Merge pull request #284 from lgandras/master
Allow using gVNIC in compute-vm (#211)
This commit is contained in:
commit
f387d99893
|
@ -110,7 +110,6 @@ module "simple-vm-example" {
|
|||
subnetwork = try(module.vpc.subnet_self_links["${var.region}/${var.name}-default"], "")
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
tags = ["${var.project_id}-test-feed", "shared-test-feed"]
|
||||
}
|
||||
|
|
|
@ -111,7 +111,6 @@ module "vm-ns-editor" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region}/${var.name}-default"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
metadata = { startup-script = local.startup-script }
|
||||
service_account_create = true
|
||||
|
@ -128,7 +127,6 @@ module "vm-svc-editor" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region}/${var.name}-default"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
metadata = { startup-script = local.startup-script }
|
||||
service_account_create = true
|
||||
|
|
|
@ -27,7 +27,6 @@ module "vm1" {
|
|||
subnetwork = module.shared-vpc.subnet_self_links["${var.region}/subnet-01"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
tags = ["test-dns"]
|
||||
}
|
||||
|
@ -42,7 +41,6 @@ module "vm2" {
|
|||
subnetwork = module.shared-vpc.subnet_self_links["${var.region}/subnet-01"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
tags = ["test-dns"]
|
||||
}
|
||||
|
|
|
@ -106,7 +106,6 @@ module "vm_example" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region}/subnet"],
|
||||
nat = false,
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
attached_disks = [
|
||||
{
|
||||
|
|
|
@ -206,7 +206,6 @@ module "vm_example" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region}/${var.vpc_subnet_name}"],
|
||||
nat = false,
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
attached_disks = [
|
||||
{
|
||||
|
|
|
@ -24,7 +24,6 @@ module "nginx-template" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
@ -71,7 +70,6 @@ module "nginx-template" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
@ -125,7 +123,6 @@ module "nginx-template" {
|
|||
subnetwork = var.subnet.self_link,
|
||||
nat = false,
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
@ -182,7 +179,6 @@ module "nginx-template" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
@ -235,7 +231,6 @@ module "nginx-template" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
|
|
@ -24,7 +24,6 @@ module "simple-vm-example" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
service_account_create = true
|
||||
}
|
||||
|
@ -54,7 +53,6 @@ module "simple-vm-example" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
attached_disks = [{
|
||||
name = "repd-1"
|
||||
|
@ -85,7 +83,6 @@ module "simple-vm-example" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
attached_disks = [{
|
||||
name = "repd"
|
||||
|
@ -119,7 +116,6 @@ module "kms-vm-example" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
attached_disks = [
|
||||
{
|
||||
|
@ -147,7 +143,7 @@ module "kms-vm-example" {
|
|||
|
||||
### Using Alias IPs
|
||||
|
||||
This example shows how add additional [Alias IPs](https://cloud.google.com/vpc/docs/alias-ip) to your VM.
|
||||
This example shows how to add additional [Alias IPs](https://cloud.google.com/vpc/docs/alias-ip) to your VM.
|
||||
|
||||
```hcl
|
||||
module "vm-with-alias-ips" {
|
||||
|
@ -160,10 +156,67 @@ module "vm-with-alias-ips" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
}]
|
||||
network_interface_options = {
|
||||
0 = {
|
||||
alias_ips = {
|
||||
alias1 = "10.16.0.10/32"
|
||||
}
|
||||
nic_type = null
|
||||
}
|
||||
}
|
||||
service_account_create = true
|
||||
}
|
||||
# tftest:modules=1:resources=2
|
||||
```
|
||||
|
||||
### Using gVNIC
|
||||
|
||||
This example shows how to enable [gVNIC](https://cloud.google.com/compute/docs/networking/using-gvnic) on your VM by customizing a `cos` image. Given that gVNIC needs to be enabled as an instance configuration and as a guest os configuration, you'll need to supply a bootable disk with `guest_os_features=GVNIC`. `SEV_CAPABLE`, `UEFI_COMPATIBLE` and `VIRTIO_SCSI_MULTIQUEUE` are enabled implicitly in the `cos`, `rhel`, `centos` and other images.
