CXF-83184: Adding NIMF-METAL-2-AWS Example (#57)

* CXF-83184: Adding NIMF Metal-2-AWS Example * chore: Updating variables.tf file name * feat: Adding metal provider examples for NIMF functionality * feat: Adding metal-connection sub-module and updating NIMF example with AWS provider * misc:Marking secrets variable as sensitive * misc:removing duplicate aws connection output * fix: Removing aside_ap_type variable and updating readme.md file * feat: Adding GHA workflow and Terratest for METAL-NIMF-2-AWS connection * CXF-83184: Adding NIMF Metal-2-AWS Example * chore: Updating variables.tf file name * feat: Adding metal provider examples for NIMF functionality * feat: Adding metal-connection sub-module and updating NIMF example with AWS provider * misc:Marking secrets variable as sensitive * misc:removing duplicate aws connection output * fix: Removing aside_ap_type variable and updating readme.md file * feat: Adding GHA workflow and Terratest for METAL-NIMF-2-AWS connection * fix: Refactoring NIMF terratests tp metal-nimf folder * fix:Adding env variables to NIMF workflow * fix:Adding on pull_request trigger in workflow * fix:Updating env variables names * fix:Updating connection_name as env variable * fix:Updating connection_name varaible with date format * fix:Adding set connection name step in workflow * fix:Updating set connection name steps in workflow * fix:Adding microseconds to connection name varaible * fix:Removing Set TF_VAR_connection_name secret step * fix:updating aws_vif_name in tfvars.example file * fix:updating workflow by removing node.js step * fix:removing pull_request trigger from workflow
equinix · Apr 5, 2024 · 6c2d64e · 6c2d64e
1 parent 3e42275
commit 6c2d64e
Show file tree

Hide file tree

Showing 13 changed files with 521 additions and 0 deletions.
diff --git a/.github/workflows/terratests-metal-nimf-suite.yaml b/.github/workflows/terratests-metal-nimf-suite.yaml
@@ -0,0 +1,51 @@
+name: terratests-metal-nimf-suite
+
+on:
+  workflow_dispatch:
+
+jobs:
+  setup-tests:
+    name: Setup NIMF DIGP Tests
+    runs-on: ubuntu-latest
+    env:
+      TF_VAR_equinix_client_id: ${{ secrets.EQUINIX_CLIENT_ID }}
+      TF_VAR_equinix_client_secret: ${{ secrets.EQUINIX_CLIENT_SECRET }}
+      TF_VAR_metal_auth_token: ${{ secrets.METAL_AUTH_TOKEN }}
+      TEST_DATA_PROD_METAL_NIMF_2_AWS_CONNECTION: ${{ secrets.TEST_DATA_PROD_METAL_NIMF_2_AWS_CONNECTION }}
+
+    steps:
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: './go.mod'
+        id: go
+
+      - name: Get dependencies
+        run: |
+          go mod download
+
+      - uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: ${{ matrix.terraform }}
+          terraform_wrapper: false
+
+      - name: Set Connection Name variable
+        run: echo "TF_VAR_connection_name=nimf_$(date +'%Y%m%d%H%M%S')" >> $GITHUB_ENV
+
+      - name: Setup Variables Files
+        run: |
+          echo $TEST_DATA_PROD_METAL_NIMF_2_AWS_CONNECTION >> "./examples/metal-nimf-2-aws-connection/terraform.tfvars.json"
+
+      - name: Run Go Tests
+        run:
+          go test ./tests/prod/metal-nimf -v -coverprofile coverage_metal_nimf_modules.txt -covermode=atomic -count 1 -parallel 8 -timeout 180m
+
+      - name: Upload test coverage to Codecov
+        if: ${{ always() }}
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          files: ./coverage_metal-nimf_modules.txt
diff --git a/examples/metal-nimf-2-aws-connection/README.md b/examples/metal-nimf-2-aws-connection/README.md
@@ -0,0 +1,13 @@
+# Metal to AWS Connection Example
+
+This example shows how to leverage the [Metal Connection Module](../../modules/metalconnection/README.md)
+to create a Fabric Connection from Equinix Metal to AWS.
+
+It leverages the Equinix Terraform Provider and the Metal Connection
+Module to setup the connection based on the parameters you have provided to this example; or based on the pattern
+you see used in this example it will allow you to create a more specific use case for your own needs.
+
+See example usage below for details on how to use this example.
+
+<!-- Begin Example Usage (Do not edit contents) -->
+<!-- End Example Usage -->
diff --git a/examples/metal-nimf-2-aws-connection/main.tf b/examples/metal-nimf-2-aws-connection/main.tf
@@ -0,0 +1,78 @@
+provider "equinix" {
+  client_id     = var.equinix_client_id
+  client_secret = var.equinix_client_secret
+  auth_token    = var.metal_auth_token
+}
+provider "aws" {
+  access_key = var.additional_info[0]["value"]
+  secret_key = var.additional_info[1]["value"]
+  region     = var.zside_seller_region
+}
+resource "equinix_metal_vlan" "vlan-server" {
+  description = "${var.metal_connection_metro} VLAN Server 1 to Cloud"
+  metro       = var.metal_connection_metro
+  project_id  = var.metal_project_id
+}
+resource "equinix_metal_connection" "metal-connection" {
+  name          = var.metal_connection_name
+  redundancy    = var.metal_connection_redundancy
+  speed         = var.metal_connection_speed
+  type          = var.metal_connection_type
+  project_id    = var.metal_project_id
+  metro         = var.metal_connection_metro
+  vlans         = [equinix_metal_vlan.vlan-server.vxlan]
+  contact_email = var.metal_contact_email
+}
+
+module "metal_2_aws_connection" {
+  source = "../../modules/metal-connection"
+
+  connection_name       = var.connection_name
+  connection_type       = var.connection_type
+  notifications_type    = var.notifications_type
+  notifications_emails  = var.notifications_emails
+  project_id            = var.project_id
+  additional_info       = var.additional_info
+  bandwidth             = var.bandwidth
+  purchase_order_number = var.purchase_order_number
+
+  aside_ap_authentication_key = equinix_metal_connection.metal-connection.authorization_code
+
+  zside_ap_type               = var.zside_ap_type
+  zside_ap_authentication_key = var.zside_ap_authentication_key
+  zside_seller_region         = var.zside_seller_region
+  zside_ap_profile_type       = var.zside_ap_profile_type
+  zside_location              = var.zside_location
+  zside_fabric_sp_name        = var.zside_fabric_sp_name
+}
+
+data "aws_dx_connection" "aws_connection" {
+  depends_on = [
+    module.metal_2_aws_connection
+  ]
+  name = var.connection_name
+}
+
+resource "aws_dx_gateway" "aws_gateway" {
+  depends_on = [
+    module.metal_2_aws_connection
+  ]
+  name            = var.aws_gateway_name
+  amazon_side_asn = var.aws_gateway_asn
+}
+
+resource "aws_dx_private_virtual_interface" "aws_virtual_interface" {
+  depends_on = [
+    module.metal_2_aws_connection,
+    aws_dx_gateway.aws_gateway
+  ]
+  connection_id    = data.aws_dx_connection.aws_connection.id
+  name             = var.aws_vif_name
+  vlan             = data.aws_dx_connection.aws_connection.vlan_id
+  address_family   = var.aws_vif_address_family
+  bgp_asn          = var.aws_vif_bgp_asn
+  amazon_address   = var.aws_vif_amazon_address
+  customer_address = var.aws_vif_customer_address
+  bgp_auth_key     = var.aws_vif_bgp_auth_key
+  dx_gateway_id    = aws_dx_gateway.aws_gateway.id
+}
diff --git a/examples/metal-nimf-2-aws-connection/outputs.tf b/examples/metal-nimf-2-aws-connection/outputs.tf
@@ -0,0 +1,15 @@
+output "metal_vlan_id" {
+  value = equinix_metal_vlan.vlan-server.id
+}
+output "metal_connection_id" {
+  value = equinix_metal_connection.metal-connection.id
+}
+output "metal_aws_connection_id" {
+  value = module.metal_2_aws_connection.primary_connection_id
