diff --git a/README.md b/README.md
index 3181faf..644e8d6 100644
--- a/README.md
+++ b/README.md
@@ -70,6 +70,7 @@ No modules.
| [database_subnetpool_id](#input_database_subnetpool_id) | The id of the subnetpool to create the databse network from.
Since this module can route private subnets to the backbone, it needs to make sure it's not creating overlapping subnets. | `string` | `null` | no |
| [external_network_id](#input_external_network_id) | The id of the external network to connect the frontend router to. | `string` | `null` | no |
| [frontend_subnet_prefix_len](#input_frontend_subnet_prefix_len) | The prefix length of the frontend subnet. Must be between 20 and 32. | `number` | `24` | no |
+| [network_internal_domain_name](#input_network_internal_domain_name) | The domain name to use for dns resolution inside the private networks | `string` | `null` | no |
| [project_domain](#input_project_domain) | The domain where this project will be created | `string` | `"default"` | no |
| [project_name](#input_project_name) | The name of the project | `string` | n/a | yes |
| [project_tags](#input_project_tags) | The tags to append to this project | `list(string)` | `[]` | no |
diff --git a/main.tf b/main.tf
index aec813d..8011391 100644
--- a/main.tf
+++ b/main.tf
@@ -28,6 +28,7 @@ resource "openstack_networking_subnetpool_v2" "apps" {
is_default = false
ip_version = 4
prefixes = var.application_subnetpool_cidr_blocks
+ tags = var.project_tags
}
resource "openstack_networking_subnetpool_v2" "database" {
@@ -36,37 +37,44 @@ resource "openstack_networking_subnetpool_v2" "database" {
is_default = false
ip_version = 4
prefixes = var.database_subnetpool_cidr_blocks
+ tags = var.project_tags
}
#! networks & subnets
resource "openstack_networking_network_v2" "frontend" {
count = var.architecture_tiers > 0 ? 1 : 0
name = "${local.resource_prefix}-frontend-network"
+ dns_domain = var.network_internal_domain_name
description = "Terraform managed."
tenant_id = data.openstack_identity_project_v3.this.id
shared = false
admin_state_up = "true"
mtu = 1450
+ tags = var.project_tags
}
resource "openstack_networking_network_v2" "backend" {
count = var.architecture_tiers > 1 ? 1 : 0
name = "${local.resource_prefix}-backend-network"
+ dns_domain = var.network_internal_domain_name
description = "Terraform managed."
tenant_id = data.openstack_identity_project_v3.this.id
shared = false
admin_state_up = "true"
mtu = 1450
+ tags = var.project_tags
}
resource "openstack_networking_network_v2" "database" {
count = var.architecture_tiers == 3 ? 1 : 0
name = "${local.resource_prefix}-database-network"
+ dns_domain = var.network_internal_domain_name
description = "Terraform managed."
tenant_id = data.openstack_identity_project_v3.this.id
shared = false
admin_state_up = "true"
mtu = 1450
+ tags = var.project_tags
}
resource "openstack_networking_subnet_v2" "frontend" {
@@ -79,6 +87,7 @@ resource "openstack_networking_subnet_v2" "frontend" {
ip_version = 4
subnetpool_id = var.create_application_subnetpool ? openstack_networking_subnetpool_v2.apps[0].id : var.application_subnetpool_id
dns_nameservers = var.public_nameservers
+ tags = var.project_tags
}
resource "openstack_networking_subnet_v2" "backend" {
@@ -91,6 +100,7 @@ resource "openstack_networking_subnet_v2" "backend" {
ip_version = 4
subnetpool_id = var.create_application_subnetpool ? openstack_networking_subnetpool_v2.apps[0].id : var.application_subnetpool_id
dns_nameservers = var.public_nameservers
+ tags = var.project_tags
}
resource "openstack_networking_subnet_v2" "database" {
@@ -103,6 +113,7 @@ resource "openstack_networking_subnet_v2" "database" {
ip_version = 4
subnetpool_id = var.create_application_subnetpool ? openstack_networking_subnetpool_v2.database[0].id : var.database_subnetpool_id
dns_nameservers = var.public_nameservers
+ tags = var.project_tags
}
#! router
@@ -113,6 +124,7 @@ resource "openstack_networking_router_v2" "this" {
tenant_id = data.openstack_identity_project_v3.this.id
external_network_id = var.attach_to_external ? var.external_network_id : null
admin_state_up = true
+ tags = var.project_tags
}
resource "openstack_networking_router_interface_v2" "frontend" {
@@ -144,6 +156,7 @@ resource "openstack_networking_secgroup_v2" "frontend" {
description = "Terraform managed."
