From 94cf2a2198ed2a10a46cb9fc3d7ec2dfb92bf597 Mon Sep 17 00:00:00 2001 From: Mauritz Uphoff Date: Mon, 7 Jul 2025 14:30:42 +0200 Subject: [PATCH] dev routing tables --- .terraform.lock.hcl | 34 +++++++++++++++++----------------- 00-provider.tf | 3 ++- 02-projects.tf | 12 +++++++++++- 03-sw-appliances.tf | 22 ++++++++++++++++++++++ 04-vms.tf | 6 +++--- 5 files changed, 55 insertions(+), 22 deletions(-) diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index bcecb59..0578522 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -22,24 +22,24 @@ provider "registry.terraform.io/hashicorp/random" { } provider "registry.terraform.io/stackitcloud/stackit" { - version = "0.56.0" - constraints = "0.56.0" + version = "0.57.0" + constraints = "0.57.0" hashes = [ - "h1:coGl0oAXEPwbFu8OY+gNEf4Qh9w6fWfQeF2Av6Nt4Ew=", - "zh:02fed1ea0a54c0b70d8f733db2d6884ccd1873b79452e12fda0e912c81da0fe3", - "zh:047414a35c0347e78d8c89a2cea5bbfb82d65f85cb2e7e36affb75967d9814cf", - "zh:0553e5ffff43e0ab2cc9639f67f9a231296892b2c278c6904a91000cff0dd387", + "h1:JqIarUpl4iGdpKrmP6olvila83Vk1zHaMKvJ3aSwaAI=", "zh:0dde99e7b343fa01f8eefc378171fb8621bedb20f59157d6cc8e3d46c738105f", - "zh:208a56bb9f6449eabbe3aae49cb29a8f237e2c9eff13e94f47dec64cc304f9ba", - "zh:2eded173d20c45867d4080a3d4e01d464a873120be1ef0dba7718cd48a239b82", - "zh:41044c2e98b26a24b47ebc2a8e701bb404e640b488e2bdc26bba1b2f6c175b46", - "zh:58b38d8b760a70a3c773fd25e32cfb6ad054d2eceda924be6ad5394c8202bcd9", - "zh:785fcfa87bf76512907d50320f217e81c128bd3e866b006a4d79e066d97f1f0c", - "zh:7c983f1ce454131e283f713a60768abc24046a28b62f66665472caccb9810d98", - "zh:9f51cc2424ecea86852f6b79f017efdd0328fa1b6d445fa5b7c4dfc6b1a0b98e", - "zh:b89cb2f43d72f0d45fc71cb96142d5378c129971270b9ec02f44d5d9df5698e8", - "zh:dc930e5f8656b75e10b562716dbe572a4a41de14b2b683e05c65cb12001365fe", - "zh:eb6b01c7d8074d801ad4950f7851840fd6f36e00eace80e521b5c074faba3d9b", - "zh:f882f10ca14d3145c7b33ffc54c5402575d0d9524aab8433e01d4310e0780c01", + "zh:17a653ec41936321b78d19eff09ca79ba81bd9dc2281a0179a1a2ec2d8197e8a", + "zh:18a740c3477c09f3a293266dd234874372cfe29fe5bad486879f9635ad5b1f55", + "zh:1bddb6eaa6041941b6cb8724380575ed41537ab9d7cad45a3f3bc4fef634d79c", + "zh:36a9ebf5478b618f7bcfd1fa55f7754083fef7e6097e1df2e294d9b56cc2d95a", + "zh:4ab27217f674f24f6be04d03b020058f6ae7a21ca0a59d81f94a55f3f27e4a0f", + "zh:52532cac03fc29eced93276075ed9b481ab3ef4290dc090ad312f390c535ad9f", + "zh:677faf292774996a95030b38def9a3c8750062f794c24083abd9f528bc0b92a6", + "zh:70bac59ec6e74097d8b32daf6646efb8f6f6c0ff09f709eb1e7cecd6717da987", + "zh:86295f0f2ab79c6c77f3148cc60621a323ef678fe9b189fa12658c10c7aa86d6", + "zh:a79245fd47a7a1e857ebc7802725c39a5c25fbf161dc294150dcfb4088727277", + "zh:b89691c0f8b0b15da3f6435dcd56738bf25fdae3adfdbfe3c5c09d273b617e19", + "zh:ce21cc0e16d0e80497e6b1af91cea7516c4c575a149afcd5ae9b27325cf96edd", + "zh:d6bf983ad6810864cdda957b70ff1ddc8fb731c2fdcdf84faa4e38f6e52772e3", + "zh:e9480b03bd03039e79affbfdde1a48dcb73873134b6df98008f271556cfe59cd", ] } diff --git a/00-provider.tf b/00-provider.tf index f00eb5a..77d3a9b 