From 644b91b27313124398ce2943807364a733b3581a Mon Sep 17 00:00:00 2001 From: maxi418 <144135803+maxi418@users.noreply.github.com> Date: Thu, 28 Dec 2023 12:22:38 +0100 Subject: [PATCH] Dbp 468 create dedicated nat gateway module (#21) * added resources for nat lan * updated description * initial creation of terraform files * added NAT gateway and rule * changed var name * renamed module * fixed reference * added ipblock creation * ipblock variables with condition * make variables optional * missing instance key * changed output to public ips from natgateway * correct description * terraform-docs: automated action * make public ips optional * terraform-docs: automated action * renamed module --------- Co-authored-by: github-actions[bot] --- modules/ionos-k8s-natgateway/README.md | 46 ++++++++++++++ .../ionos-k8s-natgateway/cidr-workaround.tf | 11 ++++ modules/ionos-k8s-natgateway/main.tf | 29 +++++++++ modules/ionos-k8s-natgateway/output.tf | 7 +++ modules/ionos-k8s-natgateway/variables.tf | 60 +++++++++++++++++++ modules/ionos-k8s-natgateway/versions.tf | 8 +++ 6 files changed, 161 insertions(+) create mode 100644 modules/ionos-k8s-natgateway/README.md create mode 100644 modules/ionos-k8s-natgateway/cidr-workaround.tf create mode 100644 modules/ionos-k8s-natgateway/main.tf create mode 100644 modules/ionos-k8s-natgateway/output.tf create mode 100644 modules/ionos-k8s-natgateway/variables.tf create mode 100644 modules/ionos-k8s-natgateway/versions.tf diff --git a/modules/ionos-k8s-natgateway/README.md b/modules/ionos-k8s-natgateway/README.md new file mode 100644 index 0000000..effc581 --- /dev/null +++ b/modules/ionos-k8s-natgateway/README.md @@ -0,0 +1,46 @@ + + +## Providers + +| Name | Version | +|------|---------| +| [ionoscloud](#provider\_ionoscloud) | 6.3.6 | +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [cidr\_workaround](#module\_cidr\_workaround) | ../../modules/ionos-cidr-workaround | n/a | +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [datacenter\_id](#input\_datacenter\_id) | n/a | `string` | n/a | yes | +| [k8s\_cluster\_id](#input\_k8s\_cluster\_id) | n/a | `string` | n/a | yes | +| [lan\_id](#input\_lan\_id) | The LAN to connect the NAT gateway to. | `string` | n/a | yes | +| [natgateway\_name](#input\_natgateway\_name) | n/a | `string` | n/a | yes | +| [natgateway\_rule\_name](#input\_natgateway\_rule\_name) | n/a | `string` | n/a | yes | +| [create\_ipblock](#input\_create\_ipblock) | Specifies whether an ipblock should be created. Default: false. | `bool` | `false` | no | +| [datacenter\_location](#input\_datacenter\_location) | n/a | `string` | `null` | no | +| [ipblock\_name](#input\_ipblock\_name) | n/a | `string` | `null` | no | +| [ipblock\_size](#input\_ipblock\_size) | n/a | `number` | `null` | no | +| [natgateway\_host\_num](#input\_natgateway\_host\_num) | The number to be set in the last ip block. (Default: 8) | `number` | `8` | no | +| [natgateway\_public\_ips](#input\_natgateway\_public\_ips) | Specifies the list of public ips of the NAT gateway. | `list(string)` | `null` | no | +## Outputs + +| Name | Description | +|------|-------------| +| [natgateway\_id](#output\_natgateway\_id) | n/a | +| [public\_ips](#output\_public\_ips) | n/a | +## Requirements + +| Name | Version | +|------|---------| +| [ionoscloud](#requirement\_ionoscloud) | 6.3.6 | +## Resources + +| Name | Type | +|------|------| +| [ionoscloud_ipblock.natgateway](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/ipblock) | resource | +| [ionoscloud_natgateway.natgateway](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/natgateway) | resource | +| [ionoscloud_natgateway_rule.natgateway_rule](https://registry.terraform.io/providers/ionos-cloud/ionoscloud/6.3.6/docs/resources/natgateway_rule) | resource | + \ No newline at end of file diff --git a/modules/ionos-k8s-natgateway/cidr-workaround.tf b/modules/ionos-k8s-natgateway/cidr-workaround.tf new file mode 100644 index 0000000..829a963 --- /dev/null +++ b/modules/ionos-k8s-natgateway/cidr-workaround.tf @@ -0,0 +1,11 @@ +module "cidr_workaround" { + source = "../../modules/ionos-cidr-workaround" + k8s_cluster_id = var.k8s_cluster_id + lan_id = var.lan_id +} + +locals { + prefix = module.cidr_workaround.prefix + gateway_ip = "${cidrhost(local.prefix, var.natgateway_host_num)}" + gateway_subnet = "${cidrhost(local.prefix, 0)}/24" +} \ No newline at end of file diff --git a/modules/ionos-k8s-natgateway/main.tf b/modules/ionos-k8s-natgateway/main.tf new file mode 100644 index 0000000..ebea824 --- /dev/null +++ b/modules/ionos-k8s-natgateway/main.tf @@ -0,0 +1,29 @@ +resource "ionoscloud_natgateway" "natgateway" { + datacenter_id = var.datacenter_id + name = var.natgateway_name + public_ips = var.create_ipblock ? ionoscloud_ipblock.natgateway[0].ips : var.natgateway_public_ips + lans { + id = var.lan_id + gateway_ips = [ local.gateway_ip ] + } +} + +resource "ionoscloud_natgateway_rule" "natgateway_rule" { + datacenter_id = var.datacenter_id + natgateway_id = ionoscloud_natgateway.natgateway.id + name = var.natgateway_rule_name + type = "SNAT" + protocol = "TCP" + source_subnet = local.gateway_subnet + public_ip = var.create_ipblock ? ionoscloud_ipblock.natgateway[0].ips[0] : var.natgateway_public_ips[0] +} + +resource "ionoscloud_ipblock" "natgateway" { + count = var.create_ipblock ? 1 : 0 + location = var.datacenter_location + size = var.ipblock_size + name = var.ipblock_name + lifecycle { + prevent_destroy = true + } +} diff --git a/modules/ionos-k8s-natgateway/output.tf b/modules/ionos-k8s-natgateway/output.tf new file mode 100644 index 0000000..461e78f --- /dev/null +++ b/modules/ionos-k8s-natgateway/output.tf @@ -0,0 +1,7 @@ +output "natgateway_id" { + value = ionoscloud_natgateway.natgateway.id +} + +output "public_ips" { + value = ionoscloud_natgateway.natgateway.public_ips +} \ No newline at end of file diff --git a/modules/ionos-k8s-natgateway/variables.tf b/modules/ionos-k8s-natgateway/variables.tf new file mode 100644 index 0000000..779144a --- /dev/null +++ b/modules/ionos-k8s-natgateway/variables.tf @@ -0,0 +1,60 @@ +variable "datacenter_id" { + description = "" + type = string +} + +variable "natgateway_name" { + description = "" + type = string +} + +variable "natgateway_public_ips" { + description = "Specifies the list of public ips of the NAT gateway." + type = list(string) + default = null +} + +variable "k8s_cluster_id" { + description = "" + type = string +} + +variable "lan_id" { + description = "The LAN to connect the NAT gateway to." + type = string +} + +variable "natgateway_host_num" { + description = "The number to be set in the last ip block. (Default: 8)" + type = number + default = 8 +} + +variable "natgateway_rule_name" { + description = "" + type = string +} + +variable "create_ipblock" { + description = "Specifies whether an ipblock should be created. Default: false." + type = bool + default = false +} + +variable "datacenter_location" { + description = "" + type = string + default = null +} + +variable "ipblock_name" { + description = "" + type = string + default = null +} + +variable "ipblock_size" { + description = "" + type = number + default = null +} \ No newline at end of file diff --git a/modules/ionos-k8s-natgateway/versions.tf b/modules/ionos-k8s-natgateway/versions.tf new file mode 100644 index 0000000..4f95fb0 --- /dev/null +++ b/modules/ionos-k8s-natgateway/versions.tf @@ -0,0 +1,8 @@ +terraform { + required_providers { + ionoscloud = { + source = "ionos-cloud/ionoscloud" + version = "6.3.6" + } + } +}