-
Notifications
You must be signed in to change notification settings - Fork 118
Allow VCN CIDR to be optional parameter #77
Comments
This is probably trickier to implement than one might think at first blush since each subnet has its own CIDR block, which needs to be a subset of the VCN CIDR. If we allow for arbitrary VCN CIDRs, each subnet will go from a known CIDR to having to dynamically calculate it by divide up the VCN's address range. Not impossible, though ;) |
Alternatively, instead of allowing the user to override a single vcn_cidr variable and leaving it to Terraform to make sense of, we could define a combined map variable that contains the default values for all the CIDRs in the network - the VCN and all the subnets. This would give the user complete control over the address space in the VCN, while still providing a sensible default e.g. :
|
That makes a lot of sense
…On Wed, Jan 3, 2018 at 9:50 PM, Jesse Millan ***@***.***> wrote:
Alternatively, instead of allowing the user to override a single vcn_cidr
variable and leaving it to Terraform to make sense of, we could define a
combined map variable that contains the *default* values for *all* the
CIDRs in the network - the VCN and all the subnets.
This would give the user complete control over the address space in the
VCN, while still providing a sensible default e.g. :
variable "network_cidrs" {
type = "map"
default = {
VCN-CIDR = "10.0.0.0/16"
etcdSubnetAD1 = "10.0.20.0/24"
etcdSubnetAD2 = "10.0.21.0/24"
etcdSubnetAD3 = "10.0.21.0/24"
masterSubnetAD1 = "10.0.30.0/24"
masterSubnetAD2 = "10.0.31.0/24"
masterSubnetAD3 = "10.0.32.0/24"
workerSubnetAD1 = "10.0.40.0/24"
workerSubnetAD2 = "10.0.41.0/24"
workerSubnetAD3 = "10.0.42.0/24"
...
}
—
You are receiving this because you were assigned.
Reply to this email directly, view it on GitHub
<#77 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AM5V-POYTUoAgq4og5NeaYLqu_mITln6ks5tHEqGgaJpZM4RREHZ>
.
|
FYI, this is would be the new default map:
The trick is that the address ranges (CIDRs) in the security lists, which are also defined in input variables, also need to mach this. For example, if a user overrode
Then, defaults like the following would become a problem unless the user was careful to override them e.g.
|
Create an optional parameter for VCN CIDR for the created VCN.
This would give users more flexibility to leverage VCN peering which requires non-overlapping VCN CIDRs.
The text was updated successfully, but these errors were encountered: