confidential-containers · genjuro214 · Nov 21, 2023 · Nov 21, 2023
@@ -86,6 +86,8 @@ Kubernetes node virtual server instances, the VPC and the subnet. If not set it
 defaults to `jp-tok`.
 > - `zone_name` (optional) is the zone in the region Terraform will create the demo environment in. If not set it
 defaults to `jp-tok-2`.
+> - `vpc_name` (optional) is an existing VPC name. If it is not set, Terraform will create a new VPC named "${cluster_name}-vpc".
+> - `subnet_name` (optional) is an existing subnet name. If it is not set, Terraform will create a new subnet named "{cluster_name}-subnet". This must be provided if `vpc_name` has been set.
 > - `ssh_pub_key` (optional) is an variable for a SSH public key which has **not** been registered in IBM Cloud in the
 targeted region. Terraform will manage this key instead. You cannot register the same SSH public key in the same region
 twice under different SSHs key names. This key needs to be password-less and on the 'developer machine' running the terraform in order to perform the cluster set up.

@@ -3,12 +3,30 @@
 # SPDX-License-Identifier: Apache-2.0
 #
 
+data "ibm_is_vpc" "vpc" {
+  count = var.vpc_name == "" ? 0 : 1
+  name  = var.vpc_name
+}
+
+data "ibm_is_subnet" "subnet" {
+  count = var.subnet_name == "" ? 0 : 1
+  name  = var.subnet_name
+}
+
 module "vpc" {
+  # Create new vpc ans subnet only if vpc_name is not set
+  count        = var.vpc_name == "" ? 1 : 0
   source       = "./vpc"
   cluster_name = var.cluster_name
   zone         = var.zone
 }
 
+locals {
+  vpc_id            = var.vpc_name == "" ? module.vpc[0].vpc_id : data.ibm_is_vpc.vpc[0].id
+  subnet_id         = var.vpc_name == "" ? module.vpc[0].subnet_id : data.ibm_is_subnet.subnet[0].id
+  security_group_id = var.vpc_name == "" ? module.vpc[0].security_group_id : data.ibm_is_vpc.vpc[0].default_security_group
+}
+
 data "ibm_resource_group" "default_group" {
   is_default = "true"
 }
@@ -35,13 +53,13 @@ resource "ibm_is_instance_template" "node_template" {
   name    = "${var.cluster_name}-node-template"
   image   = data.ibm_is_image.node_image.id
   profile = var.node_profile
-  vpc     = module.vpc.vpc_id
+  vpc     = local.vpc_id
   zone    = var.zone
   keys    = [data.ibm_is_ssh_key.ssh_key.id]
 
   primary_network_interface {
-    subnet          = module.vpc.subnet_id
-    security_groups = [module.vpc.security_group_id]
+    subnet          = local.subnet_id
+    security_groups = [local.security_group_id]
   }
 }
 
@@ -86,6 +104,6 @@ resource "null_resource" "label_nodes" {
     null_resource.kubeadm
   ]
   provisioner "local-exec" {
-    command = "./label-nodes.sh ${var.region} ${var.zone} ${module.vpc.subnet_id}"
+    command = "./label-nodes.sh ${var.region} ${var.zone} ${local.subnet_id}"
   }
 }
@@ -1,8 +1,8 @@
-output "vpc_id" { value = module.vpc.vpc_id }
+output "vpc_id" { value = local.vpc_id }
 output "ssh_key_id" { value = data.ibm_is_ssh_key.ssh_key.id }
-output "subnet_id" { value = module.vpc.subnet_id }
+output "subnet_id" { value = local.subnet_id }
 output "node_name" { value = "${var.cluster_name}-node-${length(module.nodes) - 1}" }
-output "security_group_id" { value = module.vpc.security_group_id }
+output "security_group_id" { value = local.security_group_id }
 output "region" { value = var.region }
 output "zone" { value = var.zone }
 output "resource_group_id" { value = data.ibm_resource_group.default_group.id }
@@ -17,6 +17,18 @@ variable "ssh_pub_key" {
   default = ""
 }
 
+variable "vpc_name" {
+  type        = string
+  description = "(optional) Specify existing VPC name. If none is provided, it will create a new VPC named {cluster_name}-vpc"
+  default     = ""
+}
+
+variable "subnet_name" {
+  type        = string
+  description = "(optional) Specify existing subnet name. If none is provided, it will create a new subnet named {cluster_name}-subnet. This must be provided if vpc_name has been set"
+  default     = ""
+}
+
 # amd64: ibm-ubuntu-20-04-3-minimal-amd64-1
 # s390x: ibm-ubuntu-20-04-2-minimal-s390x-1
 variable "node_image" {