|
||||
|
||||
```hcl
|
||||
|
||||
resource "google_compute_image" "cos-gvnic" {
|
||||
project = "my-project"
|
||||
name = "my-image"
|
||||
source_image = "https://www.googleapis.com/compute/v1/projects/cos-cloud/global/images/cos-89-16108-534-18"
|
||||
|
||||
guest_os_features {
|
||||
type = "GVNIC"
|
||||
}
|
||||
guest_os_features {
|
||||
type = "SEV_CAPABLE"
|
||||
}
|
||||
guest_os_features {
|
||||
type = "UEFI_COMPATIBLE"
|
||||
}
|
||||
guest_os_features {
|
||||
type = "VIRTIO_SCSI_MULTIQUEUE"
|
||||
}
|
||||
}
|
||||
|
||||
module "vm-with-gvnic" {
|
||||
source = "./modules/compute-vm"
|
||||
project_id = "my-project"
|
||||
zone = "europe-west1-b"
|
||||
name = "test"
|
||||
boot_disk = {
|
||||
image = google_compute_image.cos-gvnic.self_link
|
||||
type = "pd-ssd"
|
||||
size = 10
|
||||
}
|
||||
network_interfaces = [{
|
||||
network = var.vpc.self_link
|
||||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
}]
|
||||
network_interface_options = {
|
||||
0 = {
|
||||
alias_ips = null
|
||||
nic_type = "GVNIC"
|
||||
}
|
||||
}
|
||||
service_account_create = true
|
||||
}
|
||||
# tftest:modules=1:resources=2
|
||||
|
@ -184,7 +237,6 @@ module "cos-test" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
@ -225,7 +277,6 @@ module "instance-group" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
@ -248,7 +299,7 @@ module "instance-group" {
|
|||
| name | description | type | required | default |
|
||||
|---|---|:---: |:---:|:---:|
|
||||
| name | Instance name. | <code title="">string</code> | ✓ | |
|
||||
| network_interfaces | Network interfaces configuration. Use self links for Shared VPC, set addresses and alias_ips to null if not needed. | <code title="list(object({ nat = bool network = string subnetwork = string addresses = object({ internal = string external = string }) alias_ips = map(string) }))">list(object({...}))</code> | ✓ | |
|
||||
| network_interfaces | Network interfaces configuration. Use self links for Shared VPC, set addresses to null if not needed. | <code title="list(object({ nat = bool network = string subnetwork = string addresses = object({ internal = string external = string }) }))">list(object({...}))</code> | ✓ | |
|
||||
| project_id | Project id. | <code title="">string</code> | ✓ | |
|
||||
| zone | Compute zone. | <code title="">string</code> | ✓ | |
|
||||
| *attached_disk_defaults* | Defaults for attached disks options. | <code title="object({ mode = string replica_zone = string type = string })">object({...})</code> | | <code title="{ auto_delete = true mode = "READ_WRITE" replica_zone = null type = "pd-balanced" }">...</code> |
|
||||
|
@ -268,6 +319,7 @@ module "instance-group" {
|
|||
| *labels* | Instance labels. | <code title="map(string)">map(string)</code> | | <code title="">{}</code> |
|
||||
| *metadata* | Instance metadata. | <code title="map(string)">map(string)</code> | | <code title="">{}</code> |
|
||||
| *min_cpu_platform* | Minimum CPU platform. | <code title="">string</code> | | <code title="">null</code> |
|
||||
| *network_interface_options* | Network interfaces extended options. The key is the index of the inteface to configure. The value is an object with alias_ips and nic_type. Set alias_ips or nic_type to null if you need only one of them. | <code title="map(object({ alias_ips = map(string) nic_type = string }))">map(object({...}))</code> | | <code title="">{}</code> |
|
||||
| *options* | Instance options. | <code title="object({ allow_stopping_for_update = bool deletion_protection = bool preemptible = bool })">object({...})</code> | | <code title="{ allow_stopping_for_update = true deletion_protection = false preemptible = false }">...</code> |
|
||||
| *scratch_disks* | Scratch disks configuration. | <code title="object({ count = number interface = string })">object({...})</code> | | <code title="{ count = 0 interface = "NVME" }">...</code> |
|
||||
| *service_account* | Service account email. Unused if service account is auto-created. | <code title="">string</code> | | <code title="">null</code> |
|
||||
|
|
|
@ -60,6 +60,13 @@ locals {
|
|||
]
|
||||
)
|
||||
)
|
||||
|
||||
network_interface_options = {
|
||||
for i, v in var.network_interfaces : i => lookup(var.network_interface_options, i, {
|
||||
alias_ips = null,
|
||||
nic_type = null
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
resource "google_compute_disk" "disks" {
|
||||
|
@ -193,13 +200,14 @@ resource "google_compute_instance" "default" {
|
|||
}
|
||||
}
|
||||
dynamic "alias_ip_range" {
|
||||
for_each = config.value.alias_ips != null ? config.value.alias_ips : {}
|
||||
for_each = local.network_interface_options[config.key].alias_ips != null ? local.network_interface_options[config.key].alias_ips : {}
|
||||
iterator = config_alias
|
||||
content {
|
||||
subnetwork_range_name = config_alias.key
|
||||
ip_cidr_range = config_alias.value
|
||||
}
|
||||
}
|
||||
nic_type = local.network_interface_options[config.key].nic_type
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -318,13 +326,14 @@ resource "google_compute_instance_template" "default" {
|
|||
}
|
||||
}
|
||||
dynamic "alias_ip_range" {
|
||||
for_each = config.value.alias_ips != null ? config.value.alias_ips : {}
|
||||
for_each = local.network_interface_options[config.key].alias_ips != null ? local.network_interface_options[config.key].alias_ips : {}
|
||||
iterator = config_alias
|
||||
content {
|
||||
subnetwork_range_name = config_alias.key
|
||||
ip_cidr_range = config_alias.value
|
||||
}
|
||||
}
|
||||
nic_type = local.network_interface_options[config.key].nic_type
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -162,8 +162,17 @@ variable "name" {
|
|||
type = string
|
||||
}
|
||||
|
||||
variable "network_interface_options" {
|
||||
description = "Network interfaces extended options. The key is the index of the inteface to configure. The value is an object with alias_ips and nic_type. Set alias_ips or nic_type to null if you need only one of them."
