Fix: De-centralize the network to support multiple clusters

README.md

@@ -152,6 +152,18 @@ Error messages that match this problem:
 
 - `Error chmodding script file to 0777 in remote machine: ssh: rejected: administratively prohibited (open failed)`
 
+### VLAN Cleanup Failure
+
+During the execution of a Terraform destroy operation, the deletion of a VLAN may fail with an HTTP 422 Unprocessable Entity response. The debug logs indicate that the DELETE request to remove the VLAN was sent successfully, but the response from the Equinix Metal API indicated a failure to process the request. The specific VLAN identified by the ID "xxxx" could not be deleted.
+
+**Fix:**
+
+If you encounter this issue, re-run the `terraform destroy` command to clean up the resources.
+
+```sh
+terraform destroy
+```
+
 ### Other Timeouts and Connection issues
 
 This POC project has not ironed out all potential networking and provisioning timing hiccups that can occur. In many situations, running `terraform apply` again will progress the deployment to the next step. If you do not see progress after 3 attempts, open an issue on GitHub: <https://github.com/equinix-labs/terraform-equinix-metal-nutanix-cluster/issues/new>.

main.tf

@@ -4,6 +4,7 @@ locals {
   vxlan                   = var.create_vlan ? element(equinix_metal_vlan.nutanix[*].vxlan, 0) : element(data.equinix_metal_vlan.nutanix[*].vxlan, 0)
   vrf_id                  = var.create_vrf ? element(equinix_metal_vrf.nutanix[*].id, 0) : element(data.equinix_metal_vrf.nutanix[*].id, 0)
   nutanix_reservation_ids = { for idx, val in var.nutanix_reservation_ids : idx => val }
+  cluster_gateway         = var.cluster_gateway == "" ? cidrhost(var.cluster_subnet, 1) : var.cluster_gateway
 }
 
 resource "terraform_data" "input_validation" {
@@ -60,7 +61,8 @@ resource "equinix_metal_device" "bastion" {
   user_data = templatefile("${path.module}/templates/bastion-userdata.tmpl", {
     metal_vlan_id   = local.vxlan,
     address         = cidrhost(var.cluster_subnet, 2),
-    netmask         = cidrnetmask(var.cluster_subnet),
+    netmask         = cidrnetmask(cidrsubnet(var.cluster_subnet, -1, -1)),
+    gateway_address = local.cluster_gateway,
     host_dhcp_start = cidrhost(var.cluster_subnet, 3),
     host_dhcp_end   = cidrhost(var.cluster_subnet, 15),
     vm_dhcp_start   = cidrhost(var.cluster_subnet, 16),

outputs.tf

@@ -39,3 +39,8 @@ output "prism_central_ip_address" {
   description = "Reserved IP for Prism Central VM"
   value       = cidrhost(var.cluster_subnet, -4)
 }
+
+output "cluster_gateway" {
+  description = "The Nutanix cluster gateway IP"
+  value       = local.cluster_gateway
+}

templates/bastion-userdata.tmpl

@@ -36,12 +36,12 @@ write_files:
 - path: /etc/network/interfaces
   append: true
   content: |
-
     auto bond0.${metal_vlan_id}
     iface bond0.${metal_vlan_id} inet static
         pre-up sleep 5
         address ${address}
         netmask ${netmask}
+        gateway ${gateway_address}
         vlan-raw-device bond0
 - path: /etc/dnsmasq.d/nutanix.config
   append: true
@@ -51,6 +51,7 @@ write_files:
     dhcp-range=${host_dhcp_start},${host_dhcp_end},${lease_time}
     dhcp-mac=set:${set},${nutanix_mac}
     dhcp-range=tag:${set},${vm_dhcp_start},${vm_dhcp_end},${lease_time}
+    dhcp-option=option:netmask,${netmask}
 packages:
   - iptables-persistent
   - expect

terraform.tfvars.example

@@ -1,16 +1,17 @@
-# metal_auth_token="" # Equinix Metal API token
-# metal_vlan_description = "ntnx-demo" # Description to add to created VLAN.
-# metal_project_name="" # The name of the Metal project in which to deploy the cluster
-# metal_project_id="" # The ID of the Metal project in which to deploy to cluster if `create_project` is false.
-# metal_organization_id="" # The ID of the Metal organization in which to create the project if `create_project` is true.
-# metal_metro="" # The metro to create the cluster in
-# create_project=true # (Optional) to use an existing project matching `metal_project_name`, set this to false.
-# metal_bastion_plan="m3.small.x86" # Which plan to use for the bastion host.
-# metal_nutanix_os="nutanix_lts_6_5" # Which OS to use for the Nutanix nodes.
-# metal_nutanix_plan="m3.large.x86" # Which plan to use for the Nutanix nodes (must be Nutanix compatible, see https://deploy.equinix.com/developers/os-compatibility/)
-# create_vlan=true # Whether to create a new VLAN for this project.
-# metal_vlan_id=null # ID of the VLAN you wish to use. e.g. 1234
-# nutanix_node_count=3 # The number of Nutanix nodes to create.
-# skip_cluster_creation=false # Skip the creation of the Nutanix cluster.
-# cluster_subnet="192.168.140.0/22" # Pick an arbitrary private subnet, we recommend a /22 like "192.168.100.0/22"
-# nutanix_reservation_ids=[] # Hardware reservation IDs to use for the Nutanix nodes
+# metal_auth_token          = "" # Equinix Metal API token
+# metal_vlan_description    = "ntnx-demo" # Description to add to created VLAN.
+# metal_project_name        = "" # The name of the Metal project in which to deploy the cluster
+# metal_project_id          = "" # The ID of the Metal project in which to deploy to cluster if `create_project` is false.
+# metal_organization_id     = "" # The ID of the Metal organization in which to create the project if `create_project` is true.
+# metal_metro               = "" # The metro to create the cluster in
+# create_project            = true # (Optional) to use an existing project matching `metal_project_name`, set this to false.
+# metal_bastion_plan        = "m3.small.x86" # Which plan to use for the bastion host.
+# metal_nutanix_os          = "nutanix_lts_6_5" # Which OS to use for the Nutanix nodes.
+# metal_nutanix_plan        = "m3.large.x86" # Which plan to use for the Nutanix nodes (must be Nutanix compatible, see https://deploy.equinix.com/developers/os-compatibility/)
+# create_vlan               = true # Whether to create a new VLAN for this project.
+# metal_vlan_id             = null # ID of the VLAN you wish to use. e.g. 1234
+# nutanix_node_count        = 3 # The number of Nutanix nodes to create.
+# skip_cluster_creation     = false # Skip the creation of the Nutanix cluster.
+# cluster_subnet            = "192.168.96.0/21" # Pick an arbitrary private subnet, we recommend a /21 like "192.168.100.0/21"
+# nutanix_reservation_ids   = [] # Hardware reservation IDs to use for the Nutanix nodes
+# cluster_gateway           = "192.168.96.1" # default

variables.tf

@@ -116,3 +116,9 @@ variable "vrf_id" {
   default     = null
   description = "ID of the VRF you wish to use."
 }
+
+variable "cluster_gateway" {
+  description = "The cluster gateway IP address"
+  type        = string
+  default     = ""
+}