Add private, peering, forwarding dns zones
This commit is contained in:
parent
8eb8c84463
commit
7297dab63e
|
@ -0,0 +1,68 @@
|
||||||
|
# Copyright 2019 Google LLC
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# https://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
##############################################################
|
||||||
|
# DNS Zones #
|
||||||
|
##############################################################
|
||||||
|
|
||||||
|
module "hub-private-zone" {
|
||||||
|
source = "terraform-google-modules/cloud-dns/google"
|
||||||
|
version = "~> 2.0"
|
||||||
|
|
||||||
|
project_id = var.hub_project_id
|
||||||
|
type = "private"
|
||||||
|
name = "${var.private_dns_zone_name}-hub-private"
|
||||||
|
domain = var.private_dns_zone_domain
|
||||||
|
|
||||||
|
private_visibility_config_networks = [module.vpc-hub.network_self_link]
|
||||||
|
}
|
||||||
|
|
||||||
|
module "spoke-1-peering-zone" {
|
||||||
|
source = "terraform-google-modules/cloud-dns/google"
|
||||||
|
version = "~> 2.0"
|
||||||
|
|
||||||
|
project_id = var.spoke_1_project_id
|
||||||
|
type = "peering"
|
||||||
|
name = "${var.private_dns_zone_name}-spoke-1-peering"
|
||||||
|
domain = var.private_dns_zone_domain
|
||||||
|
|
||||||
|
private_visibility_config_networks = [module.vpc-spoke-1.network_self_link]
|
||||||
|
target_network = module.vpc-hub.network_self_link
|
||||||
|
}
|
||||||
|
|
||||||
|
module "spoke-2-peering-zone" {
|
||||||
|
source = "terraform-google-modules/cloud-dns/google"
|
||||||
|
version = "~> 2.0"
|
||||||
|
|
||||||
|
project_id = var.spoke_2_project_id
|
||||||
|
type = "peering"
|
||||||
|
name = "${var.private_dns_zone_name}-spoke-2-peering"
|
||||||
|
domain = var.private_dns_zone_domain
|
||||||
|
|
||||||
|
private_visibility_config_networks = [module.vpc-spoke-2.network_self_link]
|
||||||
|
target_network = module.vpc-hub.network_self_link
|
||||||
|
}
|
||||||
|
|
||||||
|
module "hub-forwarding-zone" {
|
||||||
|
source = "terraform-google-modules/cloud-dns/google"
|
||||||
|
version = "~> 2.0"
|
||||||
|
|
||||||
|
project_id = var.hub_project_id
|
||||||
|
type = "forwarding"
|
||||||
|
name = "${var.forwarding_dns_zone_name}-hub-forwarding"
|
||||||
|
domain = var.forwarding_dns_zone_domain
|
||||||
|
|
||||||
|
private_visibility_config_networks = [module.vpc-hub.network_self_link]
|
||||||
|
target_name_server_addresses = var.forwarding_zone_server_addresses
|
||||||
|
}
|
|
@ -25,7 +25,7 @@ resource "google_compute_instance" "hub" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork = element(module.vpc-hub.subnets_self_links, count.index)
|
subnetwork = element(module.vpc-hub.subnets_self_links, count.index)
|
||||||
access_config {}
|
access_config {}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -43,7 +43,7 @@ resource "google_compute_instance" "spoke-1" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork = element(module.vpc-spoke-1.subnets_self_links, count.index)
|
subnetwork = element(module.vpc-spoke-1.subnets_self_links, count.index)
|
||||||
access_config {}
|
access_config {}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -61,7 +61,7 @@ resource "google_compute_instance" "spoke-2" {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
network_interface {
|
network_interface {
|
||||||
subnetwork = element(module.vpc-spoke-2.subnets_self_links, count.index)
|
subnetwork = element(module.vpc-spoke-2.subnets_self_links, count.index)
|
||||||
access_config {}
|
access_config {}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -28,9 +28,9 @@ variable "prefix" {
|
||||||
description = "Prefix for VPC names."
|
description = "Prefix for VPC names."
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "hub_custom_route_advertisement" {
|
variable "spoke_to_spoke_route_advertisement" {
|
||||||
description = "Use custom route advertisement in hub routers to advertise all spoke subnets."
|
description = "Use custom route advertisement in hub routers to advertise all spoke subnets."
|
||||||
default = false
|
default = true
|
||||||
}
|
}
|
||||||
|
|
||||||
variable "hub_bgp_asn" {
|
variable "hub_bgp_asn" {
|
||||||
|
@ -96,3 +96,28 @@ variable "spoke_2_subnets" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "private_dns_zone_name" {
|
||||||
|
description = "Private DNS Zone Name."
|
||||||
|
default = "gcp-private"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "private_dns_zone_domain" {
|
||||||
|
description = "Private DNS Zone Domain."
|
||||||
|
default = "gcp.private"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "forwarding_dns_zone_name" {
|
||||||
|
description = "Forwarding DNS Zone Name."
|
||||||
|
default = "on-prem-private"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "forwarding_dns_zone_domain" {
|
||||||
|
description = "Forwarding DNS Zone Domain."
|
||||||
|
default = "on-prem.private"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "forwarding_zone_server_addresses" {
|
||||||
|
description = "Forwarding DNS Zone Server Addresses"
|
||||||
|
default = ["8.8.8.8", "8.8.4.4"]
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue