Use Pre-existing Floating IP for Bastion (#8214)

* use pre-existing floating IP for bastion * document bastion_fips in readme
kubernetes-sigs · Nov 19, 2021 · f48ae18 · f48ae18
1 parent 83e0b78
commit f48ae18
Show file tree

Hide file tree

Showing 6 changed files with 12 additions and 2 deletions.
diff --git a/contrib/terraform/openstack/README.md b/contrib/terraform/openstack/README.md
@@ -251,6 +251,7 @@ For your cluster, edit `inventory/$CLUSTER/cluster.tfvars`.
 |`dns_nameservers`| An array of DNS name server names to be used by hosts in the internal subnet. |
 |`floatingip_pool` | Name of the pool from which floating IPs will be allocated |
 |`k8s_master_fips` | A list of floating IPs that you have already pre-allocated; they will be attached to master nodes instead of creating new random floating IPs. |
+|`bastion_fips` | A list of floating IPs that you have already pre-allocated; they will be attached to bastion node instead of creating new random floating IPs. |
 |`external_net` | UUID of the external network that will be routed to |
 |`flavor_k8s_master`,`flavor_k8s_node`,`flavor_etcd`, `flavor_bastion`,`flavor_gfs_node` | Flavor depends on your openstack installation, you can get available flavor IDs through `openstack flavor list` |
 |`image`,`image_gfs` | Name of the image to use in provisioning the compute resources. Should already be loaded into glance. |

diff --git a/contrib/terraform/openstack/kubespray.tf b/contrib/terraform/openstack/kubespray.tf
@@ -24,6 +24,7 @@ module "ips" {
   router_id                     = module.network.router_id
   k8s_nodes                     = var.k8s_nodes
   k8s_master_fips               = var.k8s_master_fips
+  bastion_fips                  = var.bastion_fips
   router_internal_port_id       = module.network.router_internal_port_id
 }
 

diff --git a/contrib/terraform/openstack/modules/ips/main.tf b/contrib/terraform/openstack/modules/ips/main.tf
@@ -28,7 +28,7 @@ resource "openstack_networking_floatingip_v2" "k8s_node" {
 }
 
 resource "openstack_networking_floatingip_v2" "bastion" {
-  count      = var.number_of_bastions
+  count      = length(var.bastion_fips) > 0 ? 0 : var.number_of_bastions
   pool       = var.floatingip_pool
   depends_on = [null_resource.dummy_dependency]
 }

diff --git a/contrib/terraform/openstack/modules/ips/outputs.tf b/contrib/terraform/openstack/modules/ips/outputs.tf
@@ -17,5 +17,5 @@ output "k8s_nodes_fips" {
 }
 
 output "bastion_fips" {
-  value = openstack_networking_floatingip_v2.bastion[*].address
+  value = length(var.bastion_fips) > 0 ? var.bastion_fips : openstack_networking_floatingip_v2.bastion[*].address
 }
diff --git a/contrib/terraform/openstack/modules/ips/variables.tf b/contrib/terraform/openstack/modules/ips/variables.tf
@@ -20,4 +20,6 @@ variable "k8s_nodes" {}
 
 variable "k8s_master_fips" {}
 
+variable "bastion_fips" {}
+
 variable "router_internal_port_id" {}
diff --git a/contrib/terraform/openstack/variables.tf b/contrib/terraform/openstack/variables.tf
@@ -162,6 +162,12 @@ variable "k8s_master_fips" {
   default     = []
 }
 
+variable "bastion_fips" {
+  description = "specific pre-existing floating IPs to use for bastion node"
+  type        = list(string)
+  default     = []
+}
+
 variable "floatingip_pool" {
   description = "name of the floating ip pool to use"
   default     = "external"