Skip to content

Instantly share code, notes, and snippets.

View rtrentin73's full-sized avatar

Ricardo Trentin rtrentin73

1 follower · 7 following
View GitHub Profile
@rtrentin73
rtrentin73 / gateway_snat.tf
Created August 23, 2022 12:58
resource "aviatrix_gateway_snat" "ingress-gw-east-snat" {
gw_name = "ingress-gw-east"
snat_mode = "customized_snat"
snat_policy {
protocol = "all"
interface = "eth0"
connection = "None"
mark = "65535"
snat_ips = aviatrix_gateway.ingress-gw-east.private_ip
}
@rtrentin73
rtrentin73 / gateway.tf
Created August 23, 2022 12:57
resource "aviatrix_gateway" "ingress-gw-east" {
cloud_type = "8"
account_name = var.account
gw_name = "ingress-gw-east"
gw_size = var.gw_size
vpc_id = module.ingress-spoke-east.vpc.vpc_id
vpc_reg = var.region-b
subnet = module.ingress-spoke-east.vpc.public_subnets[1].cidr
}
@rtrentin73
rtrentin73 / load-balancer.tf
Created August 23, 2022 12:55
resource "azurerm_resource_group" "ingress-east-us-lb-rg" {
name = "ingress-east-us-lb-rg"
location = var.region-b
}
resource "azurerm_public_ip" "ingress-east-us-lb-pip" {
name = "ingress-east-us-lb-pip"
resource_group_name = azurerm_resource_group.ingress-east-us-lb-rg.name
location = azurerm_resource_group.ingress-east-us-lb-rg.location
allocation_method = "Static"
@rtrentin73
rtrentin73 / trafficmanager.tf
Created August 23, 2022 12:54
resource "azurerm_resource_group" "traffic-manager-acme-rg" {
name = "traffic-manager-acme-rg"
location = var.region-b
}
resource "azurerm_public_ip" "traffic-manager-acme-pip" {
name = "traffic-manager-acme-pip"
location = azurerm_resource_group.traffic-manager-acme-rg.location
resource_group_name = azurerm_resource_group.traffic-manager-acme-rg.name
allocation_method = "Static"
@rtrentin73
rtrentin73 / policies.tf
Last active August 8, 2022 18:14
resource "aviatrix_microseg_policy_list" "microseg_policy_list_web-client-web-server" {
policies {
name = "web-client-web-server"
action = "PERMIT"
src_app_domains = [ aviatrix_app_domain.app_domain_web-server.uuid ]
dst_app_domains = [ aviatrix_app_domain.app_domain_web-client.uuid ]
port_ranges {
lo = 80
hi = 0
}
@rtrentin73
rtrentin73 / domains.tf
Created August 8, 2022 16:26
resource "aviatrix_app_domain" "app_domain_web-client" {
name = "web-client"
selector {
match_expressions {
type = "vm"
tags = {
Name = "web-client"
}
}
@rtrentin73
rtrentin73 / cloudbuild.yaml
Last active June 19, 2022 01:08
steps:
- name: "gcr.io/cloud-builders/kubectl"
args: ['get', 'nodes']
env:
- 'CLOUDSDK_COMPUTE_REGION=us-central1-c'
- 'CLOUDSDK_CONTAINER_CLUSTER=gke-us-central1-cluster'
options:
workerPool:
'projects/rtrentin01/locations/us-central1/workerPools/private-pool-spoke60'
@rtrentin73
rtrentin73 / spokes.tf
Created June 9, 2022 19:17
module "mc-spoke-50" {
source = "terraform-aviatrix-modules/mc-spoke/aviatrix"
version = "1.2.1"
account = var.account
cloud = var.cloud
name = "avx-spoke50-${var.region}"
region = var.region
cidr = var.vpcs["spoke50"]
inspection = true
transit_gw = module.mc_transit.transit_gateway.gw_name
@rtrentin73
rtrentin73 / firenet.tf
Created June 9, 2022 19:16
module "mc_transit" {
depends_on = [
aviatrix_vpc.gcp-bgpolan
]
source = "terraform-aviatrix-modules/mc-transit/aviatrix"
version = "v2.1.2"
cloud = var.cloud
cidr = var.vpcs["firenet"]
region = var.region
account = var.account
@rtrentin73
rtrentin73 / transit.tf
Created June 9, 2022 19:15
module "mc-transit-peering" {
source = "terraform-aviatrix-modules/mc-transit-peering/aviatrix"
version = "1.0.6"
transit_gateways = [
"avx-us-central1-transit",
"avx-us-east1-transit"
]
}