2023-03-08 09:53:38 -08:00
# NCC Spoke RA Module
2023-03-06 11:47:18 -08:00
2023-03-08 09:53:38 -08:00
This module allows management of NCC Spokes backed by Router Appliances. Network virtual appliances used as router appliances allow to connect an external network to Google Cloud by using a SD-WAN router or another appliance with BGP capabilities (_site-to-cloud_ connectivity). It is also possible to enable site-to-site data transfer, although this feature is not available in all regions, particularly not in EMEA.
2023-03-06 11:47:18 -08:00
2023-03-08 09:53:38 -08:00
The module manages a hub (optionally), a spoke, and the corresponding Cloud Router and BGP sessions to the router appliance(s).
2023-03-06 11:47:18 -08:00
## Examples
2023-03-08 09:53:38 -08:00
### Simple hub & spoke
2023-03-06 11:55:36 -08:00
2023-03-06 11:47:18 -08:00
```hcl
2023-03-08 09:53:38 -08:00
module "spoke-ra" {
2023-03-08 10:48:51 -08:00
source = "./fabric/modules/ncc-spoke-ra"
2023-03-08 09:53:38 -08:00
hub = { create = true, name = "ncc-hub" }
name = "spoke-ra"
2023-03-08 10:48:51 -08:00
project_id = "my-project"
2023-03-09 04:05:45 -08:00
region = "europe-west1"
router_appliances = [
2023-03-07 01:37:58 -08:00
{
2023-03-09 04:05:45 -08:00
internal_ip = "10.0.0.3"
vm_self_link = "projects/my-project/zones/europe-west1-b/instances/router-app"
2023-03-07 01:37:58 -08:00
}
]
2023-03-09 04:05:45 -08:00
router_config = {
asn = 65000
2023-03-21 00:07:44 -07:00
ip_interface0 = "10.0.0.14"
ip_interface1 = "10.0.0.15"
2023-03-09 04:05:45 -08:00
peer_asn = 65001
}
vpc_config = {
network_name = "my-vpc"
subnet_self_link = var.subnet.self_link
}
2023-03-07 01:37:58 -08:00
}
2023-03-08 10:48:51 -08:00
# tftest modules=1 resources=7
2023-03-08 09:53:38 -08:00
```
2023-03-07 01:37:58 -08:00
2023-03-08 09:53:38 -08:00
### Two spokes
2023-03-07 01:37:58 -08:00
2023-03-08 09:53:38 -08:00
```hcl
2023-03-08 10:48:51 -08:00
module "spoke-ra-a" {
source = "./fabric/modules/ncc-spoke-ra"
2023-03-08 09:53:38 -08:00
hub = { name = "ncc-hub" }
2023-03-08 10:48:51 -08:00
name = "spoke-ra-a"
project_id = "my-project"
2023-03-09 04:05:45 -08:00
region = "europe-west1"
router_appliances = [
2023-03-07 01:37:58 -08:00
{
2023-03-09 04:05:45 -08:00
internal_ip = "10.0.0.3"
vm_self_link = "projects/my-project/zones/europe-west1-b/instances/router-app-a"
2023-03-07 01:37:58 -08:00
}
]
2023-03-09 04:05:45 -08:00
router_config = {
asn = 65000
2023-03-21 00:07:44 -07:00
ip_interface0 = "10.0.0.14"
ip_interface1 = "10.0.0.15"
2023-03-09 04:05:45 -08:00
peer_asn = 65001
}
vpc_config = {
network_name = "my-vpc1"
subnet_self_link = "projects/my-project/regions/europe-west1/subnetworks/subnet"
}
2023-03-07 01:37:58 -08:00
}
2023-03-08 10:48:51 -08:00
module "spoke-ra-b" {
source = "./fabric/modules/ncc-spoke-ra"
2023-03-08 09:53:38 -08:00
hub = { name = "ncc-hub" }
2023-03-08 10:48:51 -08:00
name = "spoke-ra-b"
project_id = "my-project"
2023-03-09 04:05:45 -08:00
region = "europe-west3"
router_appliances = [
2023-03-07 02:06:23 -08:00
{
2023-03-09 04:05:45 -08:00
internal_ip = "10.1.0.5"
vm_self_link = "projects/my-project/zones/europe-west3-b/instances/router-app-b"
2023-03-07 02:06:23 -08:00
}
]
2023-03-09 04:05:45 -08:00
router_config = {
asn = 65000
2023-03-21 00:07:44 -07:00
ip_interface0 = "10.0.0.14"
ip_interface1 = "10.0.0.15"
2023-03-09 04:05:45 -08:00
peer_asn = 65002
}
vpc_config = {
network_name = "my-vpc2"
subnet_self_link = "projects/my-project/regions/europe-west3/subnetworks/subnet"
}
2023-03-07 02:06:23 -08:00
}
2023-03-08 10:48:51 -08:00
