a3295ae731 | ||
---|---|---|
.. | ||
README.md | ||
main.tf | ||
outputs.tf | ||
psc.tf | ||
variables.tf | ||
versions.tf |
README.md
Net Address Reservation Module
This module allows reserving Compute Engine external, global, and internal addresses. The module also supports managing VPC network attachments from service projects.
Examples
External and global addresses
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
external_addresses = {
one = { region = "europe-west1" }
two = {
region = "europe-west2"
tier = "STANDARD"
}
}
global_addresses = {
app-1 = {}
app-2 = {}
}
}
# tftest modules=1 resources=4 inventory=external.yaml e2e
Internal addresses
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
internal_addresses = {
ilb-1 = {
purpose = "SHARED_LOADBALANCER_VIP"
region = var.region
subnetwork = var.subnet.self_link
}
ilb-2 = {
address = "10.0.16.102"
region = var.region
subnetwork = var.subnet.self_link
}
}
}
# tftest modules=1 resources=2 inventory=internal.yaml e2e
IPv6 addresses
You can reserve both external and internal IPv6 addresses.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
external_addresses = {
nlb = {
region = var.region
subnetwork = module.vpc.subnets["${var.region}/ipv6-external"].self_link
ipv6 = {
endpoint_type = "NETLB"
}
}
}
internal_addresses = {
vm = {
ipv6 = {}
region = var.region
subnetwork = module.vpc.subnets["${var.region}/ipv6-internal"].self_link
}
}
}
# tftest modules=2 resources=7 fixtures=fixtures/net-vpc-ipv6.tf inventory=ipv6.yaml e2e
PSA addresses
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psa_addresses = {
cloudsql-mysql = {
address = "10.10.10.0"
network = var.vpc.self_link
prefix_length = 24
}
}
}
# tftest modules=1 resources=1 inventory=psa.yaml e2e
PSC addresses
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psc_addresses = {
one = {
address = "10.0.0.32"
network = var.vpc.self_link
}
}
}
# tftest modules=1 resources=1 inventory=psc.yaml e2e
To create PSC address targeting a service regional provider use the service_attachment
property.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
psc_addresses = {
cloudsql-one = {
address = "10.0.16.32"
subnet_self_link = var.subnet.self_link
region = var.region
service_attachment = {
psc_service_attachment_link = module.cloudsql-instance.psc_service_attachment_link
}
}
}
}
# tftest modules=2 resources=3 fixtures=fixtures/cloudsql-instance.tf inventory=psc-service-attachment.yaml e2e
IPSec Interconnect addresses
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
ipsec_interconnect_addresses = {
vpn-gw-range-1 = {
address = "10.255.255.0"
region = var.region
network = var.vpc.self_link
prefix_length = 29
}
vpn-gw-range-2 = {
address = "10.255.255.8"
region = var.region
network = var.vpc.self_link
prefix_length = 29
}
}
}
# tftest modules=1 resources=2 inventory=ipsec-interconnect.yaml e2e
PSC Network Attachments
The project where the network attachment is created must be either the VPC project, or a Shared VPC service project of the host owning the VPC.
module "addresses" {
source = "./fabric/modules/net-address"
project_id = var.project_id
network_attachments = {
gce-0 = {
subnet_self_link = (
"projects/net-host/regions/europe-west8/subnetworks/gce"
)
producer_accept_lists = [var.project_id]
}
}
}
# tftest modules=1 resources=1 inventory=network-attachments.yaml
Variables
name | description | type | required | default |
---|---|---|---|---|
project_id | Project where the addresses will be created. | string |
✓ | |
external_addresses | Map of external addresses, keyed by name. | map(object({…})) |
{} |
|
global_addresses | List of global addresses to create. | map(object({…})) |
{} |
|
internal_addresses | Map of internal addresses to create, keyed by name. | map(object({…})) |
{} |
|
ipsec_interconnect_addresses | Map of internal addresses used for HPA VPN over Cloud Interconnect. | map(object({…})) |
{} |
|
network_attachments | PSC network attachments, names as keys. | map(object({…})) |
{} |
|
psa_addresses | Map of internal addresses used for Private Service Access. | map(object({…})) |
{} |
|
psc_addresses | Map of internal addresses used for Private Service Connect. | map(object({…})) |
{} |
Outputs
name | description | sensitive |
---|---|---|
external_addresses | Allocated external addresses. | |
global_addresses | Allocated global external addresses. | |
internal_addresses | Allocated internal addresses. | |
ipsec_interconnect_addresses | Allocated internal addresses for HA VPN over Cloud Interconnect. | |
network_attachment_ids | IDs of network attachments. | |
psa_addresses | Allocated internal addresses for PSA endpoints. | |
psc_addresses | Allocated internal addresses for PSC endpoints. |