+}
+output "aws_dx_gateway_id" {
+  value = aws_dx_gateway.aws_gateway.id
+}
+output "aws_interface_id" {
+  value = aws_dx_private_virtual_interface.aws_virtual_interface.id
+}
diff --git a/examples/metal-nimf-2-aws-connection/terraform.tfvars.example b/examples/metal-nimf-2-aws-connection/terraform.tfvars.example
@@ -0,0 +1,38 @@
+equinix_client_id      = "<MyEquinixClientId>"
+equinix_client_secret  = "<MyEquinixSecret>"
+metal_auth_token       = "<Metal_Auth_Token>"
+
+metal_connection_metro      = "ty"
+metal_project_id            = "<Metal_Project_ID>"
+metal_connection_name       = "Metal-NIMF-connection"
+metal_connection_redundancy = "primary"
+metal_connection_speed      = "50Mbps"
+metal_connection_type       = "shared_port_vlan"
+metal_contact_email         = "[email protected]"
+
+connection_name             = "Metal_2_AWS"
+connection_type             = "EVPL_VC"
+notifications_type          = "ALL"
+notifications_emails        = ["[email protected]"]
+bandwidth                   = 50
+purchase_order_number       = "1-323292"
+project_id                  = "<Project_ID>"
+zside_ap_type               = "SP"
+zside_ap_authentication_key = "<AWS Account Id>"
+zside_ap_profile_type       = "L2_PROFILE"
+zside_seller_region         = "us-west-1"
+zside_location              = "SV"
+zside_sp_name               = "AWS Direct Connect"
+additional_info = [
+  { key = "accessKey", value = "<aws_access_key>" },
+  { key = "secretKey", value = "<aws_secret_key>" }
+]
+
+aws_gateway_name         = "aws_gateway"
+aws_gateway_asn          = 64518
+aws_vif_name             = "aws_vif"
+aws_vif_address_family   = "ipv4"
+aws_vif_bgp_asn          = 64999
+aws_vif_amazon_address   = "169.254.0.1/30"
+aws_vif_customer_address = "169.254.0.2/30"
+aws_vif_bgp_auth_key     = "secret"
diff --git a/examples/metal-nimf-2-aws-connection/variables.tf b/examples/metal-nimf-2-aws-connection/variables.tf
@@ -0,0 +1,140 @@
+variable "equinix_client_id" {
+  description = "Equinix client ID (consumer key), obtained after registering app in the developer platform"
+  type        = string
+  sensitive   = true
+}
+variable "equinix_client_secret" {
+  description = "Equinix client secret ID (consumer secret), obtained after registering app in the developer platform"
+  type        = string
+  sensitive   = true
+}
+variable "metal_auth_token" {
+  description = "Equinix Metal Authentication API Token"
+  type        = string
+  sensitive   = true
+}
+variable "metal_connection_metro" {
+  description = "Metro where the connection will be created"
+  type        = string
+}
+variable "metal_project_id" {
+  description = "Metal Project Name"
+  type        = string
+}
+variable "metal_connection_name" {
+  description = "Metal Connection Name"
+  type        = string
+}
+variable "metal_connection_redundancy" {
+  description = "Metal Connection redundancy - redundant or primary"
+  type        = string
+}
+variable "metal_connection_speed" {
+  description = "Metal Connection speed - one of 50Mbps, 200Mbps, 500Mbps, 1Gbps, 2Gbps, 5Gbps, 10Gbps"
+  type        = string
+}
+variable "metal_connection_type" {
+  description = "Metal Connection type - dedicated , shared or shared_port_vlan"
+  type        = string
+}
+variable "metal_contact_email" {
+  description = "Preferred email used for communication"
+  type        = string
+}
+variable "connection_name" {
+  description = "Connection name. An alpha-numeric 24 characters string which can include only hyphens and underscores"
+  type        = string
+}
+variable "connection_type" {
+  description = "Defines the connection type like VG_VC, EVPL_VC, EPL_VC, EC_VC, IP_VC, ACCESS_EPL_VC"
+  type        = string
+}
+variable "notifications_type" {
