Skip to content

Commit

Permalink
fix errors, add mtu
Browse files Browse the repository at this point in the history
  • Loading branch information
@ludoo
ludoo committed Jan 9, 2025
1 parent 217df43 commit c04ead0
Show file tree
Hide file tree
Showing 15 changed files with 31 additions and 20 deletions.
4 changes: 2 additions & 2 deletions fast/stages/2-networking-a-simple/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -516,8 +516,8 @@ DNS configurations are centralised in the `dns-*.tf` files. Spokes delegate DNS
| [spoke_configs](variables.tf#L122) | Spoke connectivity configurations. | <code title="object&#40;&#123;&#10; ncc_configs &#61; optional&#40;object&#40;&#123;&#10; export_psc &#61; optional&#40;bool, true&#41;&#10; dev &#61; optional&#40;object&#40;&#123;&#10; exclude_export_ranges &#61; list&#40;string&#41;&#10; &#125;&#41;, &#123;&#10; exclude_export_ranges &#61; &#91;&#93;&#10; &#125;&#41;&#10; prod &#61; optional&#40;object&#40;&#123;&#10; exclude_export_ranges &#61; list&#40;string&#41;&#10; &#125;&#41;, &#123;&#10; exclude_export_ranges &#61; &#91;&#93;&#10; &#125;&#41;&#10; &#125;&#41;&#41;&#10; peering_configs &#61; optional&#40;object&#40;&#123;&#10; dev &#61; optional&#40;object&#40;&#123;&#10; export &#61; optional&#40;bool, true&#41;&#10; import &#61; optional&#40;bool, true&#41;&#10; public_export &#61; optional&#40;bool&#41;&#10; public_import &#61; optional&#40;bool&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; prod &#61; optional&#40;object&#40;&#123;&#10; export &#61; optional&#40;bool, true&#41;&#10; import &#61; optional&#40;bool, true&#41;&#10; public_export &#61; optional&#40;bool&#41;&#10; public_import &#61; optional&#40;bool&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;&#41;&#10; vpn_configs &#61; optional&#40;object&#40;&#123;&#10; dev &#61; optional&#40;object&#40;&#123;&#10; asn &#61; optional&#40;number, 65501&#41;&#10; custom_advertise &#61; optional&#40;object&#40;&#123;&#10; all_subnets &#61; bool&#10; ip_ranges &#61; map&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; landing &#61; optional&#40;object&#40;&#123;&#10; asn &#61; optional&#40;number, 65500&#41;&#10; custom_advertise &#61; optional&#40;object&#40;&#123;&#10; all_subnets &#61; bool&#10; ip_ranges &#61; map&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; prod &#61; optional&#40;object&#40;&#123;&#10; asn &#61; optional&#40;number, 65502&#41;&#10; custom_advertise &#61; optional&#40;object&#40;&#123;&#10; all_subnets &#61; bool&#10; ip_ranges &#61; map&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; peering_configs &#61; &#123;&#125;&#10;&#125;">&#123;&#8230;&#125;</code> | |
| [stage_config](variables-fast.tf#L86) | FAST stage configuration. | <code title="object&#40;&#123;&#10; networking &#61; optional&#40;object&#40;&#123;&#10; short_name &#61; optional&#40;string&#41;&#10; iam_delegated_principals &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10; iam_viewer_principals &#61; optional&#40;map&#40;list&#40;string&#41;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> | <code>1-resman</code> |
| [tag_values](variables-fast.tf#L100) | Root-level tag values. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> | <code>1-resman</code> |
| [vpc_configs](variables.tf#L191) | Optional VPC network configurations. | <code title="object&#40;&#123;&#10; dev &#61; optional&#40;object&#40;&#123;&#10; cloudnat &#61; optional&#40;object&#40;&#123;&#10; enable &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; dns &#61; optional&#40;object&#40;&#123;&#10; create_inbound_policy &#61; optional&#40;bool, true&#41;&#10; enable_logging &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; firewall &#61; optional&#40;object&#40;&#123;&#10; create_policy &#61; optional&#40;bool, false&#41;&#10; policy_has_priority &#61; optional&#40;bool, false&#41;&#10; use_classic &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; landing &#61; optional&#40;object&#40;&#123;&#10; cloudnat &#61; optional&#40;object&#40;&#123;&#10; enable &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; dns &#61; optional&#40;object&#40;&#123;&#10; create_inbound_policy &#61; optional&#40;bool, true&#41;&#10; enable_logging &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; firewall &#61; optional&#40;object&#40;&#123;&#10; create_policy &#61; optional&#40;bool, false&#41;&#10; policy_has_priority &#61; optional&#40;bool, false&#41;&#10; use_classic &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; prod &#61; optional&#40;object&#40;&#123;&#10; cloudnat &#61; optional&#40;object&#40;&#123;&#10; enable &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; dns &#61; optional&#40;object&#40;&#123;&#10; create_inbound_policy &#61; optional&#40;bool, true&#41;&#10; enable_logging &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; firewall &#61; optional&#40;object&#40;&#123;&#10; create_policy &#61; optional&#40;bool, false&#41;&#10; policy_has_priority &#61; optional&#40;bool, false&#41;&#10; use_classic &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> | |
