Merge pull request #3021 from cdunbar13/experimental

Update to RDMA VPC for reducing repeated code

community/modules/network/rdma-vpc/README.md

@@ -45,9 +45,7 @@ No resources.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_additional_subnetworks"></a> [additional\_subnetworks](#input\_additional\_subnetworks) | DEPRECATED: please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions | `list(map(string))` | `null` | no |
 | <a name="input_allowed_ssh_ip_ranges"></a> [allowed\_ssh\_ip\_ranges](#input\_allowed\_ssh\_ip\_ranges) | A list of CIDR IP ranges from which to allow ssh access | `list(string)` | `[]` | no |
-| <a name="input_default_primary_subnetwork_size"></a> [default\_primary\_subnetwork\_size](#input\_default\_primary\_subnetwork\_size) | The size, in CIDR bits, of the default primary subnetwork unless explicitly defined in var.subnetworks | `number` | `15` | no |
 | <a name="input_delete_default_internet_gateway_routes"></a> [delete\_default\_internet\_gateway\_routes](#input\_delete\_default\_internet\_gateway\_routes) | If set, ensure that all routes within the network specified whose names begin with 'default-route' and with a next hop of 'default-internet-gateway' are deleted | `bool` | `false` | no |
 | <a name="input_deployment_name"></a> [deployment\_name](#input\_deployment\_name) | The name of the current deployment | `string` | n/a | yes |
 | <a name="input_enable_iap_rdp_ingress"></a> [enable\_iap\_rdp\_ingress](#input\_enable\_iap\_rdp\_ingress) | Enable a firewall rule to allow Windows Remote Desktop Protocol access using IAP tunnels | `bool` | `false` | no |
@@ -63,14 +61,12 @@ No resources.
 | <a name="input_network_name"></a> [network\_name](#input\_network\_name) | The name of the network to be created (if unsupplied, will default to "{deployment\_name}-net") | `string` | `null` | no |
 | <a name="input_network_profile"></a> [network\_profile](#input\_network\_profile) | Profile name for VPC configuration | `string` | `null` | no |
 | <a name="input_network_routing_mode"></a> [network\_routing\_mode](#input\_network\_routing\_mode) | The network routing mode (default "GLOBAL") | `string` | `"GLOBAL"` | no |
-| <a name="input_primary_subnetwork"></a> [primary\_subnetwork](#input\_primary\_subnetwork) | DEPRECATED: please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions | `map(string)` | `null` | no |
+| <a name="input_nic_type"></a> [nic\_type](#input\_nic\_type) | NIC type for use in modules that use the output | `string` | `null` | no |
 | <a name="input_project_id"></a> [project\_id](#input\_project\_id) | Project in which the HPC deployment will be created | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | The default region for Cloud resources | `string` | n/a | yes |
 | <a name="input_secondary_ranges"></a> [secondary\_ranges](#input\_secondary\_ranges) | Secondary ranges that will be used in some of the subnets. Please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions. | `map(list(object({ range_name = string, ip_cidr_range = string })))` | `{}` | no |
 | <a name="input_shared_vpc_host"></a> [shared\_vpc\_host](#input\_shared\_vpc\_host) | Makes this project a Shared VPC host if 'true' (default 'false') | `bool` | `false` | no |
-| <a name="input_subnetwork_name"></a> [subnetwork\_name](#input\_subnetwork\_name) | The name of the network to be created (if unsupplied, will default to "{deployment\_name}-primary-subnet") | `string` | `null` | no |
-| <a name="input_subnetwork_size"></a> [subnetwork\_size](#input\_subnetwork\_size) | DEPRECATED: please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions | `number` | `null` | no |
-| <a name="input_subnetworks"></a> [subnetworks](#input\_subnetworks) | List of subnetworks to create within the VPC. If left empty, it will be<br>replaced by a single, default subnetwork constructed from other parameters<br>(e.g. var.region). In all cases, the first subnetwork in the list is identified<br>by outputs as a "primary" subnetwork.<br><br>subnet\_name           (string, required, name of subnet)<br>subnet\_region         (string, required, region of subnet)<br>subnet\_ip             (string, mutually exclusive with new\_bits, CIDR-formatted IP range for subnetwork)<br>new\_bits              (number, mutually exclusive with subnet\_ip, CIDR bits used to calculate subnetwork range)<br>subnet\_private\_access (bool, optional, Enable Private Access on subnetwork)<br>subnet\_flow\_logs      (map(string), optional, Configure Flow Logs see terraform-google-network module)<br>description           (string, optional, Description of Network)<br>purpose               (string, optional, related to Load Balancing)<br>role                  (string, optional, related to Load Balancing) | `list(map(string))` | `[]` | no |
+| <a name="input_subnetworks_template"></a> [subnetworks\_template](#input\_subnetworks\_template) | Rules for creating subnetworks within the VPC | <pre>object({<br>    count          = number<br>    name_prefix    = string<br>    ip_range       = string<br>    region         = string<br>    private_access = optional(bool)<br>  })</pre> | <pre>{<br>  "count": 8,<br>  "ip_range": "192.168.0.0/16",<br>  "name_prefix": "subnet",<br>  "region": null<br>}</pre> | no |
 
