Enable dual-stack IPv4/v6 on autonode VM (#96)

robertodauria · web-flow · commit 1f1ebf73f06e · 2024-08-21T22:44:15.000+02:00
* Enable dual-stack IPv4/v6 on autonode VM

* Add firewall rule to allow v6 traffic to autonode VM
diff --git a/modules/autojoin/firewall.tf b/modules/autojoin/firewall.tf
@@ -37,3 +37,17 @@ resource "google_compute_firewall" "ndt_access" {
   source_ranges = ["0.0.0.0/0"]
   target_tags   = ["ndt-server"]
 }
+
+# Allow external access to any port for IPv6 traffic platform VMs.
+resource "google_compute_firewall" "ndt_access_ipv6" {
+  allow {
+    ports    = ["80", "443"]
+    protocol = "tcp"
+  }
+
+  description   = "Allow IPv6 access to NDT servers"
+  name          = "ndt-access-ipv6"
+  network       = google_compute_network.autojoin.name
+  source_ranges = ["::/0"]
+  target_tags   = ["ndt-server"]
+}
diff --git a/modules/autojoin/instances.tf b/modules/autojoin/instances.tf
@@ -15,7 +15,11 @@ resource "google_compute_instance" "autonode" {
     access_config {
       nat_ip = google_compute_address.autonode_ipv4.address
     }
+    ipv6_access_config {
+      network_tier = "PREMIUM"
+    }
     network    = google_compute_network.autojoin.name
+    stack_type = "IPV4_IPV6"
     subnetwork = google_compute_subnetwork.autojoin.name
   }
 

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,11 @@ resource "google_compute_instance" "autonode" {`
`15`	`15`	`access_config {`
`16`	`16`	`nat_ip = google_compute_address.autonode_ipv4.address`
`17`	`17`	`}`
	`18`	`+ ipv6_access_config {`
	`19`	`+ network_tier = "PREMIUM"`
	`20`	`+ }`
`18`	`21`	`network = google_compute_network.autojoin.name`
	`22`	`+ stack_type = "IPV4_IPV6"`
`19`	`23`	`subnetwork = google_compute_subnetwork.autojoin.name`
`20`	`24`	`}`
`21`	`25`