| [vpn_onprem_primary_config](variables.tf#L241) | VPN gateway configuration for onprem interconnection in the primary region. | <code title="object&#40;&#123;&#10; peer_external_gateways &#61; map&#40;object&#40;&#123;&#10; redundancy_type &#61; string&#10; interfaces &#61; list&#40;string&#41;&#10; &#125;&#41;&#41;&#10; router_config &#61; object&#40;&#123;&#10; create &#61; optional&#40;bool, true&#41;&#10; asn &#61; number&#10; name &#61; optional&#40;string&#41;&#10; keepalive &#61; optional&#40;number&#41;&#10; custom_advertise &#61; optional&#40;object&#40;&#123;&#10; all_subnets &#61; bool&#10; ip_ranges &#61; map&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#10; tunnels &#61; map&#40;object&#40;&#123;&#10; bgp_peer &#61; object&#40;&#123;&#10; address &#61; string&#10; asn &#61; number&#10; route_priority &#61; optional&#40;number, 1000&#41;&#10; custom_advertise &#61; optional&#40;object&#40;&#123;&#10; all_subnets &#61; bool&#10; all_vpc_subnets &#61; bool&#10; all_peer_vpc_subnets &#61; bool&#10; ip_ranges &#61; map&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#10; bgp_session_range &#61; string&#10; ike_version &#61; optional&#40;number, 2&#41;&#10; peer_external_gateway_interface &#61; optional&#40;number&#41;&#10; peer_gateway &#61; optional&#40;string, &#34;default&#34;&#41;&#10; router &#61; optional&#40;string&#41;&#10; shared_secret &#61; optional&#40;string&#41;&#10; vpn_gateway_interface &#61; number&#10; &#125;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> | |
| [vpc_configs](variables.tf#L191) | Optional VPC network configurations. | <code title="object&#40;&#123;&#10; dev &#61; optional&#40;object&#40;&#123;&#10; mtu &#61; optional&#40;number, 1500&#41;&#10; cloudnat &#61; optional&#40;object&#40;&#123;&#10; enable &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; dns &#61; optional&#40;object&#40;&#123;&#10; create_inbound_policy &#61; optional&#40;bool, true&#41;&#10; enable_logging &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; firewall &#61; optional&#40;object&#40;&#123;&#10; create_policy &#61; optional&#40;bool, false&#41;&#10; policy_has_priority &#61; optional&#40;bool, false&#41;&#10; use_classic &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; landing &#61; optional&#40;object&#40;&#123;&#10; mtu &#61; optional&#40;number, 1500&#41;&#10; cloudnat &#61; optional&#40;object&#40;&#123;&#10; enable &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; dns &#61; optional&#40;object&#40;&#123;&#10; create_inbound_policy &#61; optional&#40;bool, true&#41;&#10; enable_logging &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; firewall &#61; optional&#40;object&#40;&#123;&#10; create_policy &#61; optional&#40;bool, false&#41;&#10; policy_has_priority &#61; optional&#40;bool, false&#41;&#10; use_classic &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; prod &#61; optional&#40;object&#40;&#123;&#10; mtu &#61; optional&#40;number, 1500&#41;&#10; cloudnat &#61; optional&#40;object&#40;&#123;&#10; enable &#61; optional&#40;bool, false&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; dns &#61; optional&#40;object&#40;&#123;&#10; create_inbound_policy &#61; optional&#40;bool, true&#41;&#10; enable_logging &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; firewall &#61; optional&#40;object&#40;&#123;&#10; create_policy &#61; optional&#40;bool, false&#41;&#10; policy_has_priority &#61; optional&#40;bool, false&#41;&#10; use_classic &#61; optional&#40;bool, true&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> | |
| [vpn_onprem_primary_config](variables.tf#L244) | VPN gateway configuration for onprem interconnection in the primary region. | <code title="object&#40;&#123;&#10; peer_external_gateways &#61; map&#40;object&#40;&#123;&#10; redundancy_type &#61; string&#10; interfaces &#61; list&#40;string&#41;&#10; &#125;&#41;&#41;&#10; router_config &#61; object&#40;&#123;&#10; create &#61; optional&#40;bool, true&#41;&#10; asn &#61; number&#10; name &#61; optional&#40;string&#41;&#10; keepalive &#61; optional&#40;number&#41;&#10; custom_advertise &#61; optional&#40;object&#40;&#123;&#10; all_subnets &#61; bool&#10; ip_ranges &#61; map&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#10; tunnels &#61; map&#40;object&#40;&#123;&#10; bgp_peer &#61; object&#40;&#123;&#10; address &#61; string&#10; asn &#61; number&#10; route_priority &#61; optional&#40;number, 1000&#41;&#10; custom_advertise &#61; optional&#40;object&#40;&#123;&#10; all_subnets &#61; bool&#10; all_vpc_subnets &#61; bool&#10; all_peer_vpc_subnets &#61; bool&#10; ip_ranges &#61; map&#40;string&#41;&#10; &#125;&#41;&#41;&#10; &#125;&#41;&#10; bgp_session_range &#61; string&#10; ike_version &#61; optional&#40;number, 2&#41;&#10; peer_external_gateway_interface &#61; optional&#40;number&#41;&#10; peer_gateway &#61; optional&#40;string, &#34;default&#34;&#41;&#10; router &#61; optional&#40;string&#41;&#10; shared_secret &#61; optional&#40;string&#41;&#10; vpn_gateway_interface &#61; number&#10; &#125;&#41;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> | |

