dev routing tables

2025-07-07 14:30:42 +02:00 · 2025-07-07 14:30:42 +02:00 · 94cf2a2198
commit 94cf2a2198
parent 1942d8d55c
5 changed files with 55 additions and 22 deletions
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@ -22,24 +22,24 @@ provider "registry.terraform.io/hashicorp/random" {
 }

 provider "registry.terraform.io/stackitcloud/stackit" {
-  version     = "0.56.0"
-  constraints = "0.56.0"
+  version     = "0.57.0"
+  constraints = "0.57.0"
  hashes = [
-    "h1:coGl0oAXEPwbFu8OY+gNEf4Qh9w6fWfQeF2Av6Nt4Ew=",
-    "zh:02fed1ea0a54c0b70d8f733db2d6884ccd1873b79452e12fda0e912c81da0fe3",
-    "zh:047414a35c0347e78d8c89a2cea5bbfb82d65f85cb2e7e36affb75967d9814cf",
-    "zh:0553e5ffff43e0ab2cc9639f67f9a231296892b2c278c6904a91000cff0dd387",
+    "h1:JqIarUpl4iGdpKrmP6olvila83Vk1zHaMKvJ3aSwaAI=",
    "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f",
-    "zh:208a56bb9f6449eabbe3aae49cb29a8f237e2c9eff13e94f47dec64cc304f9ba",
-    "zh:2eded173d20c45867d4080a3d4e01d464a873120be1ef0dba7718cd48a239b82",
-    "zh:41044c2e98b26a24b47ebc2a8e701bb404e640b488e2bdc26bba1b2f6c175b46",
-    "zh:58b38d8b760a70a3c773fd25e32cfb6ad054d2eceda924be6ad5394c8202bcd9",
-    "zh:785fcfa87bf76512907d50320f217e81c128bd3e866b006a4d79e066d97f1f0c",
-    "zh:7c983f1ce454131e283f713a60768abc24046a28b62f66665472caccb9810d98",
-    "zh:9f51cc2424ecea86852f6b79f017efdd0328fa1b6d445fa5b7c4dfc6b1a0b98e",
-    "zh:b89cb2f43d72f0d45fc71cb96142d5378c129971270b9ec02f44d5d9df5698e8",
-    "zh:dc930e5f8656b75e10b562716dbe572a4a41de14b2b683e05c65cb12001365fe",
-    "zh:eb6b01c7d8074d801ad4950f7851840fd6f36e00eace80e521b5c074faba3d9b",
-    "zh:f882f10ca14d3145c7b33ffc54c5402575d0d9524aab8433e01d4310e0780c01",
+    "zh:17a653ec41936321b78d19eff09ca79ba81bd9dc2281a0179a1a2ec2d8197e8a",
+    "zh:18a740c3477c09f3a293266dd234874372cfe29fe5bad486879f9635ad5b1f55",
+    "zh:1bddb6eaa6041941b6cb8724380575ed41537ab9d7cad45a3f3bc4fef634d79c",
+    "zh:36a9ebf5478b618f7bcfd1fa55f7754083fef7e6097e1df2e294d9b56cc2d95a",
+    "zh:4ab27217f674f24f6be04d03b020058f6ae7a21ca0a59d81f94a55f3f27e4a0f",
+    "zh:52532cac03fc29eced93276075ed9b481ab3ef4290dc090ad312f390c535ad9f",
+    "zh:677faf292774996a95030b38def9a3c8750062f794c24083abd9f528bc0b92a6",
+    "zh:70bac59ec6e74097d8b32daf6646efb8f6f6c0ff09f709eb1e7cecd6717da987",
+    "zh:86295f0f2ab79c6c77f3148cc60621a323ef678fe9b189fa12658c10c7aa86d6",
+    "zh:a79245fd47a7a1e857ebc7802725c39a5c25fbf161dc294150dcfb4088727277",
+    "zh:b89691c0f8b0b15da3f6435dcd56738bf25fdae3adfdbfe3c5c09d273b617e19",
+    "zh:ce21cc0e16d0e80497e6b1af91cea7516c4c575a149afcd5ae9b27325cf96edd",
+    "zh:d6bf983ad6810864cdda957b70ff1ddc8fb731c2fdcdf84faa4e38f6e52772e3",
+    "zh:e9480b03bd03039e79affbfdde1a48dcb73873134b6df98008f271556cfe59cd",
  ]
 }
--- a/00-provider.tf
+++ b/00-provider.tf
@ -13,7 +13,7 @@ terraform {
  required_providers {
    stackit = {
      source  = "stackitcloud/stackit"
-      version = "0.56.0"
+      version = "0.57.0"
    }
    random = {
      source  = "hashicorp/random"
@ -25,4 +25,5 @@ terraform {
 provider "stackit" {
  default_region           = var.stackit_region
  service_account_key_path = var.stackit_service_account_key_path
+  experiments              = ["routing-tables", "network"]
 }
--- a/02-projects.tf
+++ b/02-projects.tf
@ -9,12 +9,22 @@ resource "stackit_network_area" "sna" {
  transfer_network = "172.16.9.0/24"
 }

+data "stackit_network_area" "sna-rt" {
+  network_area_id = "b981a115-f50f-4998-a501-12ba1b8d136b"
+  organization_id = var.stackit_organization_id
+}
+
+locals {
+  sna_id = data.stackit_network_area.sna-rt.network_area_id
+  /*sna_id = stackit_network_area.sna.network_area_id*/
+}
+
 resource "stackit_resourcemanager_project" "cloud" {
  parent_container_id = var.stackit_organization_id
  name                = "mu-stackit-strongswan-02-cloud"
  owner_email         = "mauritz.uphoff@stackit.cloud"
  labels = {
-    "networkArea" = stackit_network_area.sna.network_area_id
+    "networkArea" = local.sna_id
  }
 }

--- a/03-sw-appliances.tf
+++ b/03-sw-appliances.tf
@ -5,11 +5,32 @@ resource "stackit_key_pair" "admin_keypair" {
  public_key = chomp(file("~/.ssh/id_rsa.pub"))
 }

+resource "stackit_routing_table" "rt1" {
+  name            = "routing-table01"
+  network_area_id = local.sna_id
+  organization_id = var.stackit_organization_id
+}
+
+resource "stackit_routing_table_route" "vpn" {
+  network_area_id = local.sna_id
+  next_hop = {
+    type  = "ipv4"
+    value = "10.1.1.10"
+  }
+  destination = {
+    type  = "cidrv4"
+    value = "192.168.1.0/24"
+  }
+  organization_id  = var.stackit_organization_id
+  routing_table_id = stackit_routing_table.rt1.routing_table_id
+}
+
 resource "stackit_network" "cloud_network01" {
  project_id       = stackit_resourcemanager_project.cloud.project_id
  ipv4_prefix      = "10.1.1.0/24"
  name             = "cloud-network-01"
  ipv4_nameservers = ["9.9.9.9", "1.1.1.1"]
+  routing_table_id = stackit_routing_table.rt1.routing_table_id
 }

 resource "stackit_network" "cloud_network02" {
@ -17,6 +38,7 @@ resource "stackit_network" "cloud_network02" {
  ipv4_prefix      = "10.1.2.0/24"
  name             = "cloud-network-02"
  ipv4_nameservers = ["9.9.9.9", "1.1.1.1"]
+  routing_table_id = stackit_routing_table.rt1.routing_table_id
 }

 resource "stackit_network" "onprem_network01" {
--- a/04-vms.tf
+++ b/04-vms.tf
@ -1,10 +1,10 @@
-resource "stackit_network_area_route" "vpn" {
+/*resource "stackit_network_area_route" "vpn" {
  organization_id = var.stackit_organization_id
-  network_area_id = stackit_network_area.sna.network_area_id
+  network_area_id = local.sna_id
  prefix          = "192.168.1.0/24"
  // network interface strongswan cloud appliance
  next_hop = "10.1.1.10"
-}
+}*/

 resource "stackit_network_interface" "machine01_cloud01" {
  project_id = stackit_resourcemanager_project.cloud.project_id