Skip to content
This repository has been archived by the owner on May 13, 2024. It is now read-only.

Commit

Permalink
Fixed networking for bastion service
Browse files Browse the repository at this point in the history
  • Loading branch information
lfeldman committed Sep 20, 2021
1 parent a3ef7c2 commit 4c01c52
Show file tree
Hide file tree
Showing 5 changed files with 11 additions and 36 deletions.
9 changes: 5 additions & 4 deletions bastion.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,11 @@
## All rights reserved. The Universal Permissive License (UPL), Version 1.0 as shown at http://oss.oracle.com/licenses/upl

resource "oci_bastion_bastion" "bastion-service" {
count = var.use_private_subnet ? 1 : 0
bastion_type = "STANDARD"
compartment_id = var.compartment_ocid
target_subnet_id = oci_core_subnet.BastionSubnet[0].id
count = var.use_private_subnet ? 1 : 0
bastion_type = "STANDARD"
compartment_id = var.compartment_ocid
# target_subnet_id = oci_core_subnet.BastionSubnet[0].id
target_subnet_id = oci_core_subnet.CassandraSubnet.id
client_cidr_block_allow_list = ["0.0.0.0/0"]
name = "BastionService"
max_session_ttl_in_seconds = 1800
Expand Down
19 changes: 4 additions & 15 deletions network.tf
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ resource "oci_core_virtual_network" "CassandraVCN" {
defined_tags = { "${oci_identity_tag_namespace.ArchitectureCenterTagNamespace.name}.${oci_identity_tag.ArchitectureCenterTag.name}" = var.release }
}


############################################
# Create Internet Gateway
############################################
Expand All @@ -22,6 +23,7 @@ resource "oci_core_internet_gateway" "CassandraIG" {
defined_tags = { "${oci_identity_tag_namespace.ArchitectureCenterTagNamespace.name}.${oci_identity_tag.ArchitectureCenterTag.name}" = var.release }
}


############################################
# Create NAT Gateway
############################################
Expand All @@ -32,6 +34,7 @@ resource "oci_core_nat_gateway" "CassandraNATGW" {
defined_tags = { "${oci_identity_tag_namespace.ArchitectureCenterTagNamespace.name}.${oci_identity_tag.ArchitectureCenterTag.name}" = var.release }
}


############################################
# Create Route Table for Public Network
############################################
Expand All @@ -48,6 +51,7 @@ resource "oci_core_route_table" "CassandraPublicRT" {
defined_tags = { "${oci_identity_tag_namespace.ArchitectureCenterTagNamespace.name}.${oci_identity_tag.ArchitectureCenterTag.name}" = var.release }
}


############################################
# Create Route Table for Private Network
############################################
Expand Down Expand Up @@ -106,21 +110,6 @@ resource "oci_core_security_list" "CassandraSL" {
defined_tags = { "${oci_identity_tag_namespace.ArchitectureCenterTagNamespace.name}.${oci_identity_tag.ArchitectureCenterTag.name}" = var.release }
}

############################################
# Create Subnets
############################################
resource "oci_core_subnet" "BastionSubnet" {
count = var.use_private_subnet ? 1 : 0
cidr_block = var.bastion_subnet_cidr
display_name = "${var.label_prefix}BastionSubnet"
dns_label = "bastion"
security_list_ids = [oci_core_virtual_network.CassandraVCN.default_security_list_id, oci_core_security_list.CassandraSL.id]
compartment_id = var.compartment_ocid
vcn_id = oci_core_virtual_network.CassandraVCN.id
route_table_id = oci_core_route_table.CassandraPublicRT.id
dhcp_options_id = oci_core_virtual_network.CassandraVCN.default_dhcp_options_id
defined_tags = { "${oci_identity_tag_namespace.ArchitectureCenterTagNamespace.name}.${oci_identity_tag.ArchitectureCenterTag.name}" = var.release }
}

resource "oci_core_subnet" "CassandraSubnet" {
cidr_block = var.cassandra_subnet_cidr
Expand Down
11 changes: 0 additions & 11 deletions schema.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@ variableGroups:
variables:
- vcn_cidr
- cassandra_subnet_cidr
- bastion_subnet_cidr
- label_prefix

- title: Compute Optional Configuration
Expand Down Expand Up @@ -180,16 +179,6 @@ variables:
title: "Cassandra Subnet CIDR"
description: "Choose Public or Private Subnet CIDR for your Cassandra cluster deployment."

bastion_subnet_cidr:
type: string
visible:
and:
- use_private_subnet
required: false
pattern: "^(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9]).(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\/(3[0-2]|[1-2]?[0-9])$"
title: "Bastion Subnet CIDR"
description: "Choose Public Subnet CIDR for your Bastion deployment."

instance_os:
type: enum
required: false
Expand Down
2 changes: 1 addition & 1 deletion tags.tf
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ resource "oci_identity_tag" "ArchitectureCenterTag" {

validator {
validator_type = "ENUM"
values = ["release", "1.2"]
values = ["release", "1.3"]
}

provisioner "local-exec" {
Expand Down
6 changes: 1 addition & 5 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ variable "use_private_subnet" {

variable "release" {
description = "Reference Architecture Release (OCI Architecture Center)"
default = "1.2"
default = "1.3"
}

variable "instance_os" {
Expand Down Expand Up @@ -50,10 +50,6 @@ variable "vcn_cidr" {
default = "10.0.0.0/16"
}

variable "bastion_subnet_cidr" {
default = "10.0.1.0/24"
}

variable "cassandra_subnet_cidr" {
default = "10.0.2.0/24"
}
Expand Down

0 comments on commit 4c01c52

Please sign in to comment.