From 0f629f6cd7a1a2e0135e97f5e5af8185c245e358 Mon Sep 17 00:00:00 2001
From: Serge Logvinov <serge.logvinov@sinextra.dev>
Date: Tue, 10 May 2022 10:01:02 +0300
Subject: [PATCH] Switch router on

---
 openstack/common.tf                       |  4 +--
 openstack/instances-master.tf             |  2 +-
 openstack/prepare/network-gw.tf           | 38 +++++++++++------------
 openstack/templates/controlplane.yaml.tpl |  2 +-
 4 files changed, 22 insertions(+), 24 deletions(-)

diff --git a/openstack/common.tf b/openstack/common.tf
index e5bba46..f6925e2 100644
--- a/openstack/common.tf
+++ b/openstack/common.tf
@@ -4,8 +4,8 @@ data "openstack_identity_auth_scope_v3" "scope" {
 }
 
 locals {
-  project_domain_name = data.openstack_identity_auth_scope_v3.scope.project_domain_name
-  project_id          = data.openstack_identity_auth_scope_v3.scope.project_id
+  project_domain_id = data.openstack_identity_auth_scope_v3.scope.project_domain_id
+  project_id        = data.openstack_identity_auth_scope_v3.scope.project_id
 
   openstack_auth_identity = [for entry in data.openstack_identity_auth_scope_v3.scope.service_catalog :
   entry if entry.type == "identity"][0]
diff --git a/openstack/instances-master.tf b/openstack/instances-master.tf
index 111c680..ae49866 100644
--- a/openstack/instances-master.tf
+++ b/openstack/instances-master.tf
@@ -23,7 +23,7 @@ module "controlplane" {
     region              = each.key
     auth                = local.openstack_auth_url
     project_id          = local.project_id
-    project_domain_name = local.project_domain_name
+    project_domain_id   = local.project_domain_id
     network_public_name = local.network_external[each.key].name
   })
 
diff --git a/openstack/prepare/network-gw.tf b/openstack/prepare/network-gw.tf
index 11bdd54..e79ba71 100644
--- a/openstack/prepare/network-gw.tf
+++ b/openstack/prepare/network-gw.tf
@@ -6,19 +6,18 @@ data "openstack_networking_network_v2" "external" {
   external = true
 }
 
-# resource "openstack_networking_router_v2" "gw" {
-#   for_each       = { for idx, name in var.regions : name => idx if try(var.capabilities[name].gateway, false) }
-#   region         = each.key
-#   name           = openstack_networking_subnet_v2.private[each.key].name
-#   admin_state_up = true
-#   # enable_snat         = true
-#   external_network_id = data.openstack_networking_network_v2.external[each.key].id
+resource "openstack_networking_router_v2" "gw" {
+  for_each            = { for idx, name in var.regions : name => idx if try(var.capabilities[name].gateway, false) }
+  region              = each.key
+  name                = openstack_networking_subnet_v2.private[each.key].name
+  external_network_id = data.openstack_networking_network_v2.external[each.key].id
+  admin_state_up      = true
 
-#   # external_fixed_ip {
-#   #   subnet_id  = data.openstack_networking_network_v2.external[each.key].id
-#   #   ip_address = [for k in openstack_networking_port_v2.gw_external[each.key].all_fixed_ips : k if length(regexall("[0-9.]+", k)) > 0][0]
-#   # }
-# }
+  # external_fixed_ip {
+  #   subnet_id  = data.openstack_networking_network_v2.external[each.key].id
+  #   ip_address = [for k in openstack_networking_port_v2.gw_external[each.key].all_fixed_ips : k if length(regexall("[0-9.]+", k)) > 0][0]
+  # }
+}
 
 resource "openstack_networking_port_v2" "gw_external" {
   for_each       = { for idx, name in var.regions : name => idx if try(var.capabilities[name].gateway, false) == false }
@@ -52,14 +51,13 @@ resource "openstack_networking_port_v2" "gw_private" {
   }
 }
 
-# resource "openstack_networking_router_interface_v2" "private" {
-#   for_each  = { for idx, name in var.regions : name => idx if try(var.capabilities[name].gateway, false) }
-#   region    = each.key
-#   router_id = openstack_networking_router_v2.gw[each.key].id
-#   port_id   = openstack_networking_port_v2.gw[each.key].id
-
-#   # subnet_id = openstack_networking_subnet_v2.private[each.key].id
-# }
+resource "openstack_networking_router_interface_v2" "private" {
+  for_each  = { for idx, name in var.regions : name => idx if try(var.capabilities[name].gateway, false) }
+  region    = each.key
+  router_id = openstack_networking_router_v2.gw[each.key].id
+  subnet_id = openstack_networking_subnet_v2.private[each.key].id
+  port_id   = openstack_networking_port_v2.gw_private[each.key].id
+}
 
 ### Soft gateway
 
diff --git a/openstack/templates/controlplane.yaml.tpl b/openstack/templates/controlplane.yaml.tpl
index 56d3f27..f874725 100644
--- a/openstack/templates/controlplane.yaml.tpl
+++ b/openstack/templates/controlplane.yaml.tpl
@@ -88,7 +88,7 @@ cluster:
             region=${region}
             auth-url=${auth}v3/
             tenant-id=${project_id}
-            domain-name=${project_domain_name}
+            domain-id=${project_domain_id}
             [Networking]
             public-network-name=${network_public_name}
   externalCloudProvider: