Terraform module to Implement NAT64 based on ALB for Alibaba Cloud

terraform-alicloud-nat64-based-on-alb

English | 简体中文

Faced with the requirements of IPv6 transformation, some enterprises will adopt the "NAT64" solution. This involves converting IPv6 access requests from clients into the IPv4 protocol and forwarding them to the server, helping application systems quickly and easily gain IPv6 access capability.

This Module deploy a dual-stack version of the ALB to provide "NAT64” capabilities for cloud-based application systems.

Architecture Diagram:

Usage

provider "alicloud" {
  region = "cn-shanghai"
}

module "complete" {
  source = "alibabacloud-automation/nat64-based-on-alb/alicloud"
  vpc_config = {
    cidr_block = "10.0.0.0/8"
    ipv6_isp   = "BGP"
  }

  alb_vswitches = [{
    vswitch_name         = "ipv6-alb-vsw1"
    ipv6_cidr_block_mask = 1
    zone_id              = "cn-shanghai-g"
    cidr_block           = "10.0.0.0/25"
    }, {
    vswitch_name         = "ipv6-alb-vsw2"
    ipv6_cidr_block_mask = 2
    zone_id              = "cn-shanghai-l"
    cidr_block           = "10.0.0.128/25"
  }]

  app_vswitches = [{
    vswitch_name         = "ipv6-app-vsw3"
    ipv6_cidr_block_mask = 3
    zone_id              = "cn-shanghai-g"
    cidr_block           = "10.0.1.0/24"
    }, {
    vswitch_name         = "ipv6-app-vsw4"
    ipv6_cidr_block_mask = 4
    zone_id              = "cn-shanghai-l"
    cidr_block           = "10.0.2.0/24"
  }]
}

Examples

• Complete Example

Requirements

Name	Version
terraform	>= 1.3

Providers

Name	Version
alicloud	n/a

Modules

No modules.

Resources

Name	Type
alicloud_alb_listener.default	resource
alicloud_alb_load_balancer.default	resource
alicloud_alb_server_group.default	resource
alicloud_common_bandwidth_package.default	resource
alicloud_instance.default	resource
alicloud_security_group.default	resource
alicloud_vpc.default	resource
alicloud_vpc_ipv6_gateway.default	resource
alicloud_vswitch.alb	resource
alicloud_vswitch.app	resource

Inputs

Name	Description	Type	Default	Required
alb_listener	The parameters of alb listener.	object({ listener_protocol = optional(string, "HTTP") listener_port = optional(number, 80) })	{}	no
alb_load_balancer	The parameters of alb load balancer.	object({ load_balancer_edition = optional(string, "Standard") load_balancer_name = optional(string, null) pay_type = optional(string, "PayAsYouGo") })	{}	no
alb_server_group	The parameters of alb server group.	object({ server_group_name = string scheduler = optional(string, "Wrr") protocol = optional(string, "HTTP") sticky_session_config = optional(object({ sticky_session_enabled = optional(bool, true) sticky_session_type = optional(string, "Insert") }), {}) health_check_config = optional(object({ health_check_enabled = optional(bool, true) health_check_connect_port = optional(number, 46325) health_check_host = optional(string, "ipv6-example.com") health_check_codes = optional(list(string), ["http_2xx", "http_3xx", "http_4xx"]) health_check_http_version = optional(string, "HTTP1.1") health_check_interval = optional(number, 2) health_check_method = optional(string, "HEAD") health_check_path = optional(string, "/ipv6-example") health_check_protocol = optional(string, "HTTP") health_check_timeout = optional(number, 5) healthy_threshold = optional(number, 3) unhealthy_threshold = optional(number, 3) }), {}) servers_port = optional(number, 80) })	{ "server_group_name": "alb_server_group" }	no
alb_vswitches	The vswitches used for nlb.	list(object({ zone_id = string cidr_block = string ipv6_cidr_block_mask = number vswitch_name = optional(string, null) }))	n/a	yes
app_vswitches	The vswitches used for application server.	list(object({ zone_id = string cidr_block = string ipv6_cidr_block_mask = number vswitch_name = optional(string, null) }))	n/a	yes
common_bandwidth_package	The parameters of common bandwidth package.	object({ name = optional(string, null) internet_charge_type = optional(string, "PayBy95") ratio = optional(number, 20) isp = optional(string, "BGP") bandwidth = optional(string, "1000") })	{}	no
create_common_bandwidth_package	Whether to create common bandwidth package.	bool	true	no
ecs_config	The parameters of ecs instance.	object({ instance_type = optional(string, "ecs.g6e.large") system_disk_category = optional(string, "cloud_essd") image_id = optional(string, "ubuntu_24_04_x64_20G_alibase_20250113.vhd") instance_name = optional(string, null) internet_max_bandwidth_out = optional(number, 0) ipv6_address_count = optional(number, 1) })	{}	no
exsiting_common_bandwidth_package_id	The id of existing common bandwidth package. If create_common_bandwidth_package is false, this value is required.	string	null	no
security_group_name	The name of security group.	string	null	no
vpc_config	The parameters of vpc and vswitches.	object({ cidr_block = string vpc_name = optional(string, null) ipv6_isp = optional(string, "BGP") })	n/a	yes
vpc_ipv6_gateway_name	The name of vpc ipv6 gateway.	string	null	no

Outputs

Name	Description
alb_listener_id	The ID of the ALB listener.
alb_load_balancer_id	The ID of the ALB load balancer.
alb_server_group_id	The ID of the ALB server group.
alb_vswitch_ids	The IDs of the ALB VSwitches.
app_vswitch_ids	The IDs of the App VSwitches.
bandwidth_package_id	The ID of the common bandwidth package.
instance_ids	The IDs of the ECS instances.
ipv6_gateway_id	The ID of the IPv6 gateway.
security_group_id	The ID of the security group.
vpc_id	The ID of the VPC.

Submit Issues

If you have any problems when using this module, please opening a provider issue and let us know.

Note: There does not recommend opening an issue on this repo.

Authors

Created and maintained by Alibaba Cloud Terraform Team([email protected]).

License

MIT Licensed. See LICENSE for full details.

Reference

• Terraform-Provider-Alicloud Github
• Terraform-Provider-Alicloud Release
• Terraform-Provider-Alicloud Docs