From 4189008245318e921a9d51ff6ac8996add6d3e49 Mon Sep 17 00:00:00 2001
From: Hugo Blom <bl0m1@users.noreply.github.com>
Date: Fri, 30 Sep 2022 09:48:29 +0200
Subject: [PATCH] Try fix issue where ports doesn't get an ip assigned (#9345)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Jonathan Süssemilch Poulain <jonathan@sofiero.net>
---
 contrib/terraform/openstack/kubespray.tf      |  1 +
 .../openstack/modules/compute/main.tf         | 33 +++++++++++++++++++
 .../openstack/modules/compute/variables.tf    |  4 +++
 3 files changed, 38 insertions(+)

diff --git a/contrib/terraform/openstack/kubespray.tf b/contrib/terraform/openstack/kubespray.tf
index f19885ca8..e4f302f61 100644
--- a/contrib/terraform/openstack/kubespray.tf
+++ b/contrib/terraform/openstack/kubespray.tf
@@ -97,6 +97,7 @@ module "compute" {
   network_router_id                            = module.network.router_id
   network_id                                   = module.network.network_id
   use_existing_network                         = var.use_existing_network
+  private_subnet_id                            = module.network.subnet_id
 
   depends_on = [
     module.network.subnet_id
diff --git a/contrib/terraform/openstack/modules/compute/main.tf b/contrib/terraform/openstack/modules/compute/main.tf
index 430ed1857..bf28d2758 100644
--- a/contrib/terraform/openstack/modules/compute/main.tf
+++ b/contrib/terraform/openstack/modules/compute/main.tf
@@ -206,6 +206,9 @@ resource "openstack_networking_port_v2" "bastion_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.bastion_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -256,6 +259,9 @@ resource "openstack_networking_port_v2" "k8s_master_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.master_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -316,6 +322,9 @@ resource "openstack_networking_port_v2" "k8s_masters_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.master_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -374,6 +383,9 @@ resource "openstack_networking_port_v2" "k8s_master_no_etcd_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.master_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -434,6 +446,9 @@ resource "openstack_networking_port_v2" "etcd_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.etcd_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -488,6 +503,9 @@ resource "openstack_networking_port_v2" "k8s_master_no_floating_ip_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.master_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -542,6 +560,9 @@ resource "openstack_networking_port_v2" "k8s_master_no_floating_ip_no_etcd_port"
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.master_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -597,6 +618,9 @@ resource "openstack_networking_port_v2" "k8s_node_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.worker_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -657,6 +681,9 @@ resource "openstack_networking_port_v2" "k8s_node_no_floating_ip_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.worker_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -712,6 +739,9 @@ resource "openstack_networking_port_v2" "k8s_nodes_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.worker_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
@@ -771,6 +801,9 @@ resource "openstack_networking_port_v2" "glusterfs_node_no_floating_ip_port" {
   port_security_enabled = var.force_null_port_security ? null : var.port_security_enabled
   security_group_ids    = var.port_security_enabled ? local.gfs_sec_groups : null
   no_security_groups    = var.port_security_enabled ? null : false
+  fixed_ip {
+    subnet_id = var.private_subnet_id
+  }
 
   depends_on = [
     var.network_router_id
diff --git a/contrib/terraform/openstack/modules/compute/variables.tf b/contrib/terraform/openstack/modules/compute/variables.tf
index 7f8ee5003..9259fd967 100644
--- a/contrib/terraform/openstack/modules/compute/variables.tf
+++ b/contrib/terraform/openstack/modules/compute/variables.tf
@@ -189,3 +189,7 @@ variable "port_security_enabled" {
 variable "force_null_port_security" {
   type = bool
 }
+
+variable "private_subnet_id" {
+  type = string
+}