Note: The default ITS GitLab runner is a shared resource and is subject to slowdowns during heavy usage.
You can run your own GitLab runner that is dedicated just to your group if you need to avoid processing delays.

Commit e6357745 authored by Kenny Moore's avatar Kenny Moore
Browse files

BGP VPN established

parent 845af336
......@@ -32,7 +32,7 @@ resource "google_project_iam_member" "project_iam" {
locals{
filter_string = "resource.type=\"project\"\nresource.labels.project_id=\"google_project.gcp_project.project_id\" \nlogName=\"projects/${google_project.gcp_project.project_id}/logs/cloudaudit.googleapis.com%2Factivity\""
filter_string = "resource.type=\"project\"\nresource.labels.project_id=\"${google_project.gcp_project.project_id}\" \nlogName=\"projects/${google_project.gcp_project.project_id}/logs/cloudaudit.googleapis.com%2Factivity\""
}
resource "google_logging_project_sink" "log_export" {
......@@ -40,7 +40,7 @@ resource "google_logging_project_sink" "log_export" {
name = "${google_project.gcp_project.project_id}-log-export"
destination = "${var.log_export_destination}"
# filter = "projects/${google_project.gcp_project.project_id}/logs/cloudaudit.googleapis.com%2Factivity" # Need this
filter = "local.filter_string"
filter = local.filter_string
unique_writer_identity = true
}
......
......@@ -36,18 +36,6 @@ resource "google_compute_subnetwork" "vpn_subnet" {
network = google_compute_network.vpn_vpc.self_link
}
# VPN BGP Connection Information - U-M Side
locals{
um_vpn_endpoint = [{
ip = "141.213.154.20"
asn = "64900"
},
{
ip = "141.213.154.4"
asn = "64901"
}]
}
# # create vpn gateway
resource "google_compute_vpn_gateway" "vpn_gw" {
name = "${var.prefix}-bgp-vpn-gateway"
......@@ -93,6 +81,18 @@ resource "google_compute_forwarding_rule" "fr_udp4500" {
target = "${google_compute_vpn_gateway.vpn_gw.self_link}"
}
# VPN BGP Connection Information - U-M Side
locals{
um_vpn_endpoint = [{
ip = "141.213.154.20"
asn = "64900"
},
{
ip = "141.213.154.4"
asn = "64901"
}]
}
resource "google_compute_router" "vpn_router" {
name = "${var.prefix}-bgp-vpn-router"
project = var.project_id
......@@ -104,7 +104,7 @@ resource "google_compute_router" "vpn_router" {
}
# Create a BGP Interface/Session based on the number of bgp networks specified in
resource "google_compute_router_interface" "bgp-interface" {
resource "google_compute_router_interface" "bgp_interface" {
count = length(var.bgp_network)
name = "bgp-vpn-interface${count.index}" # should use var/count
project = var.project_id
......@@ -114,6 +114,17 @@ resource "google_compute_router_interface" "bgp-interface" {
vpn_tunnel = "${google_compute_vpn_tunnel.vpn_tunnel[count.index].name}" # need to write for this to be multiple tunnels
}
resource "google_compute_router_peer" "bgp_peer" {
count = length(var.bgp_network)
name = "${var.prefix}-bgp-peer${count.index}"
project = var.project_id
router = google_compute_router.vpn_router.name
region = var.regions[0]
peer_ip_address = cidrhost(var.bgp_network[count.index],2)
peer_asn = local.um_vpn_endpoint[count.index].asn
interface = google_compute_router_interface.bgp_interface[count.index].name
}
resource "google_compute_vpn_tunnel" "vpn_tunnel" {
count = length(var.bgp_network)
name = "bgp-vpn-tunnel${count.index}" # need a count
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment