Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Perforce networking refactor #410

Merged
merged 8 commits into from
Jan 7, 2025
Merged

Perforce networking refactor #410

merged 8 commits into from
Jan 7, 2025

Conversation

henrykie
Copy link
Contributor

@henrykie henrykie commented Dec 12, 2024
edited
Loading

Issue number:
Closes #402
Closes #408

Summary

Networking updates to Perforce modules. Helix Core now supports plaintext configuration. This allows TLS termination to be handled by an NLB in front of the Helix Core server. ALB creation for Helix Swarm and Helix Authentication Service is now optional, allowing shared ALBs created in higher order or root modules to forward requests to target groups output by these modules.

Changes

Please provide a summary of what's being changed

  • Adding plaintext option to Perforce Helix Core module. This disables the ssl: prefix on the Helix Core server directly, and does not generate self-signed certs. We recommend using an NLB in front of the Helix Core server for TLS termination when using this option.
  • Adjusted ALB creation for Helix Swarm and Helix Authentication Service. New versions allow creation of a single ALB (optional) that can be labeled as internal or internet facing. Regardless of whether an ALB is created the service target group is provided as an output. This allows users to configure more complex networking setups in their root module.
  • Minor changes to variable names, and optional output creation

User experience

Please share what the user experience looks like before and after this change

  • Users switching to the new version may need to update their networking configurations for Helix Swarm, Helix Authentication Service and Helix Core.
  • The Perforce Complete example now runs Helix Core, Helix Swarm, and Helix Authentication Service behind a single NLB. 1666 traffic is forwarded to Helix Core (with TLS termination at the load balancer), and 443 traffic is forwarded to a shared ALB for both Helix Authentication Service and Helix Swarm. This ALB uses hostname header rules to forward traffic to the appropriate target group.

Checklist

If your change doesn't seem to apply, please leave them unchecked.

  • I have performed a self-review of this change
  • Changes have been tested
  • Changes are documented
Is this a breaking change?

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created might not be successful.

@henrykie henrykie added perforce terraform Pull requests that update Terraform code labels Dec 12, 2024
@henrykie henrykie requested a review from jorisdon December 12, 2024 15:49
@henrykie henrykie self-assigned this Dec 12, 2024
@henrykie henrykie changed the title Henrykie/perforce/refactor Perforce networking refactor Dec 12, 2024
@henrykie henrykie force-pushed the henrykie/perforce/refactor branch from 5e4ae18 to 5da657e Compare December 12, 2024 23:48
@henrykie henrykie requested a review from kylesomers December 13, 2024 16:38
@henrykie henrykie marked this pull request as ready for review December 13, 2024 16:38
@henrykie henrykie requested a review from a team as a code owner December 13, 2024 16:38
@henrykie henrykie force-pushed the henrykie/perforce/refactor branch 2 times, most recently from a96d3a1 to e8921a6 Compare December 18, 2024 06:22
jorisdon
jorisdon reviewed Dec 18, 2024
View reviewed changes
docs/modules/perforce/examples/complete.md Outdated Show resolved Hide resolved
docs/modules/perforce/examples/complete.md Outdated Show resolved Hide resolved
modules/perforce/examples/complete/dns.tf Show resolved Hide resolved
modules/perforce/examples/complete/outputs.tf Outdated Show resolved Hide resolved
modules/perforce/examples/complete/security.tf Outdated Show resolved Hide resolved
@henrykie henrykie force-pushed the henrykie/perforce/refactor branch from 10332f2 to a12471a Compare January 2, 2025 19:09
@henrykie henrykie requested a review from jorisdon January 2, 2025 19:09
@henrykie henrykie requested review from GrzesiekO and removed request for kylesomers January 3, 2025 16:55
GrzesiekO
GrzesiekO approved these changes Jan 7, 2025
View reviewed changes
Copy link
Contributor

@GrzesiekO GrzesiekO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving - all good.

@GrzesiekO GrzesiekO self-requested a review January 7, 2025 17:36
GrzesiekO
GrzesiekO approved these changes Jan 7, 2025
View reviewed changes
Copy link
Contributor

@GrzesiekO GrzesiekO left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Resolved conversations - approving.

@henrykie henrykie merged commit 8d8e451 into main Jan 7, 2025
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jorisdon jorisdon jorisdon approved these changes

@GrzesiekO GrzesiekO GrzesiekO approved these changes

Assignees

@henrykie henrykie

Labels
perforce terraform Pull requests that update Terraform code
Projects
None yet
Milestone
No milestone
3 participants
@henrykie @GrzesiekO @jorisdon