tenant_id = data.openstack_identity_project_v3.this.id
delete_default_rules = true
+ tags = var.project_tags
}
resource "openstack_networking_secgroup_rule_v2" "frontend_egress" {
@@ -179,6 +192,7 @@ resource "openstack_networking_secgroup_v2" "backend" {
description = "Terraform managed."
tenant_id = data.openstack_identity_project_v3.this.id
delete_default_rules = true
+ tags = var.project_tags
}
resource "openstack_networking_secgroup_rule_v2" "backend_egress" {
@@ -214,6 +228,7 @@ resource "openstack_networking_secgroup_v2" "database" {
description = "Terraform managed."
tenant_id = data.openstack_identity_project_v3.this.id
delete_default_rules = true
+ tags = var.project_tags
}
resource "openstack_networking_secgroup_rule_v2" "database_egress" {
diff --git a/tests/module/README.md b/tests/module/README.md
index 39d0f93..8785b30 100644
--- a/tests/module/README.md
+++ b/tests/module/README.md
@@ -47,6 +47,7 @@
| [database_subnetpool_cidr_blocks](#input_database_subnetpool_cidr_blocks) | The CIDR blocks for the database subnet pool | `list(string)` | [
"192.168.8.0/23"
]
| no |
| [database_subnetpool_id](#input_database_subnetpool_id) | The id of the subnetpool to create the databse network from.
Since this module can route private subnets to the backbone, it needs to make sure it's not creating overlapping subnets. | `string` | `null` | no |
| [frontend_subnet_prefix_len](#input_frontend_subnet_prefix_len) | The prefix length of the frontend subnet. Must be between 20 and 32. | `number` | `24` | no |
+| [network_internal_domain_name](#input_network_internal_domain_name) | The domain name to use for dns resolution inside the private networks | `string` | `null` | no |
| [project_domain](#input_project_domain) | The domain where this project will be created | `string` | `"default"` | no |
| [project_tags](#input_project_tags) | The tags to append to this project | `list(string)` | `[]` | no |
| [public_nameservers](#input_public_nameservers) | A list of public DNS servers to upstreams requests to in your subnets.
This is not necessary if your openstack deployment already has configured default upstreams for neutron. | `list(string)` | `[]` | no |
diff --git a/tests/module/variables.tf b/tests/module/variables.tf
index 89032c6..1a1c878 100644
--- a/tests/module/variables.tf
+++ b/tests/module/variables.tf
@@ -70,6 +70,12 @@ variable "database_subnetpool_cidr_blocks" {
}
#! networking variables
+variable "network_internal_domain_name" {
+ type = string
+ description = "The domain name to use for dns resolution inside the private networks"
+ default = null
+}
+
variable "frontend_subnet_prefix_len" {
type = number
description = "The prefix length of the frontend subnet. Must be between 20 and 32."
diff --git a/variables.tf b/variables.tf
index 648d06b..2fdf404 100644
--- a/variables.tf
+++ b/variables.tf
@@ -79,6 +79,12 @@ variable "database_subnetpool_cidr_blocks" {
}
#! networking variables
+variable "network_internal_domain_name" {
+ type = string
+ description = "The domain name to use for dns resolution inside the private networks"
+ default = null
+}
+
variable "frontend_subnet_prefix_len" {
type = number
description = "The prefix length of the frontend subnet. Must be between 20 and 32."