From 2dc54b00bc18b4610bc52e3a3ebbddbfdb87a2a7 Mon Sep 17 00:00:00 2001
From: codinja1188 <3358152+vasubabu@users.noreply.github.com>
Date: Tue, 25 Jun 2024 18:06:58 +0530
Subject: [PATCH] Fix: De-centralize the network support multiple clusters
 @build @publish

---
 README.md                       | 12 ++++++++++++
 main.tf                         |  4 +++-
 outputs.tf                      |  5 +++++
 templates/bastion-userdata.tmpl |  3 ++-
 terraform.tfvars.example        | 33 +++++++++++++++++----------------
 variables.tf                    |  6 ++++++
 6 files changed, 45 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 3a49933..fe96d75 100644
--- a/README.md
+++ b/README.md
@@ -152,6 +152,18 @@ Error messages that match this problem:
 
 - `Error chmodding script file to 0777 in remote machine: ssh: rejected: administratively prohibited (open failed)`
 
+### VLAN Cleanup Failure
+
+During the execution of a Terraform destroy operation, the deletion of a VLAN may fail with an HTTP 422 Unprocessable Entity response. The debug logs indicate that the DELETE request to remove the VLAN was sent successfully, but the response from the Equinix Metal API indicated a failure to process the request. The specific VLAN identified by the ID "xxxx" could not be deleted.
+
+**Fix:**
+
+If you encounter this issue, re-run the `terraform destroy` command to clean up the resources.
+
+```sh
+terraform destroy
+```
+
 ### Other Timeouts and Connection issues
 
 This POC project has not ironed out all potential networking and provisioning timing hiccups that can occur. In many situations, running `terraform apply` again will progress the deployment to the next step. If you do not see progress after 3 attempts, open an issue on GitHub: <https://github.com/equinix-labs/terraform-equinix-metal-nutanix-cluster/issues/new>.
diff --git a/main.tf b/main.tf
index 0ad19e3..46d6230 100644
--- a/main.tf
+++ b/main.tf
@@ -4,6 +4,7 @@ locals {
   vxlan                   = var.create_vlan ? element(equinix_metal_vlan.nutanix[*].vxlan, 0) : element(data.equinix_metal_vlan.nutanix[*].vxlan, 0)
   vrf_id                  = var.create_vrf ? element(equinix_metal_vrf.nutanix[*].id, 0) : element(data.equinix_metal_vrf.nutanix[*].id, 0)
   nutanix_reservation_ids = { for idx, val in var.nutanix_reservation_ids : idx => val }
+  cluster_gateway         = var.cluster_gateway == "" ? cidrhost(var.cluster_subnet, 1) : var.cluster_gateway
 }
 
 resource "terraform_data" "input_validation" {
@@ -60,7 +61,8 @@ resource "equinix_metal_device" "bastion" {
   user_data = templatefile("${path.module}/templates/bastion-userdata.tmpl", {
     metal_vlan_id   = local.vxlan,
     address         = cidrhost(var.cluster_subnet, 2),
-    netmask         = cidrnetmask(var.cluster_subnet),
+    netmask         = cidrnetmask(cidrsubnet(var.cluster_subnet, -1, -1)),
+    gateway_address = local.cluster_gateway,
     host_dhcp_start = cidrhost(var.cluster_subnet, 3),
     host_dhcp_end   = cidrhost(var.cluster_subnet, 15),
     vm_dhcp_start   = cidrhost(var.cluster_subnet, 16),
diff --git a/outputs.tf b/outputs.tf
index ba777b9..0d1c9a0 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -39,3 +39,8 @@ output "prism_central_ip_address" {
   description = "Reserved IP for Prism Central VM"
   value       = cidrhost(var.cluster_subnet, -4)
 }
+
+output "cluster_gateway" {
+  description = "The Nutanix cluster gateway IP"
+  value       = local.cluster_gateway
+}
diff --git a/templates/bastion-userdata.tmpl b/templates/bastion-userdata.tmpl
index b43cbf5..57b8aec 100644
--- a/templates/bastion-userdata.tmpl
+++ b/templates/bastion-userdata.tmpl
@@ -36,12 +36,12 @@ write_files:
 - path: /etc/network/interfaces
   append: true
   content: |
-
     auto bond0.${metal_vlan_id}
     iface bond0.${metal_vlan_id} inet static
         pre-up sleep 5
         address ${address}
         netmask ${netmask}
+        gateway ${gateway_address}
         vlan-raw-device bond0
 - path: /etc/dnsmasq.d/nutanix.config
   append: true
@@ -51,6 +51,7 @@ write_files:
     dhcp-range=${host_dhcp_start},${host_dhcp_end},${lease_time}
     dhcp-mac=set:${set},${nutanix_mac}
     dhcp-range=tag:${set},${vm_dhcp_start},${vm_dhcp_end},${lease_time}
+    dhcp-option=option:netmask,${netmask}
 packages:
   - iptables-persistent
   - expect
diff --git a/terraform.tfvars.example b/terraform.tfvars.example
index 8c4ab2a..4897a6d 100644
--- a/terraform.tfvars.example
+++ b/terraform.tfvars.example
@@ -1,16 +1,17 @@
-# metal_auth_token="" # Equinix Metal API token
-# metal_vlan_description = "ntnx-demo" # Description to add to created VLAN.
-# metal_project_name="" # The name of the Metal project in which to deploy the cluster
-# metal_project_id="" # The ID of the Metal project in which to deploy to cluster if `create_project` is false.
-# metal_organization_id="" # The ID of the Metal organization in which to create the project if `create_project` is true.
-# metal_metro="" # The metro to create the cluster in
-# create_project=true # (Optional) to use an existing project matching `metal_project_name`, set this to false.
-# metal_bastion_plan="m3.small.x86" # Which plan to use for the bastion host.
-# metal_nutanix_os="nutanix_lts_6_5" # Which OS to use for the Nutanix nodes.
-# metal_nutanix_plan="m3.large.x86" # Which plan to use for the Nutanix nodes (must be Nutanix compatible, see https://deploy.equinix.com/developers/os-compatibility/)
-# create_vlan=true # Whether to create a new VLAN for this project.
-# metal_vlan_id=null # ID of the VLAN you wish to use. e.g. 1234
-# nutanix_node_count=3 # The number of Nutanix nodes to create.
-# skip_cluster_creation=false # Skip the creation of the Nutanix cluster.
-# cluster_subnet="192.168.140.0/22" # Pick an arbitrary private subnet, we recommend a /22 like "192.168.100.0/22"
-# nutanix_reservation_ids=[] # Hardware reservation IDs to use for the Nutanix nodes
+# metal_auth_token          = "" # Equinix Metal API token
+# metal_vlan_description    = "ntnx-demo" # Description to add to created VLAN.
+# metal_project_name        = "" # The name of the Metal project in which to deploy the cluster
+# metal_project_id          = "" # The ID of the Metal project in which to deploy to cluster if `create_project` is false.
+# metal_organization_id     = "" # The ID of the Metal organization in which to create the project if `create_project` is true.
+# metal_metro               = "" # The metro to create the cluster in
+# create_project            = true # (Optional) to use an existing project matching `metal_project_name`, set this to false.
+# metal_bastion_plan        = "m3.small.x86" # Which plan to use for the bastion host.
+# metal_nutanix_os          = "nutanix_lts_6_5" # Which OS to use for the Nutanix nodes.
+# metal_nutanix_plan        = "m3.large.x86" # Which plan to use for the Nutanix nodes (must be Nutanix compatible, see https://deploy.equinix.com/developers/os-compatibility/)
+# create_vlan               = true # Whether to create a new VLAN for this project.
+# metal_vlan_id             = null # ID of the VLAN you wish to use. e.g. 1234
+# nutanix_node_count        = 3 # The number of Nutanix nodes to create.
+# skip_cluster_creation     = false # Skip the creation of the Nutanix cluster.
+# cluster_subnet            = "192.168.96.0/21" # Pick an arbitrary private subnet, we recommend a /21 like "192.168.100.0/21"
+# nutanix_reservation_ids   = [] # Hardware reservation IDs to use for the Nutanix nodes
+# cluster_gateway           = "192.168.96.1" # default
diff --git a/variables.tf b/variables.tf
index 16f76b8..b0587ee 100644
--- a/variables.tf
+++ b/variables.tf
@@ -116,3 +116,9 @@ variable "vrf_id" {
   default     = null
   description = "ID of the VRF you wish to use."
 }
+
+variable "cluster_gateway" {
+  description = "The cluster gateway IP address"
+  type        = string
+  default     = ""
+}