feat: handle loabalancing setup

papanito · Jul 20, 2022 · 125d38a · 125d38a
1 parent 9a76cff
commit 125d38a
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -160,9 +160,12 @@ It's recommended to use [named tunnels] for `cf_tunnels` which require [Cloudfla
       test:
         routes:
           dns:
-          - "{{ inventory_hostname }}"
+            - "{{ inventory_hostname }}"
           cidr:
-          - "192.168.42.0/24"
+            - "192.168.42.0/24"
+          lb:
+            - hostname: website.mycompany.com
+              poolname: bzh-west1.website.mycompany.com
         account_tag:  !vault....
         tunnel_secret: !vault....
         tunnel_id: !vault....
@@ -196,6 +199,10 @@ The `key` of the tunnel shall match the of `tunnel_id`.
 
 `private network` routes expect a list of `CIDR`'s to be created as [described here](https://developers.cloudflare.com/cloudflare-one/tutorials/warp-to-tunnel). The playbook loop on the list to execute `cloudflared tunnel route ip add {{ cf_cidr_entry }} {{ cf_tunnel.key }}`. If the `CIDR` already exists, an error will thrown but ignored.
 
+##### Load Balancer
+
+`lb` routes expect a list of existing cloudflared load balancer (plus its pool) to route tunnel on as [described here](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/routing-to-tunnel/lb/). The playbook loop on the list to execute `cloudflared tunnel route lb {{ cf_tunnel.key }} {{ cf_lb_entry.host_name }} {{ cf_lb_entry.pool_name }}`. If the tunnel is already bind into the pool, an ignored error will throw.
+
 ### Cloudflare single service parameters
 
 As with previous versions of this roles you can use the [single service configuration style](https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/ingress#single-service-configuration)

diff --git a/tasks/create_routes.yml b/tasks/create_routes.yml
@@ -1,10 +1,20 @@
+- name: Create lb entries
+  include_tasks: create_routes_lb.yml
+  loop: "{{ cf_tunnel.value.routes.lb }}"
+  loop_control:
+    loop_var: cf_lb_entry
+  tags:
+    - cf_routing
+  when: cf_tunnel.value.routes.lb is defined
+
 - name: Create dns entries
   include_tasks: create_routes_dns.yml
   loop: "{{ cf_tunnel.value.routes.dns }}"
   loop_control:
     loop_var: cf_dns_entry
   tags:
-  - cf_routing
+    - cf_routing
+  when: cf_tunnel.value.routes.dns is defined
 
 - name: Create CIDR routing entries
   include_tasks: create_routes_cidr.yml

diff --git a/tasks/create_routes_lb.yml b/tasks/create_routes_lb.yml
@@ -0,0 +1,7 @@
+- name: Create lb '{{ cf_lb_entry }}' for tunnel '{{ cf_tunnel.key }}'
+  command: "cloudflared tunnel route lb {{ cf_tunnel.key }} {{ cf_lb_entry.hostname }} {{ cf_lb_entry.poolname }}"
+  register: create_route
+  ignore_errors: true
+- name: Show command output
+  ansible.builtin.debug:
+    msg: "{{ create_route.stdout }}{{ create_route.stderr }}"