Skip to content

alibabacloud-automation/terraform-alicloud-cen-cross-region-networking-between-local-idc-and-remote-vpc

BranchesTags

Repository files navigation

Terraform module to build cross-region network communication between different regions in the cloud and on-premises for Alibaba Cloud

terraform-alicloud-cen-cross-region-networking-between-local-idc-and-remote-vpc

English | 简体中文

This module focuses on instances of private network VPCs and dedicated line VBRs connected to a forwarding router, allowing for the creation of cross-region connections under the forwarding router and the allocation of bandwidth for these connections. This enables cross-region network communication between different regions in the cloud and on-premises. The overall solution is as follows:

  • Dedicated Line Access for IDC to Cloud: Connect the IDC (Internet Data Center) to Alibaba Cloud in Hangzhou via dedicated lines. To enhance redundancy, it is recommended to prioritize dual physical dedicated lines for the enterprise IDC and Alibaba Cloud POP point, and configure them as needed for either active-passive dual links or load-balanced redundancy, thereby improving the overall reliability of hybrid cloud connectivity.
  • Cross-Region on Cloud: Establish a cross-region connection between Alibaba Cloud Shanghai and Hangzhou through a TR (TransRegional) connection. Additionally, activate the CDT (Cross-Domain Traffic) bandwidth billed on a per-traffic basis to connect the Shanghai VPC with the Hangzhou IDC.

Architecture Diagram:

Architecture Diagram

Usage

create VPC in cn-beijing and VPC, VBRs in cn-hangzhou.

provider "alicloud" {
  alias  = "local_region"
  region = "cn-hangzhou"
}

provider "alicloud" {
  alias  = "remote_region"
  region = "cn-beijing"
}

data "alicloud_express_connect_physical_connections" "example" {
  provider   = alicloud.local_region
  name_regex = "^preserved-NODELETING"
}

module "complete" {
  source = "alibabacloud-automation/cen-cross-region-networking-between-local-idc-and-remote-vpc/alicloud"
  providers = {
    alicloud.local_region  = alicloud.local_region
    alicloud.remote_region = alicloud.remote_region
  }

  local_vpc_config = [{
    vpc = {
      cidr_block = "10.0.0.0/16"
    }
    vswitches = [{
      zone_id    = "cn-hangzhou-j"
      cidr_block = "10.0.1.0/24"
      }, {
      zone_id    = "cn-hangzhou-k"
      cidr_block = "10.0.2.0/24"
    }]
  }]


  local_vbr_config = [
    {
      vbr = {
        physical_connection_id     = data.alicloud_express_connect_physical_connections.example.connections[0].id
        vlan_id                    = 210
        local_gateway_ip           = "192.168.0.1"
        peer_gateway_ip            = "192.168.0.2"
        peering_subnet_mask        = "255.255.255.252"
        virtual_border_router_name = "vbr_1_name"
        description                = "vbr_1_description"
      },
      vbr_bgp_group = {
        peer_asn = 45000
      }
    },
    {
      vbr = {
        physical_connection_id     = data.alicloud_express_connect_physical_connections.example.connections[1].id
        vlan_id                    = 211
        local_gateway_ip           = "192.168.1.1"
        peer_gateway_ip            = "192.168.1.2"
        peering_subnet_mask        = "255.255.255.252"
        virtual_border_router_name = "vbr_2_name"
        description                = "vbr_2_description"
      },
      vbr_bgp_group = {
        peer_asn = 45000
      }
    }
  ]


  remote_vpc_config = [{
    vpc = {
      cidr_block = "10.1.0.0/16"
    }
    vswitches = [{
      zone_id    = "cn-beijing-j"
      cidr_block = "10.1.1.0/24"
      }, {
      zone_id    = "cn-beijing-k"
      cidr_block = "10.1.2.0/24"
    }]
  }]
}

Examples

Requirements

Name Version
terraform >= 0.13

Providers

Name Version
alicloud n/a
alicloud.local_region n/a
alicloud.remote_region n/a

Modules

Name Source Version
local_vbr ./modules/vbr n/a
local_vpc ./modules/vpc n/a
remote_vpc ./modules/vpc n/a

Resources

Name Type
alicloud_cen_instance.this resource
alicloud_cen_transit_router.tr_local resource
alicloud_cen_transit_router.tr_remote resource
alicloud_cen_transit_router_peer_attachment.this resource
alicloud_cen_transit_router_route_table_association.tr_local resource
alicloud_cen_transit_router_route_table_association.tr_remote resource
alicloud_cen_transit_router_route_table_propagation.tr_local resource
alicloud_cen_transit_router_route_table_propagation.tr_remote resource
alicloud_cen_transit_router_route_tables.tr_local data source
alicloud_cen_transit_router_route_tables.tr_remote data source
alicloud_regions.remote data source

