Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

💡 Feature Request - Add next hop and route table #23

Open
reduards opened this issue Nov 20, 2022 · 5 comments
Open

💡 Feature Request - Add next hop and route table #23

reduards opened this issue Nov 20, 2022 · 5 comments
Labels
Area: Networking enhancement New feature or request Needs: Attention 👋 Needs attention from the maintainers

Comments

@reduards
Copy link

Describe the solution you'd like

Looked at the ALZ-Bicep Orchestration - hubPeeredSpoke module and it contains route table creation with nexthop to the firewall. Think that should be added in the vending module as well for the corp landing zones.

Additional context

Add any other context or screenshots about the feature request here. 📷
@reduards reduards added the enhancement New feature or request label Nov 20, 2022
@ghost ghost added the Needs: Triage 🔍 Needs triaging by the team label Nov 20, 2022
@jtracey93
Copy link
Collaborator

Thanks for the request @reduards.

I will discuss with @matt-FFFFFF when he returns from OOF as he maintains the TF module equivalent and we would like to keep these in feature parity where possible.

Thanks

@jtracey93 jtracey93 added Area: Networking long-term We will do it, but will take a longer amount of time due to complexity/priorities and removed Needs: Triage 🔍 Needs triaging by the team labels Nov 21, 2022
@reduards
Copy link
Author

Great, I think for corp it would make sense, together with the policy of enforcing route table on subnet creation. Considering making this policy default similiar to the policy enforcing NSG could be considered as well.

@jtracey93
Copy link
Collaborator

Hey @reduards,

As we don't create any subnets today in these modules, as documented, would you want this just to be created so available to associate to app teams etc.?

Also, what option would you want from the below options:

  1. Create UDR with a single default route (0.0.0.0/0) to a next hop IP address, that we would take in as a parameter value
  2. Create a UDR with as many routes as you with in a complex array/object definition?

Let us know

P.S. we try to keep these modules disconnected from ALZ directly so as many people as possible can use them. Whether they use ALZ or not 👍 But to your mention about the UDR policy, it is unlikely we would add that to ALZ as not all customers use NVAs etc and some just use native routing 👍

@jtracey93 jtracey93 added Needs: Author Feedback Awaiting feedback from the issue/PR author and removed long-term We will do it, but will take a longer amount of time due to complexity/priorities labels Nov 28, 2022
@reduards
Copy link
Author

reduards commented Dec 1, 2022

Hey @jtracey93,

Yes, I am thinking that this can be created so it is available for app teams to associate with subnet and that this could be then enforced with policy as well (Subnet needs to be associated with route table).

Would suggest 2. for flexibility but with 1. as the leading example.

Best Regards,
Rasmus

@ghost ghost added Needs: Attention 👋 Needs attention from the maintainers and removed Needs: Author Feedback Awaiting feedback from the issue/PR author labels Dec 1, 2022
@stalejohnsen
Copy link

Option 2 sounds great!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Area: Networking enhancement New feature or request Needs: Attention 👋 Needs attention from the maintainers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jtracey93 @reduards @stalejohnsen