Skip to content

Commit

Permalink
Add includeImportRanges fields to NCC Spoke resource (#11683) (#801)
Browse files Browse the repository at this point in the history 
[upstream:04ac0541d081388e02867447cb3cd442f08fd6be]

Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
@modular-magician
modular-magician authored Sep 19, 2024
1 parent 70315db commit b541d4f
Show file tree
Hide file tree
Showing 9 changed files with 379 additions and 0 deletions.
15 changes: 15 additions & 0 deletions network_connectivity_spoke_interconnect_attachment_basic/backing_file.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# This file has some scaffolding to make sure that names are unique and that
# a region and zone are selected when you try to create your Terraform resources.

locals {
name_suffix = "${random_pet.suffix.id}"
}

resource "random_pet" "suffix" {
length = 2
}

provider "google" {
region = "us-central1"
zone = "us-central1-c"
}
45 changes: 45 additions & 0 deletions network_connectivity_spoke_interconnect_attachment_basic/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
resource "google_network_connectivity_hub" "basic_hub" {
name = "basic-hub1-${local.name_suffix}"
description = "A sample hub"
labels = {
label-two = "value-one"
}
}

resource "google_compute_network" "network" {
name = "basic-network-${local.name_suffix}"
auto_create_subnetworks = false
}

resource "google_compute_router" "router" {
name = "external-vpn-gateway-${local.name_suffix}"
region = "us-central1"
network = google_compute_network.network.name
bgp {
asn = 16550
}
}

resource "google_compute_interconnect_attachment" "interconnect-attachment" {
name = "partner-interconnect1-${local.name_suffix}"
edge_availability_domain = "AVAILABILITY_DOMAIN_1"
type = "PARTNER"
router = google_compute_router.router.id
mtu = 1500
region = "us-central1"
}

resource "google_network_connectivity_spoke" "primary" {
name = "interconnect-attachment-spoke-${local.name_suffix}"
location = "us-central1"
description = "A sample spoke with a linked Interconnect Attachment"
labels = {
label-one = "value-one"
}
hub = google_network_connectivity_hub.basic_hub.id
linked_interconnect_attachments {
uris = [google_compute_interconnect_attachment.interconnect-attachment.self_link]
site_to_site_data_transfer = true
include_import_ranges = ["ALL_IPV4_RANGES"]
}
}
7 changes: 7 additions & 0 deletions network_connectivity_spoke_interconnect_attachment_basic/motd
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
===

These examples use real resources that will be billed to the
Google Cloud Platform project you use - so make sure that you
run "terraform destroy" before quitting!

===
79 changes: 79 additions & 0 deletions network_connectivity_spoke_interconnect_attachment_basic/tutorial.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
# Network Connectivity Spoke Interconnect Attachment Basic - Terraform

## Setup

<walkthrough-author name="[email protected]" analyticsId="UA-125550242-1" tutorialName="network_connectivity_spoke_interconnect_attachment_basic" repositoryUrl="https://github.com/terraform-google-modules/docs-examples"></walkthrough-author>

Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform.

<walkthrough-project-billing-setup></walkthrough-project-billing-setup>

Terraform provisions real GCP resources, so anything you create in this session will be billed against this project.

## Terraforming!

Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command
to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up
the project name from the environment variable.

```bash
export GOOGLE_CLOUD_PROJECT={{project-id}}
```

After that, let's get Terraform started. Run the following to pull in the providers.

```bash
terraform init
```

With the providers downloaded and a project set, you're ready to use Terraform. Go ahead!

```bash
terraform apply
```

Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan.

```bash
yes
```


## Post-Apply

### Editing your config

Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed.

```bash
terraform plan
```

So let's make a change! Try editing a number, or appending a value to the name in the editor. Then,
run a 'plan' again.

```bash
terraform plan
```

Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes
at the 'yes' prompt.

```bash
terraform apply
```

```bash
yes
```

## Cleanup

Run the following to remove the resources Terraform provisioned:

```bash
terraform destroy
```
```bash
yes
```
1 change: 1 addition & 0 deletions network_connectivity_spoke_router_appliance_basic/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,5 +53,6 @@ resource "google_network_connectivity_spoke" "primary" {
ip_address = "10.0.0.2"
}
site_to_site_data_transfer = true
include_import_ranges = ["ALL_IPV4_RANGES"]
}
}
15 changes: 15 additions & 0 deletions network_connectivity_spoke_vpn_tunnel_basic/backing_file.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# This file has some scaffolding to make sure that names are unique and that
# a region and zone are selected when you try to create your Terraform resources.

locals {
name_suffix = "${random_pet.suffix.id}"
}

resource "random_pet" "suffix" {
length = 2
}

provider "google" {
region = "us-central1"
zone = "us-central1-c"
}
131 changes: 131 additions & 0 deletions network_connectivity_spoke_vpn_tunnel_basic/main.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
resource "google_network_connectivity_hub" "basic_hub" {
name = "basic-hub1-${local.name_suffix}"
description = "A sample hub"
labels = {
label-two = "value-one"
}
}

resource "google_compute_network" "network" {
name = "basic-network-${local.name_suffix}"
auto_create_subnetworks = false
}

resource "google_compute_subnetwork" "subnetwork" {
name = "basic-subnetwork-${local.name_suffix}"
ip_cidr_range = "10.0.0.0/28"
region = "us-central1"
network = google_compute_network.network.self_link
}

resource "google_compute_ha_vpn_gateway" "gateway" {
name = "vpn-gateway-${local.name_suffix}"
network = google_compute_network.network.id
}

resource "google_compute_external_vpn_gateway" "external_vpn_gw" {
name = "external-vpn-gateway-${local.name_suffix}"
redundancy_type = "SINGLE_IP_INTERNALLY_REDUNDANT"
description = "An externally managed VPN gateway"
interface {
id = 0
ip_address = "8.8.8.8"
}
}

resource "google_compute_router" "router" {
name = "external-vpn-gateway-${local.name_suffix}"
region = "us-central1"
network = google_compute_network.network.name
bgp {
asn = 64514
}
}

resource "google_compute_vpn_tunnel" "tunnel1" {
name = "tunnel1-${local.name_suffix}"
region = "us-central1"
vpn_gateway = google_compute_ha_vpn_gateway.gateway.id
peer_external_gateway = google_compute_external_vpn_gateway.external_vpn_gw.id
peer_external_gateway_interface = 0
shared_secret = "a secret message"
router = google_compute_router.router.id
vpn_gateway_interface = 0
}

resource "google_compute_vpn_tunnel" "tunnel2" {
name = "tunnel2-${local.name_suffix}"
region = "us-central1"
vpn_gateway = google_compute_ha_vpn_gateway.gateway.id
peer_external_gateway = google_compute_external_vpn_gateway.external_vpn_gw.id
peer_external_gateway_interface = 0
shared_secret = "a secret message"
router = " ${google_compute_router.router.id}"
vpn_gateway_interface = 1
}

resource "google_compute_router_interface" "router_interface1" {
name = "router-interface1-${local.name_suffix}"
router = google_compute_router.router.name
region = "us-central1"
ip_range = "169.254.0.1/30"
vpn_tunnel = google_compute_vpn_tunnel.tunnel1.name
}

resource "google_compute_router_peer" "router_peer1" {
name = "router-peer1-${local.name_suffix}"
router = google_compute_router.router.name
region = "us-central1"
peer_ip_address = "169.254.0.2"
peer_asn = 64515
advertised_route_priority = 100
interface = google_compute_router_interface.router_interface1.name
}

resource "google_compute_router_interface" "router_interface2" {
name = "router-interface2-${local.name_suffix}"
router = google_compute_router.router.name
region = "us-central1"
ip_range = "169.254.1.1/30"
vpn_tunnel = google_compute_vpn_tunnel.tunnel2.name
}

resource "google_compute_router_peer" "router_peer2" {
name = "router-peer2-${local.name_suffix}"
router = google_compute_router.router.name
region = "us-central1"
peer_ip_address = "169.254.1.2"
peer_asn = 64515
advertised_route_priority = 100
interface = google_compute_router_interface.router_interface2.name
}

resource "google_network_connectivity_spoke" "tunnel1" {
name = "vpn-tunnel-1-spoke-${local.name_suffix}"
location = "us-central1"
description = "A sample spoke with a linked VPN Tunnel"
labels = {
label-one = "value-one"
}
hub = google_network_connectivity_hub.basic_hub.id
linked_vpn_tunnels {
uris = [google_compute_vpn_tunnel.tunnel1.self_link]
site_to_site_data_transfer = true
include_import_ranges = ["ALL_IPV4_RANGES"]
}
}

resource "google_network_connectivity_spoke" "tunnel2" {
name = "vpn-tunnel-2-spoke-${local.name_suffix}"
location = "us-central1"
description = "A sample spoke with a linked VPN Tunnel"
labels = {
label-one = "value-one"
}
hub = google_network_connectivity_hub.basic_hub.id
linked_vpn_tunnels {
uris = [google_compute_vpn_tunnel.tunnel2.self_link]
site_to_site_data_transfer = true
include_import_ranges = ["ALL_IPV4_RANGES"]
}
}
7 changes: 7 additions & 0 deletions network_connectivity_spoke_vpn_tunnel_basic/motd
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
===

These examples use real resources that will be billed to the
Google Cloud Platform project you use - so make sure that you
run "terraform destroy" before quitting!

===
79 changes: 79 additions & 0 deletions network_connectivity_spoke_vpn_tunnel_basic/tutorial.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
# Network Connectivity Spoke Vpn Tunnel Basic - Terraform

## Setup

<walkthrough-author name="[email protected]" analyticsId="UA-125550242-1" tutorialName="network_connectivity_spoke_vpn_tunnel_basic" repositoryUrl="https://github.com/terraform-google-modules/docs-examples"></walkthrough-author>

Welcome to Terraform in Google Cloud Shell! We need you to let us know what project you'd like to use with Terraform.

<walkthrough-project-billing-setup></walkthrough-project-billing-setup>

Terraform provisions real GCP resources, so anything you create in this session will be billed against this project.

## Terraforming!

Let's use {{project-id}} with Terraform! Click the Cloud Shell icon below to copy the command
to your shell, and then run it from the shell by pressing Enter/Return. Terraform will pick up
the project name from the environment variable.

```bash
export GOOGLE_CLOUD_PROJECT={{project-id}}
```

After that, let's get Terraform started. Run the following to pull in the providers.

```bash
terraform init
```

With the providers downloaded and a project set, you're ready to use Terraform. Go ahead!

```bash
terraform apply
```

Terraform will show you what it plans to do, and prompt you to accept. Type "yes" to accept the plan.

```bash
yes
```


## Post-Apply

### Editing your config

Now you've provisioned your resources in GCP! If you run a "plan", you should see no changes needed.

```bash
terraform plan
```

So let's make a change! Try editing a number, or appending a value to the name in the editor. Then,
run a 'plan' again.

```bash
terraform plan
```

Afterwards you can run an apply, which implicitly does a plan and shows you the intended changes
at the 'yes' prompt.

```bash
terraform apply
```

```bash
yes
```

## Cleanup

Run the following to remove the resources Terraform provisioned:

```bash
terraform destroy
```
```bash
yes
```

0 comments on commit b541d4f

Please sign in to comment.