This deployment type is intended for fully functional Zscaler Branch Connector virtual appliance deployments in a vCenter ESXi environment. This template is intended to deploy 2 VMs simulataneously in an Active/Passive HA configuration.
From the examples directory, run the zsec bash script that walks to all required inputs.
- ./zsec up
- enter "bc_ha"
- follow the remainder of the authentication and configuration input prompts.
- script will detect client operating system and download/run a specific version of terraform in a temporary bin directory
- inputs will be validated and terraform init/apply will automatically exectute.
- verify all resources that will be created/modified and enter "yes" to confirm
Modify/populate any required variable input values in bc_ha/terraform.tfvars file and save.
From bc_ha directory execute:
- terraform init
- terraform apply
From the examples directory, run the zsec bash script that walks to all required inputs.
- ./zsec destroy
From bc_ha directory execute:
- terraform destroy
| Name | Version |
|---|---|
| terraform | >= 0.13.7, < 2.0.0 |
| local | ~> 2.2.0 |
| null | ~> 3.1.0 |
| random | ~> 3.3.0 |
| tls | ~> 3.4.0 |
| vsphere | ~>2.2.0 |
| Name | Version |
|---|---|
| local | ~> 2.2.0 |
| random | ~> 3.3.0 |
| tls | ~> 3.4.0 |
| Name | Source | Version |
|---|---|---|
| bc_vm | ../../modules/terraform-zsbc-bcvm-esxi | n/a |
| Name | Type |
|---|---|
| local_file.private_key | resource |
| local_file.testbed | resource |
| random_string.suffix | resource |
| tls_private_key.key | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| bc_api_key | Branch Connector Portal API Key | string |
"" |
no |
| bc_count | Default number of Branch Connector appliances to create | number |
2 |
no |
| bc_instance_size | Branch Connector Instance size. Determined by and needs to match the Cloud Connector Portal provisioning template configuration | string |
"small" |
no |
| bc_password | Admin Password for Branch Connector Portal authentication | string |
"" |
no |
| bc_username | Admin Username for Branch Connector Portal authentication | string |
"" |
no |
| bc_vm_prov_url | Zscaler Branch Connector Provisioning URL | list(string) |
[ |
no |
| byo_ssh_key | user entered SSH Public Key | string |
"" |
no |
| compute_cluster_enabled | True/False to tell VM creation that the resource pool is or is not part of a compute cluster. Default is false | bool |
false |
no |
| compute_cluster_name | Name of Compute Cluster in order to location the resource pool to deploy VM. All clusters and standalone hosts have a default root resource pool. This resource argument does not directly accept the cluster or standalone host resource. For more information, see the section on Specifying the Root Resource Pool in the vsphere_resource_pool data source documentation on using the root resource pool. | list(string) |
[ |
no |
| datacenter | The name of the vSphere datacenter you want to deploy the VM to | string |
n/a | yes |
| datastore | Datastore to deploy the VM. One of datastore_id or datastore_cluster_id must be specified. | list(string) |
[ |
no |
| datastore_cluster | Datastore cluster to deploy the VM. Use of datastore_cluster_id requires vSphere Storage DRS to be enabled on the specified datastore cluster. | list(string) |
[ |
no |
| datastore_cluster_enabled | True/False to tell VM creation that the datastore is or is not part of a cluster. Default is false | bool |
false |
no |
| disk_provisioning | The disk provisioning policy. If set, all the disks included in the OVF/OVA will have the same specified policy. One of thin, flat, thick, or sameAsSource | string |
"thin" |
no |
| dns_servers | Primary/Secondary DNS servers for BC management interface if statically setting via provisioning url. Leave blank if using DHCP | list(string) |
[ |
no |
| dns_suffix | Primary DNS suffix for BC management interface if statically setting via provisioning url. Leave blank if using DHCP | string |
"" |
no |
| host_name | (Optional) The managed object reference ID of a host on which to place the virtual machine. See the section on virtual machine migration for more information on modifying this value. When using a vSphere cluster, if a host_system_id is not supplied, vSphere will select a host in the cluster to place the virtual machine, according to any defaults or vSphere DRS placement policies | list(string) |
n/a | yes |
| mgmt_gateway | Default gateway for BC management interface if statically setting via provisioning url. Leave blank if using DHCP | string |
"" |
no |
| mgmt_ip | IP address for BC management interface if statically setting via provisioning url. Leave blank if using DHCP | list(string) |
[ |
no |
| mgmt_netmask | Network mask for BC management interface if statically setting via provisioning url. Leave blank if using DHCP | string |
"" |
no |
| name_prefix | The name prefix for all your resources | string |
"zs-bc" |
no |
| network_adapter_type | The network interface type. Supported types are e1000 or vmxnet3. Default is vmxnet3 | string |
"e1000" |
no |
| network_name | Name of the vSphere network to deploy to | string |
n/a | yes |
| ova_name | Name of the Branch Connector OVA file | string |
"branchconnector.ova" |
no |
| resource_pool_name | Name of ESXi host resource group. If one is not specified, the VMware default name of 'Resources' is used | list(string) |
[ |
no |
| tls_key_algorithm | algorithm for tls_private_key resource | string |
"RSA" |
no |
| Name | Description |
|---|---|
| testbedconfig | Output of of all exported attributes to be written to a local file |