+  description = "Notification Type - ALL is the only type currently supported"
+  type        = string
+  default     = "ALL"
+}
+variable "notifications_emails" {
+  description = "Array of contact emails"
+  type        = list(string)
+}
+variable "bandwidth" {
+  description = "Connection bandwidth in Mbps"
+  type        = number
+}
+variable "purchase_order_number" {
+  description = "Purchase order number"
+  type        = string
+  default     = ""
+}
+variable "project_id" {
+  description = "Equinix Fabric Project Id"
+  type        = string
+}
+variable "zside_ap_type" {
+  description = "Access point type - COLO, VD, VG, SP, IGW, SUBNET, GW"
+  type        = string
+}
+variable "zside_ap_authentication_key" {
+  description = "Authentication key for provider based connections"
+  type        = string
+  sensitive   = true
+}
+variable "zside_ap_profile_type" {
+  description = "Service profile type - L2_PROFILE, L3_PROFILE, ECIA_PROFILE, ECMC_PROFILE"
+  type        = string
+}
+variable "zside_fabric_sp_name" {
+  description = "Equinix Service Profile Name"
+  type        = string
+}
+variable "zside_seller_region" {
+  description = "Access point seller region"
+  type        = string
+}
+variable "zside_location" {
+  description = ""
+  type        = string
+}
+variable "additional_info" {
+  description = "Additional info parameters. It's a list of maps containing 'key' and 'value' keys with their corresponding values."
+  type        = list(object({ key = string, value = string }))
+  default     = []
+  sensitive   = true
+}
+variable "aws_vif_name" {
+  description = "The name for the virtual interface"
+  type        = string
+}
+variable "aws_vif_address_family" {
+  description = "The address family for the BGP peer. ipv4 or ipv6"
+  type        = string
+}
+variable "aws_vif_bgp_asn" {
+  description = "The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration"
+  type        = number
+}
+variable "aws_vif_amazon_address" {
+  description = "The IPv4 CIDR address to use to send traffic to Amazon. Required for IPv4 BGP peers"
+  type        = string
+  default     = ""
+}
+variable "aws_vif_customer_address" {
+  description = "The IPv4 CIDR destination address to which Amazon should send traffic. Required for IPv4 BGP peers"
+  type        = string
+  default     = ""
+}
+variable "aws_vif_bgp_auth_key" {
+  description = "The authentication key for BGP configuration"
+  type        =  string
+  default     = ""
+  sensitive   = true
+}
+variable "aws_gateway_name" {
+  description = "The name of the Gateway"
+  type        = string
+}
+variable "aws_gateway_asn" {
+  description = "The ASN to be configured on the Amazon side of the connection. The ASN must be in the private range of 64,512 to 65,534 or 4,200,000,000 to 4,294,967,294"
+  type        = number
+}
diff --git a/examples/metal-nimf-2-aws-connection/versions.tf b/examples/metal-nimf-2-aws-connection/versions.tf
@@ -0,0 +1,13 @@
+terraform {
+  required_version = ">= 1.5.4"
+  required_providers {
+    equinix = {
+      source  = "equinix/equinix"
+      version = ">= 1.34.0"
+    }
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}
diff --git a/modules/metal-connection/README.md b/modules/metal-connection/README.md
@@ -0,0 +1,10 @@
+# Metal Connection SubModule
+
+The Fabric Metal Connection SubModule will create a connection from Equinix Metal to the following Z-Side
+Access Points based on provided variable configuration:
+1. Fabric Service Profile - SP Access Point Type
+
+Please refer to the metal-* examples in this module's registry for more details on how to leverage the submodule.
+
+<!-- Begin Module Docs (Do not edit contents) -->
+<!-- End Example Usage -->