diff --git a/floating_ip.tf b/floating_ip.tf index 4185ca8..8547344 100644 --- a/floating_ip.tf +++ b/floating_ip.tf @@ -5,6 +5,12 @@ locals { var.control_plane_public_vip_ipv4_enabled ) ) + control_plane_public_vip_ipv6_enabled = ( + local.network_public_ipv6_enabled && ( + var.control_plane_public_vip_ipv6_id != null || + var.control_plane_public_vip_ipv6_enabled + ) + ) } resource "hcloud_floating_ip" "control_plane_ipv4" { @@ -13,7 +19,22 @@ resource "hcloud_floating_ip" "control_plane_ipv4" { name = "${var.cluster_name}-control-plane-ipv4" type = "ipv4" home_location = hcloud_server.control_plane[local.talos_primary_node_name].location - description = "Control Plane Public VIP" + description = "Control Plane Public VIPv4" + delete_protection = var.cluster_delete_protection + + labels = { + cluster = var.cluster_name, + role = "control-plane" + } +} + +resource "hcloud_floating_ip" "control_plane_ipv6" { + count = local.control_plane_public_vip_ipv6_enabled && var.control_plane_public_vip_ipv6_id == null ? 1 : 0 + + name = "${var.cluster_name}-control-plane-ipv6" + type = "ipv6" + home_location = hcloud_server.control_plane[local.talos_primary_node_name].location + description = "Control Plane Public VIPv6" delete_protection = var.cluster_delete_protection labels = { @@ -30,3 +51,12 @@ data "hcloud_floating_ip" "control_plane_ipv4" { local.control_plane_public_vip_ipv4_enabled ? try(hcloud_floating_ip.control_plane_ipv4[0].id, null) : null ) } + +data "hcloud_floating_ip" "control_plane_ipv6" { + count = local.control_plane_public_vip_ipv6_enabled ? 1 : 0 + + id = coalesce( + can(var.control_plane_public_vip_ipv6_id) ? var.control_plane_public_vip_ipv6_id : null, + local.control_plane_public_vip_ipv6_enabled ? try(hcloud_floating_ip.control_plane_ipv6[0].id, null) : null + ) +} diff --git a/talos_config.tf b/talos_config.tf index cc0ebc3..f0c89be 100644 --- a/talos_config.tf +++ b/talos_config.tf @@ -170,7 +170,7 @@ locals { dhcp = true dhcpOptions = { ipv4 = var.talos_public_ipv4_enabled - ipv6 = false + ipv6 = var.talos_public_ipv6_enabled } vip = local.control_plane_public_vip_ipv4_enabled ? { ip = local.control_plane_public_vip_ipv4 diff --git a/variables.tf b/variables.tf index bab888e..f200ebb 100644 --- a/variables.tf +++ b/variables.tf @@ -230,19 +230,31 @@ variable "firewall_talos_api_source" { variable "control_plane_public_vip_ipv4_enabled" { type = bool default = false - description = "If true, a floating IP will be created and assigned to the Control Plane nodes." + description = "If true, a floating IPv4 will be created and assigned to the Control Plane nodes." +} + +variable "control_plane_private_vip_ipv4_enabled" { + type = bool + default = true + description = "If true, an alias IPv4 will be created and assigned to the Control Plane nodes." } variable "control_plane_public_vip_ipv4_id" { type = number default = null - description = "Specifies the Floating IP ID for the Control Plane nodes. A new floating IP will be created if this is set to null." + description = "Specifies the Floating IPv4 ID for the Control Plane nodes. A new floating IPv4 will be created if this is set to null." } -variable "control_plane_private_vip_ipv4_enabled" { +variable "control_plane_public_vip_ipv6_enabled" { type = bool - default = true - description = "If true, an alias IP will be created and assigned to the Control Plane nodes." + default = false + description = "If true, a floating IPv6 will be created and assigned to the Control Plane nodes." +} + +variable "control_plane_public_vip_ipv6_id" { + type = number + default = null + description = "Specifies the Floating IPv6 ID for the Control Plane nodes. A new floating IPv6 will be created if this is set to null." } variable "kube_api_admission_control" {