assigned to
the management interface of instances. If set to false (default), the BIG-IP
instances will NOT have a public IP address assigned to the management interface. | `bool` | `false` | no |

|  [search\_domains](#input\_search\_domains) | An optional list of DNS search domains for BIG-IP instances to use if custom DO
payloads are not provided. If left empty (default), search domains will be added
for "google.internal" and the zone/project specific domain assigned to instances. | `list(string)` | `[]` | no |

|  [secret\_implementor](#input\_secret\_implementor) | The secret retrieval implementor to use; default value is an empty string.
Must be an empty string, 'google\_secret\_manager', or 'metadata'. Future
enhancements will add other implementors. | `string` | `""` | no |

|  [ssh\_keys](#input\_ssh\_keys) | An optional set of SSH public keys, concatenated into a single string. The keys
will be added to instance metadata. Default is an empty string. | `string` | `""` | no |

|  [tags](#input\_tags) | An optional list of *network tags* to add to the instance template. | `list(string)` | `[]` | no |

|  [timezone](#input\_timezone) | The Olson timezone string from /usr/share/zoneinfo for BIG-IP instances if custom
DO files are not provided. The default is 'UTC'. See the TZ column here
(https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) for legal values.
For example, 'US/Eastern'. | `string` | `"UTC"` | no |

|  [use\_cloud\_init](#input\_use\_cloud\_init) | If this value is set to true, cloud-init will be used as the initial
configuration approach; false (default) will fall-back to a standard shell
script for boot-time configuration.

Note: the BIG-IP version must support Cloud Init on GCP for this to function
correctly. E.g. v15.1+. | `bool` | `false` | no |

## Outputs

| Name | Description |

|------|-------------|

|  [external\_addresses](#output\_external\_addresses) | A list of the IP addresses and alias CIDRs assigned to instances on the external
NIC. |

|  [external\_public\_ips](#output\_external\_public\_ips) | A list of the public IP addresses assigned to instances on the external NIC. |

|  [external\_vips](#output\_external\_vips) | A list of IP CIDRs assigned to instances on the external NIC, which usually
corresponds to the VIPs defined on each instance. |

|  [instance\_addresses](#output\_instance\_addresses) | A map of instance name to assigned IP addresses and alias CIDRs. |

|  [internal\_addresses](#output\_internal\_addresses) | A list of the IP addresses and alias CIDRs assigned to instances on the internal
NICs, if present. |

|  [internal\_public\_ips](#output\_internal\_public\_ips) | A list of the public IP addresses assigned to instances on the internal NICs,
if present. |

|  [management\_addresses](#output\_management\_addresses) | A list of the IP addresses and alias CIDRs assigned to instances on the
management NIC, if present. |

|  [management\_public\_ips](#output\_management\_public\_ips) | A list of the public IP addresses assigned to instances on the management NIC,
if present. |

|  [self\_links](#output\_self\_links) | A list of self-links of the BIG-IP instances. |

|  [zone\_instances](#output\_zone\_instances) | A map of compute zones from var.zones input variable to instance self-links. If
no instances are deployed to a zone, the mapping will be to an empty list.

E.g. if `var.zones = ["us-east1-a", "us-east1-b", "us-east1-c"]` and
`var.num_instances = 2` then the output will be:
{
  us-east1-a = [self-link-instance0]
  us-east1-b = [self-link-instance1]
  us-east1-c = []
} |

---

¹This repo will be maintained on a best-effort basis, but is not a

substitute for F5 support.