From 2b883d1eb55c105419603dcedff3564dbe2f9909 Mon Sep 17 00:00:00 2001 From: umeshkumhar Date: Tue, 9 Jan 2024 01:59:18 +0530 Subject: [PATCH] gcve network peering module --- examples/gcve-network-peering/main.tf | 39 ++++++++ examples/gcve-network-peering/outputs.tf | 26 +++++ .../terraform.tfvars.example | 34 +++++++ examples/gcve-network-peering/variables.tf | 96 +++++++++++++++++++ examples/gcve-network-peering/versions.tf | 27 ++++++ modules/gcve-network-peering/README.md | 76 +++++++++++++++ modules/gcve-network-peering/main.tf | 73 ++++++++++++++ modules/gcve-network-peering/outputs.tf | 27 ++++++ modules/gcve-network-peering/variables.tf | 96 +++++++++++++++++++ modules/gcve-network-peering/versions.tf | 27 ++++++ 10 files changed, 521 insertions(+) create mode 100644 examples/gcve-network-peering/main.tf create mode 100644 examples/gcve-network-peering/outputs.tf create mode 100644 examples/gcve-network-peering/terraform.tfvars.example create mode 100644 examples/gcve-network-peering/variables.tf create mode 100644 examples/gcve-network-peering/versions.tf create mode 100644 modules/gcve-network-peering/README.md create mode 100644 modules/gcve-network-peering/main.tf create mode 100644 modules/gcve-network-peering/outputs.tf create mode 100644 modules/gcve-network-peering/variables.tf create mode 100644 modules/gcve-network-peering/versions.tf diff --git a/examples/gcve-network-peering/main.tf b/examples/gcve-network-peering/main.tf new file mode 100644 index 0000000..b772b03 --- /dev/null +++ b/examples/gcve-network-peering/main.tf @@ -0,0 +1,39 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "gcve_network_peering" { + source = "../../modules/gcve-network-peering" + project_id = var.project_id + + gcve_peer_name = var.gcve_peer_name + gcve_peer_description = var.gcve_peer_description + peer_network_type = var.peer_network_type + + # vmware network + nw_name = var.nw_name + nw_location = var.nw_location + nw_project_id = var.nw_project_id + + # peer network configs + peer_nw_name = var.peer_nw_name + peer_nw_location = var.peer_nw_location + peer_nw_project_id = var.peer_nw_project_id + + peer_export_custom_routes = var.peer_export_custom_routes + peer_import_custom_routes = var.peer_import_custom_routes + peer_export_custom_routes_with_public_ip = var.peer_export_custom_routes_with_public_ip + peer_import_custom_routes_with_public_ip = var.peer_import_custom_routes_with_public_ip +} diff --git a/examples/gcve-network-peering/outputs.tf b/examples/gcve-network-peering/outputs.tf new file mode 100644 index 0000000..ff085cf --- /dev/null +++ b/examples/gcve-network-peering/outputs.tf @@ -0,0 +1,26 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +output "id" { + value = module.gcve_network_peering.id +} + +output "state" { + value = module.gcve_network_peering.state +} + +output "peering" { + value = module.gcve_network_peering.peering +} diff --git a/examples/gcve-network-peering/terraform.tfvars.example b/examples/gcve-network-peering/terraform.tfvars.example new file mode 100644 index 0000000..bcdbe12 --- /dev/null +++ b/examples/gcve-network-peering/terraform.tfvars.example @@ -0,0 +1,34 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +project_id = "umeshkumhar" +gcve_peer_name = "sample-network-peering" +gcve_peer_description = "Sample description" +peer_network_type = "STANDARD" + +nw_name = "pc1-network" +nw_location = "global" +nw_project_id = "umeshkumhar" + +peer_nw_name = "demo-network" +peer_nw_location = "global" +peer_nw_project_id = "another-gcp-project" + + +peer_export_custom_routes = true +peer_import_custom_routes = true +peer_export_custom_routes_with_public_ip = false +peer_import_custom_routes_with_public_ip = false diff --git a/examples/gcve-network-peering/variables.tf b/examples/gcve-network-peering/variables.tf new file mode 100644 index 0000000..d57068d --- /dev/null +++ b/examples/gcve-network-peering/variables.tf @@ -0,0 +1,96 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "project_id" { + type = string + description = "The ID of the project in which the resource belongs" +} + +variable "peer_network_type" { + type = string + description = "The type of the network to peer with the VMware Engine network. Possible values are: STANDARD, VMWARE_ENGINE_NETWORK, PRIVATE_SERVICES_ACCESS, NETAPP_CLOUD_VOLUMES, THIRD_PARTY_SERVICE, DELL_POWERSCALE." + + validation { + condition = contains(["STANDARD", "VMWARE_ENGINE_NETWORK", "PRIVATE_SERVICES_ACCESS", "NETAPP_CLOUD_VOLUMES", "THIRD_PARTY_SERVICE", "DELL_POWERSCALE"], var.peer_network_type) + error_message = "Valid values for var: peer_network_type are (STANDARD, VMWARE_ENGINE_NETWORK, PRIVATE_SERVICES_ACCESS, NETAPP_CLOUD_VOLUMES, THIRD_PARTY_SERVICE, DELL_POWERSCALE)." + } +} + +variable "nw_name" { + type = string + description = "The relative resource name of the VMware Engine network" +} + +variable "nw_location" { + type = string + description = "The relative resource location of the VMware Engine network" +} + +variable "nw_project_id" { + type = string + default = "The relative resource project of the VMware Engine network" +} + +variable "peer_nw_name" { + type = string + description = " The relative resource name of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network." +} + +variable "peer_nw_location" { + type = string + default = "global" + description = " The relative resource location of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network." +} + +variable "peer_nw_project_id" { + type = string + description = " The relative resource project of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network." +} + +variable "gcve_peer_name" { + type = string + description = "The ID of the Network Peering." +} + +variable "gcve_peer_description" { + type = string + default = "" + description = " User-provided description for this network peering." +} + +variable "peer_export_custom_routes" { + type = bool + default = true + description = "True if custom routes are exported to the peered network; false otherwise." +} + +variable "peer_import_custom_routes" { + type = bool + default = true + description = "True if custom routes are imported from the peered network; false otherwise." +} + +variable "peer_export_custom_routes_with_public_ip" { + type = bool + default = false + description = "True if all subnet routes with a public IP address range are exported; false otherwise" +} + +variable "peer_import_custom_routes_with_public_ip" { + type = bool + default = false + description = "True if custom routes are imported from the peered network; false otherwise." +} diff --git a/examples/gcve-network-peering/versions.tf b/examples/gcve-network-peering/versions.tf new file mode 100644 index 0000000..8a7e6ae --- /dev/null +++ b/examples/gcve-network-peering/versions.tf @@ -0,0 +1,27 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +terraform { + required_version = ">= 1.3.0" + + required_providers { + google = { + source = "hashicorp/google-beta" + version = ">= 4.71.0" + } + } +} + diff --git a/modules/gcve-network-peering/README.md b/modules/gcve-network-peering/README.md new file mode 100644 index 0000000..fb20623 --- /dev/null +++ b/modules/gcve-network-peering/README.md @@ -0,0 +1,76 @@ +# GCVE ESXi Cluster module + +This module contains the terraform to deploy an ESXi cluster into a private cloud + + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.3.0 | +| [google-beta](#requirement\_google-beta) | >= 4.71.0 | + +## Usage +Basic usage of this module is as follows: + +```hcl +module "example" { + source = "" + + # Required variables + gcve_peer_name = + nw_location = + nw_name = + peer_network_type = + peer_nw_name = + peer_nw_project_id = + project_id = + + # Optional variables + gcve_peer_description = "" + nw_project_id = "The relative resource project of the VMware Engine network" + peer_export_custom_routes = true + peer_export_custom_routes_with_public_ip = false + peer_import_custom_routes = true + peer_import_custom_routes_with_public_ip = false + peer_nw_location = "global" +} +``` + +## Resources + +| Name | Type | +|------|------| +| [google_vmwareengine_network_peering.peering](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/vmwareengine_network_peering) | resource | +| [google_compute_network.network-peering-peer-nw](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_network) | data source | +| [google_vmwareengine_network.network-peering-nw](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/vmwareengine_network) | data source | +| [google_vmwareengine_network.network-peering-peer-nw](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/vmwareengine_network) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [gcve\_peer\_description](#input\_gcve\_peer\_description) | User-provided description for this network peering. | `string` | `""` | no | +| [gcve\_peer\_name](#input\_gcve\_peer\_name) | The ID of the Network Peering. | `string` | n/a | yes | +| [nw\_location](#input\_nw\_location) | The relative resource location of the VMware Engine network | `string` | n/a | yes | +| [nw\_name](#input\_nw\_name) | The relative resource name of the VMware Engine network | `string` | n/a | yes | +| [nw\_project\_id](#input\_nw\_project\_id) | n/a | `string` | `"The relative resource project of the VMware Engine network"` | no | +| [peer\_export\_custom\_routes](#input\_peer\_export\_custom\_routes) | True if custom routes are exported to the peered network; false otherwise. | `bool` | `true` | no | +| [peer\_export\_custom\_routes\_with\_public\_ip](#input\_peer\_export\_custom\_routes\_with\_public\_ip) | True if all subnet routes with a public IP address range are exported; false otherwise | `bool` | `false` | no | +| [peer\_import\_custom\_routes](#input\_peer\_import\_custom\_routes) | True if custom routes are imported from the peered network; false otherwise. | `bool` | `true` | no | +| [peer\_import\_custom\_routes\_with\_public\_ip](#input\_peer\_import\_custom\_routes\_with\_public\_ip) | True if custom routes are imported from the peered network; false otherwise. | `bool` | `false` | no | +| [peer\_network\_type](#input\_peer\_network\_type) | The type of the network to peer with the VMware Engine network. Possible values are: STANDARD, VMWARE\_ENGINE\_NETWORK, PRIVATE\_SERVICES\_ACCESS, NETAPP\_CLOUD\_VOLUMES, THIRD\_PARTY\_SERVICE, DELL\_POWERSCALE. | `string` | n/a | yes | +| [peer\_nw\_location](#input\_peer\_nw\_location) | The relative resource location of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network. | `string` | `"global"` | no | +| [peer\_nw\_name](#input\_peer\_nw\_name) | The relative resource name of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network. | `string` | n/a | yes | +| [peer\_nw\_project\_id](#input\_peer\_nw\_project\_id) | The relative resource project of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network. | `string` | n/a | yes | +| [project\_id](#input\_project\_id) | he ID of the project in which the resource belongs | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| [id](#output\_id) | n/a | +| [peering](#output\_peering) | n/a | +| [state](#output\_state) | n/a | + + \ No newline at end of file diff --git a/modules/gcve-network-peering/main.tf b/modules/gcve-network-peering/main.tf new file mode 100644 index 0000000..20da851 --- /dev/null +++ b/modules/gcve-network-peering/main.tf @@ -0,0 +1,73 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +data "google_vmwareengine_network" "network-peering-nw" { + name = var.nw_name + location = var.nw_location + project = var.nw_project_id +} + +data "google_compute_network" "network-peering-peer-nw" { + count = var.peer_network_type == "STANDARD" ? 1 : 0 + name = var.peer_nw_name + project = var.peer_nw_project_id +} + +data "google_vmwareengine_network" "network-peering-peer-nw" { + count = var.peer_network_type == "VMWARE_ENGINE_NETWORK" ? 1 : 0 + name = var.peer_nw_name + location = var.peer_nw_location + project = var.peer_nw_project_id +} + +locals { + peer_network = ( + + var.peer_network_type == "VMWARE_ENGINE_NETWORK" ? + data.google_vmwareengine_network.network-peering-peer-nw[0].id : + + var.peer_network_type == "STANDARD" ? + data.google_compute_network.network-peering-peer-nw[0].id : + + var.peer_network_type == "PRIVATE_SERVICES_ACCESS" ? + "projects/${var.peer_nw_project_id}/global/networks/${var.peer_nw_name}" : + + var.peer_network_type == "NETAPP_CLOUD_VOLUMES" ? + "projects/${var.peer_nw_project_id}/global/networks/netapp-tenant-vpc" : + + var.peer_network_type == "THIRD_PARTY_SERVICE" ? + "projects/${var.peer_nw_project_id}/global/networks/${var.peer_nw_name}" : + + var.peer_network_type == "DELL_POWERSCALE" ? + "projects/${var.peer_nw_project_id}/global/networks/dellemc-tenant-vpc" : + + "Error: wrong peer network type" + ) +} + +resource "google_vmwareengine_network_peering" "peering" { + name = var.gcve_peer_name + description = var.gcve_peer_description + project = var.project_id + vmware_engine_network = data.google_vmwareengine_network.network-peering-nw.id + peer_network = local.peer_network + peer_network_type = var.peer_network_type + export_custom_routes = var.peer_export_custom_routes + import_custom_routes = var.peer_import_custom_routes + export_custom_routes_with_public_ip = var.peer_export_custom_routes_with_public_ip + import_custom_routes_with_public_ip = var.peer_import_custom_routes_with_public_ip +} diff --git a/modules/gcve-network-peering/outputs.tf b/modules/gcve-network-peering/outputs.tf new file mode 100644 index 0000000..e54da66 --- /dev/null +++ b/modules/gcve-network-peering/outputs.tf @@ -0,0 +1,27 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "id" { + value = google_vmwareengine_network_peering.peering.id +} + +output "state" { + value = google_vmwareengine_network_peering.peering.state_details +} + +output "peering" { + value = google_vmwareengine_network_peering.peering +} \ No newline at end of file diff --git a/modules/gcve-network-peering/variables.tf b/modules/gcve-network-peering/variables.tf new file mode 100644 index 0000000..d57068d --- /dev/null +++ b/modules/gcve-network-peering/variables.tf @@ -0,0 +1,96 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "project_id" { + type = string + description = "The ID of the project in which the resource belongs" +} + +variable "peer_network_type" { + type = string + description = "The type of the network to peer with the VMware Engine network. Possible values are: STANDARD, VMWARE_ENGINE_NETWORK, PRIVATE_SERVICES_ACCESS, NETAPP_CLOUD_VOLUMES, THIRD_PARTY_SERVICE, DELL_POWERSCALE." + + validation { + condition = contains(["STANDARD", "VMWARE_ENGINE_NETWORK", "PRIVATE_SERVICES_ACCESS", "NETAPP_CLOUD_VOLUMES", "THIRD_PARTY_SERVICE", "DELL_POWERSCALE"], var.peer_network_type) + error_message = "Valid values for var: peer_network_type are (STANDARD, VMWARE_ENGINE_NETWORK, PRIVATE_SERVICES_ACCESS, NETAPP_CLOUD_VOLUMES, THIRD_PARTY_SERVICE, DELL_POWERSCALE)." + } +} + +variable "nw_name" { + type = string + description = "The relative resource name of the VMware Engine network" +} + +variable "nw_location" { + type = string + description = "The relative resource location of the VMware Engine network" +} + +variable "nw_project_id" { + type = string + default = "The relative resource project of the VMware Engine network" +} + +variable "peer_nw_name" { + type = string + description = " The relative resource name of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network." +} + +variable "peer_nw_location" { + type = string + default = "global" + description = " The relative resource location of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network." +} + +variable "peer_nw_project_id" { + type = string + description = " The relative resource project of the network to peer with a standard VMware Engine network. The provided network can be a consumer VPC network or another standard VMware Engine network." +} + +variable "gcve_peer_name" { + type = string + description = "The ID of the Network Peering." +} + +variable "gcve_peer_description" { + type = string + default = "" + description = " User-provided description for this network peering." +} + +variable "peer_export_custom_routes" { + type = bool + default = true + description = "True if custom routes are exported to the peered network; false otherwise." +} + +variable "peer_import_custom_routes" { + type = bool + default = true + description = "True if custom routes are imported from the peered network; false otherwise." +} + +variable "peer_export_custom_routes_with_public_ip" { + type = bool + default = false + description = "True if all subnet routes with a public IP address range are exported; false otherwise" +} + +variable "peer_import_custom_routes_with_public_ip" { + type = bool + default = false + description = "True if custom routes are imported from the peered network; false otherwise." +} diff --git a/modules/gcve-network-peering/versions.tf b/modules/gcve-network-peering/versions.tf new file mode 100644 index 0000000..68ee22a --- /dev/null +++ b/modules/gcve-network-peering/versions.tf @@ -0,0 +1,27 @@ +/** + * Copyright 2023 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +terraform { + required_version = ">= 1.3.0" + + required_providers { + google-beta = { + source = "hashicorp/google-beta" + version = ">= 4.71.0" + } + } +} +