@@ -4,6 +4,7 @@ variable "zone" {}
44variable "resource_group" {}
55variable "podnet" { default = " 192.168.0.0/16" }
66variable "daemonport" { default = 11000 }
7+ variable "worker_names" { default = [] }
78
89variable "main_iface_sg_name" {}
910
@@ -59,6 +60,11 @@ resource "ibm_is_security_group_rule" "podnet_outbound_rule_all" {
5960 remote = var. podnet
6061}
6162
63+ data "ibm_is_instance" "workers" {
64+ count = length (var. worker_names )
65+ name = var. worker_names [count . index ]
66+ }
67+
6268# create new subnets
6369resource "ibm_is_subnet" "subnets" {
6470 count = var. subnet_count
@@ -68,3 +74,25 @@ resource "ibm_is_subnet" "subnets" {
6874 total_ipv4_address_count = 256
6975 resource_group = data. ibm_resource_group . rg . id
7076}
77+
78+ # generate pair of worker and interface
79+ locals {
80+ worker_subnets = distinct (flatten ([
81+ for worker in data . ibm_is_instance . workers : [
82+ for subnet in ibm_is_subnet . subnets : {
83+ worker = worker . id
84+ subnet = subnet . id
85+ }
86+ ]
87+ ]))
88+ }
89+
90+ # attach secondary interfaces
91+ resource "ibm_is_instance_network_interface" "worker_ifaces" {
92+ for_each = { for idx , entry in local . worker_subnets : idx => entry }
93+ instance = each. value . worker
94+ subnet = each. value . subnet
95+ allow_ip_spoofing = true
96+ name = " eth${ each . key } "
97+ security_groups = [ibm_is_security_group . sg . id ]
98+ }
0 commit comments