kovagoadi/hunfabric
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

module for VLAN attachment+cloud router+bgp (#254)

Browse Source 
* module for VLAN attachment+cloud router+bgp

* fix vlan attachments review comments

* run terraform fmt

* fix code review comment and build errors

* fix for code review comments

* code review changes

* changes after review

* changes after code review

* changes after code review
This commit is contained in:
dsiviglia
2021-06-16 13:56:40 +02:00
committed by GitHub
parent 6deeb3a863
commit f3901fc567
5 changed files with 393 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

131
modules/net-interconnect-attachment-direct/README.md Normal file
View File

@@ -0,0 +1,131 @@
# Direct Interconnect VLAN Attachment and router
This module allows creation of a VLAN attachment for Direct Interconnect and router (router creation is optional).
## Examples
### Direct Interconnect VLAN attachment using default parameters for bgp session and router
```hcl
module "vlan-attachment-1" {
source = "./modules/net-interconnect-attachment-direct"
project_id = "dedicated-ic-5-8492"
region = "us-west2"
router_network = "myvpc"
name = "vlan-604-x"
interconnect = "https://www.googleapis.com/compute/v1/projects/mylab/global/interconnects/mylab-interconnect-1"
peer = {
ip_address = "169.254.63.2"
asn = 65418
}
}
# tftest:modules=1:resources=4
```
#### Direct Interconnect VLAN attachments to achieve 99.9% SLA setup
```hcl
module "vlan-attachment-1" {
source = "./modules/net-interconnect-attachment-direct"
project_id = "dedicated-ic-3-8386"
region = "us-west2"
router_name = "router-1"
router_config = {
description = ""
asn = 65003
advertise_config = {
groups = ["ALL_SUBNETS"]
ip_ranges = {
"199.36.153.8/30" = "custom"
}
mode = "CUSTOM"
}
}
router_network = "myvpc"
name = "vlan-603-1"
interconnect = "https://www.googleapis.com/compute/v1/projects/mylab/global/interconnects/mylab-interconnect-1"
config = {
description = ""
vlan_id = 603
bandwidth = "BPS_10G"
admin_enabled = true
mtu = 1440
}
peer = {
ip_address = "169.254.63.2"
asn = 65418
}
bgp = {
session_range = "169.254.63.1/29"
advertised_route_priority = 0
candidate_ip_ranges = ["169.254.63.0/29"]
}
}
module "vlan-attachment-2" {
source = "./modules/net-interconnect-attachment-direct"
project_id = "dedicated-ic-3-8386"
region = "us-west2"
router_name = "router-2"
router_config = {
description = ""
asn = 65003
advertise_config = {
groups = ["ALL_SUBNETS"]
ip_ranges = {
"199.36.153.8/30" = "custom"
}
mode = "CUSTOM"
}
}
router_network = "myvpc"
name = "vlan-603-2"
interconnect = "https://www.googleapis.com/compute/v1/projects/mylab/global/interconnects/mylab-interconnect-2"
config = {
description = ""
vlan_id = 603
bandwidth = "BPS_10G"
admin_enabled = true
mtu = 1440
}
peer = {
ip_address = "169.254.63.10"
asn = 65418
}
bgp = {
session_range = "169.254.63.9/29"
advertised_route_priority = 0
candidate_ip_ranges = ["169.254.63.8/29"]
}
}
# tftest:modules=2:resources=8
```
<!-- BEGIN TFDOC -->
## Variables
| name | description | type | required | default |
|---|---|:---: |:---:|:---:|
| interconnect | URL of the underlying Interconnect object that this attachment's traffic will traverse through. | <code title="">string</code> | ✓ | |
| peer | Peer Ip address and asn. Only IPv4 supported | <code title="object&#40;&#123;&#10;ip_address &#61; string&#10;asn &#61; number&#10;&#125;&#41;">object({...})</code> | ✓ | |
| project_id | The project containing the resources | <code title="">string</code> | ✓ | |
| *bgp* | Bgp session parameters | <code title="object&#40;&#123;&#10;session_range &#61; string&#10;candidate_ip_ranges &#61; list&#40;string&#41;&#10;advertised_route_priority &#61; number&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *config* | VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect | <code title="object&#40;&#123;&#10;description &#61; string&#10;vlan_id &#61; number&#10;bandwidth &#61; string&#10;admin_enabled &#61; bool&#10;mtu &#61; number&#10;&#125;&#41;">object({...})</code> | | <code title="&#123;&#10;description &#61; null&#10;vlan_id &#61; null&#10;bandwidth &#61; &#34;BPS_10G&#34;&#10;admin_enabled &#61; true&#10;mtu &#61; 1440&#10;&#125;">...</code> |
| *name* | The name of the vlan attachment | <code title="">string</code> | | <code title="">vlan-attachment</code> |
| *region* | Region where the router resides | <code title="">string</code> | | <code title="">europe-west1-b</code> |
| *router_config* | Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. | <code title="object&#40;&#123;&#10;description &#61; string&#10;asn &#61; number&#10;advertise_config &#61; object&#40;&#123;&#10;groups &#61; list&#40;string&#41;&#10;ip_ranges &#61; map&#40;string&#41;&#10;mode &#61; string&#10;&#125;&#41;&#10;&#125;&#41;">object({...})</code> | | <code title="&#123;&#10;description &#61; null&#10;asn &#61; 64514&#10;advertise_config &#61; null&#10;&#125;">...</code> |
| *router_create* | Create router. | <code title="">bool</code> | | <code title="">true</code> |
| *router_name* | Router name used for auto created router, or to specify an existing router to use if `router_create` is set to `true`. Leave blank to use vlan attachment name for auto created router. | <code title="">string</code> | | <code title="">router-vlan-attachment</code> |
| *router_network* | A reference to the network to which this router belongs | <code title="">string</code> | | <code title="">null</code> |
## Outputs
| name | description | sensitive |
|---|---|:---:|
| bgpsession | bgp session | |
| interconnect_attachment | interconnect attachment | |
| router | Router resource (only if auto-created). | |
<!-- END TFDOC -->

98
modules/net-interconnect-attachment-direct/main.tf Normal file
View File

@@ -0,0 +1,98 @@
/**
* Copyright 2021 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
locals {
router = (
var.router_create
? try(google_compute_router.router[0].name, null)
: var.router_name
)
vlan_interconnect = try(google_compute_interconnect_attachment.interconnect_vlan_attachment.name)
}
resource "google_compute_router" "router" {
count = var.router_create ? 1 : 0
project = var.project_id
region = var.region
name = var.router_name == "" ? "router-${var.name}" : var.router_name
description = var.router_config.description
network = var.router_network
bgp {
advertise_mode = (
var.router_config.advertise_config == null
? null
: var.router_config.advertise_config.mode
)
advertised_groups = (
var.router_config.advertise_config == null ? null : (
var.router_config.advertise_config.mode != "CUSTOM"
? null
: var.router_config.advertise_config.groups
)
)
dynamic "advertised_ip_ranges" {
for_each = (
var.router_config.advertise_config == null ? {} : (
var.router_config.advertise_config.mode != "CUSTOM"
? null
: var.router_config.advertise_config.ip_ranges
)
)
iterator = range
content {
range = range.key
description = range.value
}
}
asn = var.router_config.asn
}
}
resource "google_compute_interconnect_attachment" "interconnect_vlan_attachment" {
project = var.project_id
region = var.region
router = local.router
name = var.name
description = var.config.description
interconnect = var.interconnect
bandwidth = var.config.bandwidth
mtu = var.config.mtu
vlan_tag8021q = var.config.vlan_id
candidate_subnets = var.bgp == null ? null : var.bgp.candidate_ip_ranges
admin_enabled = var.config.admin_enabled
provider = google-beta
}
resource "google_compute_router_interface" "interface" {
project = var.project_id
region = var.region
name = "interface-${var.name}"
router = local.router
ip_range = var.bgp == null ? null : var.bgp.session_range
interconnect_attachment = local.vlan_interconnect
}
resource "google_compute_router_peer" "peer" {
project = var.project_id
region = var.region
name = "bgp-session-${var.name}"
router = local.router
peer_ip_address = var.peer.ip_address
peer_asn = var.peer.asn
advertised_route_priority = var.bgp == null ? null : var.bgp.advertised_route_priority
interface = local.vlan_interconnect
}

31
modules/net-interconnect-attachment-direct/outputs.tf Normal file
View File

@@ -0,0 +1,31 @@
/**
* Copyright 2021 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
output "bgpsession" {
description = "bgp session"
value = google_compute_router_peer.peer
}
output "interconnect_attachment" {
description = "interconnect attachment"
value = google_compute_interconnect_attachment.interconnect_vlan_attachment
}
output "router" {
description = "Router resource (only if auto-created)."
value = google_compute_router.router
}

115
modules/net-interconnect-attachment-direct/variables.tf Normal file
View File

@@ -0,0 +1,115 @@
/**
* Copyright 2021 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
variable "bgp" {
description = "Bgp session parameters"
type = object({
session_range = string
candidate_ip_ranges = list(string)
advertised_route_priority = number
})
default = null
}
variable "config" {
description = "VLAN attachment parameters: description, vlan_id, bandwidth, admin_enabled, interconnect"
type = object({
description = string
vlan_id = number
bandwidth = string
admin_enabled = bool
mtu = number
})
default = {
description = null
vlan_id = null
bandwidth = "BPS_10G"
admin_enabled = true
mtu = 1440
}
}
variable "interconnect" {
description = "URL of the underlying Interconnect object that this attachment's traffic will traverse through."
type = string
}
variable "name" {
description = "The name of the vlan attachment"
type = string
default = "vlan-attachment"
}
variable "peer" {
description = "Peer Ip address and asn. Only IPv4 supported"
type = object({
ip_address = string
asn = number
})
}
variable "project_id" {
description = "The project containing the resources"
type = string
}
variable "region" {
description = "Region where the router resides"
type = string
default = "europe-west1-b"
}
variable "router_config" {
description = "Router asn and custom advertisement configuration, ip_ranges is a map of address ranges and descriptions.. "
type = object({
description = string
asn = number
advertise_config = object({
groups = list(string)
ip_ranges = map(string)
mode = string
})
})
default = {
description = null
asn = 64514
advertise_config = null
}
}
variable "router_create" {
description = "Create router."
type = bool
default = true
}
variable "router_name" {
description = "Router name used for auto created router, or to specify an existing router to use if `router_create` is set to `true`. Leave blank to use vlan attachment name for auto created router."
type = string
default = "router-vlan-attachment"
}
variable "router_network" {
description = "A reference to the network to which this router belongs"
type = string
default = null
}

18
modules/net-interconnect-attachment-direct/versions.tf Normal file
View File

@@ -0,0 +1,18 @@
/**
* Copyright 2021 Google LLC
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
terraform {
required_version = ">= 0.12.6"
}