100644 --- a/00-provider.tf +++ b/00-provider.tf @@ -13,7 +13,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.56.0" + version = "0.57.0" } random = { source = "hashicorp/random" @@ -25,4 +25,5 @@ terraform { provider "stackit" { default_region = var.stackit_region service_account_key_path = var.stackit_service_account_key_path + experiments = ["routing-tables", "network"] } diff --git a/02-projects.tf b/02-projects.tf index 5938de5..ce57512 100644 --- a/02-projects.tf +++ b/02-projects.tf @@ -9,12 +9,22 @@ resource "stackit_network_area" "sna" { transfer_network = "172.16.9.0/24" } +data "stackit_network_area" "sna-rt" { + network_area_id = "b981a115-f50f-4998-a501-12ba1b8d136b" + organization_id = var.stackit_organization_id +} + +locals { + sna_id = data.stackit_network_area.sna-rt.network_area_id + /*sna_id = stackit_network_area.sna.network_area_id*/ +} + resource "stackit_resourcemanager_project" "cloud" { parent_container_id = var.stackit_organization_id name = "mu-stackit-strongswan-02-cloud" owner_email = "mauritz.uphoff@stackit.cloud" labels = { - "networkArea" = stackit_network_area.sna.network_area_id + "networkArea" = local.sna_id } } diff --git a/03-sw-appliances.tf b/03-sw-appliances.tf index 3636694..fc0671d 100644 --- a/03-sw-appliances.tf +++ b/03-sw-appliances.tf @@ -5,11 +5,32 @@ resource "stackit_key_pair" "admin_keypair" { public_key = chomp(file("~/.ssh/id_rsa.pub")) } +resource "stackit_routing_table" "rt1" { + name = "routing-table01" + network_area_id = local.sna_id + organization_id = var.stackit_organization_id +} + +resource "stackit_routing_table_route" "vpn" { + network_area_id = local.sna_id + next_hop = { + type = "ipv4" + value = "10.1.1.10" + } + destination = { + type = "cidrv4" + value = "192.168.1.0/24" + } + organization_id = var.stackit_organization_id + routing_table_id = stackit_routing_table.rt1.routing_table_id +} + resource "stackit_network" "cloud_network01" { project_id = stackit_resourcemanager_project.cloud.project_id ipv4_prefix = "10.1.1.0/24" name = "cloud-network-01" ipv4_nameservers = ["9.9.9.9", "1.1.1.1"] + routing_table_id = stackit_routing_table.rt1.routing_table_id } resource "stackit_network" "cloud_network02" { @@ -17,6 +38,7 @@ resource "stackit_network" "cloud_network02" { ipv4_prefix = "10.1.2.0/24" name = "cloud-network-02" ipv4_nameservers = ["9.9.9.9", "1.1.1.1"] + routing_table_id = stackit_routing_table.rt1.routing_table_id } resource "stackit_network" "onprem_network01" { diff --git a/04-vms.tf b/04-vms.tf index a0460eb..3fcef0b 100644 --- a/04-vms.tf +++ b/04-vms.tf @@ -1,10 +1,10 @@ -resource "stackit_network_area_route" "vpn" { +/*resource "stackit_network_area_route" "vpn" { organization_id = var.stackit_organization_id - network_area_id = stackit_network_area.sna.network_area_id + network_area_id = local.sna_id prefix = "192.168.1.0/24" // network interface strongswan cloud appliance next_hop = "10.1.1.10" -} +}*/ resource "stackit_network_interface" "machine01_cloud01" { project_id = stackit_resourcemanager_project.cloud.project_id