# tftest modules=2 resources=12
2023-03-08 09:53:38 -08:00
```
2023-03-07 02:06:23 -08:00
2023-03-08 09:53:38 -08:00
### Spoke with load-balanced router appliances
2023-03-07 02:06:23 -08:00
2023-03-08 09:53:38 -08:00
```hcl
module "spoke-ra" {
2023-03-08 10:48:51 -08:00
source = "./fabric/modules/ncc-spoke-ra"
2023-03-08 09:53:38 -08:00
hub = { name = "ncc-hub" }
name = "spoke-ra"
2023-03-08 10:48:51 -08:00
project_id = "my-project"
2023-03-09 04:05:45 -08:00
region = "europe-west1"
router_appliances = [
2023-03-08 09:53:38 -08:00
{
2023-03-09 04:05:45 -08:00
internal_ip = "10.0.0.3"
vm_self_link = "projects/my-project/zones/europe-west1-b/instances/router-app-a"
2023-03-08 09:53:38 -08:00
},
2023-03-07 02:54:34 -08:00
{
2023-03-09 04:05:45 -08:00
internal_ip = "10.0.0.4"
vm_self_link = "projects/my-project/zones/europe-west1-c/instances/router-app-b"
2023-03-07 02:54:34 -08:00
}
]
2023-03-09 04:05:45 -08:00
router_config = {
asn = 65000
custom_advertise = {
all_subnets = true
ip_ranges = {
2023-03-09 06:12:34 -08:00
"10.10.0.0/24" = "peered-vpc"
2023-03-09 04:05:45 -08:00
}
}
2023-03-21 00:07:44 -07:00
ip_interface0 = "10.0.0.14"
ip_interface1 = "10.0.0.15"
2023-03-09 04:05:45 -08:00
peer_asn = 65001
}
vpc_config = {
network_name = "my-vpc"
subnet_self_link = var.subnet.self_link
}
2023-03-07 02:54:34 -08:00
}
2023-03-08 10:48:51 -08:00
# tftest modules=1 resources=8
2023-03-07 02:54:34 -08:00
```
2023-03-07 04:04:15 -08:00
<!-- BEGIN TFDOC -->
## Variables
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
2023-03-09 03:03:00 -08:00
| [hub ](variables.tf#L23 ) | The name of the NCC hub to create or use. | < code title = "object({ create = optional(bool, false) description = optional(string) name = string })" > object({…}) </ code > | ✓ | |
| [name ](variables.tf#L32 ) | The name of the NCC spoke. | < code > string</ code > | ✓ | |
| [project_id ](variables.tf#L37 ) | The ID of the project where the NCC hub & spokes will be created. | < code > string</ code > | ✓ | |
| [region ](variables.tf#L42 ) | Region where the spoke is located. | < code > string</ code > | ✓ | |
| [router_appliances ](variables.tf#L47 ) | List of router appliances this spoke is associated with. | < code title = "list(object({ internal_ip = string vm_self_link = string }))" > list( object({…})) </ code > | ✓ | |
2023-03-21 00:07:44 -07:00
| [router_config ](variables.tf#L55 ) | Configuration of the Cloud Router. | < code title = "object({ asn = number custom_advertise = optional(object({ all_subnets = bool ip_ranges = map(string) })) ip_interface0 = string ip_interface1 = string keepalive = optional(number) peer_asn = number routes_priority = optional(number, 100) })" > object({…}) </ code > | ✓ | |
| [vpc_config ](variables.tf#L71 ) | Network and subnetwork for the CR interfaces. | < code title = "object({ network_name = string subnet_self_link = string })" > object({…}) </ code > | ✓ | |
2023-03-09 03:03:00 -08:00
| [data_transfer ](variables.tf#L17 ) | Site-to-site data transfer feature, available only in some regions. | < code > bool</ code > | | < code > false</ code > |
2023-03-08 09:53:38 -08:00
## Outputs
| name | description | sensitive |
|---|---|:---:|
2023-03-09 06:35:13 -08:00
| [hub ](outputs.tf#L17 ) | NCC hub resource (only if auto-created). | |
2023-06-02 07:07:22 -07:00
| [id ](outputs.tf#L22 ) | Fully qualified hub id. | |
| [router ](outputs.tf#L27 ) | Cloud Router resource. | |
| [spoke-ra ](outputs.tf#L32 ) | NCC spoke resource. | |
2023-03-07 04:04:15 -08:00
<!-- END TFDOC -->