Skip to content

Commit 4e95d4f

Browse files
DuologicDamianSzymanski
Duologic
authored and
DamianSzymanski
committed
Add networking for Service k8s cluster
This also renames gce_net to gce_net_workers to show the distinction with gce_net_services.
1 parent 0c0190d commit 4e95d4f

File tree

18 files changed

+74
-5
lines changed

18 files changed

+74
-5
lines changed

gce-production-net-1/main.tf

+1-1
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ provider "aws" {}
6565
provider "heroku" {}
6666

6767
module "gce_net" {
68-
source = "../modules/gce_net"
68+
source = "../modules/gce_net_workers"
6969

7070
bastion_config = "${file("config/bastion.env")}"
7171
bastion_image = "${var.gce_bastion_image}"

gce-production-net-2/main.tf

+1-1
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ provider "aws" {}
6565
provider "heroku" {}
6666

6767
module "gce_net" {
68-
source = "../modules/gce_net"
68+
source = "../modules/gce_net_workers"
6969

7070
bastion_config = "${file("config/bastion.env")}"
7171
bastion_image = "${var.gce_bastion_image}"

gce-production-net-3/main.tf

+1-1
Original file line numberDiff line numberDiff line change
@@ -65,7 +65,7 @@ provider "aws" {}
6565
provider "heroku" {}
6666

6767
module "gce_net" {
68-
source = "../modules/gce_net"
68+
source = "../modules/gce_net_workers"
6969

7070
bastion_config = "${file("config/bastion.env")}"
7171
bastion_image = "${var.gce_bastion_image}"

gce-staging-net-1/main.tf

+1-1
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@ provider "aws" {}
6666
provider "heroku" {}
6767

6868
module "gce_net" {
69-
source = "../modules/gce_net"
69+
source = "../modules/gce_net_workers"
7070

7171
bastion_config = "${file("config/bastion.env")}"
7272
bastion_image = "${var.latest_gce_bastion_image}"

modules/gce_net_services/nat.tf

+34
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
resource "google_compute_address" "services_nat" {
2+
count = "${var.nat_ip_count}"
3+
name = "services-nat-ip-${count.index}"
4+
project = "${var.project}"
5+
}
6+
7+
resource "google_compute_router" "services_nat" {
8+
name = "router"
9+
project = "${var.project}"
10+
network = "${google_compute_network.main.self_link}"
11+
12+
bgp {
13+
asn = 64514
14+
}
15+
}
16+
17+
resource "google_compute_router_nat" "services_nat" {
18+
name = "services-nat"
19+
project = "${var.project}"
20+
21+
nat_ip_allocate_option = "MANUAL_ONLY"
22+
nat_ips = ["${google_compute_address.services_nat.*.self_link}"]
23+
router = "${google_compute_router.services_nat.name}"
24+
source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
25+
26+
subnetwork {
27+
name = "${google_compute_subnetwork.services.self_link}"
28+
source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
29+
}
30+
31+
log_config {
32+
enable = false
33+
}
34+
}

modules/gce_net_services/networks.tf

+21
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
resource "google_compute_network" "main" {
2+
name = "main"
3+
project = "${var.project}"
4+
auto_create_subnetworks = "false"
5+
}
6+
7+
resource "google_compute_subnetwork" "services" {
8+
name = "services"
9+
project = "${var.project}"
10+
ip_cidr_range = "${var.services_subnet_cidr_range}"
11+
network = "${google_compute_network.main.self_link}"
12+
enable_flow_logs = "true"
13+
}
14+
15+
output "main_network_name" {
16+
value = "${google_compute_network.main.name}"
17+
}
18+
19+
output "services_network_name" {
20+
value = "${google_compute_subnetwork.services.name}"
21+
}

modules/gce_net_services/variables.tf

+9
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
variable "project" {}
2+
3+
variable "nat_ip_count" {
4+
default = 1
5+
}
6+
7+
variable "services_subnet_cidr_range" {
8+
default = "10.80.0.0/16"
9+
}

modules/gce_net/bastion-cloud-config.yml.tpl renamed to modules/gce_net_workers/bastion-cloud-config.yml.tpl

File renamed without changes.

modules/gce_net/bastion-cloud-init.bash renamed to modules/gce_net_workers/bastion-cloud-init.bash

File renamed without changes.

modules/gce_net/bastion.tf renamed to modules/gce_net_workers/bastion.tf

File renamed without changes.

modules/gce_net/firewall.tf renamed to modules/gce_net_workers/firewall.tf

File renamed without changes.

modules/gce_net/nat-cloud-config.yml.tpl renamed to modules/gce_net_workers/nat-cloud-config.yml.tpl

File renamed without changes.

modules/gce_net/nat-cloud-init.bash renamed to modules/gce_net_workers/nat-cloud-init.bash

File renamed without changes.

modules/gce_net/nat.tf renamed to modules/gce_net_workers/nat.tf

File renamed without changes.

modules/gce_net/networks.tf renamed to modules/gce_net_workers/networks.tf

File renamed without changes.

modules/gce_net/output.tf renamed to modules/gce_net_workers/output.tf

File renamed without changes.

modules/gce_net/variables.tf renamed to modules/gce_net_workers/variables.tf

File renamed without changes.

travis-ci-prod-services-1/modules.tf

+6-1
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,11 @@ module "project" {
55
project_id = "${var.project_id}"
66
}
77

8-
# module "networking" {}
8+
module "networking" {
9+
source = "../modules/gce_net_services"
10+
11+
project = "${module.project.project_id}"
12+
}
13+
914
# module "kubernetes_cluster" {}
1015

0 commit comments

Comments
 (0)