generated from equinix-labs/terraform-equinix-template
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
new example for metal service token a-side to gcp redundant connectio…
…n end-to-end solution
- Loading branch information
Oscar Cobles
committed
Jul 22, 2022
1 parent
7ce2dc6
commit 1277dcc
Showing
7 changed files
with
233 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| # Complete Equinix Metal connection (a-side) to GCP (Google Cloud) | ||
|
|
||
| ~> Equinix Metal connection with automated `a_side` service token is not generally available and may not be enabled yet for your organization. | ||
|
|
||
| ~> This example is based on the Google Cloud topology to [establish 99.9% availability for Dedicated Interconnect](https://cloud.google.com/network-connectivity/docs/interconnect/tutorials/dedicated-creating-999-availability) where we configure two VLAN attachments in a single Google Cloud region, in separate edge availability domains (metro availability zones) and using a single cloud router. | ||
|
|
||
| This example demonstrates usage of the Equinix Connection GCP module to establish two Equinix Fabric L2 Connection from Equinix Metal (a-side) to GCP Interconnect using a redundant [A-Side Token](https://docs.equinix.com/en-us/Content/Interconnection/Fabric/service%20tokens/Fabric-Service-Tokens.htm). | ||
| It will: | ||
|
|
||
| - Use an existing Equinix Metal project an existing Google Cloud project. | ||
| - Create an Equinix Metal VLAN in selected metro Silicon Valley (SV). | ||
| - Request an Equinix Metal shared redundant connection in SV. | ||
| - Attach the Equinix Metal VLAN to the Virtual Circuit created for the Equinix Metal connection. | ||
| - Create a Google Cloud Router. | ||
| - Create a Google Cloud Interconnect/VLAN Attachment. | ||
| - Provision two Equinix Fabric l2 connection for Google Cloud service profile with specified bandwidth and private peering. | ||
| - Finish setting up BGP configuration on GCP side. | ||
|
|
||
| ## Usage | ||
|
|
||
| To provision this example, you should clone the github repository and run terraform from within this directory: | ||
|
|
||
| ```bash | ||
| git clone https://github.com/equinix-labs/terraform-equinix-fabric-connection-gcp.git | ||
| cd terraform-equinix-fabric-connection-gcp/examples/service-token-metal-to-gcp-connection | ||
| terraform init | ||
| terraform apply | ||
| ``` | ||
|
|
||
| Note that this example may create resources which cost money. Run 'terraform destroy' when you don't need these resources. | ||
|
|
||
| ## Variables | ||
|
|
||
| See <https://registry.terraform.io/modules/equinix-labs/fabric-connection-gcp/equinix/latest/examples/service-token-metal-to-gcp-connection?tab=inputs> for a description of all variables. | ||
|
|
||
| ## Outputs | ||
|
|
||
| See <https://registry.terraform.io/modules/equinix-labs/fabric-connection-gcp/equinix/latest/examples/service-token-metal-to-gcp-connection?tab=outputs> for a description of all outputs. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| # Configure the Equinix Provider | ||
| # Please refer to provider documentation for details on supported authentication methods and parameters. | ||
| # https://registry.terraform.io/providers/equinix/equinix/latest/docs | ||
| provider "equinix" { | ||
| client_id = var.equinix_provider_client_id | ||
| client_secret = var.equinix_provider_client_secret | ||
| } | ||
|
|
||
| # Configure the Google Cloud Platform Provider | ||
| # https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/getting_started#adding-credentials | ||
| provider "google" { | ||
| project = var.gcp_project | ||
| region = var.gcp_region | ||
| } | ||
|
|
||
| ## Retrieve an existing equinix metal project | ||
| ## If you prefer you can use resource equinix_metal_project instead to create a fresh project | ||
| data "equinix_metal_project" "this" { | ||
| project_id = var.metal_project_id | ||
| } | ||
|
|
||
| locals { | ||
| connection_name = format("conn-metal-gcp-%s", lower(var.fabric_destination_metro_code)) | ||
| } | ||
|
|
||
| # Create a new VLAN in Frankfurt | ||
| resource "equinix_metal_vlan" "this" { | ||
| description = format("VLAN in %s", var.fabric_destination_metro_code) | ||
| metro = var.fabric_destination_metro_code | ||
| project_id = data.equinix_metal_project.this.project_id | ||
| } | ||
|
|
||
| ## Request a connection service token in Equinix Metal | ||
| resource "equinix_metal_connection" "this" { | ||
| name = local.connection_name | ||
| project_id = data.equinix_metal_project.this.project_id | ||
| metro = var.fabric_destination_metro_code | ||
| redundancy = var.redundancy_type == "SINGLE" ? "primary" : "redundant" | ||
| type = "shared" | ||
| service_token_type = "a_side" | ||
| description = format("connection to GCP in %s", var.fabric_destination_metro_code) | ||
| speed = format("%dMbps", var.fabric_speed) | ||
| vlans = [equinix_metal_vlan.this.vxlan] | ||
| } | ||
|
|
||
| ## Configure the Equinix Fabric connection from Equinix Metal to GCP using the metal connection service token | ||
| module "equinix-fabric-connection-gcp-primary" { | ||
| source = "equinix-labs/fabric-connection-gcp/equinix" | ||
|
|
||
| fabric_notification_users = var.fabric_notification_users | ||
| fabric_connection_name = local.connection_name | ||
| fabric_destination_metro_code = var.fabric_destination_metro_code | ||
| fabric_speed = var.fabric_speed | ||
| fabric_service_token_id = equinix_metal_connection.this.service_tokens.0.id | ||
|
|
||
| # gcp_project = var.gcp_project_name // if unspecified, the project configured in the provided block will be used | ||
| gcp_availability_domain = 1 | ||
|
|
||
| gcp_gcloud_skip_download = false | ||
| platform = var.platform | ||
|
|
||
| ## BGP config | ||
| gcp_configure_bgp = true | ||
| # gcp_interconnect_customer_asn = // If unspecified, default value "65000" will be used | ||
| } | ||
|
|
||
| ## If redundancy_type is REDUNDANT, configure a secondary Equinix Fabric connection from Equinix Metal to GCP | ||
| ## using the metal connection service token | ||
| module "equinix-fabric-connection-gcp-secondary" { | ||
| source = "equinix-labs/fabric-connection-gcp/equinix" | ||
|
|
||
| count = var.redundancy_type == "REDUNDANT" ? 1 : 0 | ||
|
|
||
| fabric_notification_users = var.fabric_notification_users | ||
| fabric_connection_name = local.connection_name | ||
| fabric_destination_metro_code = var.fabric_destination_metro_code | ||
| fabric_speed = var.fabric_speed | ||
| fabric_service_token_id = equinix_metal_connection.this.service_tokens.1.id | ||
|
|
||
| gcp_availability_domain = 2 | ||
| gcp_compute_create_router = false // we use the same cloud router of the primary connection | ||
| gcp_compute_router_name = module.equinix-fabric-connection-gcp-primary.gcp_cloud_router_name | ||
|
|
||
| gcp_gcloud_skip_download = true | ||
| platform = var.platform | ||
|
|
||
| ## BGP config | ||
| gcp_configure_bgp = true | ||
| # gcp_interconnect_customer_asn = // If unspecified, default value "65000" will be used | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| output "connection_primary_details" { | ||
| value = module.equinix-fabric-connection-gcp-primary | ||
| } | ||
|
|
||
| output "connection_secondary_details" { | ||
| value = var.redundancy_type == "REDUNDANT" ? module.equinix-fabric-connection-gcp-secondary : null | ||
| } |
77 changes: 77 additions & 0 deletions
77
examples/service-token-metal-to-gcp-connection/variables.tf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,77 @@ | ||
| variable "equinix_provider_client_id" { | ||
| type = string | ||
| description = <<EOF | ||
| API Consumer Key available under 'My Apps' in developer portal. This argument can also be specified with the | ||
| EQUINIX_API_CLIENTID shell environment variable. | ||
| EOF | ||
| default = null | ||
| } | ||
|
|
||
| variable "equinix_provider_client_secret" { | ||
| type = string | ||
| description = <<EOF | ||
| API Consumer secret available under 'My Apps' in developer portal. This argument can also be specified with the | ||
| EQUINIX_API_CLIENTSECRET shell environment variable. | ||
| EOF | ||
| default = null | ||
| } | ||
|
|
||
| variable "gcp_project" { | ||
| type = string | ||
| description = "(Required) Name of the GCP project to manage resources in." | ||
| } | ||
|
|
||
| variable "gcp_region" { | ||
| type = string | ||
| description = <<EOF | ||
| The region in which the GCP resources and the Equinix port for GCP resides, i.e. 'us-west2'. If unspecified, this | ||
| defaults to the region configured in the google provider. | ||
| NOTE: 'var.gcp_region' and 'var.fabric_destination_metro_code' must correspond to same location." | ||
| EOF | ||
| default = "us-west2" // Corresponds to Silicon Valley (SV) and Los Angeles (LA). | ||
| } | ||
|
|
||
| variable "metal_project_id" { | ||
| type = string | ||
| description = "ID of the project where the connection is scoped to, used to look up the project." | ||
| } | ||
|
|
||
| variable "fabric_notification_users" { | ||
| type = list(string) | ||
| description = "A list of email addresses used for sending connection update notifications." | ||
| default = ["[email protected]"] | ||
| } | ||
|
|
||
| variable "fabric_destination_metro_code" { | ||
| type = string | ||
| description = "Destination Metro code where the connection will be created." | ||
| default = "SV" // Corresponds to Silicon Valley | ||
| } | ||
|
|
||
| variable "fabric_speed" { | ||
| type = number | ||
| description = <<EOF | ||
| Speed/Bandwidth in Mbps to be allocated to the connection. If unspecified, it will be used the minimum | ||
| bandwidth available for the `Equinix Metal` service profile. Valid values are | ||
| (50, 100, 200, 500, 1000, 2000, 5000, 10000). | ||
| EOF | ||
| default = 50 | ||
| } | ||
|
|
||
| variable "redundancy_type" { | ||
| type = string | ||
| description = "Whether to create a 'SINGLE' connection or 'REDUNDANT'." | ||
| default = "REDUNDANT" | ||
| } | ||
|
|
||
| variable "platform" { | ||
| type = string | ||
| description = <<EOF | ||
| (Required) Platform this terraform module will run on. One of: linux, darwin. | ||
| NOTE: Configuration of the bgp customer ASN in google side is not directly supported with current google terraform | ||
| provider (v3.72.0). As a workaround this module take advantage of 'terraform-google-gcloud' module which allows use | ||
| gcloud. However, it is only available for `linux` and `darwin` based operating systems. | ||
| EOF | ||
| } |
14 changes: 14 additions & 0 deletions
14
examples/service-token-metal-to-gcp-connection/versions.tf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| terraform { | ||
| required_version = ">= 0.13" | ||
|
|
||
| required_providers { | ||
| equinix = { | ||
| source = "equinix/equinix" | ||
| version = ">= 1.7.0" | ||
| } | ||
| google = { | ||
| source = "hashicorp/google" | ||
| version = ">= 3.72.0" | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters