Dbp 468 create dedicated nat gateway module (#21)

* added resources for nat lan * updated description * initial creation of terraform files * added NAT gateway and rule * changed var name * renamed module * fixed reference * added ipblock creation * ipblock variables with condition * make variables optional * missing instance key * changed output to public ips from natgateway * correct description * terraform-docs: automated action * make public ips optional * terraform-docs: automated action * renamed module --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
dBildungsplattform · Dec 28, 2023 · 644b91b · 644b91b
1 parent e995c3a
commit 644b91b
Show file tree

Hide file tree

Showing 6 changed files with 161 additions and 0 deletions.
diff --git a/modules/ionos-k8s-natgateway/README.md b/modules/ionos-k8s-natgateway/README.md
@@ -0,0 +1,46 @@
+<!-- BEGIN_TF_DOCS -->
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_ionoscloud"></a> [ionoscloud](#provider\_ionoscloud) | 6.3.6 |
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_cidr_workaround"></a> [cidr\_workaround](#module\_cidr\_workaround) | ../../modules/ionos-cidr-workaround | n/a |
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_datacenter_id"></a> [datacenter\_id](#input\_datacenter\_id) | n/a | `string` | n/a | yes |
+| <a name="input_k8s_cluster_id"></a> [k8s\_cluster\_id](#input\_k8s\_cluster\_id) | n/a | `string` | n/a | yes |
+| <a name="input_lan_id"></a> [lan\_id](#input\_lan\_id) | The LAN to connect the NAT gateway to. | `string` | n/a | yes |
+| <a name="input_natgateway_name"></a> [natgateway\_name](#input\_natgateway\_name) | n/a | `string` | n/a | yes |
+| <a name="input_natgateway_rule_name"></a> [natgateway\_rule\_name](#input\_natgateway\_rule\_name) | n/a | `string` | n/a | yes |
+| <a name="input_create_ipblock"></a> [create\_ipblock](#input\_create\_ipblock) | Specifies whether an ipblock should be created. Default: false. | `bool` | `false` | no |
+| <a name="input_datacenter_location"></a> [datacenter\_location](#input\_datacenter\_location) | n/a | `string` | `null` | no |
+| <a name="input_ipblock_name"></a> [ipblock\_name](#input\_ipblock\_name) | n/a | `string` | `null` | no |
+| <a name="input_ipblock_size"></a> [ipblock\_size](#input\_ipblock\_size) | n/a | `number` | `null` | no |
+| <a name="input_natgateway_host_num"></a> [natgateway\_host\_num](#input\_natgateway\_host\_num) | The number to be set in the last ip block. (Default: 8) | `number` | `8` | no |
+| <a name="input_natgateway_public_ips"></a> [natgateway\_public\_ips](#input\_natgateway\_public\_ips) | Specifies the list of public ips of the NAT gateway. | `list(string)` | `null` | no |
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_natgateway_id"></a> [natgateway\_id](#output\_natgateway\_id) | n/a |
+| <a name="output_public_ips"></a> [public\_ips](#output\_public\_ips) | n/a |
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_ionoscloud"></a> [ionoscloud](#requirement\_ionoscloud) | 6.3.6 |
+## Resources
+
+| Name | Type |
+|------|------|
+| [ionoscloud_ipblock.natgateway](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/ipblock) | resource |
+| [ionoscloud_natgateway.natgateway](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/natgateway) | resource |
+| [ionoscloud_natgateway_rule.natgateway_rule](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/natgateway_rule) | resource |
+<!-- END_TF_DOCS -->
diff --git a/modules/ionos-k8s-natgateway/cidr-workaround.tf b/modules/ionos-k8s-natgateway/cidr-workaround.tf
@@ -0,0 +1,11 @@
+module "cidr_workaround" {
+  source         = "../../modules/ionos-cidr-workaround"
+  k8s_cluster_id = var.k8s_cluster_id
+  lan_id         = var.lan_id
+}
+
+locals {
+  prefix = module.cidr_workaround.prefix
+  gateway_ip = "${cidrhost(local.prefix, var.natgateway_host_num)}"
+  gateway_subnet = "${cidrhost(local.prefix, 0)}/24"
+}
diff --git a/modules/ionos-k8s-natgateway/main.tf b/modules/ionos-k8s-natgateway/main.tf
@@ -0,0 +1,29 @@
+resource "ionoscloud_natgateway" "natgateway" {
+  datacenter_id           = var.datacenter_id
+  name                    = var.natgateway_name
+  public_ips              = var.create_ipblock ? ionoscloud_ipblock.natgateway[0].ips : var.natgateway_public_ips
+   lans {
+     id                = var.lan_id
+     gateway_ips       = [ local.gateway_ip ]
+   }
+}
+
+resource "ionoscloud_natgateway_rule" "natgateway_rule" {
+  datacenter_id           = var.datacenter_id
+  natgateway_id           = ionoscloud_natgateway.natgateway.id
+  name                    = var.natgateway_rule_name
+  type                    = "SNAT"
+  protocol                = "TCP"
+  source_subnet           = local.gateway_subnet
+  public_ip               = var.create_ipblock ? ionoscloud_ipblock.natgateway[0].ips[0] : var.natgateway_public_ips[0]
+}
+
+resource "ionoscloud_ipblock" "natgateway" {
+  count                   = var.create_ipblock ? 1 : 0
+  location                = var.datacenter_location
+  size                    = var.ipblock_size
+  name                    = var.ipblock_name
+  lifecycle {
+    prevent_destroy = true
+  }
+}
diff --git a/modules/ionos-k8s-natgateway/output.tf b/modules/ionos-k8s-natgateway/output.tf
@@ -0,0 +1,7 @@
+output "natgateway_id" {
+  value = ionoscloud_natgateway.natgateway.id
+}
+
+output "public_ips" {
+  value = ionoscloud_natgateway.natgateway.public_ips
+}
diff --git a/modules/ionos-k8s-natgateway/variables.tf b/modules/ionos-k8s-natgateway/variables.tf
@@ -0,0 +1,60 @@
+variable "datacenter_id" {
+  description = ""
+  type        = string
+}
+
+variable "natgateway_name" {
+  description = ""
+  type        = string
+}
+
+variable "natgateway_public_ips" {
+  description = "Specifies the list of public ips of the NAT gateway."
+  type        = list(string)
+  default     = null
+}
+
+variable "k8s_cluster_id" {
+  description = ""
+  type        = string
+}
+
+variable "lan_id" {
+  description = "The LAN to connect the NAT gateway to."
+  type        = string
+}
+
+variable "natgateway_host_num" {
+  description = "The number to be set in the last ip block. (Default: 8)"
+  type        = number
+  default     = 8
+}
+
+variable "natgateway_rule_name" {
+  description = ""
+  type        = string
+}
+
+variable "create_ipblock" {
+  description = "Specifies whether an ipblock should be created. Default: false."
+  type        = bool
+  default     = false
+}
+
+variable "datacenter_location" {
+  description = ""
+  type        = string
+  default     = null
+}
+
+variable "ipblock_name" {
+  description = ""
+  type        = string 
+  default     = null
+} 
+
+variable "ipblock_size" {
+  description = ""
+  type        = number
+  default     = null
+}
diff --git a/modules/ionos-k8s-natgateway/versions.tf b/modules/ionos-k8s-natgateway/versions.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    ionoscloud = {
+      source  = "ionos-cloud/ionoscloud"
+      version = "6.3.6"
+    }
+  }
+}