## Outputs

Expand Down
2 changes: 1 addition & 1 deletion fast/stages/2-networking-a-simple/net-dev.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ module "dev-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.dev-spoke-project.project_id
name = "dev-spoke-0"
mtu = 1500
mtu = var.vpc_configs.dev.mtu
delete_default_routes_on_create = true
dns_policy = !local.dev_cfg.dns_policy ? {} : {
inbound = true
Expand Down
2 changes: 1 addition & 1 deletion fast/stages/2-networking-a-simple/net-landing.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ module "landing-vpc" {
source = "../../../modules/net-vpc"
project_id = module.landing-project.project_id
name = "prod-landing-0"
mtu = 1500
mtu = var.vpc_configs.landing.mtu
delete_default_routes_on_create = true
dns_policy = !local.landing_cfg.dns_policy ? {} : {
inbound = true
Expand Down
2 changes: 1 addition & 1 deletion fast/stages/2-networking-a-simple/net-prod.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ module "prod-spoke-vpc" {
source = "../../../modules/net-vpc"
project_id = module.prod-spoke-project.project_id
name = "prod-spoke-0"
mtu = 1500
mtu = var.vpc_configs.prod.mtu
delete_default_routes_on_create = true
dns_policy = !local.prod_cfg.dns_policy ? {} : {
inbound = true
Expand Down
3 changes: 3 additions & 0 deletions fast/stages/2-networking-a-simple/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,7 @@ variable "vpc_configs" {
description = "Optional VPC network configurations."
type = object({
dev = optional(object({
mtu = optional(number, 1500)
cloudnat = optional(object({
enable = optional(bool, false)
}), {})
Expand All @@ -206,6 +207,7 @@ variable "vpc_configs" {
}), {})
}), {})
landing = optional(object({
mtu = optional(number, 1500)
cloudnat = optional(object({
enable = optional(bool, false)
}), {})
Expand All @@ -220,6 +222,7 @@ variable "vpc_configs" {
}), {})
}), {})
prod = optional(object({
mtu = optional(number, 1500)
cloudnat = optional(object({
enable = optional(bool, false)
}), {})
Expand Down
Loading

0 comments on commit c04ead0

Please sign in to comment.