zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added support for global proxy only subnets

This commit is contained in:
Dave Gulli 2023-09-11 16:56:09 +10:00
parent 3915a016c9
commit b49984e1b9
2 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/net-vpc/README.md
View File

@ -287,6 +287,8 @@ Along with common private subnets module supports creation more service specific
- [Proxy-only subnets](https://cloud.google.com/load-balancing/docs/proxy-only-subnets) for Regional HTTPS Internal HTTPS Load Balancers
- [Private Service Connect](https://cloud.google.com/vpc/docs/private-service-connect#psc-subnets) subnets
- [Global Proxy-only subnet] (https://cloud.google.com/load-balancing/docs/proxy-only-subnets#envoy-lb) with purpose for Cross-region internal Application Load Balancers
```hcl
module "vpc" {
source = "./fabric/modules/net-vpc"
@ -308,6 +310,14 @@ module "vpc" {
region = "europe-west1"
}
]
subnets_global_proxy_only = [
{
ip_cidr_range = "10.0.4.0/24"
name = "global-proxy"
region = "australia-southeast2"
active = true
}
]
}
# tftest modules=1 resources=5 inventory=proxy-only-subnets.yaml
```

4
modules/net-vpc/subnets.tf
View File

@ -79,6 +79,10 @@ locals {
{ for s in var.subnets_psc : "${s.region}/${s.name}" => s },
{ for k, v in local._factory_subnets : k => v if v.purpose == "PRIVATE_SERVICE_CONNECT" }
)
subnets_global_proxy_only = merge(
{ for s in var.subnets_psc : "${s.region}/${s.name}" => s },
{ for k, v in local._factory_subnets : k => v if v.purpose == "GLOBAL_MANAGED_PROXY" }
)
}
resource "google_compute_subnetwork" "subnetwork" {