Inputs

Name Description Type Default Required
cen_instance_config The parameters of cen instance. 
object({
    cen_instance_name = optional(string, "cen-cross-region")
    description       = optional(string, "CEN instance for cross-region connectivity")
  })
 {} no
local_tr_config The parameters of transit router. 
object({
    transit_router_name        = optional(string, "tr-local")
    transit_router_description = optional(string, null)
  })
 {} no
local_vbr_config The list parameters of local vbr resources. The attributes 'vbr', 'vbr_bgp_group' are required. 
list(object({
    vbr = object({
      physical_connection_id     = string
      vlan_id                    = number
      local_gateway_ip           = string
      peer_gateway_ip            = string
      peering_subnet_mask        = string
      virtual_border_router_name = optional(string, null)
      description                = optional(string, null)
    })
    tr_vbr_attachment = optional(object({
      transit_router_attachment_name        = optional(string, null)
      transit_router_attachment_description = optional(string, null)
      auto_publish_route_enabled            = optional(bool, true)
      route_table_propagation_enabled       = optional(bool, true)
      route_table_association_enabled       = optional(bool, true)
    }), {})
    vbr_health_check = optional(object({
      health_check_interval = optional(number, 2)
      healthy_threshold     = optional(number, 8)
    }), {})
    vbr_bgp_group = object({
      peer_asn       = string
      auth_key       = optional(string, null)
      bgp_group_name = optional(string, null)
    })
    vbr_bgp_peer = optional(object({
      bfd_multi_hop   = optional(number, 255)
      enable_bfd      = optional(bool, "false")
      ip_version      = optional(string, "IPV4")
      peer_ip_address = optional(string, null)
    }), {})
  }))
 [] no
local_vpc_config The parameters of local vpc resources. The attributes 'vpc', 'vswitches' are required. 
list(object({
    vpc = object({
      cidr_block = string
      vpc_name   = optional(string, null)
    })
    vswitches = list(object({
      zone_id      = string
      cidr_block   = string
      vswitch_name = optional(string, null)
    }))
    tr_vpc_attachment = optional(object({
      transit_router_attachment_name  = optional(string, null)
      auto_publish_route_enabled      = optional(bool, true)
      route_table_propagation_enabled = optional(bool, true)
      route_table_association_enabled = optional(bool, true)
    }), {})
  }))
 [] no
remote_tr_config The parameters of transit router. 
object({
    transit_router_name        = optional(string, "tr-remote")
    transit_router_description = optional(string, null)
  })
 {} no
remote_vpc_config The parameters of remote vpc resources. The attributes 'vpc', 'vswitches' are required. 
list(object({
    vpc = object({
      cidr_block = string
      vpc_name   = optional(string, null)
    })
    vswitches = list(object({
      zone_id      = string
      cidr_block   = string
      vswitch_name = optional(string, null)
    }))
    tr_vpc_attachment = optional(object({
      transit_router_attachment_name  = optional(string, null)
      auto_publish_route_enabled      = optional(bool, true)
      route_table_propagation_enabled = optional(bool, true)
      route_table_association_enabled = optional(bool, true)
    }), {})
  }))
 [] no
tr_peer_attachment The parameters of transit router peer attachment. 
object({
    transit_router_attachment_name  = optional(string, null)
    auto_publish_route_enabled      = optional(bool, true)
    route_table_propagation_enabled = optional(bool, true)
    route_table_association_enabled = optional(bool, true)
    bandwidth_type                  = optional(string, "DataTransfer")
    bandwidth                       = optional(number, 100)

  })
 {} no

Outputs

Name Description
cen_instance_id The id of CEN instance.
local_bgp_group_id The id of BGP group.
local_bgp_peer_id The id of BGP peer.
local_cen_transit_router_id The id of local CEN transit router.
local_health_check_id The id of health check.
local_tr_vbr_attachment_id The id of attachment bewteen TR and VBR.
local_tr_vpc_attachment_id The id of attachment between TR and local VPC.
local_vbr_id The id of VBR.
local_vbr_route_table_id The route table id of VBR.
local_vpc_id The local vpc id.
local_vpc_route_table_id The route table id of local vpc.
local_vswitch_ids The local ids of vswitches.
remote_cen_transit_router_id The id of remote CEN transit router.
remote_tr_vpc_attachment_id The id of attachment between TR and remote VPC.
remote_vpc_id The remote vpc id.
remote_vpc_route_table_id The route table id of remote vpc.
remote_vswitch_ids The remote ids of vswitches.
tr_peer_attachment_id The id of attachment between local TR and remote TR.

Submit Issues

If you have any problems when using this module, please opening a provider issue and let us know.

Note: There does not recommend opening an issue on this repo.

Authors

Created and maintained by Alibaba Cloud Terraform Team(terraform@alibabacloud.com).

License

MIT Licensed. See LICENSE for full details.

Reference

About

registry.terraform.io/modules/alibabacloud-automation/cen-cross-region-networking-between-local-idc-and-remote-vpc/alicloud/latest

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

v1.0.0 Latest
Dec 26, 2024

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages