global-accelerator
This module sets up an AWS Global Accelerator for you. For those new to this service, a Global Accelerator can be used as an alternative (or helper to) multi region deployments, “fast forwarding” requests across AWS' underlying networks to drastically decrease long-distance network request latencies. The Global Accelerator is meant to be deployed in front of a load balancer, and exposes a domain and public ip addresses to which send public traffic. In Opta
name: testing-global-accelerator
org_name: runx
providers:
aws:
region: us-east-1
account_id: XXXXXXXXXX
modules:
- type: base
- type: dns
name: dns
domain: staging.startup.com
delegated: false # Set to true when ready -- see the "Configure DNS" page
linked_module: global-accelerator
- type: k8s-cluster
- type: k8s-base
# Uncomment when enabling dns to get ssl
# cert_arn: "${{module.dns.cert_arn}}" # Or add your own cert if not using Opta's dns module
- type: global-accelerator
Domain / DNS
If you are ready to start hosting your site with your domain via the global accelerator, then go ahead and follow the configuring dns guide, which will also set up your SSL. Traffic should start flowing from your domain to your global acceleratorn and on towards your K8s cluster. You could also manually configure DNS / SSL from outside of Opta using the following steps:
- Remove the dns module entirely from your yaml, if you haven’t already.
- Get an AWS ACM certificate for your site. Make sure that you get it in region us-east-1. If you already have one at hand in your account (e.g. from another active Opta deployment), then feel free to reuse that.
- Validate the certificate by adding the correct CNAME entries in your domain’s DNS settings.
- Fill in the
cert_arnfield for the k8s-base module with the arn of your cert. - In your hosted zone, create either an A record (if it’s on the same AWS account) or a CNAME pointing to the Global Accelerator
dns name (the
global_accelerator_dns_nameoutput). Alternatively, if it’s a hosted zone on the same AWS account you could pass thezone_idto the global accelerator module to have Opta automatically take care of this for you. - Fill in the
domainsfield to include the domains for which you have the certificate for (no need to include wildcard repetition, that’s automatic). - Opta apply and you’re done!
Fields
| Name | Description | Default | Required |
|---|---|---|---|
flow_logs_enabled |
Enable flow logs? | False |
False |
flow_logs_bucket |
Flow logs bucket | `` | False |
flow_logs_prefix |
Flow logs prefix | global-accelerator-flow-logs/ |
False |
endpoint_id |
The id of the endpoint to direct traffic to. If it’s an NLB or ALB, then it’s the arn. If it’s an EIP, then it’s the allocation id. | None |
False |
domain |
Domain to setup the ingress with. By default uses the one specified in the DNS module if the module is found. | `` | False |
zone_id |
ID of Route53 hosted zone to add a record for. By default uses the one created by the DNS module if the module is found. | `` | False |
Outputs
| Name | Description |
|---|---|
global_accelerator_arn |
The arn of the global accelerator created. |
global_accelerator_dns_name |
The public dns name of the global accelerator created. |
global_accelerator_ip_addresses |
The public ip addresses of the global accelerator created. |
global_accelerator_endpoint_arns |
The arns of the global accelerator endpoint groups created. |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.