From 1fbf39518612f5cd10a86043ba723f94085a3656 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jorge=20Rodr=C3=ADguez=20Pedrianes?= <jrodped@kuflow.com>
Date: Thu, 27 Jul 2023 19:22:22 +0100
Subject: [PATCH 1/2] Don't use DHCP in network configuration

---
 examples/bootstrap-kubernetes-vms/data.tf     | 26 +++++++++++++++--
 terraform/instances.tf                        |  7 ++---
 terraform/networks.tf                         |  3 +-
 .../templates/cloud-init/network_config.cfg   | 29 ++++++-------------
 terraform/templates/data.auto.tfvars.example  |  3 ++
 terraform/variables.tf                        | 15 +++++++++-
 6 files changed, 53 insertions(+), 30 deletions(-)

diff --git a/examples/bootstrap-kubernetes-vms/data.tf b/examples/bootstrap-kubernetes-vms/data.tf
index 3bad65b..1316044 100644
--- a/examples/bootstrap-kubernetes-vms/data.tf
+++ b/examples/bootstrap-kubernetes-vms/data.tf
@@ -53,6 +53,19 @@ locals {
       # Address to the gateway
       gateway_address = "192.168.2.1"
     }
+
+    # Configuration for a NAT
+    virnat0 = {
+      # Type of network
+      # Possible values: nat, macvtap
+      mode = "nat"
+
+      # Assignable IP address blocks in CIDR notation
+      dhcp_address_blocks = ["10.10.10.0/24"]
+
+      # Address to the gateway
+      gateway_address = "10.10.10.1"
+    }
   }
 
   # Instance basic definition.
@@ -75,7 +88,14 @@ locals {
           name    = "external0"
           address = "192.168.2.41/24"
           mac     = "DA:C8:20:7A:37:BF"
-        }
+          # If we have more than one network, ones must be marked as default
+          default = true
+        },
+        {
+          name    = "virnat0"
+          address = "10.10.10.10/24"
+          mac     = "F9:1C:A6:02:77:83"
+        },
       ]
     }
 
@@ -92,8 +112,8 @@ locals {
       disk   = 20000000000
       networks = [
         {
-          name    = "external0"
-          address = "192.168.2.42/24"
+          name    = "virnat0"
+          address = "10.10.10.20/24"
           mac     = "BE:FE:37:D8:6B:AB"
         }
       ]
diff --git a/terraform/instances.tf b/terraform/instances.tf
index 0d5c168..920c0a3 100644
--- a/terraform/instances.tf
+++ b/terraform/instances.tf
@@ -97,11 +97,8 @@ resource "libvirt_domain" "instance" {
       network_id = libvirt_network.nat[network.value["network_attachment"]["name"]].id
       hostname   = each.key
       mac        = network.value["network_attachment"]["mac"]
-      # Guest VM's virtualized network interface will claim the requested IP to the virtual NAT on the Host
-      # At guest system level, the interface in Linux is configured in DHCP mode by using cloud-init
-      # WARNING: Addresses not in CIDR notation here
-      addresses      = [split("/", network.value["network_attachment"]["address"])[0]]
-      wait_for_lease = true
+      # Guest VM's virtualized network interface is connected to the virtual NAT on the Host
+      # At system level, the interface in Linux is configured in static mode by cloud-init
     }
   }
 
diff --git a/terraform/networks.tf b/terraform/networks.tf
index dd89e1e..595b86c 100644
--- a/terraform/networks.tf
+++ b/terraform/networks.tf
@@ -15,9 +15,10 @@ resource "libvirt_network" "nat" {
   bridge = each.key
   domain = join(".", [each.key, "local"])
 
+  autostart = true
   addresses = each.value.dhcp_address_blocks
 
-  dhcp { enabled = true }
+  dhcp { enabled = false }
 
   dns {
     enabled    = true
diff --git a/terraform/templates/cloud-init/network_config.cfg b/terraform/templates/cloud-init/network_config.cfg
index 927d84f..d568477 100644
--- a/terraform/templates/cloud-init/network_config.cfg
+++ b/terraform/templates/cloud-init/network_config.cfg
@@ -6,26 +6,15 @@ ethernets:
   interface${network_key}:
     match:
       macaddress: ${network_value.network_attachment.mac}
-%{ if network_value.network_info.mode=="nat" ~}
-    # This interface relies on DHCP because the virtualized Guest device
-    # is connected to a NAT and configured to claim only the requested IP
-    dhcp4: true
-    dhcp6: false
-%{ else ~}
-    # This interface is configured as STATIC because the related Guest virtualized network device
-    # is connected directly to a Host physical interface, so it can not claim an IP as intermediate.
-    # This way OS needs to claim the requested IP itself
-    dhcp4: false
-    dhcp6: false
-    addresses: [${network_value.network_attachment.address}]
-%{ endif ~}
+    addresses:
+      - ${network_value.network_attachment.address}
+%{ if length(networks) == 1 || network_value.network_attachment.default ~}
     routes:
-    - to: default # could be 0.0.0.0/0 optionally
-      via: ${network_value.network_info.gateway_address}
-      #metric: 100
-      on-link: true
-    #gateway4: ${network_value.network_info.gateway_address}
+      - to: default
+        via: ${network_value.network_info.gateway_address}
+%{ endif ~}
     nameservers:
-      addresses: [${network_value.network_info.gateway_address}, 4.4.4.4, 8.8.8.8]
-      #search: [${network_value.network_info.name}.${network_value.network_info.mode}.local]
+      addresses: [4.4.4.4, 8.8.8.8]
+      search:
+        - ${network_value.network_info.name}.${network_value.network_info.mode}.local
 %{ endfor ~}
diff --git a/terraform/templates/data.auto.tfvars.example b/terraform/templates/data.auto.tfvars.example
index e813b0e..077b637 100644
--- a/terraform/templates/data.auto.tfvars.example
+++ b/terraform/templates/data.auto.tfvars.example
@@ -113,6 +113,9 @@ instances = {
         name    = "external0"
         address = "192.168.0.210/24"
         mac     = "DA:C8:20:7A:30:AC"
+
+        # If we have more than one network, ones must be marked as default
+        default = true
       }
     ]
   }
diff --git a/terraform/variables.tf b/terraform/variables.tf
index e80cd66..bec7bec 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -85,6 +85,7 @@ variable "instances" {
       name    = string
       address = string
       mac     = string
+      default = optional(bool, false)
     }))
   }))
   description = "Instances definition block"
@@ -108,4 +109,16 @@ variable "instances" {
 
     error_message = "Allowed values for instance.networks.mac are like: AA:BB:CC:DD:EE:FF."
   }
-}
\ No newline at end of file
+
+  validation {
+    condition = alltrue([
+      for instance_name, instance_definition in var.instances :
+      (
+        length(instance_definition.networks) <= 1 ||
+        length([for network in instance_definition.networks : network if network.default]) == 1
+      )
+    ])
+
+    error_message = "In instances with more than one network, ONE and ONLY ONE network must be marked as \"default\"."
+  }
+}

From 6e3e877b6df8adca0761a2778c4def2610e01463 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Alby=20Hern=C3=A1ndez?=
 <61636487+achetronic@users.noreply.github.com>
Date: Tue, 1 Aug 2023 00:50:01 +0100
Subject: [PATCH 2/2] Update terraform/variables.tf

---
 terraform/variables.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/variables.tf b/terraform/variables.tf
index bec7bec..65fc144 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -119,6 +119,6 @@ variable "instances" {
       )
     ])
 
-    error_message = "In instances with more than one network, ONE and ONLY ONE network must be marked as \"default\"."
+    error_message = "In instances with more than one network, only one must be marked as \"default\"."
   }
 }