search

Eqix-ProjectX / network-builder-apac

module sets to buildup for network connectivity in Equinix platform
MIT License
0 stars 0 forks source link

leveraging EQ official module for aws-fcr connection #28

Open EQIX-TAM-JP opened 2 days ago

EQIX-TAM-JP commented 2 days ago

@vipin2060 https://registry.terraform.io/modules/equinix/fabric/equinix/latest/examples/cloud-router-2-aws-connection

suggested below

##vipin - module to spin up FCR
data "terraform_remote_state" "fcr_id" {
  backend = "remote"

  config = {
    organization = "EQIX_projectX"
    workspaces = {
      name = "network-apac"
    }
  }

module "cloud_router_aws_connection" {
  source = "equinix/fabric/equinix//modules/cloud-router-connection"

  connection_name      = var.connection_name
  connection_type      = var.connection_type
  notifications_type   = var.notifications_type
  notifications_emails = var.notifications_emails
  bandwidth             = var.bandwidth
  purchase_order_number = var.purchase_order_number

  #Aside
  aside_fcr_uuid = data.terraform_remote_state.fcr_id.outputs.fcr_id

  #Zside
  zside_ap_type               = "SP"
  zside_ap_authentication_key = var.authentication_key
  zside_ap_profile_type       = "L2_PROFILE"
  zside_location              = var.awslocation
  zside_seller_region         = var.seller_region
  zside_fabric_sp_name        = "AWS Direct Connect"
}

data "aws_dx_connection" "aws_connection" {
  name = var.connection_name
  depends_on = [
    module.cloud_router_aws_connection
  ]
}

resource "aws_dx_connection_confirmation" "confirmation" {
  connection_id = data.aws_dx_connection.aws_connection.id
}

resource "aws_dx_gateway" "aws_gateway" {
  depends_on = [
    module.cloud_router_aws_connection
  ]
  name            = var.aws_gateway_name
  amazon_side_asn = var.aws_gateway_asn
}

resource "aws_dx_private_virtual_interface" "aws_virtual_interface" {
  depends_on = [
    module.cloud_router_aws_connection,
    aws_dx_gateway.aws_gateway
  ]
  lifecycle {
    precondition {
      condition     = can(regex("^dxcon-*", data.aws_dx_connection.aws_connection.id))
      error_message = "connection must be ready before running"
    }
  }
  connection_id    = data.aws_dx_connection.aws_connection.id
  name             = var.aws_vif_name
  vlan             = data.aws_dx_connection.aws_connection.vlan_id
  address_family   = var.aws_vif_address_family
  bgp_asn          = var.aws_vif_bgp_asn
  amazon_address   = var.aws_vif_amazon_address
  customer_address = var.aws_vif_customer_address
  bgp_auth_key     = var.aws_vif_bgp_auth_key
  dx_gateway_id    = aws_dx_gateway.aws_gateway.id
}

#vipin - to create Layer 3 on BGP 
resource "equinix_fabric_routing_protocol" "L3_FCRSG_to_AWS_Equinixside" {
  connection_uuid = data.aws_dx_connection.aws_connection.id
  type            = "DIRECT"
  name            = var.routing_name_d
  direct_ipv4 {
    equinix_iface_ip = // use `cidrhost` buidin func instead of hardcode

  }
}

resource "equinix_fabric_routing_protocol" "L3_FCRSG_to_AWS_AWSside" {
  depends_on = [
    equinix_fabric_routing_protocol.L3_FCRSG_to_AWS_Equinixside
  ]
  connection_uuid = data.aws_dx_connection.aws_connection.id
  type            = "BGP"
  customer_asn    = var.aws_gateway_asn
  name            = var.routing_name_aws
  bgp_auth_key    = var.md5
  bgp_ipv4 {
    customer_peer_ip = // use `cidrhost` buidin func instead of hardcode
    enabled          = true
  }
}
EQIX-TAM-JP commented 2 days ago

there is a useful module for routing as well. we can make it more neat with it. https://registry.terraform.io/modules/equinix/fabric/equinix/latest/submodules/cloud-router-routing-protocols