slawek/gcp-simple-lz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Finished first version of network, network-peering and linux-vm modules.

Browse Source
This commit is contained in:
Sławek Koszewski
2025-03-31 10:10:39 +02:00
parent 6924f75c86
commit 93537e5da5
6 changed files with 145 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files
main.tf
+62 -11
View File
@@ -9,25 +9,76 @@ terraform {
provider "google" { provider "google" {
# Configuration options # Configuration options
region = var.region region = var.hub.region
zone = var.zone zone = var.hub.zone
project = var.project_id project = var.hub.project
} }
module "network" { module "hub_network" {
source = "./modules/network" source = "./modules/network"
name = var.network_name name = "${var.hub.name}-vpc"
subnets = var.subnets subnets = [{
name = "${var.hub.name}-network"
cidr = var.hub.cidr
region = var.hub.region
}]
} }
module "vm" { module "spoke_network" {
source = "./modules/network"
name = "${var.spoke.name}-vpc"
subnets = [
{
name = "${var.spoke.name}-network"
cidr = var.spoke.cidr
region = var.spoke.region
}
]
}
module "hub_to_spoke_peering" {
source = "./modules/network-peering"
left = {
project_id = var.hub.project
network_id = module.hub_network.id
network_name = module.hub_network.name
}
right = {
project_id = var.spoke.project
network_id = module.spoke_network.id
network_name = module.spoke_network.name
}
hub_spoke = true
depends_on = [
module.hub_network,
module.spoke_network
]
}
module "vm-hub" {
source = "./modules/linux-vm" source = "./modules/linux-vm"
name = "vm-test" name = "vm-${var.hub.name}"
network_name = var.network_name network_name = "${var.hub.name}-vpc"
subnet_name = var.subnets[0].name subnet_name = "${var.hub.name}-network"
ssh = var.ssh ssh = var.ssh
depends_on = [module.network] depends_on = [module.hub_network]
}
module "vm-spoke" {
source = "./modules/linux-vm"
name = "vm-${var.spoke.name}"
network_name = "${var.spoke.name}-vpc"
subnet_name = "${var.spoke.name}-network"
ssh = var.ssh
depends_on = [module.spoke_network]
} }
modules/network-peering/main.tf
+24
View File
@@ -0,0 +1,24 @@
# Peering
resource "google_compute_network_peering" "left_to_right" {
name = "${var.left.network_name}-to-${var.right.network_name}"
network = var.left.network_id
peer_network = var.right.network_id
export_custom_routes = true
import_custom_routes = var.hub_spoke ? false : true
export_subnet_routes_with_public_ip = true
import_subnet_routes_with_public_ip = var.hub_spoke ? false : true
}
resource "google_compute_network_peering" "right_to_left" {
name = "${var.right.network_name}-to-${var.left.network_name}"
network = var.right.network_id
peer_network = var.left.network_id
export_custom_routes = var.hub_spoke ? false : true
import_custom_routes = true
export_subnet_routes_with_public_ip = var.hub_spoke ? false : true
import_subnet_routes_with_public_ip = true
}
modules/network-peering/variables.tf
+23
View File
@@ -0,0 +1,23 @@
variable "left" {
description = "The left side of the peering connection."
type = object({
project_id = string
network_id = string
network_name = string
})
}
variable "right" {
description = "The right side of the peering connection."
type = object({
project_id = string
network_id = string
network_name = string
})
}
variable "hub_spoke" {
type = bool
default = false
description = "Set to true if the peering is hub-spoke."
}
modules/network/main.tf
+10 -10
View File
@@ -1,5 +1,5 @@
# VPC # VPC
resource "google_compute_network" "vpc_network" { resource "google_compute_network" "network" {
name = var.name name = var.name
auto_create_subnetworks = false auto_create_subnetworks = false
} }
@@ -10,21 +10,21 @@ resource "google_compute_subnetwork" "subnet" {
name = var.subnets[count.index].name name = var.subnets[count.index].name
ip_cidr_range = var.subnets[count.index].cidr ip_cidr_range = var.subnets[count.index].cidr
region = var.subnets[count.index].region != null ? var.subnets[count.index].region : var.subnets[0].region region = var.subnets[count.index].region != null ? var.subnets[count.index].region : var.subnets[0].region
network = google_compute_network.vpc_network.id network = google_compute_network.network.id
} }
# Cloud NAT # Cloud NAT
resource "google_compute_router" "cr" { resource "google_compute_router" "cr" {
name = "${var.name}-router" name = "${var.name}-router"
network = google_compute_network.vpc_network.id network = var.name
region = var.subnets[0].region
depends_on = [google_compute_network.network]
} }
resource "google_compute_router_nat" "name" { resource "google_compute_router_nat" "nat" {
name = "${var.name}-nat" name = "${var.name}-nat"
region = var.subnets[0].region router = google_compute_router.cr.name
router = google_compute_router.cr.name nat_ip_allocate_option = "AUTO_ONLY"
nat_ip_allocate_option = "AUTO_ONLY"
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
enable_dynamic_port_allocation = true enable_dynamic_port_allocation = true
} }
modules/network/outputs.tf
+9
View File
@@ -0,0 +1,9 @@
output "id" {
description = "The ID of the VPC network."
value = google_compute_network.network.id
}
output "name" {
description = "The name of the VPC network."
value = google_compute_network.network.name
}
variables.tf
+17 -40
View File
@@ -1,45 +1,21 @@
variable "project_id" { variable "hub" {
description = "The ID of the project." type = object({
type = string name = string
region = string
zone = string
project = string
cidr = string
})
} }
variable "region" { variable "spoke" {
description = "The region for the resources." type = object({
type = string name = string
default = "us-west1" region = string
} zone = string
project = string
variable "zone" { cidr = string
description = "The zone for the resources." })
type = string
default = "us-west1-a"
}
variable "network_name" {
description = "The name of the network."
type = string
default = "dom-lab-network"
}
variable "subnets" {
description = "A list of subnets to create."
type = list(object({
name = string
cidr = string
region = string
}))
default = [{
name = "waw-default"
cidr = "192.168.16.0/24"
region = "us-west1"
}]
validation {
condition = var.subnets[0].region != null
error_message = "The region for the first subnet must be specified."
}
} }
variable "ssh" { variable "ssh" {
@@ -48,6 +24,7 @@ variable "ssh" {
public_key = string public_key = string
ssh_user = string ssh_user = string
})) }))
default = [{ default = [{
public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1Z96CGdoNnbazs89cdnDLDdju6UtuKAZctEAmnEaAC" public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1Z96CGdoNnbazs89cdnDLDdju6UtuKAZctEAmnEaAC"
ssh_user = "slawek@1password" ssh_user = "slawek@1password"