|
||||
type = map(object({
|
||||
alias_ips = map(string)
|
||||
nic_type = string
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "network_interfaces" {
|
||||
description = "Network interfaces configuration. Use self links for Shared VPC, set addresses and alias_ips to null if not needed."
|
||||
description = "Network interfaces configuration. Use self links for Shared VPC, set addresses to null if not needed."
|
||||
type = list(object({
|
||||
nat = bool
|
||||
network = string
|
||||
|
@ -172,7 +181,6 @@ variable "network_interfaces" {
|
|||
internal = string
|
||||
external = string
|
||||
})
|
||||
alias_ips = map(string)
|
||||
}))
|
||||
}
|
||||
|
||||
|
|
|
@ -72,7 +72,6 @@ module "instance-group" {
|
|||
subnetwork = var.subnet.self_link
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "projects/cos-cloud/global/images/family/cos-stable"
|
||||
|
|
|
@ -158,7 +158,6 @@ module "squid-vm" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region}/proxy"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "cos-cloud/cos-stable"
|
||||
|
@ -270,7 +269,6 @@ module "test-vm" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region}/apps"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
boot_disk = {
|
||||
image = "debian-cloud/debian-10"
|
||||
|
|
|
@ -182,7 +182,6 @@ module "vm-hub" {
|
|||
subnetwork = module.vpc-hub.subnet_self_links["${var.region}/${local.prefix}hub-1"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
metadata = { startup-script = local.vm-startup-script }
|
||||
service_account = module.service-account-gce.email
|
||||
|
@ -200,7 +199,6 @@ module "vm-spoke-1" {
|
|||
subnetwork = module.vpc-spoke-1.subnet_self_links["${var.region}/${local.prefix}spoke-1-1"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
metadata = { startup-script = local.vm-startup-script }
|
||||
service_account = module.service-account-gce.email
|
||||
|
@ -218,7 +216,6 @@ module "vm-spoke-2" {
|
|||
subnetwork = module.vpc-spoke-2.subnet_self_links["${var.region}/${local.prefix}spoke-2-1"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
metadata = { startup-script = local.vm-startup-script }
|
||||
service_account = module.service-account-gce.email
|
||||
|
|
|
@ -250,7 +250,6 @@ module "vm-spoke-1" {
|
|||
subnetwork = module.vpc-spoke-1.subnet_self_links["${var.regions.b}/spoke-1-b"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
tags = ["ssh"]
|
||||
metadata = { startup-script = local.vm-startup-script }
|
||||
|
@ -266,7 +265,6 @@ module "vm-spoke-2" {
|
|||
subnetwork = module.vpc-spoke-2.subnet_self_links["${var.regions.b}/spoke-2-b"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
tags = ["ssh"]
|
||||
metadata = { startup-script = local.vm-startup-script }
|
||||
|
|
|
@ -33,15 +33,13 @@ module "gw" {
|
|||
network = module.vpc-left.self_link
|
||||
subnetwork = values(module.vpc-left.subnet_self_links)[0],
|
||||
nat = false,
|
||||
addresses = null,
|
||||
alias_ips = null
|
||||
addresses = null
|
||||
},
|
||||
{
|
||||
network = module.vpc-right.self_link
|
||||
subnetwork = values(module.vpc-right.subnet_self_links)[0],
|
||||
nat = false,
|
||||
addresses = null,
|
||||
alias_ips = null
|
||||
addresses = null
|
||||
}
|
||||
]
|
||||
tags = ["ssh"]
|
||||
|
|
|
@ -35,7 +35,6 @@ module "vm-left" {
|
|||
subnetwork = values(module.vpc-left.subnet_self_links)[0]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}
|
||||
]
|
||||
tags = ["ssh"]
|
||||
|
@ -61,7 +60,6 @@ module "vm-right" {
|
|||
subnetwork = values(module.vpc-right.subnet_self_links)[0]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}
|
||||
]
|
||||
