Add support for single-sided peerings.
This commit is contained in:
parent
ab39c9e4d4
commit
db330fe063
|
@ -14,6 +14,7 @@ All notable changes to this project will be documented in this file.
|
||||||
- add support for virtual displays in `compute-vm`
|
- add support for virtual displays in `compute-vm`
|
||||||
- add examples of alias IPs in `compute-vm` module
|
- add examples of alias IPs in `compute-vm` module
|
||||||
- fix support for creating disks from images in `compute-vm`
|
- fix support for creating disks from images in `compute-vm`
|
||||||
|
- allow creating single-sided peerings in `net-vpc` and `net-vpc-peering`
|
||||||
|
|
||||||
## [3.4.0] - 2020-09-24
|
## [3.4.0] - 2020-09-24
|
||||||
|
|
||||||
|
|
|
@ -53,7 +53,8 @@ module "peering-a-c" {
|
||||||
| *export_local_custom_routes* | Export custom routes to peer network from local network. | <code title="">bool</code> | | <code title="">false</code> |
|
| *export_local_custom_routes* | Export custom routes to peer network from local network. | <code title="">bool</code> | | <code title="">false</code> |
|
||||||
| *export_peer_custom_routes* | Export custom routes to local network from peer network. | <code title="">bool</code> | | <code title="">false</code> |
|
| *export_peer_custom_routes* | Export custom routes to local network from peer network. | <code title="">bool</code> | | <code title="">false</code> |
|
||||||
| *module_depends_on* | List of modules or resources this module depends on. | <code title="">list</code> | | <code title="">[]</code> |
|
| *module_depends_on* | List of modules or resources this module depends on. | <code title="">list</code> | | <code title="">[]</code> |
|
||||||
| *prefix* | Name prefix for the network peerings | <code title="">string</code> | | <code title="">network-peering</code> |
|
| *peer_create_peering* | Create the peering on the remote side. If false, only the peering from this network to the remote network is created. | <code title="">bool</code> | | <code title="">true</code> |
|
||||||
|
| *prefix* | Name prefix for the network peerings. | <code title="">string</code> | | <code title="">network-peering</code> |
|
||||||
|
|
||||||
## Outputs
|
## Outputs
|
||||||
|
|
||||||
|
|
|
@ -30,6 +30,7 @@ resource "google_compute_network_peering" "local_network_peering" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_network_peering" "peer_network_peering" {
|
resource "google_compute_network_peering" "peer_network_peering" {
|
||||||
|
count = var.peer_create_peering ? 1 : 0
|
||||||
name = "${var.prefix}-${local.peer_network_name}-${local.local_network_name}"
|
name = "${var.prefix}-${local.peer_network_name}-${local.local_network_name}"
|
||||||
network = var.peer_network
|
network = var.peer_network
|
||||||
peer_network = var.local_network
|
peer_network = var.local_network
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
variable "prefix" {
|
variable "prefix" {
|
||||||
description = "Name prefix for the network peerings"
|
description = "Name prefix for the network peerings."
|
||||||
type = string
|
type = string
|
||||||
default = "network-peering"
|
default = "network-peering"
|
||||||
}
|
}
|
||||||
|
@ -47,3 +47,9 @@ variable "module_depends_on" {
|
||||||
type = list
|
type = list
|
||||||
default = []
|
default = []
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "peer_create_peering" {
|
||||||
|
description = "Create the peering on the remote side. If false, only the peering from this network to the remote network is created."
|
||||||
|
type = bool
|
||||||
|
default = true
|
||||||
|
}
|
||||||
|
|
|
@ -37,6 +37,8 @@ module "vpc" {
|
||||||
|
|
||||||
A single peering can be configured for the VPC, so as to allow management of simple scenarios, and more complex configurations like hub and spoke by defining the peering configuration on the spoke VPCs. Care must be taken so as a single peering is created/changed/destroyed at a time, due to the specific behaviour of the peering API calls.
|
A single peering can be configured for the VPC, so as to allow management of simple scenarios, and more complex configurations like hub and spoke by defining the peering configuration on the spoke VPCs. Care must be taken so as a single peering is created/changed/destroyed at a time, due to the specific behaviour of the peering API calls.
|
||||||
|
|
||||||
|
If you only want to create the "local" side of the peering, use `peering_create_remote_end` to `false`. This is useful if you don't have permissions on the remote project/VPC to create peerings.
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
module "vpc-spoke-1" {
|
module "vpc-spoke-1" {
|
||||||
source = "../modules/net-vpc"
|
source = "../modules/net-vpc"
|
||||||
|
@ -119,6 +121,7 @@ module "vpc-host" {
|
||||||
| *log_config_defaults* | Default configuration for flow logs when enabled. | <code title="object({ aggregation_interval = string flow_sampling = number metadata = string })">object({...})</code> | | <code title="{ aggregation_interval = "INTERVAL_5_SEC" flow_sampling = 0.5 metadata = "INCLUDE_ALL_METADATA" }">...</code> |
|
| *log_config_defaults* | Default configuration for flow logs when enabled. | <code title="object({ aggregation_interval = string flow_sampling = number metadata = string })">object({...})</code> | | <code title="{ aggregation_interval = "INTERVAL_5_SEC" flow_sampling = 0.5 metadata = "INCLUDE_ALL_METADATA" }">...</code> |
|
||||||
| *log_configs* | Map keyed by subnet 'region/name' of optional configurations for flow logs when enabled. | <code title="map(map(string))">map(map(string))</code> | | <code title="">{}</code> |
|
| *log_configs* | Map keyed by subnet 'region/name' of optional configurations for flow logs when enabled. | <code title="map(map(string))">map(map(string))</code> | | <code title="">{}</code> |
|
||||||
| *peering_config* | VPC peering configuration. | <code title="object({ peer_vpc_self_link = string export_routes = bool import_routes = bool })">object({...})</code> | | <code title="">null</code> |
|
| *peering_config* | VPC peering configuration. | <code title="object({ peer_vpc_self_link = string export_routes = bool import_routes = bool })">object({...})</code> | | <code title="">null</code> |
|
||||||
|
| *peering_create_remote_end* | Skip creation of peering on the remote end when using peering_config | <code title="">bool</code> | | <code title="">true</code> |
|
||||||
| *routes* | Network routes, keyed by name. | <code title="map(object({ dest_range = string priority = number tags = list(string) next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb next_hop = string }))">map(object({...}))</code> | | <code title="">{}</code> |
|
| *routes* | Network routes, keyed by name. | <code title="map(object({ dest_range = string priority = number tags = list(string) next_hop_type = string # gateway, instance, ip, vpn_tunnel, ilb next_hop = string }))">map(object({...}))</code> | | <code title="">{}</code> |
|
||||||
| *routing_mode* | The network routing mode (default 'GLOBAL') | <code title="">string</code> | | <code title="">GLOBAL</code> |
|
| *routing_mode* | The network routing mode (default 'GLOBAL') | <code title="">string</code> | | <code title="">GLOBAL</code> |
|
||||||
| *shared_vpc_host* | Enable shared VPC for this project. | <code title="">bool</code> | | <code title="">false</code> |
|
| *shared_vpc_host* | Enable shared VPC for this project. | <code title="">bool</code> | | <code title="">false</code> |
|
||||||
|
|
|
@ -101,7 +101,7 @@ resource "google_compute_network_peering" "local" {
|
||||||
|
|
||||||
resource "google_compute_network_peering" "remote" {
|
resource "google_compute_network_peering" "remote" {
|
||||||
provider = google-beta
|
provider = google-beta
|
||||||
count = var.peering_config == null ? 0 : 1
|
count = var.peering_config != null && var.peering_create_remote_end ? 1 : 0
|
||||||
name = "${local.peer_network}-${var.name}"
|
name = "${local.peer_network}-${var.name}"
|
||||||
network = var.peering_config.peer_vpc_self_link
|
network = var.peering_config.peer_vpc_self_link
|
||||||
peer_network = local.network.self_link
|
peer_network = local.network.self_link
|
||||||
|
|
|
@ -79,6 +79,12 @@ variable "peering_config" {
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "peering_create_remote_end" {
|
||||||
|
description = "Skip creation of peering on the remote end when using peering_config"
|
||||||
|
type = bool
|
||||||
|
default = true
|
||||||
|
}
|
||||||
|
|
||||||
variable "project_id" {
|
variable "project_id" {
|
||||||
description = "The ID of the project where this VPC will be created"
|
description = "The ID of the project where this VPC will be created"
|
||||||
type = string
|
type = string
|
||||||
|
|
Loading…
Reference in New Issue