 ## Outputs
 
@@ -79,9 +75,6 @@ No resources.
 | <a name="output_network_id"></a> [network\_id](#output\_network\_id) | ID of the new VPC network |
 | <a name="output_network_name"></a> [network\_name](#output\_network\_name) | Name of the new VPC network |
 | <a name="output_network_self_link"></a> [network\_self\_link](#output\_network\_self\_link) | Self link of the new VPC network |
-| <a name="output_subnetwork"></a> [subnetwork](#output\_subnetwork) | Primary subnetwork object |
-| <a name="output_subnetwork_address"></a> [subnetwork\_address](#output\_subnetwork\_address) | IP address range of the primary subnetwork |
-| <a name="output_subnetwork_name"></a> [subnetwork\_name](#output\_subnetwork\_name) | Name of the primary subnetwork |
-| <a name="output_subnetwork_self_link"></a> [subnetwork\_self\_link](#output\_subnetwork\_self\_link) | Self link of the primary subnetwork |
+| <a name="output_subnetwork_interfaces"></a> [subnetwork\_interfaces](#output\_subnetwork\_interfaces) | Full list of subnetwork objects belonging to the new VPC network (compatible with vm-instance) |
 | <a name="output_subnetworks"></a> [subnetworks](#output\_subnetworks) | Full list of subnetwork objects belonging to the new VPC network |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

community/modules/network/rdma-vpc/main.tf

@@ -15,55 +15,19 @@
 */
 
 locals {
-  autoname        = replace(var.deployment_name, "_", "-")
-  network_name    = var.network_name == null ? "${local.autoname}-net" : var.network_name
-  subnetwork_name = var.subnetwork_name == null ? "${local.autoname}-primary-subnet" : var.subnetwork_name
+  autoname     = replace(var.deployment_name, "_", "-")
+  network_name = var.network_name == null ? "${local.autoname}-net" : var.network_name
 
-  # define a default subnetwork for cases in which no explicit subnetworks are
-  # defined in var.subnetworks
-  default_primary_subnetwork_cidr_block = cidrsubnet(var.network_address_range, var.default_primary_subnetwork_size, 0)
-  default_primary_subnetwork = {
-    subnet_name           = local.subnetwork_name
-    subnet_ip             = local.default_primary_subnetwork_cidr_block
-    subnet_region         = var.region
-    subnet_private_access = true
-    subnet_flow_logs      = false
-    description           = "primary subnetwork in ${local.network_name}"
-    purpose               = null
-    role                  = null
-  }
-
-  # Identify user-supplied primary subnetwork
-  # (1) explicit var.subnetworks[0]
-  # (2) implicit local default subnetwork
-  input_primary_subnetwork = coalesce(try(var.subnetworks[0], null), local.default_primary_subnetwork)
-
-  # Identify user-supplied additional subnetworks
-  # (1) explicit var.subnetworks[1:end]
-  # (2) empty list
-  input_additional_subnetworks = try(slice(var.subnetworks, 1, length(var.subnetworks)), [])
-
-  # at this point we have constructed a list of subnetworks but need to extract
-  # user-provided CIDR blocks or calculate them from user-provided new_bits
-  # after we complete deprecation, local.all_subnetworks can be replaced with
-  # var.subnetworks (or local.default_primary_subnetwork if that is null)
-  input_subnetworks = concat([local.input_primary_subnetwork], local.input_additional_subnetworks)
-  subnetworks_cidr_blocks = try(
-    local.input_subnetworks[*]["subnet_ip"],
-    cidrsubnets(var.network_address_range, local.input_subnetworks[*]["new_bits"]...)
-  )
-
-  # merge in the CIDR blocks (even when already there) and remove new_bits
-  subnetworks = [for i, subnet in local.input_subnetworks :
-    merge({ for k, v in subnet : k => v if k != "new_bits" }, { "subnet_ip" = local.subnetworks_cidr_blocks[i] })
+  new_bits = ceil(log(var.subnetworks_template.count, 2))
+  template_subnetworks = [for i in range(var.subnetworks_template.count) :
+    {
+      subnet_name           = "${var.subnetworks_template.name_prefix}-${i}"
+      subnet_region         = try(var.subnetworks_template.region, var.region)
+      subnet_ip             = cidrsubnet(var.subnetworks_template.ip_range, local.new_bits, i)
+      subnet_private_access = coalesce(var.subnetworks_template.private_access, false)
+    }
   ]
 
-  # this comprehension should have 1 and only 1 match
-  output_primary_subnetwork               = one([for k, v in module.vpc.subnets : v if k == "${local.subnetworks[0].subnet_region}/${local.subnetworks[0].subnet_name}"])
-  output_primary_subnetwork_name          = local.output_primary_subnetwork.name
-  output_primary_subnetwork_self_link     = local.output_primary_subnetwork.self_link
-  output_primary_subnetwork_ip_cidr_range = local.output_primary_subnetwork.ip_cidr_range
-
   iap_ports = distinct(concat(compact([
     var.enable_iap_rdp_ingress ? "3389" : "",
     var.enable_iap_ssh_ingress ? "22" : "",
@@ -144,6 +108,23 @@ locals {
     var.enable_internal_traffic ? [local.allow_internal_traffic] : [],
     length(local.iap_ports) > 0 ? [local.allow_iap_ingress] : []
   )
+
+  url_parts    = split("/", var.network_profile)
+  profile_name = upper(element(local.url_parts, length(local.url_parts) - 1))
+  output_subnets = [
+    for subnet in module.vpc.subnets : {
+      network            = null
+      subnetwork         = subnet.self_link
+      subnetwork_project = null # will populate from subnetwork_self_link
+      network_ip         = null
+      nic_type           = coalesce(var.nic_type, try(regex("IRDMA", local.profile_name), regex("MRDMA", local.profile_name), "RDMA"))
+      stack_type         = null
+      queue_count        = null
+      access_config      = []
+      ipv6_access_config = []
+      alias_ip_range     = []
+    }
+  ]
 }
 
 module "vpc" {
@@ -152,7 +133,7 @@ module "vpc" {
   network_name                           = local.network_name
   project_id                             = var.project_id
   auto_create_subnetworks                = false
-  subnets                                = local.subnetworks
+  subnets                                = local.template_subnetworks
   secondary_ranges                       = var.secondary_ranges
   routing_mode                           = var.network_routing_mode
   mtu                                    = var.mtu

community/modules/network/rdma-vpc/outputs.tf

@@ -38,26 +38,8 @@ output "subnetworks" {
   depends_on  = [module.vpc]
 }
 
-output "subnetwork" {
-  description = "Primary subnetwork object"
-  value       = local.output_primary_subnetwork
-  depends_on  = [module.vpc]
-}
-
-output "subnetwork_name" {
-  description = "Name of the primary subnetwork"
-  value       = local.output_primary_subnetwork_name
-  depends_on  = [module.vpc]
-}
-
-output "subnetwork_self_link" {
-  description = "Self link of the primary subnetwork"
-  value       = local.output_primary_subnetwork_self_link
-  depends_on  = [module.vpc]
-}
-
-output "subnetwork_address" {
-  description = "IP address range of the primary subnetwork"
-  value       = local.output_primary_subnetwork_ip_cidr_range
+output "subnetwork_interfaces" {
+  description = "Full list of subnetwork objects belonging to the new VPC network (compatible with vm-instance)"
+  value       = local.output_subnets
   depends_on  = [module.vpc]
 }

community/modules/network/rdma-vpc/variables.tf

@@ -25,29 +25,6 @@ variable "network_name" {
   default     = null
 }
 
-variable "subnetwork_name" {
-  description = "The name of the network to be created (if unsupplied, will default to \"{deployment_name}-primary-subnet\")"
-  type        = string
-  default     = null
-}
-
-# tflint-ignore: terraform_unused_declarations
-variable "subnetwork_size" {
-  description = "DEPRECATED: please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions"
-  type        = number
-  default     = null
-  validation {
-    condition     = var.subnetwork_size == null
-    error_message = "subnetwork_size is deprecated. Please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions."
-  }
-}
-
-variable "default_primary_subnetwork_size" {
-  description = "The size, in CIDR bits, of the default primary subnetwork unless explicitly defined in var.subnetworks"
-  type        = number
-  default     = 15
-}
-
 variable "region" {
   description = "The default region for Cloud resources"
   type        = string
@@ -75,68 +52,21 @@ variable "mtu" {
   default     = 8896
 }
 
-variable "subnetworks" {
-  description = <<-EOT
-  List of subnetworks to create within the VPC. If left empty, it will be
-  replaced by a single, default subnetwork constructed from other parameters
-  (e.g. var.region). In all cases, the first subnetwork in the list is identified
-  by outputs as a "primary" subnetwork.
-
-  subnet_name           (string, required, name of subnet)
-  subnet_region         (string, required, region of subnet)
-  subnet_ip             (string, mutually exclusive with new_bits, CIDR-formatted IP range for subnetwork)
-  new_bits              (number, mutually exclusive with subnet_ip, CIDR bits used to calculate subnetwork range)
-  subnet_private_access (bool, optional, Enable Private Access on subnetwork)
-  subnet_flow_logs      (map(string), optional, Configure Flow Logs see terraform-google-network module)
-  description           (string, optional, Description of Network)
-  purpose               (string, optional, related to Load Balancing)
-  role                  (string, optional, related to Load Balancing)
-  EOT
-  type        = list(map(string))
-  default     = []
-  validation {
-    condition = alltrue([
-      for s in var.subnetworks : can(s["subnet_name"])
-    ])
-    error_message = "All subnetworks must define \"subnet_name\"."
-  }
-  validation {
-    condition = alltrue([
-      for s in var.subnetworks : can(s["subnet_region"])
-    ])
-    error_message = "All subnetworks must define \"subnet_region\"."
-  }
-  validation {
-    condition = alltrue([
-      for s in var.subnetworks : can(s["subnet_ip"]) != can(s["new_bits"])
-    ])
-    error_message = "All subnetworks must define exactly one of \"subnet_ip\" or \"new_bits\"."
-  }
-  validation {
-    condition     = alltrue([for s in var.subnetworks : can(s["subnet_ip"])]) || alltrue([for s in var.subnetworks : can(s["new_bits"])])
-    error_message = "All subnetworks must make same choice of \"subnet_ip\" or \"new_bits\"."
-  }
-}
-
-# tflint-ignore: terraform_unused_declarations
-variable "primary_subnetwork" {
-  description = "DEPRECATED: please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions"
-  type        = map(string)
-  default     = null
-  validation {
-    condition     = var.primary_subnetwork == null
-    error_message = "primary_subnetwork is deprecated. Please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions."
-  }
-}
-
-# tflint-ignore: terraform_unused_declarations
-variable "additional_subnetworks" {
-  description = "DEPRECATED: please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions"
-  type        = list(map(string))
-  default     = null
-  validation {
-    condition     = var.additional_subnetworks == null
-    error_message = "additional_subnetworks is deprecated. Please see https://goo.gle/hpc-toolkit-vpc-deprecation for migration instructions."
+variable "subnetworks_template" {
+  # TODO: Add validation and improve description
+  description = "Rules for creating subnetworks within the VPC"
+  type = object({
+    count          = number
+    name_prefix    = string
+    ip_range       = string
+    region         = string
+    private_access = optional(bool)
+  })
+  default = {
+    count       = 8
+    name_prefix = "subnet"
+    ip_range    = "192.168.0.0/16"
+    region      = null
   }
 }
 
@@ -244,3 +174,9 @@ variable "network_profile" {
   type        = string
   default     = null
 }
+
+variable "nic_type" {
+  description = "NIC type for use in modules that use the output"
+  type        = string
+  default     = null
+}