New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Addresses Issue #248 (Add Support for Exporting PUPIs - Network Peering Module) #255
Addresses Issue #248 (Add Support for Exporting PUPIs - Network Peering Module) #255
Conversation
…be imported/exported
Update from source
Thanks for the PR! 🚀 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's make the variable names and defaults match the provider.
A full match for the names doesn't make sense, given the provider handles one side of the connection, but the Network Peering module handles both sides. I'll match the naming convention of the other such variables in this module (introducing the interstitial "peer" or "local" designations). |
Good point, yes let's match the existing convention. |
Actually, for the default values, note that to make export_subnet_routes_with_public_ip true for both local and remote connections, we must negate the values for one side of the peering connection for it to match the provider defaults:
I believe this might actually prevent certain valid route imports/exports. I would imagine a prudent alternative would be to align the default values to the local peering, only, and acknowledge in the documentation that the remote peering (by default) will have exact-opposite-from-default controls for the subnet routes with public ips. Another alternative would be to have export_peer_subnet_routes_with_public_ip, import_peer_subnet_routes_with_public_ip, export_local_subnet_routes_with_public_ip, import_local_subnet_routes_with_public_ip, but this seems unnecessary given the problem this module seems to address (which is ostensibly to simplify creating the peering connection, and avoid partial configuration due to exported routes that are not imported on the other end). I will target the former option in an updated PR, but feel free to suggest a better approach. |
The former sounds good, thanks. Let's just document it clearly. |
I'm not sure why the lint trigger failed. The |
This introduces support for the export_subnet_routes_with_public_ip and import_subnet_routes_with_public_ip variables in the google_compute_network_peering resources. This is necessary when peering VPCs that are using Privately Used Public IPs (PUPIs) as the private subnet IPs.
Note - the defaults proposed in this PR are false for both variables, but the provider's default for export_subnet_routes_with_public_ip is true (the import variable is also set to false, by default, here); because these come in pairs (defining each end of the peering), and because the current Network Peering submodule doesn't override these defaults, it will cause each peering will attempt to export these subnets but neither peering will attempt to import them; not a problem, really, but the proposed solution also addresses this incongruence, by default.
Fixes #248