Documentation for VPC peering on Google Cloud Platform

[sig-abyreddy]

Can someone help me understand how vpc peering should be between CloudAMQP instance and Google Cloud Platform. I tried referring couple of articles but couldn't able to find exact solution. I know it is possible through UI, but i'm looking for terraform based solution.

Thanks in advance.

[tbroden84]

@adityabyreddy74 There is no support yet for VPC other than through Amazon Web Services in the provider. You are also the first one requesting this feature, so it has not been prioritised. Can add a task to investigate the issue and what kind of effort is required.

[sig-abyreddy]

@tbroden84 Thanks for response. Currently the provider only support accepting peering requests. Ideally it should support peering request mechanism as well. UI and API already have support for that.

I figured an alternative solution for this with terraform followed by a curl request.

Terraform Script

resource "google_compute_network_peering" "peering" {
       name         = "${var.cluster_name}-cloudamqp-peering"
       network      = "projects/${var.gcp_project}/global/networks/${var.gcp_vpc_network}"
       peer_network = "projects/cloudamqp/global/networks/${element(split(".", cloudamqp_instance.instance.host), 0)}"
}

Curl Request

curl -XPOST -u :${cloudamqp_instance_api_key} https://api.cloudamqp.com/api/vpc-peering -d "peer_network_uri=projects/<your-project-id>/global/networks/<your-vpc-name>&peer_subnet=<pod-cidr-range>" -H "Content-Type: application/x-www-form-urlencoded"

To conclude, We need terraform support for the curl request part.

[yashbhutwala]

@tbroden84 can this item be prioritized please?

[oreststetsiak]

Hi @tbroden84 !
do you have any plans/estimates on when we can see this functionality?
thanks!

[oreststetsiak]

still waiting for it ...

[orlandothoeny]

Would also appreciate this feature

[orlandothoeny]

This is what I used to configure network peering with GCP:

resource "google_compute_network_peering" "peering" {
  name                                = "cloudamqp-peering"
  network                             = var.google_vpc_id
  /* TODO: Do not hardcode CloudAMQP VPC name. Use "data.cloudamqp_vpc_info.rabbitmq.name" instead.
  There is currently a bug inside the provider. See https://github.com/cloudamqp/terraform-provider-cloudamqp/issues/131.
  //peer_network                        = "projects/cloudamqp/global/networks/${data.cloudamqp_vpc_info.rabbitmq.name}" */
  peer_network                        = "projects/cloudamqp/global/networks/MY_CLOUD_AMQP_VPC_NAME"
  export_custom_routes                = false
  import_custom_routes                = true
  export_subnet_routes_with_public_ip = false
  import_subnet_routes_with_public_ip = true
}

resource "null_resource" "cloudamqp_vpc_peering" {
  triggers = {
    cloudamqp_instance            = cloudamqp_instance.rabbitmq.id
    cloudamqp_instance_vpc_subnet = cloudamqp_instance.rabbitmq.vpc_subnet
    google_vpc_id                 = var.google_vpc_id
    google_vpc_subnet             = var.google_vpc_subnet
    google_vpc_peering_state      = google_compute_network_peering.peering.state_details
  }

  provisioner "local-exec" {
    command = "curl --location --request POST 'https://api.cloudamqp.com/api/vpc-peering' --header 'Authorization: Basic ${base64encode(cloudamqp_instance.rabbitmq.apikey)}' --header 'Content-Type: application/json' --data-raw '{\"peer_network_uri\": \"${var.google_vpc_id}\",\"peer_subnet\": \"${var.google_vpc_subnet}\"}'"
  }
}

[tbroden84]

Finally come around to fix this issue. We have added a new resource dealing with the GCP VPC peering configuration. Documentatio found at: https://registry.terraform.io/providers/cloudamqp/cloudamqp/latest/docs/resources/vpc_gcp_peering

Basically configure the VPC peering from the network to which the CloudAMQP instance should connect to. Extract the network uri (var.google_vpc_id) from the VPC peering configuration and use it in the new resource to connect the VPC for the CloudAMQP instance.

Made this available in the latest release v1.15.0.

[cshintov]

Hi @tbroden84 , I guess we have to accept the peering request afterwards in the cloudamqp dashboard.

Is there a way to do this via api call?

[tbroden84]

Hi @cshintov

The peering request is needed from both side for the peering to be active, so no accept of the request is needed.
E.g. from GCP <-> CloudAMQP Terraform provider.

GCP: Create new peering connection from VPC network peering section. Information about project ID and VPC network name of the CloudAMQP instance can be found in the data source: https://registry.terraform.io/providers/cloudamqp/cloudamqp/latest/docs/data-sources/vpc_gcp_info

CloudAMQP Terraform provider: You can use the cloudamqp_vpc_gcp_peering resource. Set the peer_network_uri with the Project ID and VPC network name found in GCP.
https://www.googleapis.com/compute/v1/<project-id>/cloudamqp/global/networks/<vpc-network-name>

Once both request have been made the peering should be completed.