search

terraform-ibm-modules / terraform-ibm-landing-zone-vpc

Creates virtual servers across subnets in a single VPC connected by a single security group. Supports floating IP addresses and multiple load balancers.
Apache License 2.0
5 stars 13 forks source link

give the module user the ability to target a specific zone or zones #823

Open darrellschrag opened 1 month ago

darrellschrag commented 1 month ago

Description

The current module requires that if you add zones to your VPC elements (like subnets, etc.) you are required to add zones in order of 1,2,3. You cannot specify just zone 2 for example. With the introduction of inventory-sensitive server profiles in VPC (GPUs to be specific), customers may just target a zone that has available capacity. Therefore, this module needs to be able to specify a zone or set of zones that are all possible combinations of the available zones.

New or affected modules

terraform-ibm-landing-zone-vpc

By submitting this issue, you agree to follow our Code of Conduct

darrellschrag commented 1 month ago

This issue can be closed. You are able to accomplish the ask with the existing module.

ocofaigh commented 1 month ago

As per @toddgiguere :

if using landing-zone-vpc, you can deploy a single zone subnet like this, with public gateway (in this case only zone 2), just leave any zone with no subnets as an empty array:

module "slz_vpc" {
  source            = "../../"
  resource_group_id = module.resource_group.resource_group_id
  region            = var.region
  name              = "vpc"
  prefix            = var.prefix
  tags              = var.resource_tags
  subnets = {
    zone-1 = []
    zone-2 = [
      {
        name           = "subnet-a"
        cidr           = "10.10.10.0/24"
        public_gateway = true
        acl_name       = "vpc-acl"
      }
    ]
  }
  use_public_gateways = {
    zone-1 = false
    zone-2 = true
    zone-3 = false
  }
}
ocofaigh commented 1 month ago

I'm going to keep the issue open though, and see if we can make this more clear in one of the examples

darrellschrag commented 1 month ago

How about this one to add the ACL if needed. And add zone-3 to the subnets.

module "slz_vpc" {
  source            = "../../"
  resource_group_id = module.resource_group.resource_group_id
  region             = var.region
  name              = "vpc"
  prefix              = var.prefix
  tags                = var.resource_tags
  network_acls = [ {
        name = "my-acl"
       add_ibm_cloud_internal_rules = false
       add_vpc_connectivity_rules    = false
       prepend_ibm_rules                   = false
       rules = [ {
           name        = "inbound"
           action      = "allow"
           source      = "0.0.0.0/0"
           destination = "0.0.0.0/0"
           direction   = "inbound"
         },
         {
           name        = "outbound"
           action      = "allow"
           source      = "0.0.0.0/0"
           destination = "0.0.0.0/0"
           direction   = "outbound"
         }
       ]
  subnets         = {
    zone-1 = []
    zone-2 = [
      {
        name           = "subnet-a"
        cidr           = "10.10.10.0/24"
        public_gateway = true
        acl_name       = "my-acl"
      }
    ]
   zone-3 = []
  }
  use_public_gateways = {
    zone-1 = false
    zone-2 = true
    zone-3 = false
  }
}