From 98594d22b962f0bf5943d4477200e5d347dcc301 Mon Sep 17 00:00:00 2001 From: Bertrand Lanson Date: Sun, 14 Apr 2024 00:24:12 +0200 Subject: [PATCH] feat: add variable for configuring public DNS upstreams on subnets --- README.md | 1 + main.tf | 51 +++++++++++++++++++++++++++------------------------ variables.tf | 20 +++++++++----------- 3 files changed, 37 insertions(+), 35 deletions(-) diff --git a/README.md b/README.md index ae4ff53..014d2b2 100644 --- a/README.md +++ b/README.md @@ -63,6 +63,7 @@ No modules. | [project_domain](#input_project_domain) | The domain where this project will be created | `string` | `"default"` | no | | [project_name](#input_project_name) | The name of the project | `string` | n/a | yes | | [project_tags](#input_project_tags) | The tags to append to this project | `list(string)` | `[]` | no | +| [public_nameservers](#input_public_nameservers) | A list of public DNS servers to upstreams requests to in your subnets.
This is not necessary if your openstack deployment already has configured default upstreams for neutron. | `list(string)` | `[]` | no | | [public_subnetpool_id](#input_public_subnetpool_id) | The id of the subnetpool to create the public (first 2 tier) networks from.
Since this module can route private subnets to the backbone, it needs to make sure it's not creating overlapping subnets. | `string` | `null` | no | | [subnetpool_cidr_blocks](#input_subnetpool_cidr_blocks) | The CIDR block for the subnet pool | `list(string)` | 
[
  "192.168.0.0/21"
]
| no | diff --git a/main.tf b/main.tf index 39a9a35..2e6c668 100644 --- a/main.tf +++ b/main.tf @@ -58,36 +58,39 @@ resource "openstack_networking_network_v2" "database" { } resource "openstack_networking_subnet_v2" "frontend" { - count = var.architecture_tiers > 0 ? 1 : 0 - name = "${var.project_name}-frontend-subnet-${count.index + 1}" - description = "Terraform managed." - tenant_id = data.openstack_identity_project_v3.this.id - network_id = openstack_networking_network_v2.frontend[0].id - prefix_length = var.frontend_subnet_prefix_len - ip_version = 4 - subnetpool_id = var.create_subnetpool ? openstack_networking_subnetpool_v2.this[0].id : var.public_subnetpool_id + count = var.architecture_tiers > 0 ? 1 : 0 + name = "${var.project_name}-frontend-subnet-${count.index + 1}" + description = "Terraform managed." + tenant_id = data.openstack_identity_project_v3.this.id + network_id = openstack_networking_network_v2.frontend[0].id + prefix_length = var.frontend_subnet_prefix_len + ip_version = 4 + subnetpool_id = var.create_subnetpool ? openstack_networking_subnetpool_v2.this[0].id : var.public_subnetpool_id + dns_nameservers = var.public_nameservers } resource "openstack_networking_subnet_v2" "backend" { - count = var.architecture_tiers > 1 ? 1 : 0 - name = "${var.project_name}-backend-subnet-${count.index + 1}" - description = "Terraform managed." - tenant_id = data.openstack_identity_project_v3.this.id - network_id = openstack_networking_network_v2.backend[0].id - prefix_length = var.backend_subnet_prefix_len - ip_version = 4 - subnetpool_id = var.create_subnetpool ? openstack_networking_subnetpool_v2.this[0].id : var.public_subnetpool_id + count = var.architecture_tiers > 1 ? 1 : 0 + name = "${var.project_name}-backend-subnet-${count.index + 1}" + description = "Terraform managed." + tenant_id = data.openstack_identity_project_v3.this.id + network_id = openstack_networking_network_v2.backend[0].id + prefix_length = var.backend_subnet_prefix_len + ip_version = 4 + subnetpool_id = var.create_subnetpool ? openstack_networking_subnetpool_v2.this[0].id : var.public_subnetpool_id + dns_nameservers = var.public_nameservers } resource "openstack_networking_subnet_v2" "database" { - count = var.architecture_tiers == 3 ? 1 : 0 - name = "${var.project_name}-database-subnet-${count.index + 1}" - description = "Terraform managed." - tenant_id = data.openstack_identity_project_v3.this.id - network_id = openstack_networking_network_v2.database[0].id - prefix_length = var.database_subnet_prefix_len - ip_version = 4 - subnetpool_id = var.create_subnetpool ? openstack_networking_subnetpool_v2.this[0].id : var.database_subnetpool_id + count = var.architecture_tiers == 3 ? 1 : 0 + name = "${var.project_name}-database-subnet-${count.index + 1}" + description = "Terraform managed." + tenant_id = data.openstack_identity_project_v3.this.id + network_id = openstack_networking_network_v2.database[0].id + prefix_length = var.database_subnet_prefix_len + ip_version = 4 + subnetpool_id = var.create_subnetpool ? openstack_networking_subnetpool_v2.this[0].id : var.database_subnetpool_id + dns_nameservers = var.public_nameservers } #! router diff --git a/variables.tf b/variables.tf index 435971d..f5da099 100644 --- a/variables.tf +++ b/variables.tf @@ -100,6 +100,15 @@ variable "database_subnet_prefix_len" { } } +variable "public_nameservers" { + type = list(string) + description = <<-EOT + A list of public DNS servers to upstreams requests to in your subnets. + This is not necessary if your openstack deployment already has configured default upstreams for neutron. + EOT + default = [] +} + #! security variables variable "create_default_secgroups" { type = bool @@ -191,21 +200,10 @@ variable "external_network_id" { default = null } -# variable "external_subnet_id" { -# type = string -# description = "The id of the external subnet to connect the frontend router to." -# default = null -# } - locals { validate_external_network_id = ( var.architecture_tiers > 0 && var.attach_to_external && var.external_network_id == null ) ? tobool("Please pass in the external network ID to attach the frontend router to.") : true - # validate_external_subnet_id = ( - # var.architecture_tiers > 0 && - # var.attach_to_external && - # var.external_subnet_id == null - # ) ? tobool("Please pass in the external subnet ID to attach the frontend router to.") : true }