Terraform module that creates BIG-IQ Centralised Manager (CM) and Data Collection Devices (DCD) for AWS deployments.
module "big_iq_byol" {
source = "github.com/merps/terraform-aws-bigiq"
aws_secretmanager_secret_id = "AWS Secrets Manager ID Reference"
cm_license_keys = [ "XXXX-XXXX-XXXX-XXXX <BIG-IQ CM license Keys>" ]
dcd_license_keys = [ "XXXX-XXXX-XXXX-XXXX <BIG-IQ DCD license Keys>" ]
ec2_key_name = "<ec2_keypair_name>"
vpc_id = "<AWS Deployment VPC-ID>"
vpc_mgmt_subnet_ids = ["<AWS Preferred Management Subnet IDS>"]
vpc_private_subnet_ids = ["<AWS Preferred Discovery/Private Subnet IDS>"]
tags = {
Terraform = "true"
Environment = "dev"
}
}-
F5 strongly recommends that you configure autoshutdown / whitelist the public IP addresses in the network security group you use to access the SSH port of the AWSinstances. (This template deploys a network security group with ports 22, 80, and 443 open to the public.)
-
Avoid enabling the
rootaccount on publicly exposed AWS instances.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| adminName | admin account name | string |
"admin" |
no |
| admin_name | Admin user on the BIG-IQ | string |
"admin" |
no |
| admin_password | Admin user on the BIG-IQ | string |
n/a | yes |
| aws_secretmanager_secret_id | AWS Secret Manager Secret ID that stores the BIG-IP password | string |
n/a | yes |
| cm_instance_count | Number of BIG-IPs to deploy | number |
1 |
no |
| cm_license_keys | BIG-IQ CM License Keys | list(string) |
n/a | yes |
| dcd_instance_count | Number of BIG-IPs to deploy | number |
1 |
no |
| dcd_license_keys | BIG-IQ DCD License Keys | list(string) |
n/a | yes |
| dns_search_domains | BIG-IQ DNS Search Domains | list(string) |
[ |
no |
| dns_servers | BIG-IQ DNS Servers | list(string) |
[ |
no |
| ec2_instance_type | AWS EC2 instance type | string |
"m4.xlarge" |
no |
| ec2_key_name | AWS EC2 Key name for SSH access | string |
n/a | yes |
| f5_ami_search_name | BIG-IP AMI name to search for | string |
"F5 Hourly BIG-IQ-8*" |
no |
| hostname | BIG-IQ Hostname | string |
"buggered-thing-already" |
no |
| location | n/a | string |
"apsoutheast2" |
no |
| masterkey | bigiq master key | string |
"ThisIsIt%1234" |
no |
| mgmt_eip | Enable an Elastic IP address on the management interface | bool |
true |
no |
| mgmt_subnet_security_group_ids | AWS Security Group ID for BIG-IP management interface | list(any) |
n/a | yes |
| ntp_servers | BIG-IQ NTP Servers | list(string) |
[ |
no |
| onboard_log | Directory on the BIG-IP to store the cloud-init logs | string |
"/var/log/startup-script.log" |
no |
| personality | BIG-IQ Node Type (logging_node/big_iq) | string |
"" |
no |
| prefix | Prefix for resources created by this module | string |
"terraform-aws-bigiq-demo" |
no |
| private_subnet_security_group_ids | AWS Security Group ID for BIG-IP private interface | list(any) |
n/a | yes |
| timezone | BIG-IQ CM/DCD Deployed Time Zone | string |
"Australia/Sydney" |
no |
| vpc_mgmt_subnet_ids | AWS VPC Subnet id for the management subnet | list(any) |
n/a | yes |
| vpc_private_subnet_ids | AWS VPC Subnet id for the public subnet | list(any) |
n/a | yes |
| Name | Description |
|---|---|
| cm_discovery_ips | List of BIG-IQ DCD Private IP's |
| cm_mgmt_port | HTTPS Port used for the BIG-IQ management interface |
| cm_mgmt_private_ip | List of BIG-IQ Private IP's |
| cm_mgmt_public_ips | List of BIG-IP public IP addresses for the management interfaces |
| cm_public_nic_ids | List of BIG-IQ public network interface ids |
| dcd_discovery_ips | List of BIG-IQ DCD Private IP's |
| dcd_mgmt_port | HTTPS Port used for the BIG-IQ management interface |
| dcd_mgmt_private_ips | List of BIG-IQ CM Private IP's |
| dcd_mgmt_public_ips | List of BIG-IP public IP addresses for the management interfaces |
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Individuals or business entities who contribute to this project must have completed and submitted the F5 Contributor License Agreement.