Skip to content

Commit

Permalink
Move net-dedicated-vlan-attachment module to net-vlan-attachment and …
Browse files Browse the repository at this point in the history
…added support for Partner interconnect
  • Loading branch information
apichick committed Jun 12, 2023
1 parent 6e4efda commit 500179f
Show file tree
Hide file tree
Showing 9 changed files with 580 additions and 347 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ The current list of modules supports most of the core foundational and networkin
Currently available modules:

- **foundational** - [billing budget](./modules/billing-budget), [Cloud Identity group](./modules/cloud-identity-group/), [folder](./modules/folder), [service accounts](./modules/iam-service-account), [logging bucket](./modules/logging-bucket), [organization](./modules/organization), [project](./modules/project), [projects-data-source](./modules/projects-data-source)
- **networking** - [DNS](./modules/dns), [DNS Response Policy](./modules/dns-response-policy/), [Cloud Endpoints](./modules/endpoints), [address reservation](./modules/net-address), [NAT](./modules/net-cloudnat), [Dedicated VLAN Attachment](./modules/net-dedicated-vlan-attachment/), [Global Load Balancer (classic)](./modules/net-glb/), [L4 ILB](./modules/net-ilb), [L7 ILB](./modules/net-ilb-l7), [IPSec over Interconnect](./modules/net-ipsec-over-interconnect), [Network LB](./modules/net-nlb), [VPC](./modules/net-vpc), [VPC firewall](./modules/net-vpc-firewall), [VPC firewall policy](./modules/net-vpc-firewall-policy), [VPC peering](./modules/net-vpc-peering), [VPN dynamic](./modules/net-vpn-dynamic), [HA VPN](./modules/net-vpn-ha), [VPN static](./modules/net-vpn-static), [Service Directory](./modules/service-directory)
- **networking** - [DNS](./modules/dns), [DNS Response Policy](./modules/dns-response-policy/), [Cloud Endpoints](./modules/endpoints), [address reservation](./modules/net-address), [NAT](./modules/net-cloudnat), [VLAN Attachment](./modules/net-vlan-attachment/), [Global Load Balancer (classic)](./modules/net-glb/), [L4 ILB](./modules/net-ilb), [L7 ILB](./modules/net-ilb-l7), [IPSec over Interconnect](./modules/net-ipsec-over-interconnect), [Network LB](./modules/net-nlb), [VPC](./modules/net-vpc), [VPC firewall](./modules/net-vpc-firewall), [VPC firewall policy](./modules/net-vpc-firewall-policy), [VPC peering](./modules/net-vpc-peering), [VPN dynamic](./modules/net-vpn-dynamic), [HA VPN](./modules/net-vpn-ha), [VPN static](./modules/net-vpn-static), [Service Directory](./modules/service-directory)
- **compute** - [VM/VM group](./modules/compute-vm), [MIG](./modules/compute-mig), [COS container](./modules/cloud-config-container/cos-generic-metadata/) (coredns, mysql, onprem, squid), [GKE cluster](./modules/gke-cluster-standard), [GKE hub](./modules/gke-hub), [GKE nodepool](./modules/gke-nodepool)
- **data** - [AlloyDB instance](./modules/alloydb-instance), [BigQuery dataset](./modules/bigquery-dataset), [Bigtable instance](./modules/bigtable-instance), [Cloud Dataplex](./modules/cloud-dataplex), [Cloud SQL instance](./modules/cloudsql-instance), [Data Catalog Policy Tag](./modules/data-catalog-policy-tag), [Datafusion](./modules/datafusion), [Dataproc](./modules/dataproc), [GCS](./modules/gcs), [Pub/Sub](./modules/pubsub)
- **development** - [API Gateway](./modules/api-gateway), [Apigee](./modules/apigee), [Artifact Registry](./modules/artifact-registry), [Container Registry](./modules/container-registry), [Cloud Source Repository](./modules/source-repository)
Expand Down
48 changes: 26 additions & 22 deletions blueprints/networking/ha-vpn-over-interconnect/underlay.tf
Original file line number Diff line number Diff line change
Expand Up @@ -27,39 +27,43 @@ resource "google_compute_router" "encrypted-interconnect-underlay-router" {
}

