zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/modules/net-vpc-peering/README.md

4.3 KiB
Raw Permalink Blame History

Google Network Peering

This module allows creation of a VPC Network Peering between two networks.

The resources created/managed by this module are:

  • one network peering from local network to peer network
  • one network peering from peer network to local network

Examples

Basic Usage

Basic usage of this module is as follows:

module "peering" {
  source        = "./fabric/modules/net-vpc-peering"
  prefix        = "name-prefix"
  local_network = "projects/project-1/global/networks/vpc-1"
  peer_network  = "projects/project-1/global/networks/vpc-2"
}
# tftest modules=1 resources=2

Multiple Peerings

If you need to create more than one peering for the same VPC Network (A -> B, A -> C) you use a depends_on for second one to keep order of peering creation (It is not currently possible to create more than one peering connection for a VPC Network at the same time).

module "peering-a-b" {
  source        = "./fabric/modules/net-vpc-peering"
  prefix        = "name-prefix"
  local_network = "projects/project-a/global/networks/vpc-a"
  peer_network  = "projects/project-b/global/networks/vpc-b"
}

module "peering-a-c" {
  source        = "./fabric/modules/net-vpc-peering"
  prefix        = "name-prefix"
  local_network = "projects/project-a/global/networks/vpc-a"
  peer_network  = "projects/project-c/global/networks/vpc-c"
  depends_on    = [module.peering-a-b]
}
# tftest modules=2 resources=4

Route Configuration

You can control export/import of routes in both the local and peer via the routes_config variable. Defaults are to import and export from both sides, when the peer side only configured if the peering is managed by the module via peer_create_peering.

module "peering" {
  source        = "./fabric/modules/net-vpc-peering"
  prefix        = "name-prefix"
  local_network = "projects/project-1/global/networks/vpc-1"
  peer_network  = "projects/project-1/global/networks/vpc-2"
  routes_config = {
    local = {
      import = false
    }
  }
}
# tftest modules=1 resources=2  inventory=route-config.yaml

Variables

name description type required default
local_network Resource link of the network to add a peering to. string
peer_network Resource link of the peer network. string
peer_create_peering Create the peering on the remote side. If false, only the peering from this network to the remote network is created. bool true
prefix Optional name prefix for the network peerings. string null
routes_config Control import/export for local and remote peer. Remote configuration is only used when creating remote peering. object({…}) {}
stack_type IP version(s) of traffic and routes that are allowed to be imported or exported between peer networks. Possible values: IPV4_ONLY, IPV4_IPV6. string null

Outputs

name description sensitive
local_network_peering Network peering resource.
peer_network_peering Peer network peering resource.