Note: The default ITS GitLab runner is a shared resource and is subject to slowdowns during heavy usage.
You can run your own GitLab runner that is dedicated just to your group if you need to avoid processing delays.

Commit 333ff209 authored by Kenny Moore's avatar Kenny Moore
Browse files

IP reservation and forwarding rules working

parent 196a1059
......@@ -55,48 +55,45 @@ resource "google_compute_vpn_gateway" "vpn_gw" {
region = var.regions[0]
}
# # reserve static IP for vpn gateway
# resource "google_compute_address" "vpn_gw_ip" {
# # name = "${var.prefix}-bgp-vpn-gateway"
# name = google_compute_vpn_gateway.vpn_gw.name
# project = var.project_id
# # region = "us-central1" # How do we decide which one?
# region = var.regions[0]
# # region = local.subnets[0].each
# }
# reserve static IP for vpn gateway
resource "google_compute_address" "vpn_gw_ip" {
# name = "${var.prefix}-bgp-vpn-gateway"
name = google_compute_vpn_gateway.vpn_gw.name
project = var.project_id
# region = "us-central1" # How do we decide which one?
region = var.regions[0]
# region = local.subnets[0].each
}
# #create forwarding rules
# resource "google_compute_forwarding_rule" "fr_esp" {
# count = var.network && var.vpn ? 1:0 # if network and vpn are true, create resource
# name = "fr-esp"
# project = var.project_id
# region = var.regions[0] # should be a variable
# ip_protocol = "ESP"
# ip_address = "${google_compute_address.vpn_gw_ip.address}"
# target = "${google_compute_vpn_gateway.vpn_gw.self_link}"
# }
#create forwarding rules
resource "google_compute_forwarding_rule" "fr_esp" {
name = "fr-esp"
project = var.project_id
region = var.regions[0] # should be a variable
ip_protocol = "ESP"
ip_address = "${google_compute_address.vpn_gw_ip.address}"
target = "${google_compute_vpn_gateway.vpn_gw.self_link}"
}
# resource "google_compute_forwarding_rule" "fr_udp500" {
# count = var.network && var.vpn ? 1:0 # if network and vpn are true, create resource
# name = "fr-udp500"
# project = var.project_id
# region = var.regions[0] # should be a variable
# ip_protocol = "UDP"
# port_range = "500"
# ip_address = "${google_compute_address.vpn_gw_ip.address}"
# target = "${google_compute_vpn_gateway.vpn_gw.self_link}"
# }
resource "google_compute_forwarding_rule" "fr_udp500" {
name = "fr-udp500"
project = var.project_id
region = var.regions[0] # should be a variable
ip_protocol = "UDP"
port_range = "500"
ip_address = "${google_compute_address.vpn_gw_ip.address}"
target = "${google_compute_vpn_gateway.vpn_gw.self_link}"
}
# resource "google_compute_forwarding_rule" "fr_udp4500" {
# count = var.network && var.vpn ? 1:0 # if network and vpn are true, create resource
# name = "fr-udp4500"
# project = var.project_id
# region = var.regions[0] # should be a variable
# ip_protocol = "UDP"
# port_range = "4500"
# ip_address = "${google_compute_address.vpn_gw_ip.address}"
# target = "${google_compute_vpn_gateway.vpn_gw.self_link}"
# }
resource "google_compute_forwarding_rule" "fr_udp4500" {
name = "fr-udp4500"
project = var.project_id
region = var.regions[0] # should be a variable
ip_protocol = "UDP"
port_range = "4500"
ip_address = "${google_compute_address.vpn_gw_ip.address}"
target = "${google_compute_vpn_gateway.vpn_gw.self_link}"
}
resource "google_compute_router" "vpn_router" {
name = "${var.prefix}-bgp-vpn-router"
......@@ -107,22 +104,7 @@ resource "google_compute_router" "vpn_router" {
asn = var.cloud_asn
}
}
## ## ## Working, but I was wrong - only need one ASN for the router; need multiple networks for the Interfaces
# resource "google_compute_router" "vpn_router" {
# name = "vpn-router"
# project = var.project_id
# network = google_compute_network.vpn_vpc.self_link
# region = var.regions[0]
# dynamic "bgp" {
# for_each = var.vpn_connection_info
# content {
# asn = bgp.value.asn
# }
# }
# }
# resource "google_compute_router_interface" "bgp-interface" {
# # count = var.network && var.vpn ? 1:0 # if network and vpn are true, create resource
# count = var.vpn_tunnel_count
......@@ -149,4 +131,20 @@ resource "google_compute_router" "vpn_router" {
# "google_compute_forwarding_rule.fr_udp500",
# "google_compute_forwarding_rule.fr_udp4500",
# ]
# }
### REFERENCE ###
## ## ## Working, but I was wrong - only need one ASN for the router; need multiple networks for the Interfaces
# resource "google_compute_router" "vpn_router" {
# name = "vpn-router"
# project = var.project_id
# network = google_compute_network.vpn_vpc.self_link
# region = var.regions[0]
# dynamic "bgp" {
# for_each = var.vpn_connection_info
# content {
# asn = bgp.value.asn
# }
# }
# }
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment