feat adopt new DRG module (#546)

snafuz · web-flow · commit febc50e189b8 · 2022-07-30T00:59:11.000+10:00
* WIP - feat adopt new DRG module

* use new standalone DRG module
diff --git a/locals.tf b/locals.tf
@@ -9,4 +9,6 @@ locals {
   vcn_id       = var.create_vcn == true ? module.vcn[0].vcn_id : coalesce(var.vcn_id, data.oci_core_vcns.vcns[0].virtual_networks[0].id)
   ig_route_id  = var.create_vcn == true ? module.vcn[0].ig_route_id : coalesce(var.ig_route_table_id, data.oci_core_route_tables.ig[0].route_tables[0].id)
   nat_route_id = var.create_vcn == true ? module.vcn[0].nat_route_id : coalesce(var.nat_route_table_id, data.oci_core_route_tables.nat[0].route_tables[0].id)
+
+  validate_drg_input = var.create_drg && (var.drg_id != null) ? tobool("[ERROR]: create_drg variable can not be true if drg_id is provided.]") : true
 }
diff --git a/main.tf b/main.tf
@@ -3,7 +3,7 @@
 
 module "vcn" {
   source  = "oracle-terraform-modules/vcn/oci"
-  version = "3.4.0"
+  version = "3.5.0"
 
   # general oci parameters
   compartment_id = var.compartment_id
@@ -14,7 +14,7 @@ module "vcn" {
   create_nat_gateway       = var.worker_type == "private" || var.create_operator == true || (var.load_balancers == "internal" || var.load_balancers == "both") ? true : false
   create_service_gateway   = true
   nat_gateway_public_ip_id = var.nat_gateway_public_ip_id
-  create_drg               = var.create_drg
+  attached_drg_id          = var.drg_id != null ? var.drg_id : (var.create_drg ? module.drg[0].drg_id : null)
 
   # lpgs
   local_peering_gateways = var.local_peering_gateways
@@ -33,6 +33,29 @@ module "vcn" {
   count = var.create_vcn == true ? 1 : 0
 }
 
+module "drg" {
+
+  source  = "oracle-terraform-modules/drg/oci"
+  version = "1.0.3"
+
+  # general oci parameters
+  compartment_id = var.compartment_id
+  label_prefix   = var.label_prefix
+
+  # drg parameters
+  drg_display_name = var.drg_display_name
+  drg_vcn_attachments = { for k, v in module.vcn : k => {
+    # gets the vcn_id values dynamically from the vcn module 
+    vcn_id : v.vcn_id
+    vcn_transit_routing_rt_id : null
+    drg_route_table_id : null
+    }
+  }
+  # var.drg_id can either contain an existing DRG ID or be null. 
+  drg_id = var.drg_id
+
+  count = var.create_drg || var.drg_id != null ? 1 : 0
+}
 
 module "bastion" {
   source  = "oracle-terraform-modules/bastion/oci"
diff --git a/outputs.tf b/outputs.tf
@@ -43,6 +43,11 @@ output "vcn_id" {
   value       = local.vcn_id
 }
 
+output "drg_id" {
+  description = "ID of DRG. use this DRG id to add additional resources"
+  value       = var.create_drg || var.drg_id != null ? module.drg[0].drg_id : null
+}
+
 # convenient output
 
 output "bastion_public_ip" {
diff --git a/terraform.tfvars.example b/terraform.tfvars.example
@@ -34,16 +34,31 @@ ssh_private_key_path = "~/.ssh/id_rsa"
 # ssh_public_key_path = "~/.ssh/id_rsa.pub"
 
 # networking
-create_drg                   = false
-drg_display_name             = "drg"
-
-internet_gateway_route_rules = []
+create_drg       = false
+drg_display_name = "drg"
+drg_id           = null
+
+internet_gateway_route_rules = [
+#   {
+#     destination       = "192.168.0.0/16" # Route Rule Destination CIDR
+#     destination_type  = "CIDR_BLOCK"     # only CIDR_BLOCK is supported at the moment
+#     network_entity_id = "drg"            # for internet_gateway_route_rules input variable, you can use special strings "drg", "internet_gateway" or pass a valid OCID using string or any Named Values
+#     description       = "Terraformed - User added Routing Rule: To drg provided to this module. drg_id, if available, is automatically retrieved with keyword drg"
+#   },
+]
 
 local_peering_gateways = {}
 
 lockdown_default_seclist = true
 
-nat_gateway_route_rules = []
+nat_gateway_route_rules = [
+#   {
+#     destination       = "192.168.0.0/16" # Route Rule Destination CIDR
+#     destination_type  = "CIDR_BLOCK"     # only CIDR_BLOCK is supported at the moment
+#     network_entity_id = "drg"            # for nat_gateway_route_rules input variable, you can use special strings "drg", "nat_gateway" or pass a valid OCID using string or any Named Values
+#     description       = "Terraformed - User added Routing Rule: To drg provided to this module. drg_id, if available, is automatically retrieved with keyword drg"
+#   },
+]
 
 nat_gateway_public_ip_id = "none"
 
diff --git a/variables.tf b/variables.tf
@@ -147,6 +147,12 @@ variable "drg_display_name" {
   default     = "drg"
 }
 
+variable "drg_id"{
+  description = "ID of an external created Dynamic Routing Gateway to be attached to the VCN"
+  type = string
+  default = null
+}
+
 variable "internet_gateway_route_rules" {
   description = "(Updatable) List of routing rules to add to Internet Gateway Route Table"
   type        = list(map(string))

Original file line number	Diff line number	Diff line change
`@@ -9,4 +9,6 @@ locals {`
`9`	`9`	`vcn_id = var.create_vcn == true ? module.vcn[0].vcn_id : coalesce(var.vcn_id, data.oci_core_vcns.vcns[0].virtual_networks[0].id)`
`10`	`10`	`ig_route_id = var.create_vcn == true ? module.vcn[0].ig_route_id : coalesce(var.ig_route_table_id, data.oci_core_route_tables.ig[0].route_tables[0].id)`
`11`	`11`	`nat_route_id = var.create_vcn == true ? module.vcn[0].nat_route_id : coalesce(var.nat_route_table_id, data.oci_core_route_tables.nat[0].route_tables[0].id)`
	`12`	`+`
	`13`	`+ validate_drg_input = var.create_drg && (var.drg_id != null) ? tobool("[ERROR]: create_drg variable can not be true if drg_id is provided.]") : true`
`12`	`14`	`}`