stackit: add k8s api load balancer (#2925)

terraform/infrastructure/openstack/modules/instance_group/main.tf

@@ -65,13 +65,14 @@ resource "openstack_compute_instance_v2" "instance_group_member" {
     delete_on_termination = true
   }
   metadata = {
-    constellation-role             = var.role
-    constellation-uid              = var.uid
-    constellation-init-secret-hash = var.init_secret_hash
-    openstack-auth-url             = var.identity_internal_url
-    openstack-username             = var.openstack_username
-    openstack-password             = var.openstack_password
-    openstack-user-domain-name     = var.openstack_user_domain_name
+    constellation-role               = var.role
+    constellation-uid                = var.uid
+    constellation-init-secret-hash   = var.init_secret_hash
+    openstack-auth-url               = var.identity_internal_url
+    openstack-username               = var.openstack_username
+    openstack-password               = var.openstack_password
+    openstack-user-domain-name       = var.openstack_user_domain_name
+    openstack-load-balancer-endpoint = var.openstack_load_balancer_endpoint
   }
   availability_zone_hints = var.availability_zone
 }

terraform/infrastructure/openstack/modules/instance_group/outputs.tf

@@ -1,5 +1,5 @@
 output "ips" {
-  value       = openstack_compute_instance_v2.instance_group_member.*.access_ip_v4
+  value       = [for instance in openstack_compute_instance_v2.instance_group_member : instance.access_ip_v4]
   description = "Public IP addresses of the instances."
 }
 

terraform/infrastructure/openstack/modules/instance_group/variables.tf

@@ -96,3 +96,8 @@ variable "openstack_password" {
   type        = string
   description = "OpenStack password."
 }
+
+variable "openstack_load_balancer_endpoint" {
+  type        = string
+  description = "OpenStack load balancer endpoint."
+}

terraform/infrastructure/openstack/modules/stackit_loadbalancer/main.tf

@@ -0,0 +1,47 @@
+terraform {
+  required_providers {
+    stackit = {
+      source  = "stackitcloud/stackit"
+      version = "0.12.0"
+    }
+  }
+}
+
+resource "stackit_loadbalancer" "loadbalancer" {
+  project_id = var.stackit_project_id
+  name       = "${var.name}-lb"
+  target_pools = [
+    for portName, port in var.ports : {
+      name        = "target-pool-${portName}"
+      target_port = port
+      targets = [
+        for ip in var.member_ips : {
+          display_name = "target-${portName}"
+          ip           = ip
+        }
+      ]
+      active_health_check = {
+        healthy_threshold   = 10
+        interval            = "3s"
+        interval_jitter     = "3s"
+        timeout             = "3s"
+        unhealthy_threshold = 10
+      }
+    }
+  ]
+  listeners = [
+    for portName, port in var.ports : {
+      name        = "listener-${portName}"
+      port        = port
+      protocol    = "PROTOCOL_TCP"
+      target_pool = "target-pool-${portName}"
+    }
+  ]
+  networks = [
+    {
+      network_id = var.network_id
+      role       = "ROLE_LISTENERS_AND_TARGETS"
+    }
+  ]
+  external_address = var.external_address
+}

terraform/infrastructure/openstack/modules/stackit_loadbalancer/variables.tf

@@ -0,0 +1,30 @@
+variable "name" {
+  type        = string
+  description = "Base name of the load balancer."
+}
+
+variable "member_ips" {
+  type        = list(string)
+  description = "IP addresses of the members of the load balancer pool."
+  default     = []
+}
+
+variable "network_id" {
+  type        = string
+  description = "ID of the network."
+}
+
+variable "external_address" {
+  type        = string
+  description = "External address of the load balancer."
+}
+
+variable "ports" {
+  type        = map(number)
+  description = "Ports to listen on incoming traffic."
+}
+
+variable "stackit_project_id" {
+  type        = string
+  description = "STACKIT project ID."
+}