Skip to content

Instantly share code, notes, and snippets.

@ldelossa

ldelossa/gist:016708e30460fd6a033abc625e311b70

Created November 1, 2021 14:39
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ldelossa/016708e30460fd6a033abc625e311b70 to your computer and use it in GitHub Desktop.
Save ldelossa/016708e30460fd6a033abc625e311b70 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
provider "google" {
project = "cilium-dev"
region = "us-east4"
}
// create two vpc networks disconnected
// from one another.
resource "google_compute_network" "bgp_demo_network_1" {
name = "bgp-demo-network-1"
}
resource "google_compute_network" "bgp_demo_network_2" {
name = "bgp-demo-network-2"
}
// create two gke clusters in both networks
resource "google_service_account" "bgp_demo" {
account_id = "bgp-demo"
display_name = "bgp-demo"
}
resource "google_container_cluster" "bgp_demo_cluster_1" {
name = "bgp-demo-cluster-1"
location = "us-east4-a"
network = google_compute_network.bgp_demo_network_1.self_link
initial_node_count = 3
node_config {
# Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
service_account = google_service_account.bgp_demo.email
oauth_scopes = [
"https://www.googleapis.com/auth/cloud-platform"
]
tags = ["bgp-demo-cluster-1"]
}
timeouts {
create = "30m"
update = "40m"
}
}
resource "google_container_cluster" "bgp_demo_cluster_2" {
name = "bgp-demo-cluster-2"
location = "us-east4-a"
network = google_compute_network.bgp_demo_network_2.self_link
initial_node_count = 3
node_config {
# Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
service_account = google_service_account.bgp_demo.email
oauth_scopes = [
"https://www.googleapis.com/auth/cloud-platform"
]
tags = ["bgp-demo-cluster-2"]
}
timeouts {
create = "30m"
update = "40m"
}
}
// deploy two instances, each in a separate vpc network, which will act as our
// backbone BGP routers.
resource "google_compute_instance" "bgp_router_vpc_1" {
name = "bgp-router-vpc-1"
machine_type = "e2-medium"
zone = "us-east4-a"
tags = ["bgp-router-vpc-1"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
// Local SSD disk
scratch_disk {
interface = "SCSI"
}
// ephemeral public ip for EBGP
// peering
network_interface {
network = google_compute_network.bgp_demo_network_1.self_link
access_config {
// Ephemeral public IP
}
}
// ephemeral private ip for IBGP peering.
network_interface {
network = google_compute_network.bgp_demo_network_1.self_link
}
metadata = {
foo = "bar"
}
metadata_startup_script = "echo hi > /test.txt"
service_account {
# Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
email = google_service_account.bgp_demo.email
scopes = ["cloud-platform"]
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment