Open ajbeach2 opened 1 month ago
As written, the cloud foundation kit shared VPC does not work with private GKE cluster with NAT. After many hours of debugging:
https://github.com/terraform-google-modules/terraform-example-foundation/blob/5f1fd0f4104a47f8ce865caf3de3326f25c78324/3-networks-dual-svpc/modules/base_shared_vpc/main.tf#L46
This route scope tag prevents egress rules from applying. This needs to be be configurable at the module level so that NAT works with GKE autopiolot
TL;DR
As written, the cloud foundation kit shared VPC does not work with private GKE cluster with NAT. After many hours of debugging:
https://github.com/terraform-google-modules/terraform-example-foundation/blob/5f1fd0f4104a47f8ce865caf3de3326f25c78324/3-networks-dual-svpc/modules/base_shared_vpc/main.tf#L46
This route scope tag prevents egress rules from applying. This needs to be be configurable at the module level so that NAT works with GKE autopiolot