ahaw021/poc.tf

## poc.tf
provider "aws" {
  region = "us-east-1"
  # configure this as needed
}

data "aws_availability_zones" "_" {}

locals {

  large_subnets_netmask = 20 # 4,096 IPs
  small_subnets_netmask = 26 # 62 IPs

  kubernetes_nodes_subnets_prefix   = "kubernetes"
  kubernetes_ingress_subnets_prefix = "ingress"
  database_subnets_prefix           = "database"

  kubernetes_nodes_subnets_from_zones = [
    for zone in data.aws_availability_zones._.names :
    {
      name    = "${local.kubernetes_nodes_subnets_prefix}/az-${substr(zone, -1, 1)}"
      netmask = local.large_subnets_netmask
  }]

  kubernetes_ingress_subnets_from_zones = [
    for zone in data.aws_availability_zones._.names :
    {
      name    = "${local.kubernetes_ingress_subnets_prefix}/az-${substr(zone, -1, 1)}"
      netmask = local.small_subnets_netmask
  }]

  database_subnets_from_zones = [
    for zone in data.aws_availability_zones._.names :
    {
      name    = "${local.database_subnets_prefix}/az-${substr(zone, -1, 1)}"
      netmask = local.small_subnets_netmask
  }]

  # Not used for now, but uncomment to see how adding extra small-subnets works!
  # vpn_subnets_prefix       = "vpn"
  # vpn_subnets_from_zones = [
  #   for zone in data.aws_availability_zones._.names :
  #   {
  #     name    = "${local.vpn_subnets_prefix}/az-${substr(zone, -1, 1)}"
  #     netmask = local.small_subnets_netmask
  # }]

}

module "large_subnets" {
  source          = "drewmullen/subnets/cidr"
  version         = "1.0.2"
  base_cidr_block = "10.20.0.0/16"

  networks = concat(
    # Add reserved subnets first!
    [{
      name    = "reserved/small-subnets"
      netmask = local.large_subnets_netmask
    }],
    # k8s node networks dynamically allocated
    local.kubernetes_nodes_subnets_from_zones
  )
}

module "small_subnets" {
  source  = "drewmullen/subnets/cidr"
  version = "1.0.2"
  # The CIDR is the first subdivided large-networks
  base_cidr_block = module.large_subnets.grouped_by_separator.reserved.small-subnets
  # add extra networks at the end to ensure that existing allocations are not over-written
  networks = concat(
    local.kubernetes_ingress_subnets_from_zones,
    local.database_subnets_from_zones,
    # uncomment the following to see how small-subnets expansion works.
    # local.vpn_subnets_from_zones
  )
}

output "large_subnets_from_zones" {
  value = module.large_subnets.grouped_by_separator
}

output "small_subnets_from_zones" {
  value = module.small_subnets.grouped_by_separator
}
	provider "aws" {
	region = "us-east-1"
	# configure this as needed
	}

	data "aws_availability_zones" "_" {}

	locals {

	large_subnets_netmask = 20 # 4,096 IPs
	small_subnets_netmask = 26 # 62 IPs

	kubernetes_nodes_subnets_prefix = "kubernetes"
	kubernetes_ingress_subnets_prefix = "ingress"
	database_subnets_prefix = "database"

	kubernetes_nodes_subnets_from_zones = [
	for zone in data.aws_availability_zones._.names :
	{
	name = "${local.kubernetes_nodes_subnets_prefix}/az-${substr(zone, -1, 1)}"
	netmask = local.large_subnets_netmask
	}]

	kubernetes_ingress_subnets_from_zones = [
	for zone in data.aws_availability_zones._.names :
	{
	name = "${local.kubernetes_ingress_subnets_prefix}/az-${substr(zone, -1, 1)}"
	netmask = local.small_subnets_netmask
	}]

	database_subnets_from_zones = [
	for zone in data.aws_availability_zones._.names :
	{
	name = "${local.database_subnets_prefix}/az-${substr(zone, -1, 1)}"
	netmask = local.small_subnets_netmask
	}]

	# Not used for now, but uncomment to see how adding extra small-subnets works!
	# vpn_subnets_prefix = "vpn"
	# vpn_subnets_from_zones = [
	# for zone in data.aws_availability_zones._.names :
	# {
	# name = "${local.vpn_subnets_prefix}/az-${substr(zone, -1, 1)}"
	# netmask = local.small_subnets_netmask
	# }]

	}

	module "large_subnets" {
	source = "drewmullen/subnets/cidr"
	version = "1.0.2"
	base_cidr_block = "10.20.0.0/16"

	networks = concat(
	# Add reserved subnets first!
	[{
	name = "reserved/small-subnets"
	netmask = local.large_subnets_netmask
	}],
	# k8s node networks dynamically allocated
	local.kubernetes_nodes_subnets_from_zones
	)
	}

	module "small_subnets" {
	source = "drewmullen/subnets/cidr"
	version = "1.0.2"
	# The CIDR is the first subdivided large-networks
	base_cidr_block = module.large_subnets.grouped_by_separator.reserved.small-subnets
	# add extra networks at the end to ensure that existing allocations are not over-written
	networks = concat(
	local.kubernetes_ingress_subnets_from_zones,
	local.database_subnets_from_zones,
	# uncomment the following to see how small-subnets expansion works.
	# local.vpn_subnets_from_zones
	)
	}

	output "large_subnets_from_zones" {
	value = module.large_subnets.grouped_by_separator
	}

	output "small_subnets_from_zones" {
	value = module.small_subnets.grouped_by_separator
	}