tags = ["ssh"]
|
||||
|
|
|
@ -239,7 +239,6 @@ module "vm-test1" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region.gcp1}/subnet1"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
metadata = { startup-script = local.vm-startup-script }
|
||||
service_account = module.service-account-gce.email
|
||||
|
@ -257,7 +256,6 @@ module "vm-test2" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region.gcp2}/subnet2"]
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
metadata = { startup-script = local.vm-startup-script }
|
||||
service_account = module.service-account-gce.email
|
||||
|
@ -325,7 +323,6 @@ module "vm-onprem" {
|
|||
subnetwork = module.vpc.subnet_self_links["${var.region.gcp1}/subnet1"]
|
||||
nat = true
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
service_account = module.service-account-onprem.email
|
||||
service_account_scopes = ["https://www.googleapis.com/auth/cloud-platform"]
|
||||
|
|
|
@ -187,7 +187,6 @@ module "test-vm" {
|
|||
}
|
||||
network_interfaces = [{
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
nat = false
|
||||
network = module.vpc-onprem.self_link
|
||||
subnetwork = module.vpc-onprem.subnet_self_links["${var.region}/${var.name}-onprem"]
|
||||
|
|
|
@ -176,7 +176,6 @@ module "vm-bastion" {
|
|||
subnetwork = lookup(module.vpc-shared.subnet_self_links, "${var.region}/gce", null)
|
||||
nat = false
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
tags = ["ssh"]
|
||||
metadata = {
|
||||
|
|
|
@ -78,17 +78,23 @@ variable "network_interfaces" {
|
|||
internal = string
|
||||
external = string
|
||||
})
|
||||
alias_ips = map(string)
|
||||
}))
|
||||
default = [{
|
||||
network = "https://www.googleapis.com/compute/v1/projects/my-project/global/networks/default",
|
||||
subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default",
|
||||
nat = false,
|
||||
addresses = null
|
||||
alias_ips = null
|
||||
}]
|
||||
}
|
||||
|
||||
variable "network_interface_options" {
|
||||
type = map(object({
|
||||
alias_ips = map(string)
|
||||
nic_type = string
|
||||
}))
|
||||
default = {}
|
||||
}
|
||||
|
||||
variable "service_account_create" {
|
||||
type = bool
|
||||
default = false
|
||||
|
|
|
@ -26,7 +26,6 @@ def test_address(plan_runner):
|
|||
subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default",
|
||||
nat = false,
|
||||
addresses = {external=null, internal="10.0.0.2"}
|
||||
alias_ips = null
|
||||
}]
|
||||
'''
|
||||
_, resources = plan_runner(FIXTURES_DIR, network_interfaces=nics)
|
||||
|
@ -42,7 +41,6 @@ def test_nat_address(plan_runner):
|
|||
subnetwork = "https://www.googleapis.com/compute/v1/projects/my-project/regions/europe-west1/subnetworks/default-default",
|
||||
nat = true,
|
||||
addresses = {external="8.8.8.8", internal=null}
|
||||
alias_ips = null
|
||||
}]
|
||||
'''
|
||||
_, resources = plan_runner(FIXTURES_DIR, network_interfaces=nics)
|
||||
|
|
|
@ -145,7 +145,7 @@ def ignition_configs(ctx=None):
|
|||
'create', 'ignition-configs',
|
||||
'--dir', str(ctx.obj['paths']['config_dir'])
|
||||
]
|
||||
env = {'GOOGLE_CREDENTIALS': ctx.obj['paths']['credentials']}
|
||||
env = {'GOOGLE_APPLICATION_CREDENTIALS': ctx.obj['paths']['credentials']}
|
||||
_run_installer(cmdline, env)
|
||||
|
||||
|
||||
|
@ -221,7 +221,7 @@ def manifests(ctx=None):
|
|||
'create', 'manifests',
|
||||
'--dir', str(ctx.obj['paths']['config_dir'])
|
||||
]
|
||||
env = {'GOOGLE_CREDENTIALS': ctx.obj['paths']['credentials']}
|
||||
env = {'GOOGLE_APPLICATION_CREDENTIALS': ctx.obj['paths']['credentials']}
|
||||
_run_installer(cmdline, env)
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue