search

equinix-labs / terraform-metal-vyos-router

Create an Edge Router on Equinix Metal
Apache License 2.0
5 stars 10 forks source link

Offer a submodule to optionally configure the Cisco 1000v on Network Edge #12

Open displague opened 2 years ago

displague commented 2 years ago

The readme currently starts with a premise that is likely no longer true:

This repo will allow you to deploy a VyOS router onto a baremetal node in Equinix Metal. It will then generate a config file to setup an IPSec tunnel with a Cisco 1000v from Equinix's Network Edge. As of now there is no way to fully automate the configuration of the router (That I've figured out). So we'll be doing a few steps by hand.

It should be possible to ssh into the router to configure the device. The credentials can be configured with the equinix_network_device. The device can be configured over ssh or through other means. The credentials for configuring the device can be sourced from terraform or user parameters.

We may not want to require the csr1000v configuration in this module, and instead offer an examples/csr1000v/ directory in this project demonstrating combined use. That could look something like this:

provider "equinix" {}

module "router" {
  source = "equinix/metal/vyos-router"
  ...
}

module "csr1000v" {
// https://registry.terraform.io/modules/equinix/csr1000v/equinix/latest
  source = "equinix/csr1000v/equinix"
  ...
}
module "ipsec" {
  // this module would configure ipsec on the csr1000v, and perhaps on the vyos router too
  source = "equinix/vyos-router/metal//modules/cisco-vpn"
  ... = module.cisco100v.the_address
  ... = module.cisco100v.the_credentials? (perhaps these should come from an independent source)
  ... = module.router.the_script_parameters
}
displague commented 1 year ago

Alternatively, the VyOS Network Edge VNF is now available. An example that connects a VyOS on Metal device to a NE VyOS device would provide a same <-> same experience where the distinguishing features could be discussed (and trialed) without changing much Terraform code.

These could be defined as compatible modules, taking the same arguments and offering the same outputs.

https://vyos.io/platforms/vyos-on-equinix-network-edge https://docs.equinix.com/en-us/Content/Interconnection/NE/deploy-guide/VyOS/NE-create-VyOS.htm?Highlight=vyos

A reasonable starting point, in that case, would be to create a terraform-equinix-vyos module, following the pattern of the other NE Terraform modules: https://github.com/equinix/terraform-provider-equinix/tree/main/examples/edge-networking