module "va-a" {
source = "../../../modules/net-dedicated-vlan-attachment"
project_id = var.project_id
network = var.network
region = var.region
name = "${var.underlay_config.attachments.a.base_name}-a"
bandwidth = var.underlay_config.attachments.a.bandwidth
bgp_range = var.underlay_config.attachments.a.bgp_range
description = "Encrypted VLAN Attachment ${var.underlay_config.attachments.a.base_name}-a"
interconnect = var.underlay_config.attachments.a.interconnect_self_link
peer_asn = var.underlay_config.attachments.a.onprem_asn
source = "../../../modules/net-vlan-attachment"
project_id = var.project_id
network = var.network
region = var.region
name = "${var.underlay_config.attachments.a.base_name}-a"
description = "Encrypted VLAN Attachment ${var.underlay_config.attachments.a.base_name}-a"
peer_asn = var.underlay_config.attachments.a.onprem_asn
router_config = {
create = false
name = google_compute_router.encrypted-interconnect-underlay-router.name
}
vlan_tag = var.underlay_config.attachments.a.vlan_tag
dedicated_interconnect_config = {
bandwidth = var.underlay_config.attachments.a.bandwidth
bgp_range = var.underlay_config.attachments.a.bgp_range
interconnect = var.underlay_config.attachments.a.interconnect_self_link
vlan_tag = var.underlay_config.attachments.a.vlan_tag
}
vpn_gateways_ip_range = var.underlay_config.attachments.a.vpn_gateways_ip_range
}

module "va-b" {
source = "../../../modules/net-dedicated-vlan-attachment"
project_id = var.project_id
network = var.network
region = var.region
name = "${var.underlay_config.attachments.a.base_name}-b"
bandwidth = var.underlay_config.attachments.b.bandwidth
bgp_range = var.underlay_config.attachments.b.bgp_range
description = "Encrypted VLAN Attachment ${var.underlay_config.attachments.a.base_name}-b"
interconnect = var.underlay_config.attachments.b.interconnect_self_link
peer_asn = var.underlay_config.attachments.b.onprem_asn
source = "../../../modules/net-vlan-attachment"
project_id = var.project_id
network = var.network
region = var.region
name = "${var.underlay_config.attachments.a.base_name}-b"
description = "Encrypted VLAN Attachment ${var.underlay_config.attachments.a.base_name}-b"
peer_asn = var.underlay_config.attachments.b.onprem_asn
router_config = {
create = false
name = google_compute_router.encrypted-interconnect-underlay-router.name
}
vlan_tag = var.underlay_config.attachments.b.vlan_tag
dedicated_interconnect_config = {
bandwidth = var.underlay_config.attachments.b.bandwidth
bgp_range = var.underlay_config.attachments.b.bgp_range
interconnect = var.underlay_config.attachments.b.interconnect_self_link
vlan_tag = var.underlay_config.attachments.b.vlan_tag
}
vpn_gateways_ip_range = var.underlay_config.attachments.b.vpn_gateways_ip_range
}
299 changes: 0 additions & 299 deletions modules/net-dedicated-vlan-attachment/README.md

This file was deleted.

2 changes: 1 addition & 1 deletion modules/net-ipsec-over-interconnect/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

This module allows for the provisioning of [HA VPN over Interconnect](https://cloud.google.com/network-connectivity/docs/interconnect/concepts/ha-vpn-interconnect?hl=it). Specifically, this module creates a VPN gateway, a configurable number of tunnels, and all the resources required to established IPSec and BGP with the peer routers.

The required pair of encrypted VLAN Attachments can be created leveraging the [net-dedicated-vlan-attachment](../net-dedicated-vlan-attachment/) module, as shown in the [IoIC Blueprint](../../blueprints/networking/ha-vpn-over-interconnect/).
The required pair of encrypted VLAN Attachments can be created leveraging the [net-vlan-attachment](../net-vlan-attachment/) module, as shown in the [IoIC Blueprint](../../blueprints/networking/ha-vpn-over-interconnect/).

## Examples

Expand Down
Loading

0 comments on commit 500179f

Please sign in to comment.