Google-Cloud-Platform

Terraform:設置對等連接時使用 exportCustomRoutes

  • November 13, 2020

我正在嘗試在 2 個 VPC 網路之間建立對等連接。

一個網路(中轉網路)配置靜態路由,我希望將這些路由傳播到對等網路。

這是一個例子:

...

data "google_compute_network" "transit-network" {
 project       = var.transit_project_id
 name = var.transit_network
}

resource "google_compute_network_peering" "to-transit" {
 name = "${var.project}-transit"
 network = "${google_compute_network.vpc_network.self_link}"
 peer_network = data.google_compute_network.transit-network.self_link
}

resource "google_compute_network_peering" "from-transit" {
 name = "transit-${var.project}"
 network = data.google_compute_network.transit-network.self_link
 peer_network = "${google_compute_network.vpc_network.self_link}"
}

...

我知道這只是通過 GCP 控制台,但是,我無法通過 terraform 找到方法。

從 API 看來,這是通過使用該欄位peering.exchangeSubnetRoutes

編輯:我找到了使用google-beta提供者的解決方案:

resource "google_compute_network_peering" "to-transit" {
 name = "${var.project}-transit"
 provider = "google-beta"
 network = "${google_compute_network.vpc_network.self_link}"
 peer_network = data.google_compute_network.transit-network.self_link
 import_custom_routes = true
}

resource "google_compute_network_peering" "from-transit" {
 name = "transit-${var.project}"
 provider = "google-beta"
 network = data.google_compute_network.transit-network.self_link
 peer_network = "${google_compute_network.vpc_network.self_link}"
 export_custom_routes = true
}

使用beta我可以指定的提供者import_custom_routesexport_custom_routes

謝謝!我已經在我的項目中檢查了您的解決方案,它對我有用,但語法略有改變:

resource "google_compute_network_peering" "vpc-network-to-transit-network" {
 provider             = google-beta
 name                 = "vpc-network-to-transit-network"
 network              = google_compute_network.vpc-network.self_link
 peer_network         = google_compute_network.transit-network.self_link 
 import_custom_routes = true
}

resource "google_compute_network_peering" "transit-network-to-vpc-network" {
 provider             = google-beta
 name                 = "transit-network-to-vpc-network"
 network              = google_compute_network.transit-network.self_link
 peer_network         = google_compute_network.vpc-network.self_link
 export_custom_routes = true
}


$ gcloud compute networks peerings list
NAME                            NETWORK          PEER_PROJECT  PEER_NETWORK     PEER_MTU  IMPORT_CUSTOM_ROUTES  EXPORT_CUSTOM_ROUTES  STATE   STATE_DETAILS
transit-network-to-vpc-network  transit-network  test-prj      vpc-network                False                 True                  ACTIVE  [2020-11-13T02:05:12.111-08:00]: Connected.
vpc-network-to-transit-network  vpc-network      test-prj      transit-network            True                  False                 ACTIVE  [2020-11-13T02:05:29.387-08:00]: Connected.

我使用了目前版本的 Terraform:

$ terraform version
Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/google v3.5.0
+ provider registry.terraform.io/hashicorp/google-beta v3.47.0

引用自:https://serverfault.com/questions/973381

相關問答

Google-Cloud-Platform

將 DNS 記錄分成同一域的多個區域

  • January 6, 2022
檢視問答
Google-Cloud-Platform

terraform apply error alreadyExists on untouched resources

  • December 3, 2021
檢視問答
Google-Cloud-Platform

在部分連接的網狀拓撲中對等的 VPC 的 Google Cloud 路由

  • November 29, 2021
檢視問答
Networking

(微)服務的 VPC 設置 - 共享 vs. 對等 vs. 一個項目 - 最佳實踐

  • May 19, 2021
檢視問答
Google-Cloud-Platform

gcloud 上的 Terraform:服務帳戶被禁止:使用者“系統:匿名”無法創建資源“服務帳戶”

  • April 8, 2021
檢視問答
Google-Cloud-Platform

GCP VPC 對等互連活動,連接測試正常,但任何請求(ssh、icmp…)超時

  • March 9, 2021
檢視問答