zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Set instance zone in net vpc route to avoid recreation (#90)

This commit is contained in:
Ludovico Magnocavallo 2020-06-07 18:06:15 +02:00 committed by GitHub
parent 7f49615c1d
commit cf79c65d3b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
modules/net-vpc/README.md
View File

@ -112,20 +112,21 @@ module "vpc-host" {
| name | The name of the network being created | <code title="">string</code> | ✓ | |
| project_id | The ID of the project where this VPC will be created | <code title="">string</code> | ✓ | |
| *auto_create_subnetworks* | Set to true to create an auto mode subnet, defaults to custom mode. | <code title="">bool</code> | | <code title="">false</code> |
| *delete_default_routes_on_create* | Set to true to delete the default routes at creation time. | <code title="">bool</code> | | <code title="">false</code> |
| *description* | An optional description of this resource (triggers recreation on change). | <code title="">string</code> | | <code title="">Terraform-managed.</code> |
| *iam_members* | List of IAM members keyed by subnet 'region/name' and role. | <code title="map&#40;map&#40;list&#40;string&#41;&#41;&#41;">map(map(list(string)))</code> | | <code title="">null</code> |
| *iam_roles* | List of IAM roles keyed by subnet 'region/name'. | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> | | <code title="">null</code> |
| *iam_members* | List of IAM members keyed by subnet 'region/name' and role. | <code title="map&#40;map&#40;list&#40;string&#41;&#41;&#41;">map(map(list(string)))</code> | | <code title="">{}</code> |
| *iam_roles* | List of IAM roles keyed by subnet 'region/name'. | <code title="map&#40;list&#40;string&#41;&#41;">map(list(string))</code> | | <code title="">{}</code> |
| *log_config_defaults* | Default configuration for flow logs when enabled. | <code title="object&#40;&#123;&#10;aggregation_interval &#61; string&#10;flow_sampling &#61; number&#10;metadata &#61; string&#10;&#125;&#41;">object({...})</code> | | <code title="&#123;&#10;aggregation_interval &#61; &#34;INTERVAL_5_SEC&#34;&#10;flow_sampling &#61; 0.5&#10;metadata &#61; &#34;INCLUDE_ALL_METADATA&#34;&#10;&#125;">...</code> |
| *log_configs* | Map keyed by subnet 'region/name' of optional configurations for flow logs when enabled. | <code title="map&#40;map&#40;string&#41;&#41;">map(map(string))</code> | | <code title="">null</code> |
| *log_configs* | Map keyed by subnet 'region/name' of optional configurations for flow logs when enabled. | <code title="map&#40;map&#40;string&#41;&#41;">map(map(string))</code> | | <code title="">{}</code> |
| *peering_config* | VPC peering configuration. | <code title="object&#40;&#123;&#10;peer_vpc_self_link &#61; string&#10;export_routes &#61; bool&#10;import_routes &#61; bool&#10;&#125;&#41;">object({...})</code> | | <code title="">null</code> |
| *routes* | Network routes, keyed by name. | <code title="map&#40;object&#40;&#123;&#10;dest_range &#61; string&#10;priority &#61; number&#10;tags &#61; list&#40;string&#41;&#10;next_hop_type &#61; string &#35; gateway, instance, ip, vpn_tunnel, ilb&#10;next_hop &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> | | <code title="">null</code> |
| *routes* | Network routes, keyed by name. | <code title="map&#40;object&#40;&#123;&#10;dest_range &#61; string&#10;priority &#61; number&#10;tags &#61; list&#40;string&#41;&#10;next_hop_type &#61; string &#35; gateway, instance, ip, vpn_tunnel, ilb&#10;next_hop &#61; string&#10;&#125;&#41;&#41;">map(object({...}))</code> | | <code title="">{}</code> |
| *routing_mode* | The network routing mode (default 'GLOBAL') | <code title="">string</code> | | <code title="">GLOBAL</code> |
| *shared_vpc_host* | Enable shared VPC for this project. | <code title="">bool</code> | | <code title="">false</code> |
| *shared_vpc_service_projects* | Shared VPC service projects to register with this host | <code title="list&#40;string&#41;">list(string)</code> | | <code title="">[]</code> |
| *subnet_descriptions* | Optional map of subnet descriptions, keyed by subnet 'region/name'. | <code title="map&#40;string&#41;">map(string)</code> | | <code title="">{}</code> |
| *subnet_flow_logs* | Optional map of boolean to control flow logs (default is disabled), keyed by subnet 'region/name'. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> |
| *subnet_private_access* | Optional map of boolean to control private Google access (default is enabled), keyed by subnet 'region/name'. | <code title="map&#40;bool&#41;">map(bool)</code> | | <code title="">{}</code> |
| *subnets* | The list of subnets being created | <code title="map&#40;object&#40;&#123;&#10;ip_cidr_range &#61; string&#10;region &#61; string&#10;secondary_ip_range &#61; map&#40;string&#41;&#10;&#125;&#41;&#41;">map(object({...}))</code> | | <code title="">null</code> |
| *subnets* | The list of subnets being created | <code title="list&#40;object&#40;&#123;&#10;name &#61; string&#10;ip_cidr_range &#61; string&#10;name &#61; string&#10;region &#61; string&#10;secondary_ip_range &#61; map&#40;string&#41;&#10;&#125;&#41;&#41;">list(object({...}))</code> | | <code title="">[]</code> |
## Outputs
@ -136,10 +137,10 @@ module "vpc-host" {
| network | Network resource. | |
| project_id | Shared VPC host project id. | |
| self_link | The URI of the VPC being created. | |
| subnet_ips | Map of subnet address ranges keyed by 'region/name'. | |
| subnet_regions | Map of subnet regions keyed by 'region/name'. | |
| subnet_secondary_ranges | Map of subnet secondary ranges keyed by 'region/name'. | |
| subnet_self_links | Map of subnet self links keyed by 'region/name'. | |
| subnet_ips | Map of subnet address ranges keyed by name. | |
| subnet_regions | Map of subnet regions keyed by name. | |
| subnet_secondary_ranges | Map of subnet secondary ranges keyed by name. | |
| subnet_self_links | Map of subnet self links keyed by name. | |
| subnets | Subnet resources. | |
<!-- END TFDOC -->

4
modules/net-vpc/main.tf
View File

@ -64,7 +64,7 @@ locals {
}
subnets = {
for subnet in var.subnets :
"${subnet.region}/${subnet.name}" => subnet
"${subnet.region}/${subnet.name}" => subnet
}
}
@ -184,6 +184,8 @@ resource "google_compute_route" "instance" {
priority = each.value.priority
tags = each.value.tags
next_hop_instance = each.value.next_hop
# not setting the instance zone will trigger a refresh
next_hop_instance_zone = regex("zones/([^/]+)/", each.value.next_hop)[0]
}
resource "google_compute_route" "ip" {

8
modules/net-vpc/variables.tf
View File

@ -35,19 +35,19 @@ variable "description" {
variable "iam_roles" {
description = "List of IAM roles keyed by subnet 'region/name'."
type = map(list(string))
default = null
default = {}
}
variable "iam_members" {
description = "List of IAM members keyed by subnet 'region/name' and role."
type = map(map(list(string)))
default = null
default = {}
}
variable "log_configs" {
description = "Map keyed by subnet 'region/name' of optional configurations for flow logs when enabled."
type = map(map(string))
default = null
default = {}
}
variable "log_config_defaults" {
@ -93,7 +93,7 @@ variable "routes" {
next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb
next_hop = string
}))
default = null
default = {}
}
variable "routing_mode" {