Merge pull request #10 from jrpedrianes/main

Don't use DHCP in network configuration
achetronic · Aug 1, 2023 · ceabecf · ceabecf
2 parents c42a561 + 6e3e877
commit ceabecf
Show file tree

Hide file tree

Showing 6 changed files with 53 additions and 30 deletions.
diff --git a/examples/bootstrap-kubernetes-vms/data.tf b/examples/bootstrap-kubernetes-vms/data.tf
@@ -53,6 +53,19 @@ locals {
       # Address to the gateway
       gateway_address = "192.168.2.1"
     }
+
+    # Configuration for a NAT
+    virnat0 = {
+      # Type of network
+      # Possible values: nat, macvtap
+      mode = "nat"
+
+      # Assignable IP address blocks in CIDR notation
+      dhcp_address_blocks = ["10.10.10.0/24"]
+
+      # Address to the gateway
+      gateway_address = "10.10.10.1"
+    }
   }
 
   # Instance basic definition.
@@ -75,7 +88,14 @@ locals {
           name    = "external0"
           address = "192.168.2.41/24"
           mac     = "DA:C8:20:7A:37:BF"
-        }
+          # If we have more than one network, ones must be marked as default
+          default = true
+        },
+        {
+          name    = "virnat0"
+          address = "10.10.10.10/24"
+          mac     = "F9:1C:A6:02:77:83"
+        },
       ]
     }
 
@@ -92,8 +112,8 @@ locals {
       disk   = 20000000000
       networks = [
         {
-          name    = "external0"
-          address = "192.168.2.42/24"
+          name    = "virnat0"
+          address = "10.10.10.20/24"
           mac     = "BE:FE:37:D8:6B:AB"
         }
       ]

diff --git a/terraform/instances.tf b/terraform/instances.tf
@@ -97,11 +97,8 @@ resource "libvirt_domain" "instance" {
       network_id = libvirt_network.nat[network.value["network_attachment"]["name"]].id
       hostname   = each.key
       mac        = network.value["network_attachment"]["mac"]
-      # Guest VM's virtualized network interface will claim the requested IP to the virtual NAT on the Host
-      # At guest system level, the interface in Linux is configured in DHCP mode by using cloud-init
-      # WARNING: Addresses not in CIDR notation here
-      addresses      = [split("/", network.value["network_attachment"]["address"])[0]]
-      wait_for_lease = true
+      # Guest VM's virtualized network interface is connected to the virtual NAT on the Host
+      # At system level, the interface in Linux is configured in static mode by cloud-init
     }
   }
 

diff --git a/terraform/networks.tf b/terraform/networks.tf
@@ -15,9 +15,10 @@ resource "libvirt_network" "nat" {
   bridge = each.key
   domain = join(".", [each.key, "local"])
 
+  autostart = true
   addresses = each.value.dhcp_address_blocks
 
-  dhcp { enabled = true }
+  dhcp { enabled = false }
 
   dns {
     enabled    = true

diff --git a/terraform/templates/cloud-init/network_config.cfg b/terraform/templates/cloud-init/network_config.cfg
@@ -6,26 +6,15 @@ ethernets:
   interface${network_key}:
     match:
       macaddress: ${network_value.network_attachment.mac}
-%{ if network_value.network_info.mode=="nat" ~}
-    # This interface relies on DHCP because the virtualized Guest device
-    # is connected to a NAT and configured to claim only the requested IP
-    dhcp4: true
-    dhcp6: false
-%{ else ~}
-    # This interface is configured as STATIC because the related Guest virtualized network device
-    # is connected directly to a Host physical interface, so it can not claim an IP as intermediate.
-    # This way OS needs to claim the requested IP itself
-    dhcp4: false
-    dhcp6: false
-    addresses: [${network_value.network_attachment.address}]
-%{ endif ~}
+    addresses:
+      - ${network_value.network_attachment.address}
+%{ if length(networks) == 1 || network_value.network_attachment.default ~}
     routes:
-    - to: default # could be 0.0.0.0/0 optionally
-      via: ${network_value.network_info.gateway_address}
-      #metric: 100
-      on-link: true
-    #gateway4: ${network_value.network_info.gateway_address}
+      - to: default
+        via: ${network_value.network_info.gateway_address}
+%{ endif ~}
     nameservers:
-      addresses: [${network_value.network_info.gateway_address}, 4.4.4.4, 8.8.8.8]
-      #search: [${network_value.network_info.name}.${network_value.network_info.mode}.local]
+      addresses: [4.4.4.4, 8.8.8.8]
+      search:
+        - ${network_value.network_info.name}.${network_value.network_info.mode}.local
 %{ endfor ~}
diff --git a/terraform/templates/data.auto.tfvars.example b/terraform/templates/data.auto.tfvars.example
@@ -113,6 +113,9 @@ instances = {
         name    = "external0"
         address = "192.168.0.210/24"
         mac     = "DA:C8:20:7A:30:AC"
+
+        # If we have more than one network, ones must be marked as default
+        default = true
       }
     ]
   }

diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -85,6 +85,7 @@ variable "instances" {
       name    = string
       address = string
       mac     = string
+      default = optional(bool, false)
     }))
   }))
   description = "Instances definition block"
@@ -108,4 +109,16 @@ variable "instances" {
 
     error_message = "Allowed values for instance.networks.mac are like: AA:BB:CC:DD:EE:FF."
   }
-}
+
+  validation {
+    condition = alltrue([
+      for instance_name, instance_definition in var.instances :
+      (
+        length(instance_definition.networks) <= 1 ||
+        length([for network in instance_definition.networks : network if network.default]) == 1
+      )
+    ])
+
+    error_message = "In instances with more than one network, only one must be marked as \"default\"."
+  }
+}