39b27ac25e
* first commit * Bump provider versions * Fix tests |
||
|---|---|---|
| .. | ||
| README.md | ||
| main.tf | ||
| output.tf | ||
| variables.tf | ||
| versions.tf | ||
README.md
VLAN Attachment module
This module allows for the provisioning of VLAN Attachments created from Dedicated Interconnect connections.
Examples
Single VLAN Attachment (No SLA)
resource "google_compute_router" "interconnect-router" {
name = "interconnect-router"
network = "mynet"
project = "myproject"
region = "europe-west8"
bgp {
advertise_mode = "CUSTOM"
asn = 64514
advertised_groups = ["ALL_SUBNETS"]
advertised_ip_ranges {
range = "10.255.255.0/24"
}
advertised_ip_ranges {
range = "192.168.255.0/24"
}
}
}
module "example-va" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
network = "mynet"
project_id = "myproject"
region = "europe-west8"
name = "vlan-attachment"
bandwidth = "BPS_10G"
bgp_range = "169.254.0.0/30"
description = "Example vlan attachment"
interconnect = "interconnect-a"
peer_asn = "65000"
router_config = {
create = false
name = google_compute_router.interconnect-router.id
}
vlan_tag = 12345
}
# tftest modules=1 resources=4
Two VLAN Attachments on a single region (99.9% SLA)
resource "google_compute_router" "interconnect-router" {
name = "interconnect-router"
network = "mynet"
project = "myproject"
region = "europe-west8"
bgp {
asn = 64514
advertise_mode = "CUSTOM"
advertised_groups = ["ALL_SUBNETS"]
advertised_ip_ranges {
range = "10.255.255.0/24"
}
advertised_ip_ranges {
range = "192.168.255.0/24"
}
}
}
module "example-va-a" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
network = "mynet"
project_id = "myproject"
region = "europe-west8"
name = "vlan-attachment-a"
bandwidth = "BPS_10G"
bgp_range = "169.254.0.0/30"
description = "interconnect-a vlan attachment 0"
interconnect = "interconnect-a"
peer_asn = "65000"
router_config = {
create = false
name = google_compute_router.interconnect-router.id
}
vlan_tag = 1001
}
module "example-va-b" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
network = "mynet"
project_id = "myproject"
region = "europe-west8"
name = "vlan-attachment-b"
bandwidth = "BPS_10G"
bgp_range = "169.254.0.4/30"
description = "interconnect-b vlan attachment 0"
interconnect = "interconnect-b"
peer_asn = "65000"
router_config = {
create = false
name = google_compute_router.interconnect-router.id
}
vlan_tag = 1002
}
# tftest modules=2 resources=7
Four VLAN Attachments on two regions (99.99% SLA)
resource "google_compute_router" "interconnect-router-ew8" {
name = "interconnect-router-ew8"
network = "mynet"
project = "myproject"
region = "europe-west8"
bgp {
asn = 64514
advertise_mode = "CUSTOM"
advertised_groups = ["ALL_SUBNETS"]
advertised_ip_ranges {
range = "10.255.255.0/24"
}
advertised_ip_ranges {
range = "192.168.255.0/24"
}
}
}
resource "google_compute_router" "interconnect-router-ew12" {
name = "interconnect-router-ew12"
network = "mynet"
project = "myproject"
region = "europe-west12"
bgp {
asn = 64514
advertise_mode = "CUSTOM"
advertised_groups = ["ALL_SUBNETS"]
advertised_ip_ranges {
range = "10.255.255.0/24"
}
advertised_ip_ranges {
range = "192.168.255.0/24"
}
}
}
module "example-va-a-ew8" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
network = "mynet"
project_id = "myproject"
region = "europe-west8"
name = "vlan-attachment-a-ew8"
bandwidth = "BPS_10G"
bgp_range = "169.254.0.0/30"
description = "interconnect-a-ew8 vlan attachment 0"
interconnect = "interconnect-a-ew8"
peer_asn = "65000"
router_config = {
create = false
name = google_compute_router.interconnect-router-ew8.id
}
vlan_tag = 1001
}
module "example-va-b-ew8" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
network = "mynet"
project_id = "myproject"
region = "europe-west8"
name = "vlan-attachment-b-ew8"
bandwidth = "BPS_10G"
bgp_range = "169.254.0.4/30"
description = "interconnect-b-ew8 vlan attachment 0"
interconnect = "interconnect-b-ew8"
peer_asn = "65000"
router_config = {
create = false
name = google_compute_router.interconnect-router-ew8.id
}
vlan_tag = 1002
}
module "example-va-a-ew12" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
network = "mynet"
project_id = "myproject"
region = "europe-west12"
name = "vlan-attachment-a-ew12"
bandwidth = "BPS_10G"
bgp_range = "169.254.1.0/30"
description = "interconnect-a-ew12 vlan attachment 0"
interconnect = "interconnect-a-ew12"
peer_asn = "65000"
router_config = {
create = false
name = google_compute_router.interconnect-router-ew12.id
}
vlan_tag = 1003
}
module "example-va-b-ew12" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
network = "mynet"
project_id = "myproject"
region = "europe-west12"
name = "vlan-attachment-b-ew12"
bandwidth = "BPS_10G"
bgp_range = "169.254.1.4/30"
description = "interconnect-b-ew12 vlan attachment 0"
interconnect = "interconnect-b-ew12"
peer_asn = "65000"
router_config = {
create = false
name = google_compute_router.interconnect-router-ew12.id
}
vlan_tag = 1004
}
# tftest modules=4 resources=14
IPSec over Interconnect enabled setup
Refer to the HA VPN over Interconnect Blueprint for an all-encompassing example.
resource "google_compute_router" "encrypted-interconnect-underlay-router-ew8" {
name = "encrypted-interconnect-underlay-router-ew8"
project = "myproject"
network = "mynet"
region = "europe-west8"
encrypted_interconnect_router = true
bgp {
advertise_mode = "DEFAULT"
asn = 64514
}
}
module "example-va-a" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
project_id = "myproject"
network = "mynet"
region = "europe-west8"
name = "encrypted-vlan-attachment-a"
bandwidth = "BPS_10G"
bgp_range = "169.254.0.0/30"
description = "example-va-a vlan attachment"
interconnect = "interconnect-a"
peer_asn = "65001"
router_config = {
create = false
name = google_compute_router.encrypted-interconnect-underlay-router-ew8.id
}
vlan_tag = 1001
vpn_gateways_ip_range = "10.255.255.0/29" # Allows for up to 8 tunnels
}
module "example-va-b" {
source = "./fabric/modules/net-dedicated-vlan-attachment"
project_id = "myproject"
network = "mynet"
region = "europe-west8"
name = "encrypted-vlan-attachment-b"
bandwidth = "BPS_10G"
bgp_range = "169.254.0.4/30"
description = "example-va-b vlan attachment"
interconnect = "interconnect-b"
peer_asn = "65001"
router_config = {
create = false
name = google_compute_router.encrypted-interconnect-underlay-router-ew8.id
}
vlan_tag = 1002
vpn_gateways_ip_range = "10.255.255.8/29" # Allows for up to 8 tunnels
}
# tftest modules=2 resources=9
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| description | VLAN attachment description. | string |
✓ | |
| interconnect | The identifier of the interconnect the VLAN attachment binds to. | string |
✓ | |
| name | The common resources name, used after resource type prefix and suffix. | string |
✓ | |
| network | The VPC name to which resources are associated to. | string |
✓ | |
| peer_asn | The on-premises underlay router ASN. | string |
✓ | |
| project_id | The project id where resources are created. | string |
✓ | |
| region | The region where resources are created. | string |
✓ | |
| router_config | Cloud Router configuration for the VPN. If you want to reuse an existing router, set create to false and use name to specify the desired router. | object({…}) |
✓ | |
| vlan_tag | The VLAN id to be used for this VLAN attachment. | number |
✓ | |
| admin_enabled | Whether the VLAN attachment is enabled. | bool |
true |
|
| bandwidth | The bandwidth assigned to the VLAN attachment (e.g. BPS_10G). | string |
"BPS_10G" |
|
| bgp_range | The underlay link-local IP range (in CIDR notation). | string |
"169.254.128.0/29" |
|
| ipsec_gateway_ip_ranges | IPSec Gateway IP Ranges. | map(string) |
{} |
|
| mtu | The MTU associated to the VLAN attachment (1440 / 1500). | number |
1500 |
|
| vpn_gateways_ip_range | The IP range (cidr notation) to be used for the GCP VPN gateways. If null IPSec over Interconnect is not enabled. | string |
null |