Skip to main content
Important: This knowledge repository has been retired. All its content has been migrated to our new repository.
Please search for our articles either on our F5® Distributed Cloud Technical Knowledge Hub or on MyF5.

Additional guidance on Terraform config items

  • Updated

Description

  • I need some additional help to configure Terraform for F5® Distributed Cloud
  • I have some open questions when trying to configure Terraform for F5® Distributed Cloud

Environment

  • Terraform
  • Automation Tools

Resolution/Answers

  • What are annotations?
    • Answer: ignore this field, it will be deprecated
  • What are labels?
    • Answer: Labels for your aws_tgw_site object. These labels will also be programmed on the child site object which can be used for filtering the site or creating virtual site objects using label selector etc
  • What is the difference between annotations/labels and what's the recommendation for how to use them?
    • Answer: As mentioned above, ignore annotations and use labels instead
  • What are blocked_services? - It lists four defaults but are these suggested things to disable, what does it actually do?
    • Answer: By default SSH and DNS services are allowed, you can use this configuration to block those services
  • direct_connect_enabled - what impact does this have, is this trying to wire up an existing direct_connect ?
    • Answer: If you have an existing direct connect connection, then the private virtual interface (VIF) can be connected to the F5XC site. You can optionally have CE to RE connection being sent privately over direct connect
  • logs_streaming_disabled - is this just not configuring it per site or turning it off for this CE? We have global log streaming configured.
    • Answer: When logs_streaming_disabled is set it's disabled for the site. global log streaming always gets the preference so all RE and CE site logs will be sent to the log receiver.
  • offline_survivability_mode - what is this? what is the recommendation for this config?
    • Answer: This is used when you want your CE site to CE site connectivity to be up even when the config plan connectivity is down (i.e CE to RE connection)
  • What is volterra_aws_tgw_site?
    • Answer: they are just aws_parameters
  • aws_certified_hw is there an acceptable list? What do you recommend as a sensible default (aws-byol-multi-nic-voltmesh?) assisted = ?? - not set in any examples, what does it do?
    • Answer: Assisted is an old mode that is not supported, only the automated mode is supported. 
  • What is the relationship between no_worker_nodes nodes_per_az and total_nodes? Does one circumvent the other?
    • Answer:
      • no_worker_nodes: no worker nodes will be added to CE site
      • total_nodes: number of worker nodes to be added to the site
      • nodes_per_az: worker nodes per AZ. If the user gives a value of 3 and the site is deployed in 3 AZ nodes then there would be a total of 9 worker nodes (3 worker nodes in each AZ)

Related Content

Related articles