diff --git a/contrib/terraform/openstack/kubespray.tf b/contrib/terraform/openstack/kubespray.tf index f19885ca8..e4f302f61 100644 --- a/contrib/terraform/openstack/kubespray.tf +++ b/contrib/terraform/openstack/kubespray.tf @@ -97,6 +97,7 @@ module "compute" { network_router_id = module.network.router_id network_id = module.network.network_id use_existing_network = var.use_existing_network + private_subnet_id = module.network.subnet_id depends_on = [ module.network.subnet_id diff --git a/contrib/terraform/openstack/modules/compute/main.tf b/contrib/terraform/openstack/modules/compute/main.tf index 430ed1857..bf28d2758 100644 --- a/contrib/terraform/openstack/modules/compute/main.tf +++ b/contrib/terraform/openstack/modules/compute/main.tf @@ -206,6 +206,9 @@ resource "openstack_networking_port_v2" "bastion_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.bastion_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -256,6 +259,9 @@ resource "openstack_networking_port_v2" "k8s_master_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.master_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -316,6 +322,9 @@ resource "openstack_networking_port_v2" "k8s_masters_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.master_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -374,6 +383,9 @@ resource "openstack_networking_port_v2" "k8s_master_no_etcd_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.master_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -434,6 +446,9 @@ resource "openstack_networking_port_v2" "etcd_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.etcd_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -488,6 +503,9 @@ resource "openstack_networking_port_v2" "k8s_master_no_floating_ip_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.master_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -542,6 +560,9 @@ resource "openstack_networking_port_v2" "k8s_master_no_floating_ip_no_etcd_port" port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.master_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -597,6 +618,9 @@ resource "openstack_networking_port_v2" "k8s_node_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.worker_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -657,6 +681,9 @@ resource "openstack_networking_port_v2" "k8s_node_no_floating_ip_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.worker_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -712,6 +739,9 @@ resource "openstack_networking_port_v2" "k8s_nodes_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.worker_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id @@ -771,6 +801,9 @@ resource "openstack_networking_port_v2" "glusterfs_node_no_floating_ip_port" { port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled security_group_ids = var.port_security_enabled ? local.gfs_sec_groups : null no_security_groups = var.port_security_enabled ? null : false + fixed_ip { + subnet_id = var.private_subnet_id + } depends_on = [ var.network_router_id diff --git a/contrib/terraform/openstack/modules/compute/variables.tf b/contrib/terraform/openstack/modules/compute/variables.tf index 7f8ee5003..9259fd967 100644 --- a/contrib/terraform/openstack/modules/compute/variables.tf +++ b/contrib/terraform/openstack/modules/compute/variables.tf @@ -189,3 +189,7 @@ variable "port_security_enabled" { variable "force_null_port_security" { type = bool } + +variable "private_subnet_id" { + type = string +}