Terraform variables
The following table lists variables in the vars.tf file. You can change the values to suit your cluster needs.
Resource |
Default |
Description |
||
---|---|---|---|---|
project |
Requires input |
Project under which you will deploy the instance group. See Creating and managing projects. |
||
auth_key |
Requires input |
File name of the authentication key you use to connect to GCP. See Adding credentials. |
||
service_account |
Requires input |
Service account that you will use to call Cloud Functions. This allows Cloud Functions to be restricted to authorized calls. |
||
region |
us-central1 |
GCP region |
||
zone |
us-central1-c |
GCP zone |
||
nodejs_version |
nodejs10 |
Node.js version to use in Cloud Functions |
||
max_replicas |
3 |
Maximum number of FortiGate-VM instances in the instance group. See Instance groups. |
||
min_replicas |
2 |
Minimum number of FortiGate-VM instances in the instance group. |
||
cpu_utilization |
0.5 |
Target CPU usage for the cluster to achieve. Instances scale out or in to meet this target.
|
||
cluster_name |
FortigateAutoScale |
Cluster name to use across objects (buckets, VPC, and so on) |
||
bucket_name |
fortigateautoscale |
Blob storage bucket name |
||
fortigate_image |
projects/fortigcp-project-001/global/images/fortinet-fgtondemand-623-20191223-001-w-license |
Source image for the instance group to use. The default image is FortiOS 6.2.3. |
||
instance |
n1-standard-1 |
Instance family type for the scaling configuration to use. |
||
vpc_cidr |
172.16.0.0/16 |
Classless inter-domain routing (CIDR) block for the FortiGate autoscale VPC divided into two /21 subnets. |
||
public_subnet |
172.16.0.0/21 |
Public subnet that the FortiGate cluster uses. |
||
protected_subnet |
172.16.8.0/21 |
Private subnet for VMs behind the FortiGate cluster. |
||
firewall_allowed_range |
0.0.0.0/0 |
GCP firewall range to allow.
|
||
target_size |
2 |
Autoscale cluster target size. See Autoscaling groups of instances. |
||
SCRIPT_TIMEOUT |
500 |
Timeout (in seconds) of a Cloud Functions invocation. |
||
MASTER_ELECTION_TIMEOUT |
400 |
Maximum time in seconds to wait for a primary election to complete. This variable should be less than the total script timeout ( |
||
FORTIGATE_ADMIN_PORT |
8443 |
Port number for FortiGate-VM administration. Do not use the FortiGate reserved ports 443, 541, 514, or 703. This value must be between 1 and 65535. This variable was previously used for the FortiGate Autoscale Cluster admin port. |
||
HEARTBEAT_INTERVAL |
25 |
Length of time in seconds that a FortiGate-VM waits between sending heartbeat requests to the function. |
||
HEART_BEAT_DELAY_ALLOWANCE |
10 |
Allowed variance in seconds before a heartbeat is considered out-of-sync and heartbeat loss is increased. |
||
HEART_BEAT_LOSS_COUNT |
10 |
Number of consecutively lost heartbeats. When the heartbeat loss count has been reached, the FortiGate-VM is deemed unhealthy and failover activities commence. |
You can reference variables from the command line using the following:
terraform plan -var "<var name>=<value>"