Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- resource "google_compute_network" "vpc" {
- name = "${var.cluster_name}-network"
- auto_create_subnetworks = false
- }
- data "null_data_source" "subnetwork_names" {
- inputs {
- secondary_nodes_subnetwork = "${var.cluster_name}-nodes-secondary"
- secondary_services_subnetwork = "${var.cluster_name}-svc-range-secondary"
- }
- }
- resource "google_compute_subnetwork" "k8snodes" {
- ip_cidr_range = "${var.cluster_nodes_cidr_block}"
- name = "${var.cluster_name}-nodes-subnetwork"
- network = "${google_compute_network.vpc.id}"
- private_ip_google_access = true
- secondary_ip_range {
- ip_cidr_range = "${var.cluster_nodes_secondary_cidr_block}"
- range_name = "${data.null_data_source.subnetwork_names.outputs["secondary_nodes_subnetwork"]}"
- }
- secondary_ip_range {
- ip_cidr_range = "${var.cluster_services_secondary_cidr_block}"
- range_name = "${data.null_data_source.subnetwork_names.outputs["secondary_services_subnetwork"]}"
- }
- }
- resource "google_compute_firewall" "allow_icmp_vpc_internal_egress" {
- name = "${var.cluster_name}-allow-icmp-egress"
- network = "${google_compute_network.vpc.self_link}"
- allow {
- protocol = "icmp"
- }
- direction = "EGRESS"
- destination_ranges = [
- "0.0.0.0/0",
- ]
- }
- resource "google_compute_firewall" "allow_icmp_vpc_internal_ingress" {
- name = "${var.cluster_name}-allow-icmp-ingress"
- network = "${google_compute_network.vpc.self_link}"
- allow {
- protocol = "icmp"
- }
- direction = "INGRESS"
- source_ranges = [
- "0.0.0.0/0",
- ]
- }
Add Comment
Please, Sign In to add comment
